Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Pepper zip

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 19.10.2014, 00:28   #1
Merline
 
Pepper zip - Standard

Pepper zip



Hallo zusammen,

ich bin ganz neu hier und habe auch schon ein Problem.
Ich hatte plötzlich das Programm oder was das auch immer sein soll Pepper zip auf meinem Laptop.
Ich habe mir dann den Spyware Terminator geholt und hab den laufen lassen, seitdem sehr ich nichts mehr von dem Pepper zip, d.h. die Anzeige, die ich auf dem Desktop hatte und auch in der Startleiste sind verschwunden. Aber mein Laptop läuft jetzt viel langsamer, stürzt auch öfter mal ab.

Über die Systemsteuerung konnte ich das Pepper zip nicht löschen. Dort ist es bei den Programmen gar nicht aufgetaucht.

Muss ich noch was machen, damit das Pepper zip wieder ganz weg ist?

Ganz lieben Dank für Antwort.

Merline

Alt 19.10.2014, 06:26   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Pepper zip - Standard

Pepper zip



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 19.10.2014, 20:36   #3
Merline
 
Pepper zip - Standard

Pepper zip



Hallo Schrauber,
danke für die Antwort. Das Programm habe ich installiert und durchlaufen lassen. Aber was muss ich tun, damit ich das Ergebnis posten kann?

Die Log-Dateien sind nicht auf meinem Desktop, die sind als neue Reiter gekommen.
Ich habe es mit der Tastenkobi Alt + Druck und StrG + V probiert, aber ich bekomme das nicht hier gepostet. Kann mir bitte jemand sagen, was ich falsch mache.
Herzlichen Dank.


FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-10-2014 01
Ran by Susanne (administrator) on SUSANNE-VAIO on 19-10-2014 21:20:41
Running from C:\Users\Susanne\DOWNLOADS
Loaded Profile: Susanne (Available profiles: Susanne)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IObit) I:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
() C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(mst software GmbH, Germany) C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 10\DfSdkS64.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Crawler.com) C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(Sony Corporation) C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(IObit) I:\Program Files (x86)\IObit\Advanced SystemCare 6\Monitor.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
(Crawler.com) C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
(Stardock Corporation) C:\Program Files (x86)\Stardock\CursorFX\CursorFX.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Michel Krämer) C:\Program Files\Spamihilator\spamihilator.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(IncrediMail, Ltd.) C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe
(IncrediMail, Ltd.) C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe
(Sony Corporation) C:\Program Files\Sony\VCM Manager Settings\VcmMgrNotification64.exe
(Crawler.com) C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_189.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_189.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1158248 2012-03-09] (Realtek Semiconductor)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM\...\Run: [SpywareTerminatorShield] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe [2774936 2014-05-13] (Crawler.com)
HKLM\...\Run: [SpywareTerminatorUpdater] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe [3681688 2014-05-13] (Crawler.com)
HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [500736 2011-05-02] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [703736 2014-10-15] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-07-08] (Apple Inc.)
HKLM-x32\...\Run: [QHSafeTray] => C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe [1791600 2014-08-29] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3723462230-206843849-3249284018-1000\...\Run: [CursorFX] => C:\Program Files (x86)\Stardock\CursorFX\CursorFX.exe [432784 2012-05-10] (Stardock Corporation)
HKU\S-1-5-21-3723462230-206843849-3249284018-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-3723462230-206843849-3249284018-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass IE RunOnce.lnk
ShortcutTarget: Install LastPass IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass)
Startup: C:\Users\Susanne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Spamihilator.lnk
ShortcutTarget: Spamihilator.lnk -> C:\Program Files\Spamihilator\spamihilator.exe (Michel Krämer)
BootExecute: autocheck autochk *  BootDefrag.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://de.yhs4.search.yahoo.com/yhs/search?type=prc265&hspart=avast&hsimp=yhs-001&p={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://sony.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://de.yahoo.com?fr=hp-avast&type=prc265
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Google
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = Google
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - DefaultScope {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKLM - {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKLM-x32 - {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKLM-x32 - {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?type=prc265&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKCU - DefaultScope {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {17ADD2FE-1208-4BBD-913F-0C8732DCBD44} URL = hxxp://services.zinio.com/search?s={searchTerms}&rf=sonyslices
SearchScopes: HKCU - {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?type=prc265&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKCU - {E4BD2B01-14CD-45F9-B958-3FFAB7DB3D0E} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-27/4?mpre=hxxp://shop.ebay.de/?oemInLn=ieSrch-Q311&_nkw={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: No Name -> {9030D464-4C02-4ABF-8ECC-5164760863C6} ->  No File
BHO: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)
Toolbar: HKLM-x32 - No Name - {5786d022-540e-4699-b350-b4be0ae94b79} -  No File
Toolbar: HKLM-x32 - No Name - {8dcb7100-df86-4384-8842-8fa844297b3f} -  No File
Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)
Toolbar: HKCU - No Name - {5786D022-540E-4699-B350-B4BE0AE94B79} -  No File
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{05A7A838-BBFC-4DA9-9F78-5FC886D82879}: [NameServer] 5.135.12.56,199.203.35.78

FireFox:
========
FF ProfilePath: C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default
FF NewTab: Google
FF DefaultSearchUrl: Yahoo Suche ? Websuche & Suchmaschine
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: Google
FF NetworkProxy: "backup.ftp", "178.219.12.210"
FF NetworkProxy: "backup.ftp_port", 6666
FF NetworkProxy: "backup.socks", "178.219.12.210"
FF NetworkProxy: "backup.socks_port", 6666
FF NetworkProxy: "backup.ssl", "178.219.12.210"
FF NetworkProxy: "backup.ssl_port", 6666
FF NetworkProxy: "ftp", "www-proxy.t-online.de"
FF NetworkProxy: "ftp_port", 80
FF NetworkProxy: "http", "www-proxy.t-online.de"
FF NetworkProxy: "http_port", 80
FF NetworkProxy: "no_proxies_on", "localhost, 127.0.0.1, stealthy.co"
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "www-proxy.t-online.de"
FF NetworkProxy: "socks_port", 80
FF NetworkProxy: "ssl", "www-proxy.t-online.de"
FF NetworkProxy: "ssl_port", 80
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_189.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @playstation.com/PsndlCheck,version=1.00 -> C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll (Sony Computer Entertainment Inc.)
FF Plugin-x32: @popularscreensavers.com/Plugin -> C:\Program Files (x86)\PopularScreensavers\NPp5Stub.dll No File
FF Plugin-x32: @SonyCreativeSoftware.com/Media Go,version=1.0 -> C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: facebook.com/fbDesktopPlugin -> C:\Users\Susanne\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF SearchPlugin: C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\searchplugins\speedfox.xml
FF SearchPlugin: C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\searchplugins\yahoo-avast.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Advanced SystemCare Surfing Protection - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\ascsurfingprotection@iobit.com [2013-09-24]
FF Extension: DoNotTrackMe: Online Privacy Protection - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\donottrackplus@abine.com [2014-07-12]
FF Extension: SpeedFox - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\jid1-uabu5A9hduqzCw@jetpack [2013-08-18]
FF Extension: LastPass - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\support@lastpass.com [2014-08-19]
FF Extension: BrowserAdditions - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\toolbarbutton@browseradditions.com [2013-08-18]
FF Extension: ColorfulTabs - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe} [2014-09-29]
FF Extension: TV-Fox - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\{2f17f610-5e97-4fed-828f-9940b7b577a4} [2013-12-21]
FF Extension: AddThis - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\{3e0e7d2a-070f-4a47-b019-91fe5385ba79} [2013-05-31]
FF Extension: Biobar - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\{3e559c3c-4aad-4168-bd47-e1056298df8e} [2014-01-14]
FF Extension: ReminderFox - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae} [2014-04-19]
FF Extension: DownloadHelper - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-09-08]
FF Extension: Evernote Web Clipper - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\{E0B8C461-F8FB-49b4-8373-FE32E9252800} [2013-12-18]
FF Extension: FoxLingo - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\{ef62e1ce-d2a4-4cdd-b7ec-92b120366b66} [2013-04-18]
FF Extension: Amazon Price Tracker - Keepa.com - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\amptra@keepa.com.xpi [2013-08-29]
FF Extension: everygain Translator - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\ck@everygain.com.xpi [2013-04-18]
FF Extension: anonymoX - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\client@anonymox.net.xpi [2013-04-30]
FF Extension: Facebook Chat History Manager - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\fbchathistory@firechm.com.xpi [2013-08-03]
FF Extension: Shareaholic - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\firefox-extension@shareaholic.com.xpi [2013-04-19]
FF Extension: hidefbticker - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\hidefbticker@shebo.com.xpi [2013-07-02]
FF Extension: i2Symbol (Emoticons, Smileys, Symbols) - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\i2symbol@sciweavers.org.xpi [2013-04-19]
FF Extension: ProxTube - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\ich@maltegoetz.de.xpi [2014-09-11]
FF Extension: iFamebook  - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\ifamebook@stormvision.it.xpi [2013-08-03]
FF Extension: iKute Emoticons for Facebook Chat - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\ikuteteam@gmail.com.xpi [2013-07-02]
FF Extension: Telekom YouTube Turbo - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\info@maltegoetz.de.xpi [2013-04-19]
FF Extension: HMA! IP Checker - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\ipinfo@hidemyass.com.xpi [2013-04-19]
FF Extension: Big Emo For Facebook - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\jid0-3w5IeNyk2A0kYZWgtBwRAxwtyTo@jetpack.xpi [2013-07-02]
FF Extension: Invite All (for Facebook) - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\jid0-zs24wecdcQo0Lp18D7QOV4WSZFo@jetpack.xpi [2013-08-03]
FF Extension: RSS Icon - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\kitsuneymg@gmail.com.xpi [2013-04-19]
FF Extension: NASA Night Launch - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\nasanightlaunch@example.com.xpi [2013-10-07]
FF Extension: Noia 4 Theme Manager - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\Noia4Options@ArisT2.xpi [2013-07-03]
FF Extension: Personas Plus - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\personas@christopher.beard.xpi [2013-04-19]
FF Extension: Silvermel - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\silvermel@pardal.de.xpi [2013-05-27]
FF Extension: Silvermel and Charamel XT - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\silvermelxt@pardal.de.xpi [2013-05-27]
FF Extension: Smiley Xtra - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\smxtra5@smileyxtra.co.uk.xpi [2013-04-18]
FF Extension: Stealthy - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\stealthyextension@gmail.com.xpi [2013-08-09]
FF Extension: Location Bar Enhancer - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\UIEnhancer@girishsharma.xpi [2013-04-19]
FF Extension: YouTube to MP3 - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\youtube2mp3@mondayx.de.xpi [2013-04-19]
FF Extension: All-in-One Sidebar - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\{097d3191-e6fa-4728-9826-b533d755359d}.xpi [2013-04-19]
FF Extension: Stylish Sync - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\{0e3fc079-afbb-4a00-87e5-9486062d0f9c}.xpi [2013-04-26]
FF Extension: Flagfox - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi [2014-03-08]
FF Extension: Session Manager - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi [2013-04-15]
FF Extension: FlashGot - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi [2013-04-19]
FF Extension: ShareThis - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\{1b8cc170-8c85-11db-b606-0800200c9a66}.xpi [2013-04-19]
FF Extension: Facebook Messenger - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\{249b4e45-4fb9-4f6b-9754-7c0c1e605d44}.xpi [2014-08-02]
FF Extension: AniWeather - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\{4176DFF4-4698-11DE-BEEB-45DA55D89593}.xpi [2013-04-19]
FF Extension: Stylish - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi [2013-04-15]
FF Extension: Quick Translator - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\{5C655500-E712-41e7-9349-CE462F844B19}.xpi [2013-04-18]
FF Extension: Charamel - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\{961408A3-C970-4577-970A-D97C29839A67}.xpi [2013-05-27]
FF Extension: Soundcloud SUPER +2: Downloader and Recommender - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\{988da70d-b78d-44a1-a9c7-ed11832a9e2e}.xpi [2013-04-19]
FF Extension: ImTranslator - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi [2013-04-15]
FF Extension: autolikefacebookstatusesplus - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\{a5de1696-512e-43ca-8d9f-4904fc91a3ac}.xpi [2013-07-02]
FF Extension: StumbleUpon - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696}.xpi [2013-04-18]
FF Extension: SoundCloud Downloader - Technowise - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\{c8d3bc80-0810-4d21-a2c2-be5f2b2832ac}.xpi [2013-04-19]
FF Extension: FoxTab - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}.xpi [2013-08-09]
FF Extension: Download Manager Tweak - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\{F8A55C97-3DB6-4961-A81D-0DE0080E53CB}.xpi [2013-04-18]
FF Extension: Noia 4 - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\{faf13420-5e24-11e0-80e3-0800200c9a66}.xpi [2013-07-03]
FF HKLM-x32\...\Firefox\Extensions: [WebProtection@360safe.com] - C:\Program Files (x86)\360\Total Security\safemon\webprotection_firefox
FF Extension: 360网页保护 - C:\Program Files (x86)\360\Total Security\safemon\webprotection_firefox [2014-09-08]
FF HKCU\...\Firefox\Extensions: [{8d849c0c-77a8-47ae-a584-4541b355900a}] - C:\Program Files (x86)\Video-Saver\150.xpi
FF Extension: No Name - WebProtection@360safe.com [Not Found]

Chrome: 
=======
CHR Profile: C:\Users\Susanne\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (No Name) - C:\Users\Susanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\2.0.0.0_0 [2013-01-22]
CHR HKLM-x32\...\Chrome\Extension: [nfengeggddojhakldhlpjdlddgkkjkdd] - I:\Program Files (x86)\IObit\Advanced SystemCare 6\BrowerProtect\ASC_GhromePluginFor6.crx [2012-12-24]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AdvancedSystemCareService6; I:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [464256 2012-10-31] (IObit)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-10-15] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-10-15] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [994552 2014-10-15] (Avira Operations GmbH & Co. KG)
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [138400 2011-07-05] (Atheros) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [98976 2011-07-05] (Atheros Commnucations) [File not signed]
S3 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [141392 2014-07-14] (Avira Operations GmbH & Co. KG)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2169016 2014-03-01] (Microsoft Corporation)
S3 DCDhcpService; C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe [104096 2011-07-19] (Atheros Communication Inc.) [File not signed]
R2 DfSdkS; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 10\DfsdkS64.exe [544768 2009-08-24] (mst software GmbH, Germany) [File not signed]
R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [127752 2014-10-14] (SurfRight B.V.)
S3 MatSvc; C:\Program Files\Microsoft Fix it Center\Matsvc.exe [343856 2011-06-13] (Microsoft Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
R2 QHActiveDefense; C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe [707184 2014-08-29] ()
R2 ST2012_Svc; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [1146304 2014-05-13] (Crawler.com)
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [105024 2011-02-23] (ArcSoft, Inc.)
R2 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [960160 2011-12-29] (Sony Corporation)
R3 VUAgent; C:\PROGRAM FILES\SONY\VAIO UPDATE\VUAGENT.EXE [1642544 2014-02-28] (Sony Corporation)
S2 WiseBootAssistant; I:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe [580232 2013-12-09] (WiseCleaner.com)
S3 Orbiter; C:/Program Files (x86)/ORBTR/orbiter.dll [X]
S2 楗敳潂瑯獁楳瑳湡tI"; 㩉停潲牧浡䘠汩獥⠠㡸⤶坜獩履楗敳䌠牡⁥㘳尵潂瑯楔敭攮數 [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 360AntiHacker; C:\Windows\System32\Drivers\360AntiHacker64.sys [100424 2014-08-29] (360.cn)
R3 360AvFlt; C:\Windows\System32\DRIVERS\360AvFlt.sys [77896 2014-08-29] (360.cn)
R1 360Box64; C:\Windows\System32\DRIVERS\360Box64.sys [305736 2014-08-29] (360.cn)
R1 360Camera; C:\Windows\System32\Drivers\360Camera64.sys [40520 2014-08-29] (360.cn)
R1 360FsFlt; C:\Windows\System32\DRIVERS\360FsFlt.sys [311888 2014-08-29] (Qihu 360 Software Co., Ltd.)
R3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [31968 2012-10-08] (Wondershare)
R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-15] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-10-15] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-01] (Avira Operations GmbH & Co. KG)
R1 BAPIDRV; C:\Windows\System32\DRIVERS\BAPIDRV64.sys [180816 2014-08-29] (Qihu 360 Software Co., Ltd.)
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [128200 2014-03-13] (Qualcomm Atheros Co., Ltd.)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [100312 2014-05-16] (Intel Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
R2 risdsnpe; C:\Windows\System32\DRIVERS\risdsnxc64.sys [98816 2011-06-24] (REDC)
S3 RRNetCap; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2012-01-03] (RapidSolution Software AG)
R3 RRNetCapMP; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2012-01-03] (RapidSolution Software AG)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [33008 2014-04-10] (Synaptics Incorporated)
R2 sp_rsdrv2; C:\Windows\System32\DRIVERS\stflt.sys [51496 2014-10-01] (Windows (R) Win 7 DDK provider)
S3 WiseHDInfo; I:\Program Files (x86)\Wise\Wise Care 365\WiseHDInfo64.dll [11304 2014-06-04] (wisecleaner.com)
S3 iSafeKrnlBoot; \??\system32\DRIVERS\iSafeKrnlBoot.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-19 20:31 - 2014-10-19 20:31 - 01110476 _____ () C:\Users\Susanne\Downloads\7z920.exe
2014-10-19 20:31 - 2014-10-19 20:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2014-10-19 20:31 - 2014-10-19 20:31 - 00000000 ____D () C:\Program Files (x86)\7-Zip
2014-10-19 17:42 - 2014-10-19 19:33 - 00064176 _____ () C:\Users\Susanne\Downloads\Addition.txt
2014-10-19 17:40 - 2014-10-19 21:21 - 00034317 _____ () C:\Users\Susanne\Downloads\FRST.txt
2014-10-19 17:40 - 2014-10-19 21:20 - 00000000 ____D () C:\FRST
2014-10-19 17:38 - 2014-10-19 17:39 - 02112000 _____ (Farbar) C:\Users\Susanne\Downloads\FRST64.exe
2014-10-18 00:07 - 2014-10-18 00:07 - 00000000 _____ () C:\asc_rdflag
2014-10-17 21:54 - 2014-10-17 21:54 - 00008338 _____ () C:\Users\Susanne\Desktop\JRT.txt
2014-10-17 21:48 - 2014-10-17 21:48 - 01705698 _____ (Thisisu) C:\Users\Susanne\Downloads\JRT633.exe
2014-10-17 03:34 - 2014-10-17 03:34 - 00129984 _____ () C:\Users\Susanne\AppData\Local\GDIPFONTCACHEV1.DAT
2014-10-15 16:59 - 2014-10-15 16:59 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-10-15 16:35 - 2014-10-15 16:36 - 00000000 ____D () C:\Users\Susanne\AppData\Roaming\Free Internet Tuner
2014-10-15 16:06 - 2014-10-15 16:38 - 91670064 _____ (The GIMP Team ) C:\Users\Susanne\Downloads\gimp-2.8.14-setup.exe
2014-10-14 22:59 - 2014-10-14 22:59 - 00000000 ____D () C:\Windows\System32\Tasks\Abelssoft
2014-10-14 22:59 - 2014-10-14 22:59 - 00000000 ____D () C:\Users\Susanne\AppData\Roaming\Abelssoft
2014-10-14 22:59 - 2014-10-14 22:59 - 00000000 ____D () C:\ProgramData\XDMessagingv4
2014-10-14 22:58 - 2014-10-14 22:58 - 00001050 _____ () C:\Users\Public\Desktop\CHIP Updater.lnk
2014-10-14 22:58 - 2014-10-14 22:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CHIP Updater
2014-10-14 22:58 - 2014-10-14 22:58 - 00000000 ____D () C:\Program Files (x86)\CHIP Updater
2014-10-14 22:55 - 2014-10-14 22:55 - 03205232 _____ (Abelssoft ) C:\Users\Susanne\Downloads\CHIP_Updater_2.33.exe
2014-10-14 22:13 - 2014-08-19 05:11 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2014-10-14 22:13 - 2014-08-19 05:10 - 00616352 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2014-10-14 22:13 - 2014-08-19 05:08 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-10-14 22:13 - 2014-08-19 05:08 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2014-10-14 22:13 - 2014-08-19 05:08 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2014-10-14 22:13 - 2014-08-19 05:07 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2014-10-14 22:13 - 2014-08-19 05:07 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2014-10-14 22:13 - 2014-08-19 05:07 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2014-10-14 22:13 - 2014-08-19 05:07 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2014-10-14 22:13 - 2014-08-19 05:07 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2014-10-14 22:13 - 2014-08-19 04:41 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2014-10-14 22:13 - 2014-08-19 04:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2014-10-14 22:13 - 2014-08-19 04:06 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2014-10-14 22:13 - 2014-07-07 04:07 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-10-14 22:13 - 2014-07-07 04:07 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2014-10-14 22:13 - 2014-07-07 04:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-10-14 22:13 - 2014-07-07 04:06 - 05551032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-10-14 22:13 - 2014-07-07 04:06 - 04120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-10-14 22:13 - 2014-07-07 04:06 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2014-10-14 22:13 - 2014-07-07 04:06 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-10-14 22:13 - 2014-07-07 04:06 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2014-10-14 22:13 - 2014-07-07 04:06 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2014-10-14 22:13 - 2014-07-07 04:06 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2014-10-14 22:13 - 2014-07-07 04:06 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-10-14 22:13 - 2014-07-07 04:06 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2014-10-14 22:13 - 2014-07-07 04:06 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2014-10-14 22:13 - 2014-07-07 04:06 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-10-14 22:13 - 2014-07-07 04:06 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2014-10-14 22:13 - 2014-07-07 04:06 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-10-14 22:13 - 2014-07-07 04:06 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2014-10-14 22:13 - 2014-07-07 04:06 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2014-10-14 22:13 - 2014-07-07 04:06 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-10-14 22:13 - 2014-07-07 04:06 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-10-14 22:13 - 2014-07-07 04:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-10-14 22:13 - 2014-07-07 04:06 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2014-10-14 22:13 - 2014-07-07 04:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-10-14 22:13 - 2014-07-07 04:06 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2014-10-14 22:13 - 2014-07-07 04:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-10-14 22:13 - 2014-07-07 04:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-10-14 22:13 - 2014-07-07 04:06 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2014-10-14 22:13 - 2014-07-07 04:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2014-10-14 22:13 - 2014-07-07 04:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2014-10-14 22:13 - 2014-07-07 04:05 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-10-14 22:13 - 2014-07-07 04:05 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2014-10-14 22:13 - 2014-07-07 04:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-10-14 22:13 - 2014-07-07 03:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2014-10-14 22:13 - 2014-07-07 03:40 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-10-14 22:13 - 2014-07-07 03:40 - 03208704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-10-14 22:13 - 2014-07-07 03:40 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2014-10-14 22:13 - 2014-07-07 03:40 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-10-14 22:13 - 2014-07-07 03:40 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2014-10-14 22:13 - 2014-07-07 03:40 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2014-10-14 22:13 - 2014-07-07 03:40 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2014-10-14 22:13 - 2014-07-07 03:40 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2014-10-14 22:13 - 2014-07-07 03:40 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2014-10-14 22:13 - 2014-07-07 03:40 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2014-10-14 22:13 - 2014-07-07 03:40 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-10-14 22:13 - 2014-07-07 03:40 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2014-10-14 22:13 - 2014-07-07 03:40 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-10-14 22:13 - 2014-07-07 03:40 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2014-10-14 22:13 - 2014-07-07 03:40 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2014-10-14 22:13 - 2014-07-07 03:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-10-14 22:13 - 2014-07-07 03:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-10-14 22:13 - 2014-07-07 03:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2014-10-14 22:13 - 2014-07-07 03:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-10-14 22:13 - 2014-07-07 03:40 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2014-10-14 22:13 - 2014-07-07 03:40 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2014-10-14 22:13 - 2014-07-07 03:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2014-10-14 22:13 - 2014-07-07 03:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2014-10-14 22:13 - 2014-07-07 03:39 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2014-10-14 22:13 - 2014-07-07 03:39 - 03970488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-10-14 22:13 - 2014-07-07 03:39 - 03914680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-10-14 22:13 - 2014-07-07 03:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-10-14 22:13 - 2014-07-07 03:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-10-14 22:13 - 2014-07-07 03:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-10-14 22:13 - 2014-06-28 02:21 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-10-14 22:13 - 2014-06-28 02:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-10-14 22:13 - 2014-06-28 02:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2014-10-14 22:12 - 2014-10-07 04:54 - 00378552 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-14 22:12 - 2014-10-07 04:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-10-14 22:12 - 2014-09-26 00:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-10-14 22:12 - 2014-09-26 00:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-14 22:12 - 2014-09-26 00:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-14 22:12 - 2014-09-26 00:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-14 22:12 - 2014-09-26 00:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-14 22:12 - 2014-09-19 03:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-14 22:12 - 2014-09-19 03:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-10-14 22:12 - 2014-09-19 03:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-14 22:12 - 2014-09-19 03:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-14 22:12 - 2014-09-19 03:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-10-14 22:12 - 2014-09-19 03:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-14 22:12 - 2014-09-19 03:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-10-14 22:12 - 2014-09-19 03:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-10-14 22:12 - 2014-09-19 03:14 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-14 22:12 - 2014-09-19 03:06 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-14 22:12 - 2014-09-19 03:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-10-14 22:12 - 2014-09-19 03:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-10-14 22:12 - 2014-09-19 02:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-14 22:12 - 2014-09-19 02:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-10-14 22:12 - 2014-09-19 02:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-10-14 22:12 - 2014-09-19 02:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-10-14 22:12 - 2014-09-19 02:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-10-14 22:12 - 2014-09-19 02:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-14 22:12 - 2014-09-19 02:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-14 22:12 - 2014-09-19 02:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-14 22:12 - 2014-09-19 02:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-14 22:12 - 2014-09-19 02:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-14 22:12 - 2014-09-19 01:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-14 22:12 - 2014-08-29 04:07 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-10-14 22:11 - 2014-10-10 04:05 - 00507392 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-10-14 22:11 - 2014-10-10 04:05 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-10-14 22:11 - 2014-10-10 04:00 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-10-14 22:11 - 2014-09-29 02:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-14 22:11 - 2014-09-26 00:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-14 22:11 - 2014-09-26 00:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-14 22:11 - 2014-09-19 04:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-14 22:11 - 2014-09-19 03:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-14 22:11 - 2014-09-19 03:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-14 22:11 - 2014-09-19 03:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-14 22:11 - 2014-09-19 03:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-14 22:11 - 2014-09-19 03:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-14 22:11 - 2014-09-19 03:27 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-14 22:11 - 2014-09-19 03:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-14 22:11 - 2014-09-19 03:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-14 22:11 - 2014-09-19 03:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-14 22:11 - 2014-09-19 03:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-14 22:11 - 2014-09-19 03:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-10-14 22:11 - 2014-09-19 03:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-14 22:11 - 2014-09-19 03:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-14 22:11 - 2014-09-19 02:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-10-14 22:11 - 2014-09-19 02:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-14 22:11 - 2014-09-19 02:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-10-14 22:11 - 2014-09-19 02:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-10-14 22:11 - 2014-09-19 02:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-14 22:11 - 2014-09-19 02:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-10-14 22:11 - 2014-09-19 02:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-10-14 22:11 - 2014-09-19 01:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-14 22:11 - 2014-09-19 01:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-14 22:11 - 2014-09-19 01:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-10-14 22:11 - 2014-09-18 04:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-14 22:11 - 2014-09-18 03:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-10-14 22:11 - 2014-06-19 00:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-14 22:11 - 2014-06-19 00:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-14 22:11 - 2014-06-19 00:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-14 22:11 - 2014-06-19 00:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-14 22:11 - 2014-06-19 00:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-14 22:11 - 2014-06-19 00:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-14 22:10 - 2014-09-04 07:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-14 22:10 - 2014-09-04 07:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-14 22:10 - 2014-07-17 04:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-14 22:10 - 2014-07-17 04:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-14 22:10 - 2014-07-17 04:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-14 22:10 - 2014-07-17 04:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-14 22:10 - 2014-07-17 04:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-10-14 22:10 - 2014-07-17 04:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-10-14 22:10 - 2014-07-17 03:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-10-14 22:10 - 2014-07-17 03:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-10-14 22:10 - 2014-07-17 03:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-10-14 22:10 - 2014-07-17 03:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-14 22:10 - 2014-07-17 03:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-14 22:05 - 2014-09-13 03:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-14 22:05 - 2014-09-13 03:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-14 22:05 - 2014-09-05 04:11 - 06584320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-14 22:05 - 2014-09-05 03:52 - 05703168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-14 21:36 - 2014-10-14 21:36 - 00071934 _____ () C:\Windows\system32\.crusader
2014-10-14 21:00 - 2014-10-14 21:44 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-10-14 21:00 - 2014-10-14 21:00 - 00001905 _____ () C:\Users\Public\Desktop\HitmanPro.lnk
2014-10-14 21:00 - 2014-10-14 21:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2014-10-14 21:00 - 2014-10-14 21:00 - 00000000 ____D () C:\Program Files\HitmanPro
2014-10-14 20:59 - 2014-10-14 20:59 - 11194928 _____ (SurfRight B.V.) C:\Users\Susanne\Downloads\HitmanPro_x64.exe
2014-10-13 04:43 - 2014-10-13 04:43 - 00000000 ____D () C:\Program Files (x86)\Elex-tech
2014-10-13 04:41 - 2014-10-13 04:43 - 00000000 ____D () C:\Users\Susanne\AppData\Roaming\Elex-tech
2014-10-13 04:24 - 2014-10-13 04:24 - 00000000 _____ () C:\autoexec.bat
2014-10-13 04:00 - 2014-10-14 18:46 - 00000000 ____D () C:\Users\Public\Documents\Stronghold AntiMalware
2014-10-13 03:58 - 2014-10-13 03:58 - 00000000 ____D () C:\sh4ldr
2014-10-13 03:58 - 2014-10-13 03:58 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-10-13 03:57 - 2014-10-13 03:58 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-10-08 15:33 - 2014-10-15 00:12 - 00502544 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-08 04:35 - 2014-10-08 04:35 - 00000000 ____D () C:\Users\Susanne\AppData\Local\fastplayer
2014-10-08 04:25 - 2014-10-09 03:19 - 00000000 ____D () C:\Program Files (x86)\ORBTR
2014-10-08 03:58 - 2014-10-08 04:08 - 00000000 ___HD () C:\Users\Public\Temp
2014-10-08 03:57 - 2014-10-08 06:35 - 00004040 _____ () C:\Windows\System32\Tasks\LaunchSignup
2014-10-08 03:55 - 2014-10-14 22:48 - 00000000 ____D () C:\Program Files (x86)\PepperZip
2014-10-04 00:45 - 2014-10-04 00:45 - 15197616 _____ (Ventis Media Inc. ) C:\Users\Susanne\Downloads\MediaMonkey_4.1.4.1709.exe
2014-10-03 00:11 - 2014-10-03 00:11 - 00001141 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Update.lnk
2014-10-02 23:30 - 2014-10-02 23:30 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-10-02 23:30 - 2014-10-02 23:30 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-10-02 23:30 - 2014-10-02 23:30 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-10-02 23:27 - 2014-10-02 23:27 - 00918952 _____ (Oracle Corporation) C:\Users\Susanne\Downloads\jxpiinstall(17).exe
2014-10-02 05:32 - 2014-10-02 05:32 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Susanne\Downloads\mbam-setup-2.0.2.1012(2).exe
2014-10-01 16:22 - 2014-09-25 04:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-10-01 16:22 - 2014-09-25 03:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-10-01 13:45 - 2013-06-12 14:10 - 00033512 _____ () C:\Windows\system32\Drivers\DasPtct.SYS
2014-10-01 13:43 - 2014-10-01 13:44 - 30543696 _____ (Panda Security ) C:\Users\Susanne\Downloads\PandaCloudCleaner.exe
2014-10-01 13:41 - 2014-10-17 18:11 - 00000000 ____D () C:\ProgramData\Spyware Terminator
2014-10-01 13:41 - 2014-10-01 13:41 - 00051496 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\stflt.sys
2014-10-01 13:41 - 2014-10-01 13:41 - 00001038 _____ () C:\Users\Public\Desktop\Spyware Terminator 2012.lnk
2014-10-01 13:41 - 2014-10-01 13:41 - 00000000 ____D () C:\Users\Susanne\AppData\Roaming\Spyware Terminator
2014-10-01 13:41 - 2014-10-01 13:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spyware Terminator 2012
2014-10-01 13:40 - 2014-10-17 18:14 - 00000000 ____D () C:\Program Files (x86)\Spyware Terminator
2014-10-01 13:39 - 2014-10-01 13:39 - 00937232 _____ (Crawler.com ) C:\Users\Susanne\Downloads\SpywareTerminatorSetup.exe
2014-10-01 13:34 - 2014-10-01 13:34 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Susanne\Downloads\mbam-setup-2.0.2.1012(1).exe
2014-09-25 22:02 - 2014-10-15 16:59 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox.bak
2014-09-24 23:26 - 2014-09-10 00:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-24 23:26 - 2014-09-09 23:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-09-23 20:59 - 2014-09-23 20:59 - 00000000 _____ () C:\Users\Susanne\Downloads\FAPEE45.tmp
2014-09-23 20:54 - 2014-09-23 20:54 - 00000000 _____ () C:\Users\Susanne\Downloads\FAP5973.tmp
2014-09-23 20:50 - 2014-09-23 20:50 - 00000000 _____ () C:\Users\Susanne\Downloads\FAP4E49.tmp
2014-09-23 20:44 - 2014-09-23 20:44 - 00000000 _____ () C:\Users\Susanne\Downloads\FAPEE2C.tmp
2014-09-23 20:39 - 2014-09-23 20:39 - 00000000 _____ () C:\Users\Susanne\Downloads\FAP4A7B.tmp
2014-09-23 20:39 - 2014-09-23 20:39 - 00000000 _____ () C:\Users\Susanne\Downloads\FAP3DFA.tmp
2014-09-23 20:37 - 2014-09-23 20:37 - 00000000 _____ () C:\Users\Susanne\Downloads\FAP272D.tmp
2014-09-23 20:35 - 2014-09-23 20:35 - 00000000 _____ () C:\Users\Susanne\Downloads\FAPE0D4.tmp
2014-09-23 20:35 - 2014-09-23 20:35 - 00000000 _____ () C:\Users\Susanne\Downloads\FAPCF25.tmp
2014-09-23 20:35 - 2014-09-23 20:35 - 00000000 _____ () C:\Users\Susanne\Downloads\FAP6A80.tmp
2014-09-23 20:24 - 2014-09-23 20:24 - 00000000 _____ () C:\Users\Susanne\Downloads\FAP1A45.tmp
2014-09-23 20:18 - 2014-09-23 20:18 - 00000000 _____ () C:\Users\Susanne\Downloads\FAP3E74.tmp
2014-09-23 20:01 - 2014-09-23 20:01 - 00000000 _____ () C:\Users\Susanne\Downloads\FAP5AB8.tmp
2014-09-23 19:57 - 2014-09-23 19:57 - 00000000 _____ () C:\Users\Susanne\Downloads\FAP7FF0.tmp

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-19 21:21 - 2013-03-06 22:19 - 00000000 ____D () C:\Users\Susanne\AppData\Roaming\NetSpeedMonitor
2014-10-19 21:19 - 2014-07-23 03:43 - 01904907 _____ () C:\Windows\WindowsUpdate.log
2014-10-19 21:19 - 2012-02-28 04:06 - 00000000 ____D () C:\Users\Susanne\AppData\Roaming\Spamihilator
2014-10-19 19:59 - 2012-03-01 22:33 - 00000000 ____D () C:\Users\Susanne\AppData\Local\CrashDumps
2014-10-19 19:34 - 2012-08-11 03:52 - 00000936 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3723462230-206843849-3249284018-1000UA.job
2014-10-19 16:34 - 2012-08-11 03:52 - 00000914 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3723462230-206843849-3249284018-1000Core.job
2014-10-18 00:19 - 2009-07-14 06:45 - 00028624 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-18 00:19 - 2009-07-14 06:45 - 00028624 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-18 00:15 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-10-18 00:10 - 2013-12-23 01:51 - 00000000 ____D () C:\Users\Susanne\AppData\Roaming\Wise Care 365
2014-10-18 00:09 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-18 00:08 - 2012-02-28 02:14 - 00000000 ____D () C:\Users\Susanne
2014-10-18 00:07 - 2014-09-08 15:27 - 00000000 _RSHD () C:\360SANDBOX
2014-10-17 23:29 - 2014-09-08 15:27 - 00000000 ____D () C:\Windows\Tasks\360Disabled
2014-10-17 23:29 - 2013-12-23 01:52 - 00003080 _____ () C:\Windows\System32\Tasks\Wise Turbo Checker
2014-10-16 20:53 - 2014-05-19 16:25 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-10-15 18:58 - 2012-04-25 01:01 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-10-15 16:36 - 2014-09-11 22:36 - 00000000 __SHD () C:\ProgramData\360Quarant
2014-10-15 16:36 - 2014-09-11 18:10 - 00000000 __SHD () C:\$360Section
2014-10-15 00:54 - 2013-05-02 11:51 - 00043064 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-10-15 00:54 - 2013-03-28 22:11 - 00131608 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-10-15 00:54 - 2013-03-28 22:11 - 00119272 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-10-15 00:47 - 2014-08-27 21:37 - 00000000 ____D () C:\Users\Susanne\AppData\Local\Adobe
2014-10-15 00:47 - 2012-04-04 16:14 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-10-15 00:47 - 2012-04-04 16:14 - 00003824 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-10-15 00:47 - 2012-02-28 01:32 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-10-14 23:03 - 2012-02-28 01:04 - 00700118 _____ () C:\Windows\system32\perfh007.dat
2014-10-14 23:03 - 2012-02-28 01:04 - 00149968 _____ () C:\Windows\system32\perfc007.dat
2014-10-14 23:03 - 2011-02-11 01:03 - 01596508 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-10-14 23:03 - 2009-07-14 07:13 - 01596508 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-14 22:59 - 2013-01-23 03:35 - 00000000 ____D () C:\Users\Susanne\AppData\Local\Abelssoft
2014-10-14 22:38 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-10-14 22:31 - 2014-04-22 20:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-10-14 22:31 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-10-14 22:31 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-10-14 22:23 - 2013-08-14 13:50 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-14 22:14 - 2012-02-28 05:29 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-10-14 18:46 - 2014-06-18 00:51 - 00000000 ____D () C:\Windows\system32\log
2014-10-14 18:46 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-10-14 18:46 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2014-10-14 18:45 - 2014-09-08 15:27 - 00000000 ____D () C:\ProgramData\360safe
2014-10-14 18:45 - 2012-12-24 02:36 - 00000000 ____D () C:\Users\Susanne\AppData\Roaming\IObit
2014-10-13 02:53 - 2014-09-08 15:34 - 00000000 __SHD () C:\Users\Susanne\AppData\Roaming\360Quarant
2014-10-09 21:56 - 2014-06-03 14:06 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-08 04:49 - 2014-09-08 15:27 - 00000000 ____D () C:\Users\Susanne\AppData\Roaming\360safe
2014-10-08 04:10 - 2013-10-29 01:03 - 00001382 _____ () C:\Users\Susanne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-10-08 04:10 - 2012-02-28 03:12 - 00001283 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-10-08 04:10 - 2012-02-28 03:12 - 00001271 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-10-08 04:10 - 2012-02-28 02:16 - 00001643 _____ () C:\Users\Susanne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-10-08 03:58 - 2014-06-05 00:28 - 00000000 ____D () C:\ProgramData\Package Cache
2014-10-04 01:05 - 2013-02-09 18:50 - 00000000 ____D () C:\Users\Susanne\AppData\Roaming\MediaMonkey
2014-10-04 00:48 - 2013-02-09 18:50 - 00000742 _____ () C:\Users\Public\Desktop\MediaMonkey.lnk
2014-10-04 00:48 - 2013-02-09 18:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MediaMonkey
2014-10-03 03:34 - 2012-02-28 02:25 - 00000000 ____D () C:\Update
2014-10-03 03:27 - 2014-09-14 02:10 - 00000000 ____D () C:\Windows\Temp083112BD-D59E-8962-B4C4-F089FCBF1BD7-Signatures
2014-10-03 03:27 - 2012-02-28 01:22 - 00000000 ____D () C:\temp
2014-10-03 00:11 - 2012-02-28 01:28 - 00000000 ____D () C:\Windows\System32\Tasks\Sony Corporation
2014-10-03 00:11 - 2012-02-28 01:06 - 00000000 ____D () C:\ProgramData\Sony Corporation
2014-10-03 00:10 - 2012-02-28 01:16 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-10-03 00:10 - 2012-02-28 01:06 - 00000000 ____D () C:\Program Files\Sony
2014-10-02 23:31 - 2013-09-26 13:13 - 00000000 ____D () C:\ProgramData\Oracle
2014-10-02 23:30 - 2014-08-11 15:49 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-10-02 05:34 - 2014-06-03 14:05 - 00000787 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-10-02 05:34 - 2014-06-03 14:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-10-01 15:52 - 2012-02-29 03:40 - 00000000 ____D () C:\Users\Susanne\AppData\Roaming\SoftGrid Client
2014-09-27 03:14 - 2013-04-27 03:19 - 00000000 ____D () C:\Users\Susanne\AppData\Roaming\DVDVideoSoft
2014-09-22 08:42 - 2010-11-21 05:27 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-09-20 01:54 - 2013-12-15 01:38 - 00003104 _____ () C:\Windows\System32\Tasks\RegOrganizerQuickLaunch
2014-09-20 01:54 - 2013-12-15 01:38 - 00003044 _____ () C:\Windows\System32\Tasks\AnVir Task Manager
2014-09-20 01:54 - 2013-02-28 03:01 - 00000000 ____D () C:\Users\Susanne\AppData\Roaming\Skype

Files to move or delete:
====================
C:\Users\Susanne\fbchathistory.dat


Some content of TEMP:
====================
C:\Users\Susanne\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-02 18:34

==================== End Of Log ============================
         
--- --- ---

--- --- ---
__________________

Alt 19.10.2014, 20:37   #4
Merline
 
Pepper zip - Standard

Pepper zip



FRST Additions Logfile:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-10-2014 01
Ran by Susanne at 2014-10-19 21:21:18
Running from C:\Users\Susanne\DOWNLOADS
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AV: 360 Total Security (Disabled - Up to date) {2B66EE1E-E5C8-C2F7-648F-4E55AC68D37D}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: 360 Total Security (Disabled - Up to date) {90070FFA-C3F2-CD79-5E3F-7527D7EF99C0}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

1-abc.net Drive Space Organizer (Remove only) (HKLM-x32\...\1-abc.net Drive Space Organizer) (Version:  - )
2.01 (HKLM-x32\...\Vollversion 2.01 Fix-Anzeiger_is1) (Version:  - Michael Zinke-Trentsch)
360 Total Security (HKLM-x32\...\360TotalSecurity) (Version: 5.0.0.2001 - 360 Security Center)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
ActiveX контрола на Windows Live Mesh за отдалечени връзки (HKLM-x32\...\{B3BA4D1C-23EF-4859-9C11-1B2CCB7FADBB}) (Version: 15.4.5722.2 - Microsoft Corporation)
ActiveX-kontroll för fjärranslutningar för Windows Live Mesh (HKLM-x32\...\{376D59B1-42D9-4FA2-B6CC-E346B6BE14F5}) (Version: 15.4.5722.2 - Microsoft Corporation)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.7.0.19460 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 2.7.0.19460 - Adobe Systems Incorporated) Hidden
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.2.1.650 - Adobe Systems Incorporated)
Adobe Community Help (x32 Version: 3.2.1 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.189 - Adobe Systems Incorporated)
Adobe Photoshop Elements 9 (HKLM-x32\...\Adobe Photoshop Elements 9) (Version: 9.0 - Adobe Systems Incorporated)
Adobe Photoshop Elements 9 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Playpanel (HKLM-x32\...\{69967F97-E880-44B9-8383-5278BBC8809B}) (Version: 1.3.0.33 - Adobe Systems Incorporated)
Adobe Premiere Elements 9 (HKLM-x32\...\PremElem90) (Version: 9.0 - Adobe Systems Incorporated)
Adobe Premiere Elements 9 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.)
Advanced SystemCare 6 (HKLM-x32\...\Advanced SystemCare 6_is1) (Version: 6.0 - IObit)
Amazon Cloud Player (HKCU\...\Amazon Amazon Cloud Player) (Version: 2.3.0.422 - Amazon Services LLC)
AMD APP SDK Runtime (Version: 2.4.595.10 - Advanced Micro Devices Inc.) Hidden
AniFX 1.0 (HKLM-x32\...\AniFX_is1) (Version:  - )
AnVir Task Manager (HKLM-x32\...\AnVir Task Manager) (Version:  - AnVir Software)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft Magic-i Visual Effects 2 (HKLM-x32\...\{B1893E3F-9BDF-443F-BED0-1AAA2D9E0D68}) (Version: 2.0.149 - ArcSoft)
ArcSoft WebCam Companion 4 (HKLM-x32\...\{B77DE05C-7C84-4011-B93F-A29D0D2840F4}) (Version: 4.0.444 - ArcSoft)
Ashampoo WinOptimizer 10 v.10.2.6 (HKLM-x32\...\{4209F371-88D4-AB00-ED2B-D6520C84D9D5}_is1) (Version: 10.02.06 - Ashampoo GmbH & Co. KG)
Ashampoo WinOptimizer 2013 v.1.0.0 (HKLM-x32\...\{4209F371-7B85-60AD-E5CE-E4409D39E3DE}_is1) (Version: 1.00.00 - Ashampoo GmbH & Co. KG)
Ashampoo WinOptimizer 8 v.8.14.00 (HKLM-x32\...\{4209F371-4927-659B-6665-F7524E53AE40}_is1) (Version: 8.14.00 - Ashampoo GmbH & Co. KG)
ATI Catalyst Install Manager (HKLM\...\{E34DB4F2-8F02-EBB7-7E42-28B8986A7850}) (Version: 3.0.825.0 - ATI Technologies, Inc.)
Audials (HKLM-x32\...\{2E5052A2-8E3D-4229-A5EB-2465B260D917}) (Version: 8.0.54900.0 - RapidSolution Software AG)
Audials (HKLM-x32\...\{8ABEEC21-B23C-4610-B57A-BE94345D4096}) (Version: 9.0.57913.1300 - RapidSolution Software AG)
Audials TV (HKLM-x32\...\{24EE4523-711A-4BD1-95EA-F73A8A6950D3}) (Version: 1.3.10803.300 - RapidSolution Software AG)
Autostart-Manager (HKLM-x32\...\{5C2C73F6-CE73-4A01-868E-7045B7805334}) (Version: 6.02.0000 - Wirth IT Design )
Avira (HKLM-x32\...\{df495620-2ba9-412d-828d-b27f020d9fc8}) (Version: 1.1.18.28431 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.18.28431 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.7.306 - Avira)
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.04.000.82 - Atheros Communications)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center (x32 Version: 2011.0630.809.12749 - Ihr Firmenname) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2011.0630.809.12749 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2011.0630.809.12749 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2011.0630.809.12749 - ATI) Hidden
Catalyst Control Center Profiles Mobile (x32 Version: 2011.0630.809.12749 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2011.0630.0808.12749 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2011.0630.0808.12749 - ATI) Hidden
CCC Help Czech (x32 Version: 2011.0630.0808.12749 - ATI) Hidden
CCC Help Danish (x32 Version: 2011.0630.0808.12749 - ATI) Hidden
CCC Help Dutch (x32 Version: 2011.0630.0808.12749 - ATI) Hidden
CCC Help English (x32 Version: 2011.0630.0808.12749 - ATI) Hidden
CCC Help Finnish (x32 Version: 2011.0630.0808.12749 - ATI) Hidden
CCC Help French (x32 Version: 2011.0630.0808.12749 - ATI) Hidden
CCC Help German (x32 Version: 2011.0630.0808.12749 - ATI) Hidden
CCC Help Greek (x32 Version: 2011.0630.0808.12749 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2011.0630.0808.12749 - ATI) Hidden
CCC Help Italian (x32 Version: 2011.0630.0808.12749 - ATI) Hidden
CCC Help Japanese (x32 Version: 2011.0630.0808.12749 - ATI) Hidden
CCC Help Korean (x32 Version: 2011.0630.0808.12749 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2011.0630.0808.12749 - ATI) Hidden
CCC Help Polish (x32 Version: 2011.0630.0808.12749 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2011.0630.0808.12749 - ATI) Hidden
CCC Help Russian (x32 Version: 2011.0630.0808.12749 - ATI) Hidden
CCC Help Spanish (x32 Version: 2011.0630.0808.12749 - ATI) Hidden
CCC Help Swedish (x32 Version: 2011.0630.0808.12749 - ATI) Hidden
CCC Help Thai (x32 Version: 2011.0630.0808.12749 - ATI) Hidden
CCC Help Turkish (x32 Version: 2011.0630.0808.12749 - ATI) Hidden
ccc-utility64 (Version: 2011.0630.809.12749 - ATI) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.13 - Piriform)
CHIP Updater (HKLM-x32\...\CHIP Updater_is1) (Version: 2.33 - Abelssoft)
CloudScout (x32 Version: 1.0.0.1 - CloudGuard) Hidden
concept/design Video Jukebox (HKLM-x32\...\{37569A10-CB38-4615-8B32-0BF9FF5D887D}_is1) (Version: 1.3.0.0 - concept/design GmbH)
Control ActiveX Windows Live Mesh pentru conexiuni la distanță (HKLM-x32\...\{260E3D78-94E6-47EC-8E29-46301572BB1E}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (HKLM-x32\...\{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}) (Version: 15.4.5722.2 - Microsoft Corporation)
CPUID CPU-Z 1.69.2 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
CrystalDiskInfo 6.2.1 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.2.1 - Crystal Dew World)
CursorFX (HKLM-x32\...\CursorFX) (Version: 2.13 - Stardock Corporation)
CursorFX (HKLM-x32\...\CursorFX2.11) (Version: 2.11 - Stardock Corporation)
CursorMania Toolbar (HKLM-x32\...\CursorMania_7lbar Uninstall) (Version:  - Mindspark Interactive Network) <==== ATTENTION
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DC-Bass Source 1.3.0 (HKLM-x32\...\DC-Bass Source) (Version:  - )
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.8 - DivX, LLC)
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.7000.6 - Dolby Laboratories Inc)
Driver Booster (HKLM-x32\...\Driver Booster_is1) (Version: 1.5 - IObit)
EasyCleaner (HKLM-x32\...\{F5346614-B7C4-4E94-826A-E2363155233D}) (Version: 2.0.6.380 - )
eJuice Me Up (HKLM-x32\...\{28107FBC-832A-4E18-9C9D-4E771B441F69}) (Version: 10.5.0.0 - Breaktru Software)
Elements 9 Organizer (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Elements STI Installer (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Evernote v. 4.4 (HKLM-x32\...\{F761359C-9CED-45AE-9A51-9D6605CD55C4}) (Version: 4.4.0.4848 - Evernote Corp.)
Facebook Messenger 2.1.4814.0 (HKLM-x32\...\{7204BDEE-1A48-4D95-A964-44A9250B439E}) (Version: 2.1.4814.0 - Facebook)
FaceFilter Studio 2 (HKLM-x32\...\{F59205C8-E5FB-43F5-AAB2-16C1760D4F59}) (Version: 2.0 - Reallusion)
FeedDemon (HKLM-x32\...\FeedDemon_is1) (Version: 4.1.0.0 - NewsGator Technologies, Inc.)
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych (HKLM-x32\...\{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}) (Version: 15.4.5722.2 - Microsoft Corporation)
FRANZIS onlineTV 8 (HKLM-x32\...\{CBC88F0E-1960-4AC3-8C38-8BAD44E3F6E3}_is1) (Version: 8.5.0.10 - FRANZIS Verlag GmbH)
Free Internet Tuner v1.0.0.0 (HKLM-x32\...\Free Internet Tuner_is1) (Version: 1.0.0.0 - FreeInternetTuner.com)
Free Registry Tuner v1.0.0.6 (HKLM-x32\...\Free Registry Tuner_is1) (Version: 1.0.0.6 - FreeRegistryTuner.com)
Free Studio version 2013 (HKLM-x32\...\Free Studio_is1) (Version: 6.1.1.426 - DVDVideoSoft Ltd.)
Free Windows Tuner v2.0.0.6 (HKLM-x32\...\Free Windows Tuner_is1) (Version: 2.0.0.6 - FreeWindowsTuner.com)
Free YouTube to iPhone Converter version 2.12.2.426 (HKLM-x32\...\Free YouTube to iPhone Converter_is1) (Version: 2.12.2.426 - DVDVideoSoft Ltd.)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
GIMP 2.6.12 (HKLM-x32\...\WinGimp-2.0_is1) (Version: 2.6.12 - The GIMP Team)
Glary Utilities 4.1 (HKLM-x32\...\Glary Utilities 4) (Version: 4.1.0.61 - Glarysoft Ltd)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version:  - )
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.225 - SurfRight B.V.)
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
IncrediMail (x32 Version: 6.3.9.5260 - IncrediMail) Hidden
IncrediMail 2.0 (HKLM-x32\...\IncrediMail) (Version: 6.3.9.5260 - IncrediMail Ltd.)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Display Audio Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 6.14.00.3074 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.5.0.1026 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.35 - Irfan Skiljan)
iTunes (HKLM\...\{33E28B58-7BA0-47B7-AA01-9225ABA2B8A9}) (Version: 11.3.0.54 - Apple Inc.)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
K-Lite Codec Pack 6.0.4 (Basic) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 6.0.4 - )
LastPass(Nur deinstallieren) (HKLM-x32\...\LastPass) (Version:  - LastPass)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Media Gallery (Version: 1.5.0.17250 - Your Company Name) Hidden
Media Go (HKLM-x32\...\{362AB21A-E2C4-40CE-81C2-8C4D62B0635A}) (Version: 2.4.256 - Sony)
Media Go Video Playback Engine 1.116.108.02030 (HKLM-x32\...\{54215B8A-6212-8DB8-39B4-98EE2BB98BD1}) (Version: 1.116.108.02030 - Sony)
MediaMonkey 4.1 (HKLM-x32\...\MediaMonkey_is1) (Version: 4.1 - Ventis Media Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Antimalware Service DE-DE Language Pack (Version: 3.0.8402.2 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Fix it Center (HKLM\...\{B7588D45-AFDC-4C93-9E2E-A100F3554B64}) (Version: 1.0.0100 - Microsoft Corporation)
Microsoft Office 365 Home Premium - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 15.0.4569.1508 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Security Client (Version: 4.6.0305.0 - Microsoft Corporation) Hidden
Microsoft Security Client DE-DE Language Pack (Version: 2.1.1116.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 17.0.2003.1112 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Mozilla Firefox 33.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 33.0 (x86 de)) (Version: 33.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
NetSpeedMonitor 2.5.4.0 x64 (HKLM\...\{88F41EE2-949B-4B52-933D-C7F8F67BC1D2}) (Version: 2.5.4.0 - Florian Gilles)
Numerus Mystikos Version 1.0 (HKLM-x32\...\{A3B18492-11B6-4345-BEAA-2B6A67F4AB7B}_is1) (Version: 1.0 - Angelina Schulze Verlag)
Nur Entfernen der CopyTrans Suite möglich (HKCU\...\CopyTrans Suite) (Version: 2.37 - WindSolutions)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4569.1508 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4569.1508 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4569.1508 - Microsoft Corporation) Hidden
OpenOffice 4.0.0 (HKLM-x32\...\{B28DBCBA-60F8-40ED-B35B-F510C327946C}) (Version: 4.00.9702 - Apache Software Foundation)
OpenSource Flash Video Splitter 1.0.0.5 (HKLM-x32\...\OpenSource Flash Video Splitter) (Version: 1.0.0.5 - )
Orphalese Tarot (HKLM-x32\...\{BFC1259A-0CAF-4EAE-9513-06F180BDF0C9}) (Version: 9.0 - Orphalese Data Solution Ltd.)
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM-x32\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia (HKLM-x32\...\{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}) (Version: 15.4.5722.2 - Microsoft Corporation)
Panda Cloud Cleaner (HKLM-x32\...\{92B2B132-C7F0-43DC-921A-4493C04F78A4}_is1) (Version: 1.0.68 - Panda Security)
PepperZip 1.0 (HKLM-x32\...\PepperZip) (Version: 1.0 - PepperWare Co.) <==== ATTENTION
Photo Notifier and Animation Creator (x32 Version: 1.0.0.1009 - Ihr Firmenname) Hidden
Photomizer (HKLM-x32\...\{A00F8237-F496-44D2-0001-E3CCF8CD58AE}) (Version: 1.3.12.723 - Engelmann Media GmbH)
PlayMemories Home Plug-in (Version: 2.0.00.14170 - Sony Corporation) Hidden
PlayMemories Home/PMB VAIO Edition Plug-in 3D Theme Data (x32 Version: 1.0.00.16130 - Sony Corporation) Hidden
PlayMemories Home/PMB VAIO Edition Plug-in Ver.2.2 Upgrade Program (x32 Version: 2.2.00.18250 - Sony Corporation) Hidden
PlayStation(R)Network Downloader (HKLM-x32\...\{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}) (Version: 2.07.00849 - Sony Computer Entertainment Inc.)
PlayStation(R)Store (HKLM-x32\...\{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}) (Version: 4.14.6.15183 - Sony Computer Entertainment Inc.)
Plus500 (HKLM-x32\...\Plus500) (Version:  - )
PMB (HKLM-x32\...\{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}) (Version: 5.6.01.03300 - Sony Corporation)
PMB VAIO Edition Guide (x32 Version: 1.6.00.06030 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (x32 Version: 1.6.00.06010 - Sony Corporation) Hidden
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Qualcomm Atheros Direct Connect (x32 Version: 3.0 - Qualcomm Atheros) Hidden
Quick Web Access (HKLM-x32\...\splashtop) (Version: 1.4.7.2 - Sony Corporation)
Quick Web Access (x32 Version: 1.4.7.2 - Sony Corporation) Hidden
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6602 - Realtek Semiconductor Corp.)
Reg Organizer version 6.31 (HKLM-x32\...\Reg Organizer_is1) (Version: 6.31 - ChemTable Software)
Remote Keyboard (x32 Version: 1.1.1.07060 - Sony Corporation) Hidden
Remote Play with PlayStation 3 (x32 Version: 1.1.0.15072 - Sony Corporation) Hidden
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.32.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.32.0 - Renesas Electronics Corporation) Hidden
Schoener Fernsehen 0.0.0.1 (HKLM-x32\...\Schoener Fernsehen) (Version: 0.0.0.1 - © schoener-fernsehen.com)
Schriftenbibliothek (HKLM-x32\...\Schriftenbibliothek_is1) (Version:  - )
Screen Recording Suite V2.5.0 (HKLM-x32\...\{EB9F3F92-4857-4121-AA6F-1C424AC6C266}_is1) (Version: 2.5.0 - Apowersoft)
SecondLifeViewer (remove only) (HKLM-x32\...\SecondLifeViewer) (Version:  - )
SIW 2013 Home Edition (HKLM-x32\...\{AB67580-257C-45FF-B8F4-C8C30682091A}_is1) (Version: 2013.05.14 - Topala Software Solutions)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
SmartSound Quicktracks for Premiere Elements 9.0 (HKLM-x32\...\InstallShield_{6748E773-5DA0-4D19-8AA5-273B4133A09B}) (Version: 3.12.3090 - SmartSound Software Inc)
SmartSound Quicktracks for Premiere Elements 9.0 (x32 Version: 3.12.3090 - SmartSound Software Inc) Hidden
Sony Corporation (Version: 1.0.0 - Default Company Name) Hidden
Spamihilator 1.5.0 (64-Bit) (HKLM\...\{A0D450C6-07C4-40C7-8D2B-840565E91987}) (Version: 1.5.0 - Michel Krämer)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Spotify (HKCU\...\Spotify) (Version: 0.9.0.128.g3134f863 - Spotify AB)
Spyware Terminator 2012 (HKLM-x32\...\{56736259-613E-4A3B-B428-6235F2E76F44}_is1) (Version: 3.0.0.82 - Crawler, LLC)
SSLx64 (Version: 1.0.0 - Sony Corporation ) Hidden
SSLx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.2.6.0 - Synaptics Incorporated)
Tarot Office 1.1 (HKLM-x32\...\ST6UNST #1) (Version:  - )
Total Video Converter 3.71 100812 (HKLM-x32\...\Total Video Converter 3.71_is1) (Version:  - EffectMatrix Inc.)
TubeBox (HKLM-x32\...\{dfba3ed5-70d7-4801-8429-7e77a5fb11ea}) (Version: 5.0.0.0 - Freetec)
TubeBox (x32 Version: 5.0.0.0 - Freetec) Hidden
TuneUp Utilities Language Pack (de-DE) (x32 Version: 12.0.3600.73 - TuneUp Software) Hidden
Typograf 5.1f (HKLM-x32\...\Typograf) (Version: 5.1f - Neuber Software)
Uzak Bağlantılar İçin Windows Live Mesh ActiveX Denetimi (HKLM-x32\...\{241E7104-937A-4366-AD57-8FDDDB003939}) (Version: 15.4.5722.2 - Microsoft Corporation)
VAIO - Media Gallery (HKLM-x32\...\{FA870BF1-44A1-4B7D-93E1-C101369AF0C1}) (Version: 1.5.0.18100 - Sony Corporation)
VAIO - PlayMemories Home Plug-in (HKLM-x32\...\InstallShield_{F9395F3D-4198-476C-8C41-63D0B5B51E35}) (Version: 2.2.00.18250 - Sony Corporation)
VAIO - PMB VAIO Edition Guide (HKLM-x32\...\InstallShield_{66081CDD-C1FE-415F-BB3A-F2622BA27461}) (Version: 1.6.00.06030 - Sony Corporation)
VAIO - Remote Play mit PlayStation®3 (HKLM-x32\...\{07441A52-E208-478A-92B7-5C337CA8C131}) (Version: 1.1.0.15072 - Sony Corporation)
VAIO - Remote-Tastatur  (HKLM-x32\...\{7396FB15-9AB4-4B78-BDD8-24A9C15D2C65}) (Version: 1.1.0.07060 - Sony Corporation)
VAIO Care (HKLM\...\{4D95D095-8C6F-4357-BDD8-27E295F37FB1}) (Version: 7.3.1.05290 - Sony Corporation)
VAIO Control Center (HKLM-x32\...\{8E797841-A110-41FD-B17A-3ABC0641187A}) (Version: 5.0.0.07070 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.7.0.05270 - Sony Corporation)
VAIO Data Restore Tool (x32 Version: 1.7.0.05270 - Sony Corporation) Hidden
VAIO Easy Connect (HKLM-x32\...\InstallShield_{7C80D30A-AC02-4E3F-B95D-29F0E4FF937B}) (Version: 1.1.2.01120 - Sony Corporation)
VAIO Easy Connect (x32 Version: 1.1.2.01120 - Sony Corporation) Hidden
VAIO Gate (HKLM-x32\...\{A7C30414-2382-4086-B0D6-01A88ABA21C3}) (Version: 2.4.2.02200 - Sony Corporation)
VAIO Gate Default (HKLM-x32\...\{B7546697-2A80-4256-A24B-1C33163F535B}) (Version: 2.5.0.07080 - Sony Corporation)
VAIO Hero Screensaver - Fall 2011 Screensaver (HKLM-x32\...\VAIO Hero Screensaver - Fall 2011 Screensaver) (Version:  - )
VAIO Improvement (HKLM-x32\...\{3A26D9BD-0F73-432D-B522-2BA18138F7EF}) (Version: 1.1.0.06030 - Sony Corporation)
VAIO Improvement Validation (HKLM\...\{75C95C84-264F-4CC7-8A7E-346444E6C7C1}) (Version: 1.0.4.01190 - Sony Corporation)
VAIO Sample Contents (HKLM-x32\...\{547C9EB4-4CA6-402F-9D1B-8BD30DC71E44}) (Version: 1.4.2.09010 - Sony Corporation)
VAIO Smart Network (HKLM-x32\...\{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}) (Version: 3.8.1.08270 - Sony Corporation)
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.0.1.02280 - Sony Corporation)
VAIO-Handbuch (HKLM-x32\...\{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}) (Version: 1.4.0.05310 - Sony Corporation)
VAIO-Support für Übertragungen (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.4.0.14230 - Sony Corporation)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VCCx64 (Version: 1.0.0 - Sony Corporation) Hidden
VCCx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VGClientX64 (Version: 1.0.0 - Sony Corporation) Hidden
VGClientX86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VHD (x32 Version: 1.0.0 - Sony Corporation) Hidden
Video Download Converter version 1.0.0.0 (HKLM-x32\...\VDC_is1) (Version: 1.0.0.0 - ) <==== ATTENTION
Video-Saver (HKLM-x32\...\f22187b0-6c9e-44b9-a107-987fcc360c64) (Version:  - Video-Saver Soft)
VIx64 (Version: 1.0.0 - Sony Corporation) Hidden
VIx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VLC media player 2.0.0 (HKLM-x32\...\VLC media player) (Version: 2.0.0 - VideoLAN)
VPMx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VSNx64 (Version: 1.0.0 - Sony Corporation) Hidden
VSNx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VU5x64 (Version: 1.1.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.1.0 - Sony Corporation ) Hidden
VWSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogaléria (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalleri (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotoğraf Galerisi (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotótár (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Корпорація Майкрософт) Hidden
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-kontroll for eksterne tilkoblinger (HKLM-x32\...\{09B7C7EB-3140-4B5E-842F-9C79A7137139}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-objekt til fjernforbindelser (HKLM-x32\...\{57220148-3B2B-412A-A2E0-82B9DF423696}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz (HKLM-x32\...\{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Meshin etäyhteyksien ActiveX-komponentti (HKLM-x32\...\{4CF6F287-5121-483C-A5A2-07BDE19D8B4E}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Корпорація Майкрософт) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Temel Parçalar (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven asennustyökalu (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven sähköposti (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven valokuvavalikoima (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Wise Care 365 Version 2.92 (HKLM-x32\...\{E864A1C8-EEE1-47D0-A7F8-00CC86D26D5E}_is1) (Version: 3.1.6 - WiseCleaner.com, Inc.)
YouTube Song Downloader (HKLM-x32\...\{4281435C-AD1D-4C8A-B9C0-3961C11EF142}_is1) (Version: 8.2 - Abelssoft)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основи Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотоколекція Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3723462230-206843849-3249284018-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Susanne\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3723462230-206843849-3249284018-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Susanne\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3723462230-206843849-3249284018-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Susanne\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3723462230-206843849-3249284018-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Susanne\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3723462230-206843849-3249284018-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Susanne\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points  =========================

15-10-2014 14:34:29 Prüfpunkt von HitmanPro
15-10-2014 17:13:54 Prüfpunkt von HitmanPro
15-10-2014 20:11:29 Prüfpunkt von HitmanPro
16-10-2014 13:14:42 Prüfpunkt von HitmanPro
17-10-2014 01:12:34 Prüfpunkt von HitmanPro
17-10-2014 22:22:21 Prüfpunkt von HitmanPro
18-10-2014 18:48:17 Windows Update
19-10-2014 15:01:37 Prüfpunkt von HitmanPro

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {00100451-4915-4BFC-9A66-860E7EEBBFE6} - System32\Tasks\Sony Corporation\VAIO Personalization Manager\VpmLM Task Music Susanne => C:\Program Files\Sony\VAIO Personalization Manager\VpmLM.exe [2011-02-08] (Sony Corporation)
Task: {018BEE90-BC4B-4039-A8D7-A6AF53599C86} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2011-06-03] (Sony Corporation)
Task: {01D3B376-BD66-496B-9F61-A0BCE3E08FDE} - System32\Tasks\Sony Corporation\VAIO Power Management\VPM Session Change => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2011-05-31] (Sony Corporation)
Task: {03A6420F-BADE-4783-88B5-084E135F40EE} - \Omiga Plus RunAsStdUser No Task File <==== ATTENTION
Task: {04459E68-1D4D-4E22-8E30-FD726DB2609B} - System32\Tasks\RegOrganizerQuickLaunch => C:\Program Files (x86)\Reg Organizer\RegOrganizer.exe [2013-11-29] (ChemTable Software)
Task: {074DE514-7EDE-4B88-AA3D-A4C51DED0449} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-07-25] (Oracle Corporation)
Task: {0C7C9878-B2D6-4638-A33A-FA204577976D} - \Desk 365 RunAsStdUser No Task File <==== ATTENTION
Task: {0E383AD7-ADFA-458D-AF6A-B771E926457F} - System32\Tasks\Wise Care 365 PC Checkup Task => I:\Program Files (x86)\Wise\Wise Care 365\WiseCare365.exe [2014-07-07] (WiseCleaner.com)
Task: {1073D293-EC3E-4C1E-A0D4-ECDDA578B705} - \Driver Booster Update No Task File <==== ATTENTION
Task: {215B20E7-C7D7-4DB7-9B13-E35DE0E66CF0} - System32\Tasks\Sony Corporation\VAIO Smart Network\VSN Logon Start => C:\Program Files\Sony\VAIO Smart Network\VSNClient
Task: {2CB21669-F34B-4AA2-A9C1-09B79AC02097} - System32\Tasks\Sony Corporation\VAIO Improvement Validation\VAIO Improvement Validation => C:\Program Files\Sony\VAIO Improvement Validation\viv.exe [2011-01-20] (Sony Corporation)
Task: {34E17C3B-99BB-463E-82A1-6AF941E1A7BB} - \globalUpdateUpdateTaskMachineCore No Task File <==== ATTENTION
Task: {3A580C90-A7E9-44BD-AB1E-77496A0D3306} - System32\Tasks\Driver Booster SkipUAC (Susanne) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2014-08-06] (IObit)
Task: {4D99A1F7-F2CE-4274-A07C-C7F74C21CFBB} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {500E000B-82F9-4F20-A7E4-9F92216B25CF} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {5201EBE1-486F-4238-836F-3AAAC53567F9} - System32\Tasks\CrystalDiskInfo => I:\Program Files (x86)\CrystalDiskInfo\DiskInfo.exe
Task: {61B9E396-316A-42BC-B440-01355CE6CE16} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-23] (Google Inc.)
Task: {62A441C1-2D0B-417F-96A3-B100AB067F71} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2014-02-28] (Sony Corporation)
Task: {64F717B0-8B4F-4EA2-B949-3C3F9B9DA765} - System32\Tasks\Abelssoft\Updater scan => C:\PROGRAM FILES (X86)\CHIP UPDATER\CHIPUPDATER.EXE [2014-09-19] (CHIP)
Task: {790336FF-148A-4A7B-BE94-9E0FB12557E7} - System32\Tasks\Sony Corporation\VAIO Power Management\VPM Logon Start => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2011-05-31] (Sony Corporation)
Task: {7962B592-B1E5-45CB-B50E-D6104326510C} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-03-21] (Microsoft Corporation)
Task: {7970B1D3-0BBC-4578-8A91-B84BB4BF9283} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21] (Adobe Systems Incorporated)
Task: {7EB3FB41-6CFF-4B06-890D-E6A5D60555FB} - \DigitalSite No Task File <==== ATTENTION
Task: {83256664-CBC8-46FC-B0DD-9F295E13F1AB} - System32\Tasks\Sony Corporation\VAIO Gate\StartExecuteProxy => C:\Program Files\Sony\VAIO Gate\ExecutionProxy.exe [2012-02-20] (Sony Corporation)
Task: {8C1E3425-3F93-4340-B506-C7194F25E500} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe <==== ATTENTION
Task: {9081B203-D24A-4CDD-8008-60703AC8F3A5} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3723462230-206843849-3249284018-1000Core => C:\Users\Susanne\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-08-03] (Facebook Inc.)
Task: {91CCAD29-D235-4B0B-BD8A-B264FE798C2F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-23] (Google Inc.)
Task: {9C9E4051-E38A-45C3-A759-9B8427BF90F7} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2014-03-01] (Sony Corporation)
Task: {A1D60D55-A6B8-401B-BC05-2938E02DF2F2} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => d:\program files\windows defender\MpCmdRun.exe
Task: {A27ED53A-EEA7-4A3B-A551-E83ED75A4E51} - System32\Tasks\Driver Booster Scan => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [2014-08-01] (IObit)
Task: {A2BE4CBE-A878-404E-9059-2222C0E555E3} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Month => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2011-07-07] (Sony Corporation)
Task: {AC472EA5-8AEE-43FC-A4BA-B3251E92492A} - System32\Tasks\Wise Turbo Checker => I:\Program Files (x86)\Wise\Wise Care 365\WiseTurbo.exe [2014-06-23] (WiseCleaner.COM)
Task: {AEE57DB0-EA87-47F6-BFCD-26295E888FEF} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2013-11-20] (Apple Inc.)
Task: {B7D7E8A0-48CC-4250-95AE-224D1260FDB4} - \Scheduled Update for Ask Toolbar No Task File <==== ATTENTION
Task: {C31F665D-01D7-4D23-AC3A-8F67758577C9} - \RegClean Pro No Task File <==== ATTENTION
Task: {C32719A0-8205-4911-9BD2-CD93052D7A94} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Daily => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2011-07-07] (Sony Corporation)
Task: {CD885DEB-8331-4278-885E-4BED39A27009} - \ASP No Task File <==== ATTENTION
Task: {CDD4EE34-722B-4F3C-8C7F-F71B7EF11E6C} - System32\Tasks\Sony Corporation\Sony Home Network Library\SOHLib TaskTray => C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe [2011-02-23] (Sony Corporation)
Task: {CE89EE4D-4EA1-4468-A75B-858E89B10847} - System32\Tasks\AnVir Task Manager => I:\Program Files (x86)\AnVir Task Manager\anvir.exe [2013-12-04] (AnVir Software)
Task: {D2E2F10D-72DB-48BC-9FA4-4E48DD157597} - System32\Tasks\GlaryInitialize 4 => I:\Program Files (x86)\Glary Utilities 4\Initialize.exe [2013-12-04] (Glarysoft Ltd)
Task: {D5F7FBFD-E89C-4C48-BD7F-D028A5DFCF3A} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2012-02-20] (Sony Corporation)
Task: {D7D8B0DE-B04F-44EB-A171-01DA1D0B550E} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate Restart => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2012-02-20] (Sony Corporation)
Task: {DD92AE22-439A-4DEF-91BC-838C490A8E8C} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3723462230-206843849-3249284018-1000UA => C:\Users\Susanne\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-08-03] (Facebook Inc.)
Task: {E236B00C-ED2E-4540-B4E7-B6950D49E454} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2013-12-17] (Microsoft Corporation)
Task: {E25DBD18-ECFF-48B6-9628-FAA7F7ED8A37} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-04-17] (Piriform Ltd)
Task: {E572F690-0476-4B3E-89C0-BE31073F3E31} - System32\Tasks\ASC6_PerformanceMonitor => I:\Program Files (x86)\IObit\Advanced SystemCare 6\Monitor.exe [2012-10-29] (IObit)
Task: {E80040EC-D915-440F-BE5C-B439B191DB78} - \DealPly No Task File <==== ATTENTION
Task: {E8F3E8FD-A780-445C-87BF-5BB6BBED18FF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-10-15] (Adobe Systems Incorporated)
Task: {F8994A0D-C89C-498A-A4F3-30A44F2FDD3D} - \DSite No Task File <==== ATTENTION
Task: {F9CECD6E-4801-4C6A-90D1-0DF208073524} - \globalUpdateUpdateTaskMachineUA No Task File <==== ATTENTION
Task: {FB744C94-B3BB-497F-9AB1-9D7B0C9C56BA} - System32\Tasks\Sony Corporation\VAIO Power Management\VPM Unlock => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2011-05-31] (Sony Corporation)
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3723462230-206843849-3249284018-1000Core.job => C:\Users\Susanne\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3723462230-206843849-3249284018-1000UA.job => C:\Users\Susanne\AppData\Local\Facebook\Update\FacebookUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-09-08 15:26 - 2014-08-29 05:55 - 00707184 _____ () C:\PROGRAM FILES (X86)\360\TOTAL SECURITY\SAFEMON\QHACTIVEDEFENSE.EXE
2014-03-21 07:22 - 2013-10-31 18:13 - 00102568 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-09-14 15:09 - 2014-01-02 19:41 - 00621736 _____ () C:\Program Files\Microsoft Office 15\ClientX64\StreamServer.dll
2014-04-13 02:40 - 2014-04-13 02:40 - 00073728 _____ () C:\Program Files\Spamihilator\zlib1.dll
2014-04-13 02:40 - 2014-04-13 02:40 - 00380928 _____ () C:\PROGRAM FILES\SPAMIHILATOR\sqlite3.dll
2014-09-08 15:26 - 2014-08-29 05:55 - 00707184 _____ () C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-02-28 01:28 - 2011-07-07 16:44 - 00013824 _____ () C:\Program Files (x86)\Sony\VAIO Control Center\VESBasePS.dll
2012-12-24 02:36 - 2012-10-30 16:37 - 00348032 _____ () I:\Program Files (x86)\IObit\Advanced SystemCare 6\madExcept_.bpl
2012-12-24 02:36 - 2012-10-30 16:37 - 00182656 _____ () I:\Program Files (x86)\IObit\Advanced SystemCare 6\madBasic_.bpl
2012-12-24 02:36 - 2012-10-30 16:37 - 00050048 _____ () I:\Program Files (x86)\IObit\Advanced SystemCare 6\madDisAsm_.bpl
2010-01-30 19:49 - 2011-10-24 19:00 - 00067728 _____ () C:\Program Files (x86)\Stardock\CursorFX\zlib1.dll
2014-10-08 15:35 - 2014-07-14 16:49 - 00049744 ____N () C:\Users\Susanne\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
2014-10-15 16:48 - 2014-10-15 16:48 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\c152a64e30c5b94894d75ac86aa7aad2\IsdiInterop.ni.dll
2012-02-28 01:16 - 2011-04-30 01:28 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2013-03-14 21:42 - 2013-03-14 21:42 - 00033128 _____ () C:\Program Files (x86)\IncrediMail\Bin\IMHttpComm.dll
2013-03-14 21:42 - 2013-03-14 21:42 - 00072104 _____ () C:\Program Files (x86)\IncrediMail\Bin\wlessfp1.dll
2013-03-14 21:42 - 2013-03-14 21:42 - 00268712 _____ () C:\Program Files (x86)\IncrediMail\Bin\ImLookExU.dll
2013-01-23 17:17 - 2013-01-23 17:17 - 00108888 _____ () C:\Program Files (x86)\IncrediMail\Bin\pmc.dll
2013-09-09 21:33 - 2012-03-29 15:21 - 01152365 _____ () C:\Users\Susanne\AppData\Roaming\LavFilters\avformat-lav-54.dll
2013-09-09 21:33 - 2012-03-29 15:21 - 06582226 _____ () C:\Users\Susanne\AppData\Roaming\LavFilters\avcodec-lav-54.dll
2013-09-09 21:33 - 2012-03-29 15:21 - 00207872 _____ () C:\Users\Susanne\AppData\Roaming\LavFilters\avutil-lav-51.dll
2013-09-09 21:33 - 2012-03-29 15:21 - 00172032 _____ () C:\Users\Susanne\AppData\Roaming\LavFilters\libbluray.dll
2013-02-26 15:48 - 2004-05-26 00:06 - 00417792 _____ () I:\Program Files (x86)\Total Video Converter\ac3filter.cpl
2013-03-14 21:42 - 2013-03-14 21:42 - 00133544 _____ () C:\Program Files (x86)\IncrediMail\Bin\ImComUtlU.dll
2013-03-14 21:42 - 2013-03-14 21:42 - 00080296 _____ () C:\Program Files (x86)\IncrediMail\bin\ImAppRU.dll
2010-11-11 12:55 - 2013-03-14 21:42 - 01034096 _____ () C:\Program Files (x86)\IncrediMail\bin\AE\ActionEngine.dll
2014-10-15 16:59 - 2014-10-15 16:59 - 03649648 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-08-19 00:00 - 2014-08-19 00:00 - 01020928 _____ () C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\extensions\support@lastpass.com\platform\WINNT_x86-msvc\components\lpxpcom.dll
2014-10-15 00:47 - 2014-10-15 00:47 - 16832176 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:373E1720

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Install LastPass FF RunOnce.lnk => C:\Windows\pss\Install LastPass FF RunOnce.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Susanne^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Facebook Messenger.lnk => C:\Windows\pss\Facebook Messenger.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => 
MSCONFIG\startupreg: ApplePhotoStreams => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
MSCONFIG\startupreg: CursorMania Search Scope Monitor => "C:\PROGRA~2\CURSOR~2\bar\1.bin\7lsrchmn.exe" /m=2 /w /h
MSCONFIG\startupreg: DivXMediaServer => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
MSCONFIG\startupreg: Facebook Update => "C:\Users\Susanne\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: iCloudServices => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: PMBVolumeWatcher => c:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s

========================= Accounts: ==========================

Administrator (S-1-5-21-3723462230-206843849-3249284018-500 - Administrator - Disabled)
Gast (S-1-5-21-3723462230-206843849-3249284018-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3723462230-206843849-3249284018-1002 - Limited - Enabled)
Susanne (S-1-5-21-3723462230-206843849-3249284018-1000 - Administrator - Enabled) => C:\Users\Susanne

==================== Faulty Device Manager Devices =============

Name: Microsoft-ISATAP-Adapter
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Microsoft-ISATAP-Adapter #2
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (10/19/2014 07:59:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 33.0.0.5397, Zeitstempel: 0x543924b1
Name des fehlerhaften Moduls: mozalloc.dll, Version: 33.0.0.5397, Zeitstempel: 0x5438ffbb
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001425
ID des fehlerhaften Prozesses: 0x3784
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3

Error: (10/19/2014 05:51:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4259

Error: (10/19/2014 05:51:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4259

Error: (10/19/2014 05:51:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/19/2014 05:51:04 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3198

Error: (10/19/2014 05:51:04 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3198

Error: (10/19/2014 05:51:04 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/19/2014 05:51:03 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2184

Error: (10/19/2014 05:51:03 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2184

Error: (10/19/2014 05:51:03 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (10/19/2014 09:21:25 PM) (Source: cdrom) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\CdRom0 gefunden.

Error: (10/19/2014 09:21:25 PM) (Source: cdrom) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\CdRom0 gefunden.

Error: (10/19/2014 09:21:25 PM) (Source: cdrom) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\CdRom0 gefunden.

Error: (10/19/2014 09:21:25 PM) (Source: cdrom) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\CdRom0 gefunden.

Error: (10/19/2014 09:21:25 PM) (Source: cdrom) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\CdRom0 gefunden.

Error: (10/19/2014 09:21:25 PM) (Source: cdrom) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\CdRom0 gefunden.

Error: (10/19/2014 09:21:25 PM) (Source: cdrom) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\CdRom0 gefunden.

Error: (10/19/2014 09:21:25 PM) (Source: cdrom) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\CdRom0 gefunden.

Error: (10/19/2014 09:21:25 PM) (Source: cdrom) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\CdRom0 gefunden.

Error: (10/19/2014 09:21:25 PM) (Source: cdrom) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\CdRom0 gefunden.


Microsoft Office Sessions:
=========================
Error: (10/19/2014 07:59:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe33.0.0.5397543924b1mozalloc.dll33.0.0.53975438ffbb8000000300001425378401cfebc35f54bc90C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dlla50848ae-57b9-11e4-b602-f0bf97e53575

Error: (10/19/2014 05:51:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4259

Error: (10/19/2014 05:51:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4259

Error: (10/19/2014 05:51:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/19/2014 05:51:04 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3198

Error: (10/19/2014 05:51:04 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3198

Error: (10/19/2014 05:51:04 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/19/2014 05:51:03 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2184

Error: (10/19/2014 05:51:03 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2184

Error: (10/19/2014 05:51:03 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


CodeIntegrity Errors:
===================================
  Date: 2014-06-10 04:29:49.638
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\nhcDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-06-10 04:29:49.519
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\nhcDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-06-10 04:29:49.283
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\nhcDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-06-10 04:29:49.156
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\nhcDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-06-10 04:29:48.923
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\nhcDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-06-10 04:29:48.800
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\nhcDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-06-10 04:29:48.555
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\nhcDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-06-10 04:29:48.446
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\nhcDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-06-10 04:29:48.235
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\nhcDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-06-10 04:29:48.132
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\nhcDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-2430M CPU @ 2.40GHz
Percentage of memory in use: 54%
Total physical RAM: 8103.14 MB
Available physical RAM: 3702.73 MB
Total Pagefile: 16204.45 MB
Available Pagefile: 10637.55 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:251.97 GB) (Free:126.65 GB) NTFS
Drive i: (Volume) (Fixed) (Total:195.31 GB) (Free:92.75 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: E6B480BB)
Partition 1: (Not Active) - (Size=18.4 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=252 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=195.3 GB) - (Type=OF Extended)

==================== End Of Log ============================
         
--- --- ---

Alt 20.10.2014, 17:46   #5
schrauber
/// the machine
/// TB-Ausbilder
 

Pepper zip - Standard

Pepper zip



Lade Dir bitte von hier Revo Uninstaller Download Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
  • Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
  • Klicke auf Optionen und wähle als Sprache Deutsch.
  • Suche im Uninstallerfeld nach den Programmen:

    CursorMania Toolbar

    PepperZip 1.0

    Video Download Converter version 1.0.0.0 (HKLM-x32\...\VDC_is1) (Version: 1.0.0.0 - ) <==== ATTENTION


  • Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
  • Wähle anschließend den Modus "Moderat" aus.
  • Reste löschen:
    Klicke auf dann auf und dann auf .

 





Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.


__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 20.10.2014, 21:58   #6
Merline
 
Pepper zip - Standard

Pepper zip



CursorMania Toolbar kann ich leider in dem Uninstallerfeld nicht ausfindig machen..........

ich kann in dem Uninstallerfeld alle 3 angegebenen Programme nicht finden........

Alt 21.10.2014, 18:23   #7
schrauber
/// the machine
/// TB-Ausbilder
 

Pepper zip - Standard

Pepper zip



Kannst Du sie in der Systemsteuerung in WIndows unter den installierten Programmen finden? Wenn ja dort deinstallieren. Auf jeden Fall dann so weiter machen:


Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 22.10.2014, 00:04   #8
Merline
 
Pepper zip - Standard

Pepper zip



In der Systemsteuerung sind die drei genannten Programme nicht enthalten. Dort kann ich sie nicht deinstallieren. Ich mache jetzt mal die anderen Anleitungen. Danke erstmal.

Malwarebytes Anti-Malware
Malwarebytes | Free Anti-Malware & Internet Security Software

Suchlauf Datum: 21.10.2014
Suchlauf-Zeit: 22:42:01
Logdatei: mbam.txt
Administrator: Ja

Version: 2.00.3.1025
Malware Datenbank: v2014.10.21.10
Rootkit Datenbank: v2014.10.20.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Susanne

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 351693
Verstrichene Zeit: 57 Min, 54 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente erkannt)

Module: 0
(Keine schädliche Elemente erkannt)

Registrierungsschlüssel: 4
PUP.Optional.OutBrowse, HKLM\SOFTWARE\CLASSES\TYPELIB\{DCABB943-792E-44C4-9029-ECBEE6265AF9}, In Quarantäne, [3529ad6a6319d46206eed8ceaf5326da],
PUP.Optional.OutBrowse, HKLM\SOFTWARE\CLASSES\INTERFACE\{3408AC0D-510E-4808-8F7B-6B70B1F88534}, In Quarantäne, [3529ad6a6319d46206eed8ceaf5326da],
PUP.Optional.OutBrowse, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{3408AC0D-510E-4808-8F7B-6B70B1F88534}, In Quarantäne, [3529ad6a6319d46206eed8ceaf5326da],
PUP.Optional.OutBrowse, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{DCABB943-792E-44C4-9029-ECBEE6265AF9}, In Quarantäne, [3529ad6a6319d46206eed8ceaf5326da],

Registrierungswerte: 0
(Keine schädliche Elemente erkannt)

Registrierungsdaten: 0
(Keine schädliche Elemente erkannt)

Ordner: 0
(Keine schädliche Elemente erkannt)

Dateien: 0
(Keine schädliche Elemente erkannt)

Physische Sektoren: 0
(Keine schädliche Elemente erkannt)


(end)

AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v4.001 - Bericht erstellt am 22/10/2014 um 00:19:05
# DB v2014-10-21.1
# Aktualisiert 20/10/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Susanne - SUSANNE-VAIO
# Gestartet von : C:\Users\Susanne\Downloads\AdwCleaner_4.001.exe
# Option : Löschen

***** [ Dienste ] *****

[#] Dienst Gelöscht : iSafeKrnlBoot
[#] Dienst Gelöscht : Orbiter

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Program Files\003
Ordner Gelöscht : C:\Users\Susanne\AppData\Local\Temp\FoxTab
Ordner Gelöscht : C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\FoxTab
Ordner Gelöscht : C:\Program Files (x86)\PepperZip
Ordner Gelöscht : C:\Users\Public\Documents\Stronghold AntiMalware
Ordner Gelöscht : C:\Program Files\Enigma Software Group
Ordner Gelöscht : C:\Program Files (x86)\Elex-tech
Ordner Gelöscht : C:\Users\Susanne\AppData\Roaming\Elex-tech
Ordner Gelöscht : C:\sh4ldr
Ordner Gelöscht : C:\Users\Susanne\AppData\Local\FastPlayer
Ordner Gelöscht : C:\Program Files (x86)\ORBTR
Ordner Gelöscht : C:\Program Files (x86)\SaferSurf
Ordner Gelöscht : C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\{ef62e1ce-d2a4-4cdd-b7ec-92b120366b66}
Datei Gelöscht : C:\Windows\System32\drivers\iSafeKrnlBoot.sys
Datei Gelöscht : C:\Windows\System32\log\iSafeKrnlCall.log
Datei Gelöscht : C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\foxydeal.sqlite

***** [ Tasks ] *****

Task Gelöscht : ASP
Task Gelöscht : Dealply
Task Gelöscht : Desk 365 RunAsStdUser
Task Gelöscht : DigitalSite
Task Gelöscht : Driver Booster Scan
Task Gelöscht : Driver Booster Update
Task Gelöscht : DSite
Task Gelöscht : globalUpdateUpdateTaskMachineCore
Task Gelöscht : globalUpdateUpdateTaskMachineUA
Task Gelöscht : LaunchSignup
Task Gelöscht : Omiga Plus RunAsStdUser

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Wert Gelöscht : HKCU\Software\Mozilla\Firefox\Extensions [{8d849c0c-77a8-47ae-a584-4541b355900a}]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{990AF1C2-5A27-4460-8149-ECC6BC122AF3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{06E58E5E-F8CB-4049-991E-A41C03BD419E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{100EB1FD-D03E-47FD-81F3-EE91287F9465}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{258C9770-1713-4021-8D7E-1F184A2BD754}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{31CF9EBE-5755-4A1D-AC25-2834D952D9B4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{43D9E6F0-1776-4897-AE14-ECEDECBAFEC0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{5A074B29-F830-49DE-A31B-5BB9D7F6B407}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{5AA2BA46-9913-4DC7-9620-69AB0FA17AE7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{77FEF28E-EB96-44FF-B511-3185DEA48697}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{B580CF65-E151-49C3-B73F-70B13FCA8E86}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{BDEA95CF-F0E6-41E0-BD3D-B00F39A4E939}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{C451C08A-EC37-45DF-AAAD-18B51AB5E837}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{DCC70A83-E184-40A3-906B-779AF5E941C4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9CB96984-43C3-4D44-90EF-01466EFCF7BB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9CB96984-43C3-4D44-90EF-01466EFCF7BB}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{06E58E5E-F8CB-4049-991E-A41C03BD419E}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{100EB1FD-D03E-47FD-81F3-EE91287F9465}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{258C9770-1713-4021-8D7E-1F184A2BD754}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{31CF9EBE-5755-4A1D-AC25-2834D952D9B4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{43D9E6F0-1776-4897-AE14-ECEDECBAFEC0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{5A074B29-F830-49DE-A31B-5BB9D7F6B407}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{5AA2BA46-9913-4DC7-9620-69AB0FA17AE7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{77FEF28E-EB96-44FF-B511-3185DEA48697}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{B580CF65-E151-49C3-B73F-70B13FCA8E86}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{BDEA95CF-F0E6-41E0-BD3D-B00F39A4E939}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{C451C08A-EC37-45DF-AAAD-18B51AB5E837}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{DCC70A83-E184-40A3-906B-779AF5E941C4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Schlüssel Gelöscht : HKCU\Software\GlobalUpdate
Schlüssel Gelöscht : HKCU\Software\MyBestOffersToday
Schlüssel Gelöscht : HKCU\Software\PepperZip
Schlüssel Gelöscht : HKLM\SOFTWARE\GlobalUpdate
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PepperZip
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\f22187b0-6c9e-44b9-a107-987fcc360c64
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F7652513C62FF63448CFF05163719DB7
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\90C64EA18BA25EE488BF80DCF07F2FFD
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17344


-\\ Mozilla Firefox v33.0 (x86 de)


-\\ Google Chrome v


*************************

AdwCleaner[R0].txt - [35313 octets] - [21/12/2013 20:14:02]
AdwCleaner[R1].txt - [7581 octets] - [03/06/2014 15:46:26]
AdwCleaner[R2].txt - [12175 octets] - [22/10/2014 00:13:42]
AdwCleaner[S0].txt - [33075 octets] - [21/12/2013 20:44:30]
AdwCleaner[S1].txt - [7202 octets] - [03/06/2014 15:48:01]
AdwCleaner[S2].txt - [11694 octets] - [22/10/2014 00:19:05]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [11755 octets] ##########
         
--- --- ---JRT Logfile:
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.3 (10.21.2014:1)
OS: Windows 7 Home Premium x64
Ran by Susanne on 22.10.2014 at  0:32:23,00
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ FireFox

Successfully deleted the following from C:\Users\Susanne\AppData\Roaming\mozilla\firefox\profiles\njo8w0dk.default\prefs.js

user_pref("extensions.ascsurfingprotection@iobit.com.install-event-fired", true);
user_pref("extensions.bootstrappedAddons", "{\"ikuteteam@gmail.com\":{\"version\":\"4.0.6.1\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Users\\\\Susanne\\\\AppData\\\\Roam
user_pref("extensions.toolbar.mindspark._65Members_.BUTTON_STRUCTURE", "[{\"b\":221359615,\"c\":\"mindspark.magnify\",\"p\":\"L.0\"},{\"b\":221359616,\"c\":\"mindspark.enterse
user_pref("social.manifest.facebook", "{\"origin\":\"hxxps://www.facebook.com\",\"name\":\"Facebook Share\",\"shareURL\":\"hxxps://www.facebook.com/sharer/sharer.php?u=%{url}\
Emptied folder: C:\Users\Susanne\AppData\Roaming\mozilla\firefox\profiles\njo8w0dk.default\minidumps [2 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 22.10.2014 at  0:34:50,91
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
--- --- ---



FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-10-2014
Ran by Susanne (administrator) on SUSANNE-VAIO on 22-10-2014 01:01:34
Running from C:\Users\Susanne\DOWNLOADS
Loaded Profile: Susanne (Available profiles: Susanne)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IObit) I:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
(AMD) C:\Windows\System32\atieclxx.exe
() C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(IObit) I:\Program Files (x86)\IObit\Advanced SystemCare 6\Monitor.exe
(mst software GmbH, Germany) C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 10\DfSdkS64.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Crawler.com) C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
(Sony Corporation) C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Sony Corporation) C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Crawler.com) C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(IObit) I:\Program Files (x86)\IObit\Advanced SystemCare 6\ASC.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Crawler.com) C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
(Stardock Corporation) C:\Program Files (x86)\Stardock\CursorFX\CursorFX.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
() C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Michel Krämer) C:\Program Files\Spamihilator\spamihilator.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Sony Corporation) C:\Program Files\Sony\VCM Manager Settings\VcmMgrNotification64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
(IncrediMail, Ltd.) C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(IncrediMail, Ltd.) C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(IObit) I:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_189.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_189.exe
() I:\Program Files (x86)\IObit\Advanced SystemCare 6\DiskScan.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1158248 2012-03-09] (Realtek Semiconductor)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM\...\Run: [SpywareTerminatorShield] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe [2774936 2014-05-13] (Crawler.com)
HKLM\...\Run: [SpywareTerminatorUpdater] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe [3681688 2014-05-13] (Crawler.com)
HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [500736 2011-05-02] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [703736 2014-10-15] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-07-08] (Apple Inc.)
HKLM-x32\...\Run: [QHSafeTray] => C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe [1791600 2014-08-29] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3723462230-206843849-3249284018-1000\...\Run: [CursorFX] => C:\Program Files (x86)\Stardock\CursorFX\CursorFX.exe [432784 2012-05-10] (Stardock Corporation)
HKU\S-1-5-21-3723462230-206843849-3249284018-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-3723462230-206843849-3249284018-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass IE RunOnce.lnk
ShortcutTarget: Install LastPass IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass)
Startup: C:\Users\Susanne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Spamihilator.lnk
ShortcutTarget: Spamihilator.lnk -> C:\Program Files\Spamihilator\spamihilator.exe (Michel Krämer)
BootExecute: autocheck autochk *  BootDefrag.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://de.yhs4.search.yahoo.com/yhs/search?type=prc265&hspart=avast&hsimp=yhs-001&p={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://sony.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://de.yahoo.com?fr=hp-avast&type=prc265
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Google
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = Google
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKLM-x32 - {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {17ADD2FE-1208-4BBD-913F-0C8732DCBD44} URL = hxxp://services.zinio.com/search?s={searchTerms}&rf=sonyslices
SearchScopes: HKCU - {E4BD2B01-14CD-45F9-B958-3FFAB7DB3D0E} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-27/4?mpre=hxxp://shop.ebay.de/?oemInLn=ieSrch-Q311&_nkw={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: No Name -> {9030D464-4C02-4ABF-8ECC-5164760863C6} ->  No File
BHO: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
Toolbar: HKCU - No Name - {5786D022-540E-4699-B350-B4BE0AE94B79} -  No File
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{05A7A838-BBFC-4DA9-9F78-5FC886D82879}: [NameServer] 5.135.12.56,199.203.35.78

FireFox:
========
FF ProfilePath: C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default
FF NewTab: Google
FF DefaultSearchUrl: Yahoo Suche ? Websuche & Suchmaschine
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: Google
FF NetworkProxy: "backup.ftp", "178.219.12.210"
FF NetworkProxy: "backup.ftp_port", 6666
FF NetworkProxy: "backup.socks", "178.219.12.210"
FF NetworkProxy: "backup.socks_port", 6666
FF NetworkProxy: "backup.ssl", "178.219.12.210"
FF NetworkProxy: "backup.ssl_port", 6666
FF NetworkProxy: "ftp", "www-proxy.t-online.de"
FF NetworkProxy: "ftp_port", 80
FF NetworkProxy: "http", "www-proxy.t-online.de"
FF NetworkProxy: "http_port", 80
FF NetworkProxy: "no_proxies_on", "localhost, 127.0.0.1, stealthy.co"
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "www-proxy.t-online.de"
FF NetworkProxy: "socks_port", 80
FF NetworkProxy: "ssl", "www-proxy.t-online.de"
FF NetworkProxy: "ssl_port", 80
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_189.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @playstation.com/PsndlCheck,version=1.00 -> C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll (Sony Computer Entertainment Inc.)
FF Plugin-x32: @popularscreensavers.com/Plugin -> C:\Program Files (x86)\PopularScreensavers\NPp5Stub.dll No File
FF Plugin-x32: @SonyCreativeSoftware.com/Media Go,version=1.0 -> C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: facebook.com/fbDesktopPlugin -> C:\Users\Susanne\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF SearchPlugin: C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\searchplugins\speedfox.xml
FF SearchPlugin: C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\searchplugins\yahoo-avast.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Advanced SystemCare Surfing Protection - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\ascsurfingprotection@iobit.com [2013-09-24]
FF Extension: DoNotTrackMe: Online Privacy Protection - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\donottrackplus@abine.com [2014-07-12]
FF Extension: SpeedFox - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\jid1-uabu5A9hduqzCw@jetpack [2013-08-18]
FF Extension: LastPass - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\support@lastpass.com [2014-08-19]
FF Extension: BrowserAdditions - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\toolbarbutton@browseradditions.com [2013-08-18]
FF Extension: ColorfulTabs - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe} [2014-09-29]
FF Extension: TV-Fox - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\{2f17f610-5e97-4fed-828f-9940b7b577a4} [2013-12-21]
FF Extension: AddThis - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\{3e0e7d2a-070f-4a47-b019-91fe5385ba79} [2013-05-31]
FF Extension: Biobar - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\{3e559c3c-4aad-4168-bd47-e1056298df8e} [2014-01-14]
FF Extension: ReminderFox - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae} [2014-04-19]
FF Extension: DownloadHelper - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-09-08]
FF Extension: Evernote Web Clipper - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\{E0B8C461-F8FB-49b4-8373-FE32E9252800} [2013-12-18]
FF Extension: Amazon Price Tracker - Keepa.com - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\amptra@keepa.com.xpi [2013-08-29]
FF Extension: everygain Translator - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\ck@everygain.com.xpi [2013-04-18]
FF Extension: anonymoX - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\client@anonymox.net.xpi [2013-04-30]
FF Extension: Facebook Chat History Manager - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\fbchathistory@firechm.com.xpi [2013-08-03]
FF Extension: Shareaholic - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\firefox-extension@shareaholic.com.xpi [2013-04-19]
FF Extension: hidefbticker - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\hidefbticker@shebo.com.xpi [2013-07-02]
FF Extension: i2Symbol (Emoticons, Smileys, Symbols) - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\i2symbol@sciweavers.org.xpi [2013-04-19]
FF Extension: ProxTube - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\ich@maltegoetz.de.xpi [2014-09-11]
FF Extension: iFamebook  - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\ifamebook@stormvision.it.xpi [2013-08-03]
FF Extension: iKute Emoticons for Facebook Chat - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\ikuteteam@gmail.com.xpi [2013-07-02]
FF Extension: Telekom YouTube Turbo - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\info@maltegoetz.de.xpi [2013-04-19]
FF Extension: HMA! IP Checker - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\ipinfo@hidemyass.com.xpi [2013-04-19]
FF Extension: Big Emo For Facebook - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\jid0-3w5IeNyk2A0kYZWgtBwRAxwtyTo@jetpack.xpi [2013-07-02]
FF Extension: Invite All (for Facebook) - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\jid0-zs24wecdcQo0Lp18D7QOV4WSZFo@jetpack.xpi [2013-08-03]
FF Extension: RSS Icon - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\kitsuneymg@gmail.com.xpi [2013-04-19]
FF Extension: NASA Night Launch - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\nasanightlaunch@example.com.xpi [2013-10-07]
FF Extension: Noia 4 Theme Manager - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\Noia4Options@ArisT2.xpi [2013-07-03]
FF Extension: Personas Plus - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\personas@christopher.beard.xpi [2013-04-19]
FF Extension: Silvermel - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\silvermel@pardal.de.xpi [2013-05-27]
FF Extension: Silvermel and Charamel XT - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\silvermelxt@pardal.de.xpi [2013-05-27]
FF Extension: Smiley Xtra - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\smxtra5@smileyxtra.co.uk.xpi [2013-04-18]
FF Extension: Stealthy - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\stealthyextension@gmail.com.xpi [2013-08-09]
FF Extension: Location Bar Enhancer - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\UIEnhancer@girishsharma.xpi [2013-04-19]
FF Extension: YouTube to MP3 - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\youtube2mp3@mondayx.de.xpi [2013-04-19]
FF Extension: All-in-One Sidebar - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\{097d3191-e6fa-4728-9826-b533d755359d}.xpi [2013-04-19]
FF Extension: Stylish Sync - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\{0e3fc079-afbb-4a00-87e5-9486062d0f9c}.xpi [2013-04-26]
FF Extension: Flagfox - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi [2014-03-08]
FF Extension: Session Manager - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi [2013-04-15]
FF Extension: FlashGot - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi [2013-04-19]
FF Extension: ShareThis - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\{1b8cc170-8c85-11db-b606-0800200c9a66}.xpi [2013-04-19]
FF Extension: Facebook Messenger - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\{249b4e45-4fb9-4f6b-9754-7c0c1e605d44}.xpi [2014-08-02]
FF Extension: AniWeather - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\{4176DFF4-4698-11DE-BEEB-45DA55D89593}.xpi [2013-04-19]
FF Extension: Stylish - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi [2013-04-15]
FF Extension: Quick Translator - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\{5C655500-E712-41e7-9349-CE462F844B19}.xpi [2013-04-18]
FF Extension: Charamel - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\{961408A3-C970-4577-970A-D97C29839A67}.xpi [2013-05-27]
FF Extension: Soundcloud SUPER +2: Downloader and Recommender - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\{988da70d-b78d-44a1-a9c7-ed11832a9e2e}.xpi [2013-04-19]
FF Extension: ImTranslator - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi [2013-04-15]
FF Extension: autolikefacebookstatusesplus - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\{a5de1696-512e-43ca-8d9f-4904fc91a3ac}.xpi [2013-07-02]
FF Extension: StumbleUpon - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696}.xpi [2013-04-18]
FF Extension: SoundCloud Downloader - Technowise - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\{c8d3bc80-0810-4d21-a2c2-be5f2b2832ac}.xpi [2013-04-19]
FF Extension: FoxTab - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}.xpi [2013-08-09]
FF Extension: Download Manager Tweak - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\{F8A55C97-3DB6-4961-A81D-0DE0080E53CB}.xpi [2013-04-18]
FF Extension: Noia 4 - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\{faf13420-5e24-11e0-80e3-0800200c9a66}.xpi [2013-07-03]
FF HKLM-x32\...\Firefox\Extensions: [WebProtection@360safe.com] - C:\Program Files (x86)\360\Total Security\safemon\webprotection_firefox
FF Extension: 360网页保护 - C:\Program Files (x86)\360\Total Security\safemon\webprotection_firefox [2014-09-08]
FF Extension: No Name - WebProtection@360safe.com [Not Found]

Chrome: 
=======
CHR Profile: C:\Users\Susanne\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (No Name) - C:\Users\Susanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\2.0.0.0_0 [2013-01-22]
CHR HKLM-x32\...\Chrome\Extension: [nfengeggddojhakldhlpjdlddgkkjkdd] - I:\Program Files (x86)\IObit\Advanced SystemCare 6\BrowerProtect\ASC_GhromePluginFor6.crx [2012-12-24]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AdvancedSystemCareService6; I:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [464256 2012-10-31] (IObit)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-10-15] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-10-15] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [994552 2014-10-15] (Avira Operations GmbH & Co. KG)
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [138400 2011-07-05] (Atheros) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [98976 2011-07-05] (Atheros Commnucations) [File not signed]
S3 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [141392 2014-07-14] (Avira Operations GmbH & Co. KG)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2169016 2014-03-01] (Microsoft Corporation)
S3 DCDhcpService; C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe [104096 2011-07-19] (Atheros Communication Inc.) [File not signed]
R2 DfSdkS; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 10\DfsdkS64.exe [544768 2009-08-24] (mst software GmbH, Germany) [File not signed]
R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [127752 2014-10-14] (SurfRight B.V.)
S3 MatSvc; C:\Program Files\Microsoft Fix it Center\Matsvc.exe [343856 2011-06-13] (Microsoft Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
R2 QHActiveDefense; C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe [707184 2014-08-29] ()
R2 ST2012_Svc; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [1146304 2014-05-13] (Crawler.com)
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [105024 2011-02-23] (ArcSoft, Inc.)
R2 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [960160 2011-12-29] (Sony Corporation)
R3 VUAgent; C:\PROGRAM FILES\SONY\VAIO UPDATE\VUAGENT.EXE [1642544 2014-02-28] (Sony Corporation)
S3 WiseBootAssistant; I:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe [580232 2013-12-09] (WiseCleaner.com)
S2 楗敳潂瑯獁楳瑳湡tI"; 㩉停潲牧浡䘠汩獥⠠㡸⤶坜獩履楗敳䌠牡⁥㘳尵潂瑯楔敭攮數 [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 360AntiHacker; C:\Windows\System32\Drivers\360AntiHacker64.sys [100424 2014-08-29] (360.cn)
R3 360AvFlt; C:\Windows\System32\DRIVERS\360AvFlt.sys [77896 2014-08-29] (360.cn)
R1 360Box64; C:\Windows\System32\DRIVERS\360Box64.sys [305736 2014-08-29] (360.cn)
R1 360Camera; C:\Windows\System32\Drivers\360Camera64.sys [40520 2014-08-29] (360.cn)
R1 360FsFlt; C:\Windows\System32\DRIVERS\360FsFlt.sys [311888 2014-08-29] (Qihu 360 Software Co., Ltd.)
R3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [31968 2012-10-08] (Wondershare)
R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-15] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-10-15] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-01] (Avira Operations GmbH & Co. KG)
R1 BAPIDRV; C:\Windows\System32\DRIVERS\BAPIDRV64.sys [180816 2014-08-29] (Qihu 360 Software Co., Ltd.)
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [128200 2014-03-13] (Qualcomm Atheros Co., Ltd.)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-10-21] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [100312 2014-05-16] (Intel Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
R2 risdsnpe; C:\Windows\System32\DRIVERS\risdsnxc64.sys [98816 2011-06-24] (REDC)
S3 RRNetCap; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2012-01-03] (RapidSolution Software AG)
R3 RRNetCapMP; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2012-01-03] (RapidSolution Software AG)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [33008 2014-04-10] (Synaptics Incorporated)
R2 sp_rsdrv2; C:\Windows\System32\DRIVERS\stflt.sys [51496 2014-10-01] (Windows (R) Win 7 DDK provider)
S3 WiseHDInfo; I:\Program Files (x86)\Wise\Wise Care 365\WiseHDInfo64.dll [11304 2014-06-04] (wisecleaner.com)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-22 01:01 - 2014-10-22 01:01 - 19152896 _____ () C:\Windows\system32\config\SYSTEM.iobit
2014-10-22 01:01 - 2014-10-22 01:01 - 103727104 _____ () C:\Windows\system32\config\SOFTWARE.iobit
2014-10-22 01:01 - 2014-10-22 01:01 - 01064960 _____ () C:\Windows\system32\config\DEFAULT.iobit
2014-10-22 01:01 - 2014-10-22 01:01 - 00057344 _____ () C:\Windows\system32\config\SAM.iobit
2014-10-22 01:01 - 2014-10-22 01:01 - 00024576 _____ () C:\Windows\system32\config\SECURITY.iobit
2014-10-22 01:01 - 2014-10-22 01:01 - 00000000 ____D () C:\Users\Susanne\Downloads\FRST-OlderVersion
2014-10-22 00:34 - 2014-10-22 00:34 - 00001501 _____ () C:\Users\Susanne\Desktop\JRT.txt
2014-10-22 00:31 - 2014-10-22 00:31 - 01706144 _____ (Thisisu) C:\Users\Susanne\Downloads\JRT.exe
2014-10-22 00:25 - 2014-10-22 00:25 - 00011948 _____ () C:\Users\Susanne\Desktop\AdwCleaner[S2].txt
2014-10-22 00:12 - 2014-10-22 00:12 - 01962496 _____ () C:\Users\Susanne\Downloads\AdwCleaner_4.001.exe
2014-10-22 00:11 - 2014-10-22 00:09 - 00001784 _____ () C:\Users\Susanne\Desktop\mbam.txt
2014-10-21 23:45 - 2014-10-21 23:45 - 00129984 _____ () C:\Users\Susanne\AppData\Local\GDIPFONTCACHEV1.DAT
2014-10-21 23:44 - 2014-10-22 00:40 - 00000168 _____ () C:\Windows\setupact.log
2014-10-21 23:44 - 2014-10-21 23:44 - 00502544 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-21 23:44 - 2014-10-21 23:44 - 00000000 _____ () C:\Windows\setuperr.log
2014-10-21 23:43 - 2014-10-22 00:21 - 00001214 _____ () C:\Windows\PFRO.log
2014-10-21 22:36 - 2014-10-21 22:36 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\Susanne\Downloads\mbam-setup-2.0.3.1025.exe
2014-10-20 22:16 - 2014-10-20 22:16 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Susanne\Downloads\revosetup95.exe
2014-10-20 22:16 - 2014-10-20 22:16 - 00001264 _____ () C:\Users\Susanne\Desktop\Revo Uninstaller.lnk
2014-10-20 22:16 - 2014-10-20 22:16 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-10-19 20:31 - 2014-10-19 20:31 - 01110476 _____ () C:\Users\Susanne\Downloads\7z920.exe
2014-10-19 20:31 - 2014-10-19 20:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2014-10-19 20:31 - 2014-10-19 20:31 - 00000000 ____D () C:\Program Files (x86)\7-Zip
2014-10-19 17:42 - 2014-10-19 21:21 - 00064874 _____ () C:\Users\Susanne\Downloads\Addition.txt
2014-10-19 17:40 - 2014-10-22 01:01 - 00032607 _____ () C:\Users\Susanne\Downloads\FRST.txt
2014-10-19 17:40 - 2014-10-22 01:01 - 00000000 ____D () C:\FRST
2014-10-19 17:38 - 2014-10-22 01:01 - 02110976 _____ (Farbar) C:\Users\Susanne\Downloads\FRST64.exe
2014-10-17 21:48 - 2014-10-17 21:48 - 01705698 _____ (Thisisu) C:\Users\Susanne\Downloads\JRT633.exe
2014-10-15 16:59 - 2014-10-15 16:59 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-10-15 16:35 - 2014-10-15 16:36 - 00000000 ____D () C:\Users\Susanne\AppData\Roaming\Free Internet Tuner
2014-10-15 16:06 - 2014-10-15 16:38 - 91670064 _____ (The GIMP Team ) C:\Users\Susanne\Downloads\gimp-2.8.14-setup.exe
2014-10-14 22:59 - 2014-10-14 22:59 - 00000000 ____D () C:\Windows\System32\Tasks\Abelssoft
2014-10-14 22:59 - 2014-10-14 22:59 - 00000000 ____D () C:\Users\Susanne\AppData\Roaming\Abelssoft
2014-10-14 22:59 - 2014-10-14 22:59 - 00000000 ____D () C:\ProgramData\XDMessagingv4
2014-10-14 22:58 - 2014-10-14 22:58 - 00001050 _____ () C:\Users\Public\Desktop\CHIP Updater.lnk
2014-10-14 22:58 - 2014-10-14 22:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CHIP Updater
2014-10-14 22:58 - 2014-10-14 22:58 - 00000000 ____D () C:\Program Files (x86)\CHIP Updater
2014-10-14 22:55 - 2014-10-14 22:55 - 03205232 _____ (Abelssoft ) C:\Users\Susanne\Downloads\CHIP_Updater_2.33.exe
2014-10-14 22:13 - 2014-08-19 05:11 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2014-10-14 22:13 - 2014-08-19 05:10 - 00616352 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2014-10-14 22:13 - 2014-08-19 05:08 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-10-14 22:13 - 2014-08-19 05:08 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2014-10-14 22:13 - 2014-08-19 05:08 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2014-10-14 22:13 - 2014-08-19 05:07 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2014-10-14 22:13 - 2014-08-19 05:07 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2014-10-14 22:13 - 2014-08-19 05:07 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2014-10-14 22:13 - 2014-08-19 05:07 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2014-10-14 22:13 - 2014-08-19 05:07 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2014-10-14 22:13 - 2014-08-19 04:41 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2014-10-14 22:13 - 2014-08-19 04:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2014-10-14 22:13 - 2014-08-19 04:06 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2014-10-14 22:13 - 2014-07-07 04:07 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-10-14 22:13 - 2014-07-07 04:07 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2014-10-14 22:13 - 2014-07-07 04:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-10-14 22:13 - 2014-07-07 04:06 - 05551032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-10-14 22:13 - 2014-07-07 04:06 - 04120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-10-14 22:13 - 2014-07-07 04:06 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2014-10-14 22:13 - 2014-07-07 04:06 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-10-14 22:13 - 2014-07-07 04:06 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2014-10-14 22:13 - 2014-07-07 04:06 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2014-10-14 22:13 - 2014-07-07 04:06 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2014-10-14 22:13 - 2014-07-07 04:06 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-10-14 22:13 - 2014-07-07 04:06 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2014-10-14 22:13 - 2014-07-07 04:06 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2014-10-14 22:13 - 2014-07-07 04:06 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-10-14 22:13 - 2014-07-07 04:06 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2014-10-14 22:13 - 2014-07-07 04:06 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-10-14 22:13 - 2014-07-07 04:06 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2014-10-14 22:13 - 2014-07-07 04:06 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2014-10-14 22:13 - 2014-07-07 04:06 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-10-14 22:13 - 2014-07-07 04:06 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-10-14 22:13 - 2014-07-07 04:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-10-14 22:13 - 2014-07-07 04:06 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2014-10-14 22:13 - 2014-07-07 04:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-10-14 22:13 - 2014-07-07 04:06 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2014-10-14 22:13 - 2014-07-07 04:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-10-14 22:13 - 2014-07-07 04:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-10-14 22:13 - 2014-07-07 04:06 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2014-10-14 22:13 - 2014-07-07 04:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2014-10-14 22:13 - 2014-07-07 04:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2014-10-14 22:13 - 2014-07-07 04:05 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-10-14 22:13 - 2014-07-07 04:05 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2014-10-14 22:13 - 2014-07-07 04:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-10-14 22:13 - 2014-07-07 03:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2014-10-14 22:13 - 2014-07-07 03:40 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-10-14 22:13 - 2014-07-07 03:40 - 03208704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-10-14 22:13 - 2014-07-07 03:40 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2014-10-14 22:13 - 2014-07-07 03:40 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-10-14 22:13 - 2014-07-07 03:40 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2014-10-14 22:13 - 2014-07-07 03:40 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2014-10-14 22:13 - 2014-07-07 03:40 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2014-10-14 22:13 - 2014-07-07 03:40 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2014-10-14 22:13 - 2014-07-07 03:40 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2014-10-14 22:13 - 2014-07-07 03:40 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2014-10-14 22:13 - 2014-07-07 03:40 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-10-14 22:13 - 2014-07-07 03:40 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2014-10-14 22:13 - 2014-07-07 03:40 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-10-14 22:13 - 2014-07-07 03:40 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2014-10-14 22:13 - 2014-07-07 03:40 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2014-10-14 22:13 - 2014-07-07 03:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-10-14 22:13 - 2014-07-07 03:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-10-14 22:13 - 2014-07-07 03:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2014-10-14 22:13 - 2014-07-07 03:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-10-14 22:13 - 2014-07-07 03:40 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2014-10-14 22:13 - 2014-07-07 03:40 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2014-10-14 22:13 - 2014-07-07 03:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2014-10-14 22:13 - 2014-07-07 03:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2014-10-14 22:13 - 2014-07-07 03:39 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2014-10-14 22:13 - 2014-07-07 03:39 - 03970488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-10-14 22:13 - 2014-07-07 03:39 - 03914680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-10-14 22:13 - 2014-07-07 03:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-10-14 22:13 - 2014-07-07 03:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-10-14 22:13 - 2014-07-07 03:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-10-14 22:13 - 2014-06-28 02:21 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-10-14 22:13 - 2014-06-28 02:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-10-14 22:13 - 2014-06-28 02:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2014-10-14 22:12 - 2014-10-07 04:54 - 00378552 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-14 22:12 - 2014-10-07 04:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-10-14 22:12 - 2014-09-26 00:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-10-14 22:12 - 2014-09-26 00:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-14 22:12 - 2014-09-26 00:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-14 22:12 - 2014-09-26 00:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-14 22:12 - 2014-09-26 00:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-14 22:12 - 2014-09-19 03:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-14 22:12 - 2014-09-19 03:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-10-14 22:12 - 2014-09-19 03:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-14 22:12 - 2014-09-19 03:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-14 22:12 - 2014-09-19 03:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-10-14 22:12 - 2014-09-19 03:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-14 22:12 - 2014-09-19 03:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-10-14 22:12 - 2014-09-19 03:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-10-14 22:12 - 2014-09-19 03:14 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-14 22:12 - 2014-09-19 03:06 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-14 22:12 - 2014-09-19 03:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-10-14 22:12 - 2014-09-19 03:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-10-14 22:12 - 2014-09-19 02:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-14 22:12 - 2014-09-19 02:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-10-14 22:12 - 2014-09-19 02:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-10-14 22:12 - 2014-09-19 02:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-10-14 22:12 - 2014-09-19 02:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-10-14 22:12 - 2014-09-19 02:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-14 22:12 - 2014-09-19 02:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-14 22:12 - 2014-09-19 02:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-14 22:12 - 2014-09-19 02:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-14 22:12 - 2014-09-19 02:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-14 22:12 - 2014-09-19 01:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-14 22:12 - 2014-08-29 04:07 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-10-14 22:11 - 2014-10-10 04:05 - 00507392 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-10-14 22:11 - 2014-10-10 04:05 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-10-14 22:11 - 2014-10-10 04:00 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-10-14 22:11 - 2014-09-29 02:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-14 22:11 - 2014-09-26 00:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-14 22:11 - 2014-09-26 00:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-14 22:11 - 2014-09-19 04:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-14 22:11 - 2014-09-19 03:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-14 22:11 - 2014-09-19 03:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-14 22:11 - 2014-09-19 03:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-14 22:11 - 2014-09-19 03:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-14 22:11 - 2014-09-19 03:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-14 22:11 - 2014-09-19 03:27 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-14 22:11 - 2014-09-19 03:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-14 22:11 - 2014-09-19 03:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-14 22:11 - 2014-09-19 03:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-14 22:11 - 2014-09-19 03:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-14 22:11 - 2014-09-19 03:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-10-14 22:11 - 2014-09-19 03:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-14 22:11 - 2014-09-19 03:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-14 22:11 - 2014-09-19 02:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-10-14 22:11 - 2014-09-19 02:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-14 22:11 - 2014-09-19 02:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-10-14 22:11 - 2014-09-19 02:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-10-14 22:11 - 2014-09-19 02:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-14 22:11 - 2014-09-19 02:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-10-14 22:11 - 2014-09-19 02:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-10-14 22:11 - 2014-09-19 01:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-14 22:11 - 2014-09-19 01:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-14 22:11 - 2014-09-19 01:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-10-14 22:11 - 2014-09-18 04:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-14 22:11 - 2014-09-18 03:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-10-14 22:11 - 2014-06-19 00:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-14 22:11 - 2014-06-19 00:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-14 22:11 - 2014-06-19 00:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-14 22:11 - 2014-06-19 00:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-14 22:11 - 2014-06-19 00:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-14 22:11 - 2014-06-19 00:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-14 22:10 - 2014-09-04 07:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-14 22:10 - 2014-09-04 07:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-14 22:10 - 2014-07-17 04:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-14 22:10 - 2014-07-17 04:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-14 22:10 - 2014-07-17 04:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-14 22:10 - 2014-07-17 04:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-14 22:10 - 2014-07-17 04:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-10-14 22:10 - 2014-07-17 04:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-10-14 22:10 - 2014-07-17 03:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-10-14 22:10 - 2014-07-17 03:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-10-14 22:10 - 2014-07-17 03:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-10-14 22:10 - 2014-07-17 03:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-14 22:10 - 2014-07-17 03:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-14 22:05 - 2014-09-13 03:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-14 22:05 - 2014-09-13 03:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-14 22:05 - 2014-09-05 04:11 - 06584320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-14 22:05 - 2014-09-05 03:52 - 05703168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-14 21:36 - 2014-10-14 21:36 - 00071934 _____ () C:\Windows\system32\.crusader
2014-10-14 21:00 - 2014-10-14 21:44 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-10-14 21:00 - 2014-10-14 21:00 - 00001905 _____ () C:\Users\Public\Desktop\HitmanPro.lnk
2014-10-14 21:00 - 2014-10-14 21:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2014-10-14 21:00 - 2014-10-14 21:00 - 00000000 ____D () C:\Program Files\HitmanPro
2014-10-14 20:59 - 2014-10-14 20:59 - 11194928 _____ (SurfRight B.V.) C:\Users\Susanne\Downloads\HitmanPro_x64.exe
2014-10-13 04:24 - 2014-10-13 04:24 - 00000000 _____ () C:\autoexec.bat
2014-10-13 03:57 - 2014-10-13 03:58 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-10-08 03:58 - 2014-10-08 04:08 - 00000000 ___HD () C:\Users\Public\Temp
2014-10-04 00:45 - 2014-10-04 00:45 - 15197616 _____ (Ventis Media Inc. ) C:\Users\Susanne\Downloads\MediaMonkey_4.1.4.1709.exe
2014-10-03 00:11 - 2014-10-03 00:11 - 00001141 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Update.lnk
2014-10-02 23:30 - 2014-10-02 23:30 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-10-02 23:30 - 2014-10-02 23:30 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-10-02 23:30 - 2014-10-02 23:30 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-10-02 23:27 - 2014-10-02 23:27 - 00918952 _____ (Oracle Corporation) C:\Users\Susanne\Downloads\jxpiinstall(17).exe
2014-10-02 05:32 - 2014-10-02 05:32 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Susanne\Downloads\mbam-setup-2.0.2.1012(2).exe
2014-10-01 16:22 - 2014-09-25 04:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-10-01 16:22 - 2014-09-25 03:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-10-01 13:45 - 2013-06-12 14:10 - 00033512 _____ () C:\Windows\system32\Drivers\DasPtct.SYS
2014-10-01 13:43 - 2014-10-01 13:44 - 30543696 _____ (Panda Security ) C:\Users\Susanne\Downloads\PandaCloudCleaner.exe
2014-10-01 13:41 - 2014-10-21 16:29 - 00000000 ____D () C:\ProgramData\Spyware Terminator
2014-10-01 13:41 - 2014-10-01 13:41 - 00051496 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\stflt.sys
2014-10-01 13:41 - 2014-10-01 13:41 - 00001038 _____ () C:\Users\Public\Desktop\Spyware Terminator 2012.lnk
2014-10-01 13:41 - 2014-10-01 13:41 - 00000000 ____D () C:\Users\Susanne\AppData\Roaming\Spyware Terminator
2014-10-01 13:41 - 2014-10-01 13:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spyware Terminator 2012
2014-10-01 13:40 - 2014-10-17 18:14 - 00000000 ____D () C:\Program Files (x86)\Spyware Terminator
2014-10-01 13:39 - 2014-10-01 13:39 - 00937232 _____ (Crawler.com ) C:\Users\Susanne\Downloads\SpywareTerminatorSetup.exe
2014-10-01 13:34 - 2014-10-01 13:34 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Susanne\Downloads\mbam-setup-2.0.2.1012(1).exe
2014-09-25 22:02 - 2014-10-15 16:59 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox.bak
2014-09-24 23:26 - 2014-09-10 00:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-24 23:26 - 2014-09-09 23:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-09-23 20:59 - 2014-09-23 20:59 - 00000000 _____ () C:\Users\Susanne\Downloads\FAPEE45.tmp
2014-09-23 20:54 - 2014-09-23 20:54 - 00000000 _____ () C:\Users\Susanne\Downloads\FAP5973.tmp
2014-09-23 20:50 - 2014-09-23 20:50 - 00000000 _____ () C:\Users\Susanne\Downloads\FAP4E49.tmp
2014-09-23 20:44 - 2014-09-23 20:44 - 00000000 _____ () C:\Users\Susanne\Downloads\FAPEE2C.tmp
2014-09-23 20:39 - 2014-09-23 20:39 - 00000000 _____ () C:\Users\Susanne\Downloads\FAP4A7B.tmp
2014-09-23 20:39 - 2014-09-23 20:39 - 00000000 _____ () C:\Users\Susanne\Downloads\FAP3DFA.tmp
2014-09-23 20:37 - 2014-09-23 20:37 - 00000000 _____ () C:\Users\Susanne\Downloads\FAP272D.tmp
2014-09-23 20:35 - 2014-09-23 20:35 - 00000000 _____ () C:\Users\Susanne\Downloads\FAPE0D4.tmp
2014-09-23 20:35 - 2014-09-23 20:35 - 00000000 _____ () C:\Users\Susanne\Downloads\FAPCF25.tmp
2014-09-23 20:35 - 2014-09-23 20:35 - 00000000 _____ () C:\Users\Susanne\Downloads\FAP6A80.tmp
2014-09-23 20:24 - 2014-09-23 20:24 - 00000000 _____ () C:\Users\Susanne\Downloads\FAP1A45.tmp
2014-09-23 20:18 - 2014-09-23 20:18 - 00000000 _____ () C:\Users\Susanne\Downloads\FAP3E74.tmp
2014-09-23 20:01 - 2014-09-23 20:01 - 00000000 _____ () C:\Users\Susanne\Downloads\FAP5AB8.tmp
2014-09-23 19:57 - 2014-09-23 19:57 - 00000000 _____ () C:\Users\Susanne\Downloads\FAP7FF0.tmp

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-22 01:02 - 2013-03-06 22:19 - 00000000 ____D () C:\Users\Susanne\AppData\Roaming\NetSpeedMonitor
2014-10-22 01:01 - 2014-09-08 15:27 - 00000000 _RSHD () C:\360SANDBOX
2014-10-22 01:01 - 2012-02-28 04:06 - 00000000 ____D () C:\Users\Susanne\AppData\Roaming\Spamihilator
2014-10-22 01:01 - 2012-02-28 02:14 - 00000000 ____D () C:\Users\Susanne
2014-10-22 00:57 - 2014-07-23 03:43 - 02022040 _____ () C:\Windows\WindowsUpdate.log
2014-10-22 00:51 - 2009-07-14 06:45 - 00028624 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-22 00:51 - 2009-07-14 06:45 - 00028624 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-22 00:40 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-22 00:32 - 2012-03-01 22:33 - 00000000 ____D () C:\Users\Susanne\AppData\Local\CrashDumps
2014-10-22 00:20 - 2014-06-18 00:51 - 00000000 ____D () C:\Windows\system32\log
2014-10-22 00:20 - 2013-12-21 20:13 - 00000000 ____D () C:\AdwCleaner
2014-10-22 00:12 - 2014-09-11 22:36 - 00000000 __SHD () C:\ProgramData\360Quarant
2014-10-22 00:12 - 2014-09-11 18:10 - 00000000 __SHD () C:\$360Section
2014-10-21 23:55 - 2014-06-03 14:06 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-21 23:51 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-10-21 22:37 - 2014-06-03 14:05 - 00000787 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-10-21 22:37 - 2014-06-03 14:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-10-21 22:34 - 2012-08-11 03:52 - 00000936 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3723462230-206843849-3249284018-1000UA.job
2014-10-21 16:34 - 2012-08-11 03:52 - 00000914 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3723462230-206843849-3249284018-1000Core.job
2014-10-20 22:13 - 2013-12-23 01:51 - 00000000 ____D () C:\Users\Susanne\AppData\Roaming\Wise Care 365
2014-10-20 22:13 - 2013-02-09 18:50 - 00000000 ____D () C:\Users\Susanne\AppData\Roaming\MediaMonkey
2014-10-17 23:29 - 2014-09-08 15:27 - 00000000 ____D () C:\Windows\Tasks\360Disabled
2014-10-17 23:29 - 2013-12-23 01:52 - 00003080 _____ () C:\Windows\System32\Tasks\Wise Turbo Checker
2014-10-16 20:53 - 2014-05-19 16:25 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-10-15 18:58 - 2012-04-25 01:01 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-10-15 00:54 - 2013-05-02 11:51 - 00043064 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-10-15 00:54 - 2013-03-28 22:11 - 00131608 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-10-15 00:54 - 2013-03-28 22:11 - 00119272 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-10-15 00:47 - 2014-08-27 21:37 - 00000000 ____D () C:\Users\Susanne\AppData\Local\Adobe
2014-10-15 00:47 - 2012-04-04 16:14 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-10-15 00:47 - 2012-04-04 16:14 - 00003824 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-10-15 00:47 - 2012-02-28 01:32 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-10-14 23:03 - 2012-02-28 01:04 - 00700118 _____ () C:\Windows\system32\perfh007.dat
2014-10-14 23:03 - 2012-02-28 01:04 - 00149968 _____ () C:\Windows\system32\perfc007.dat
2014-10-14 23:03 - 2011-02-11 01:03 - 01596508 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-10-14 23:03 - 2009-07-14 07:13 - 01596508 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-14 22:59 - 2013-01-23 03:35 - 00000000 ____D () C:\Users\Susanne\AppData\Local\Abelssoft
2014-10-14 22:38 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-10-14 22:31 - 2014-04-22 20:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-10-14 22:31 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-10-14 22:31 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-10-14 22:23 - 2013-08-14 13:50 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-14 22:14 - 2012-02-28 05:29 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-10-14 18:46 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-10-14 18:46 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2014-10-14 18:45 - 2014-09-08 15:27 - 00000000 ____D () C:\ProgramData\360safe
2014-10-14 18:45 - 2012-12-24 02:36 - 00000000 ____D () C:\Users\Susanne\AppData\Roaming\IObit
2014-10-13 02:53 - 2014-09-08 15:34 - 00000000 __SHD () C:\Users\Susanne\AppData\Roaming\360Quarant
2014-10-08 04:49 - 2014-09-08 15:27 - 00000000 ____D () C:\Users\Susanne\AppData\Roaming\360safe
2014-10-08 04:10 - 2013-10-29 01:03 - 00001382 _____ () C:\Users\Susanne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-10-08 04:10 - 2012-02-28 03:12 - 00001283 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-10-08 04:10 - 2012-02-28 03:12 - 00001271 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-10-08 04:10 - 2012-02-28 02:16 - 00001643 _____ () C:\Users\Susanne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-10-08 03:58 - 2014-06-05 00:28 - 00000000 ____D () C:\ProgramData\Package Cache
2014-10-04 00:48 - 2013-02-09 18:50 - 00000742 _____ () C:\Users\Public\Desktop\MediaMonkey.lnk
2014-10-04 00:48 - 2013-02-09 18:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MediaMonkey
2014-10-03 03:34 - 2012-02-28 02:25 - 00000000 ____D () C:\Update
2014-10-03 03:27 - 2014-09-14 02:10 - 00000000 ____D () C:\Windows\Temp083112BD-D59E-8962-B4C4-F089FCBF1BD7-Signatures
2014-10-03 03:27 - 2012-02-28 01:22 - 00000000 ____D () C:\temp
2014-10-03 00:11 - 2012-02-28 01:28 - 00000000 ____D () C:\Windows\System32\Tasks\Sony Corporation
2014-10-03 00:11 - 2012-02-28 01:06 - 00000000 ____D () C:\ProgramData\Sony Corporation
2014-10-03 00:10 - 2012-02-28 01:16 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-10-03 00:10 - 2012-02-28 01:06 - 00000000 ____D () C:\Program Files\Sony
2014-10-02 23:31 - 2013-09-26 13:13 - 00000000 ____D () C:\ProgramData\Oracle
2014-10-02 23:30 - 2014-08-11 15:49 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-10-01 15:52 - 2012-02-29 03:40 - 00000000 ____D () C:\Users\Susanne\AppData\Roaming\SoftGrid Client
2014-10-01 11:11 - 2014-06-03 14:05 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-10-01 11:11 - 2014-06-03 14:05 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-10-01 11:11 - 2014-06-03 14:05 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-09-27 03:14 - 2013-04-27 03:19 - 00000000 ____D () C:\Users\Susanne\AppData\Roaming\DVDVideoSoft
2014-09-22 08:42 - 2010-11-21 05:27 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

Files to move or delete:
====================
C:\Users\Susanne\fbchathistory.dat


Some content of TEMP:
====================
C:\Users\Susanne\AppData\Local\Temp\avgnt.exe
C:\Users\Susanne\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-02 18:34

==================== End Of Log ============================
         
--- --- ---

--- --- ---

Alt 22.10.2014, 23:12   #9
Merline
 
Pepper zip - Standard

Pepper zip



FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-10-2014
Ran by Susanne (administrator) on SUSANNE-VAIO on 22-10-2014 01:07:31
Running from C:\Users\Susanne\DOWNLOADS
Loaded Profile: Susanne (Available profiles: Susanne)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IObit) I:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
(AMD) C:\Windows\System32\atieclxx.exe
() C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(IObit) I:\Program Files (x86)\IObit\Advanced SystemCare 6\Monitor.exe
(mst software GmbH, Germany) C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 10\DfSdkS64.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Crawler.com) C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
(Sony Corporation) C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Sony Corporation) C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Crawler.com) C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(IObit) I:\Program Files (x86)\IObit\Advanced SystemCare 6\ASC.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Crawler.com) C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
(Stardock Corporation) C:\Program Files (x86)\Stardock\CursorFX\CursorFX.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
() C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Michel Krämer) C:\Program Files\Spamihilator\spamihilator.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
(IncrediMail, Ltd.) C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe
(IncrediMail, Ltd.) C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(IObit) I:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_189.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_189.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1158248 2012-03-09] (Realtek Semiconductor)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM\...\Run: [SpywareTerminatorShield] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe [2774936 2014-05-13] (Crawler.com)
HKLM\...\Run: [SpywareTerminatorUpdater] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe [3681688 2014-05-13] (Crawler.com)
HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [500736 2011-05-02] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [703736 2014-10-15] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-07-08] (Apple Inc.)
HKLM-x32\...\Run: [QHSafeTray] => C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe [1791600 2014-08-29] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3723462230-206843849-3249284018-1000\...\Run: [CursorFX] => C:\Program Files (x86)\Stardock\CursorFX\CursorFX.exe [432784 2012-05-10] (Stardock Corporation)
HKU\S-1-5-21-3723462230-206843849-3249284018-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-3723462230-206843849-3249284018-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass IE RunOnce.lnk
ShortcutTarget: Install LastPass IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass)
Startup: C:\Users\Susanne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Spamihilator.lnk
ShortcutTarget: Spamihilator.lnk -> C:\Program Files\Spamihilator\spamihilator.exe (Michel Krämer)
BootExecute: autocheck autochk *  BootDefrag.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://de.yhs4.search.yahoo.com/yhs/search?type=prc265&hspart=avast&hsimp=yhs-001&p={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://sony.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://de.yahoo.com?fr=hp-avast&type=prc265
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Google
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = Google
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKLM-x32 - {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {17ADD2FE-1208-4BBD-913F-0C8732DCBD44} URL = hxxp://services.zinio.com/search?s={searchTerms}&rf=sonyslices
SearchScopes: HKCU - {E4BD2B01-14CD-45F9-B958-3FFAB7DB3D0E} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-27/4?mpre=hxxp://shop.ebay.de/?oemInLn=ieSrch-Q311&_nkw={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: No Name -> {9030D464-4C02-4ABF-8ECC-5164760863C6} ->  No File
BHO: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
Toolbar: HKCU - No Name - {5786D022-540E-4699-B350-B4BE0AE94B79} -  No File
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{05A7A838-BBFC-4DA9-9F78-5FC886D82879}: [NameServer] 5.135.12.56,199.203.35.78

FireFox:
========
FF ProfilePath: C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default
FF NewTab: Google
FF DefaultSearchUrl: Yahoo Suche ? Websuche & Suchmaschine
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: Google
FF NetworkProxy: "backup.ftp", "178.219.12.210"
FF NetworkProxy: "backup.ftp_port", 6666
FF NetworkProxy: "backup.socks", "178.219.12.210"
FF NetworkProxy: "backup.socks_port", 6666
FF NetworkProxy: "backup.ssl", "178.219.12.210"
FF NetworkProxy: "backup.ssl_port", 6666
FF NetworkProxy: "ftp", "www-proxy.t-online.de"
FF NetworkProxy: "ftp_port", 80
FF NetworkProxy: "http", "www-proxy.t-online.de"
FF NetworkProxy: "http_port", 80
FF NetworkProxy: "no_proxies_on", "localhost, 127.0.0.1, stealthy.co"
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "www-proxy.t-online.de"
FF NetworkProxy: "socks_port", 80
FF NetworkProxy: "ssl", "www-proxy.t-online.de"
FF NetworkProxy: "ssl_port", 80
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_189.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @playstation.com/PsndlCheck,version=1.00 -> C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll (Sony Computer Entertainment Inc.)
FF Plugin-x32: @popularscreensavers.com/Plugin -> C:\Program Files (x86)\PopularScreensavers\NPp5Stub.dll No File
FF Plugin-x32: @SonyCreativeSoftware.com/Media Go,version=1.0 -> C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: facebook.com/fbDesktopPlugin -> C:\Users\Susanne\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF SearchPlugin: C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\searchplugins\speedfox.xml
FF SearchPlugin: C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\searchplugins\yahoo-avast.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Advanced SystemCare Surfing Protection - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\ascsurfingprotection@iobit.com [2013-09-24]
FF Extension: DoNotTrackMe: Online Privacy Protection - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\donottrackplus@abine.com [2014-07-12]
FF Extension: SpeedFox - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\jid1-uabu5A9hduqzCw@jetpack [2013-08-18]
FF Extension: LastPass - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\support@lastpass.com [2014-08-19]
FF Extension: BrowserAdditions - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\toolbarbutton@browseradditions.com [2013-08-18]
FF Extension: ColorfulTabs - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe} [2014-09-29]
FF Extension: TV-Fox - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\{2f17f610-5e97-4fed-828f-9940b7b577a4} [2013-12-21]
FF Extension: AddThis - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\{3e0e7d2a-070f-4a47-b019-91fe5385ba79} [2013-05-31]
FF Extension: Biobar - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\{3e559c3c-4aad-4168-bd47-e1056298df8e} [2014-01-14]
FF Extension: ReminderFox - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae} [2014-04-19]
FF Extension: DownloadHelper - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-09-08]
FF Extension: Evernote Web Clipper - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\{E0B8C461-F8FB-49b4-8373-FE32E9252800} [2013-12-18]
FF Extension: Amazon Price Tracker - Keepa.com - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\amptra@keepa.com.xpi [2013-08-29]
FF Extension: everygain Translator - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\ck@everygain.com.xpi [2013-04-18]
FF Extension: anonymoX - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\client@anonymox.net.xpi [2013-04-30]
FF Extension: Facebook Chat History Manager - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\fbchathistory@firechm.com.xpi [2013-08-03]
FF Extension: Shareaholic - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\firefox-extension@shareaholic.com.xpi [2013-04-19]
FF Extension: hidefbticker - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\hidefbticker@shebo.com.xpi [2013-07-02]
FF Extension: i2Symbol (Emoticons, Smileys, Symbols) - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\i2symbol@sciweavers.org.xpi [2013-04-19]
FF Extension: ProxTube - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\ich@maltegoetz.de.xpi [2014-09-11]
FF Extension: iFamebook  - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\ifamebook@stormvision.it.xpi [2013-08-03]
FF Extension: iKute Emoticons for Facebook Chat - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\ikuteteam@gmail.com.xpi [2013-07-02]
FF Extension: Telekom YouTube Turbo - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\info@maltegoetz.de.xpi [2013-04-19]
FF Extension: HMA! IP Checker - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\ipinfo@hidemyass.com.xpi [2013-04-19]
FF Extension: Big Emo For Facebook - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\jid0-3w5IeNyk2A0kYZWgtBwRAxwtyTo@jetpack.xpi [2013-07-02]
FF Extension: Invite All (for Facebook) - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\jid0-zs24wecdcQo0Lp18D7QOV4WSZFo@jetpack.xpi [2013-08-03]
FF Extension: RSS Icon - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\kitsuneymg@gmail.com.xpi [2013-04-19]
FF Extension: NASA Night Launch - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\nasanightlaunch@example.com.xpi [2013-10-07]
FF Extension: Noia 4 Theme Manager - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\Noia4Options@ArisT2.xpi [2013-07-03]
FF Extension: Personas Plus - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\personas@christopher.beard.xpi [2013-04-19]
FF Extension: Silvermel - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\silvermel@pardal.de.xpi [2013-05-27]
FF Extension: Silvermel and Charamel XT - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\silvermelxt@pardal.de.xpi [2013-05-27]
FF Extension: Smiley Xtra - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\smxtra5@smileyxtra.co.uk.xpi [2013-04-18]
FF Extension: Stealthy - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\stealthyextension@gmail.com.xpi [2013-08-09]
FF Extension: Location Bar Enhancer - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\UIEnhancer@girishsharma.xpi [2013-04-19]
FF Extension: YouTube to MP3 - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\youtube2mp3@mondayx.de.xpi [2013-04-19]
FF Extension: All-in-One Sidebar - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\{097d3191-e6fa-4728-9826-b533d755359d}.xpi [2013-04-19]
FF Extension: Stylish Sync - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\{0e3fc079-afbb-4a00-87e5-9486062d0f9c}.xpi [2013-04-26]
FF Extension: Flagfox - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi [2014-03-08]
FF Extension: Session Manager - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi [2013-04-15]
FF Extension: FlashGot - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi [2013-04-19]
FF Extension: ShareThis - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\{1b8cc170-8c85-11db-b606-0800200c9a66}.xpi [2013-04-19]
FF Extension: Facebook Messenger - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\{249b4e45-4fb9-4f6b-9754-7c0c1e605d44}.xpi [2014-08-02]
FF Extension: AniWeather - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\{4176DFF4-4698-11DE-BEEB-45DA55D89593}.xpi [2013-04-19]
FF Extension: Stylish - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi [2013-04-15]
FF Extension: Quick Translator - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\{5C655500-E712-41e7-9349-CE462F844B19}.xpi [2013-04-18]
FF Extension: Charamel - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\{961408A3-C970-4577-970A-D97C29839A67}.xpi [2013-05-27]
FF Extension: Soundcloud SUPER +2: Downloader and Recommender - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\{988da70d-b78d-44a1-a9c7-ed11832a9e2e}.xpi [2013-04-19]
FF Extension: ImTranslator - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi [2013-04-15]
FF Extension: autolikefacebookstatusesplus - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\{a5de1696-512e-43ca-8d9f-4904fc91a3ac}.xpi [2013-07-02]
FF Extension: StumbleUpon - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696}.xpi [2013-04-18]
FF Extension: SoundCloud Downloader - Technowise - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\{c8d3bc80-0810-4d21-a2c2-be5f2b2832ac}.xpi [2013-04-19]
FF Extension: FoxTab - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}.xpi [2013-08-09]
FF Extension: Download Manager Tweak - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\{F8A55C97-3DB6-4961-A81D-0DE0080E53CB}.xpi [2013-04-18]
FF Extension: Noia 4 - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\{faf13420-5e24-11e0-80e3-0800200c9a66}.xpi [2013-07-03]
FF HKLM-x32\...\Firefox\Extensions: [WebProtection@360safe.com] - C:\Program Files (x86)\360\Total Security\safemon\webprotection_firefox
FF Extension: 360网页保护 - C:\Program Files (x86)\360\Total Security\safemon\webprotection_firefox [2014-09-08]
FF Extension: No Name - WebProtection@360safe.com [Not Found]

Chrome: 
=======
CHR Profile: C:\Users\Susanne\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (No Name) - C:\Users\Susanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\2.0.0.0_0 [2013-01-22]
CHR HKLM-x32\...\Chrome\Extension: [nfengeggddojhakldhlpjdlddgkkjkdd] - I:\Program Files (x86)\IObit\Advanced SystemCare 6\BrowerProtect\ASC_GhromePluginFor6.crx [2012-12-24]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AdvancedSystemCareService6; I:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [464256 2012-10-31] (IObit)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-10-15] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-10-15] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [994552 2014-10-15] (Avira Operations GmbH & Co. KG)
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [138400 2011-07-05] (Atheros) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [98976 2011-07-05] (Atheros Commnucations) [File not signed]
S3 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [141392 2014-07-14] (Avira Operations GmbH & Co. KG)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2169016 2014-03-01] (Microsoft Corporation)
S3 DCDhcpService; C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe [104096 2011-07-19] (Atheros Communication Inc.) [File not signed]
R2 DfSdkS; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 10\DfsdkS64.exe [544768 2009-08-24] (mst software GmbH, Germany) [File not signed]
R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [127752 2014-10-14] (SurfRight B.V.)
S3 MatSvc; C:\Program Files\Microsoft Fix it Center\Matsvc.exe [343856 2011-06-13] (Microsoft Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
R2 QHActiveDefense; C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe [707184 2014-08-29] ()
R2 ST2012_Svc; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [1146304 2014-05-13] (Crawler.com)
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [105024 2011-02-23] (ArcSoft, Inc.)
R2 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [960160 2011-12-29] (Sony Corporation)
R3 VUAgent; C:\PROGRAM FILES\SONY\VAIO UPDATE\VUAGENT.EXE [1642544 2014-02-28] (Sony Corporation)
S3 WiseBootAssistant; I:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe [580232 2013-12-09] (WiseCleaner.com)
S2 楗敳潂瑯獁楳瑳湡tI"; 㩉停潲牧浡䘠汩獥⠠㡸⤶坜獩履楗敳䌠牡⁥㘳尵潂瑯楔敭攮數 [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 360AntiHacker; C:\Windows\System32\Drivers\360AntiHacker64.sys [100424 2014-08-29] (360.cn)
R3 360AvFlt; C:\Windows\System32\DRIVERS\360AvFlt.sys [77896 2014-08-29] (360.cn)
R1 360Box64; C:\Windows\System32\DRIVERS\360Box64.sys [305736 2014-08-29] (360.cn)
R1 360Camera; C:\Windows\System32\Drivers\360Camera64.sys [40520 2014-08-29] (360.cn)
R1 360FsFlt; C:\Windows\System32\DRIVERS\360FsFlt.sys [311888 2014-08-29] (Qihu 360 Software Co., Ltd.)
R3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [31968 2012-10-08] (Wondershare)
R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-15] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-10-15] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-01] (Avira Operations GmbH & Co. KG)
R1 BAPIDRV; C:\Windows\System32\DRIVERS\BAPIDRV64.sys [180816 2014-08-29] (Qihu 360 Software Co., Ltd.)
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [128200 2014-03-13] (Qualcomm Atheros Co., Ltd.)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-10-21] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [100312 2014-05-16] (Intel Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
R2 risdsnpe; C:\Windows\System32\DRIVERS\risdsnxc64.sys [98816 2011-06-24] (REDC)
S3 RRNetCap; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2012-01-03] (RapidSolution Software AG)
R3 RRNetCapMP; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2012-01-03] (RapidSolution Software AG)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [33008 2014-04-10] (Synaptics Incorporated)
R2 sp_rsdrv2; C:\Windows\System32\DRIVERS\stflt.sys [51496 2014-10-01] (Windows (R) Win 7 DDK provider)
S3 WiseHDInfo; I:\Program Files (x86)\Wise\Wise Care 365\WiseHDInfo64.dll [11304 2014-06-04] (wisecleaner.com)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-22 01:01 - 2014-10-22 01:01 - 19152896 _____ () C:\Windows\system32\config\SYSTEM.iobit
2014-10-22 01:01 - 2014-10-22 01:01 - 103727104 _____ () C:\Windows\system32\config\SOFTWARE.iobit
2014-10-22 01:01 - 2014-10-22 01:01 - 01064960 _____ () C:\Windows\system32\config\DEFAULT.iobit
2014-10-22 01:01 - 2014-10-22 01:01 - 00057344 _____ () C:\Windows\system32\config\SAM.iobit
2014-10-22 01:01 - 2014-10-22 01:01 - 00024576 _____ () C:\Windows\system32\config\SECURITY.iobit
2014-10-22 01:01 - 2014-10-22 01:01 - 00000000 ____D () C:\Users\Susanne\Downloads\FRST-OlderVersion
2014-10-22 00:34 - 2014-10-22 00:34 - 00001501 _____ () C:\Users\Susanne\Desktop\JRT.txt
2014-10-22 00:31 - 2014-10-22 00:31 - 01706144 _____ (Thisisu) C:\Users\Susanne\Downloads\JRT.exe
2014-10-22 00:25 - 2014-10-22 00:25 - 00011948 _____ () C:\Users\Susanne\Desktop\AdwCleaner[S2].txt
2014-10-22 00:12 - 2014-10-22 00:12 - 01962496 _____ () C:\Users\Susanne\Downloads\AdwCleaner_4.001.exe
2014-10-22 00:11 - 2014-10-22 00:09 - 00001784 _____ () C:\Users\Susanne\Desktop\mbam.txt
2014-10-21 23:45 - 2014-10-21 23:45 - 00129984 _____ () C:\Users\Susanne\AppData\Local\GDIPFONTCACHEV1.DAT
2014-10-21 23:44 - 2014-10-22 00:40 - 00000168 _____ () C:\Windows\setupact.log
2014-10-21 23:44 - 2014-10-21 23:44 - 00502544 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-21 23:44 - 2014-10-21 23:44 - 00000000 _____ () C:\Windows\setuperr.log
2014-10-21 23:43 - 2014-10-22 00:21 - 00001214 _____ () C:\Windows\PFRO.log
2014-10-21 22:36 - 2014-10-21 22:36 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\Susanne\Downloads\mbam-setup-2.0.3.1025.exe
2014-10-20 22:16 - 2014-10-20 22:16 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Susanne\Downloads\revosetup95.exe
2014-10-20 22:16 - 2014-10-20 22:16 - 00001264 _____ () C:\Users\Susanne\Desktop\Revo Uninstaller.lnk
2014-10-20 22:16 - 2014-10-20 22:16 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-10-19 20:31 - 2014-10-19 20:31 - 01110476 _____ () C:\Users\Susanne\Downloads\7z920.exe
2014-10-19 20:31 - 2014-10-19 20:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2014-10-19 20:31 - 2014-10-19 20:31 - 00000000 ____D () C:\Program Files (x86)\7-Zip
2014-10-19 17:42 - 2014-10-19 21:21 - 00064874 _____ () C:\Users\Susanne\Downloads\Addition.txt
2014-10-19 17:40 - 2014-10-22 01:07 - 00032331 _____ () C:\Users\Susanne\Downloads\FRST.txt
2014-10-19 17:40 - 2014-10-22 01:07 - 00000000 ____D () C:\FRST
2014-10-19 17:38 - 2014-10-22 01:01 - 02110976 _____ (Farbar) C:\Users\Susanne\Downloads\FRST64.exe
2014-10-17 21:48 - 2014-10-17 21:48 - 01705698 _____ (Thisisu) C:\Users\Susanne\Downloads\JRT633.exe
2014-10-15 16:59 - 2014-10-15 16:59 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-10-15 16:35 - 2014-10-15 16:36 - 00000000 ____D () C:\Users\Susanne\AppData\Roaming\Free Internet Tuner
2014-10-15 16:06 - 2014-10-15 16:38 - 91670064 _____ (The GIMP Team ) C:\Users\Susanne\Downloads\gimp-2.8.14-setup.exe
2014-10-14 22:59 - 2014-10-14 22:59 - 00000000 ____D () C:\Windows\System32\Tasks\Abelssoft
2014-10-14 22:59 - 2014-10-14 22:59 - 00000000 ____D () C:\Users\Susanne\AppData\Roaming\Abelssoft
2014-10-14 22:59 - 2014-10-14 22:59 - 00000000 ____D () C:\ProgramData\XDMessagingv4
2014-10-14 22:58 - 2014-10-14 22:58 - 00001050 _____ () C:\Users\Public\Desktop\CHIP Updater.lnk
2014-10-14 22:58 - 2014-10-14 22:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CHIP Updater
2014-10-14 22:58 - 2014-10-14 22:58 - 00000000 ____D () C:\Program Files (x86)\CHIP Updater
2014-10-14 22:55 - 2014-10-14 22:55 - 03205232 _____ (Abelssoft ) C:\Users\Susanne\Downloads\CHIP_Updater_2.33.exe
2014-10-14 22:13 - 2014-08-19 05:11 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2014-10-14 22:13 - 2014-08-19 05:10 - 00616352 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2014-10-14 22:13 - 2014-08-19 05:08 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-10-14 22:13 - 2014-08-19 05:08 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2014-10-14 22:13 - 2014-08-19 05:08 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2014-10-14 22:13 - 2014-08-19 05:07 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2014-10-14 22:13 - 2014-08-19 05:07 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2014-10-14 22:13 - 2014-08-19 05:07 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2014-10-14 22:13 - 2014-08-19 05:07 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2014-10-14 22:13 - 2014-08-19 05:07 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2014-10-14 22:13 - 2014-08-19 04:41 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2014-10-14 22:13 - 2014-08-19 04:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2014-10-14 22:13 - 2014-08-19 04:06 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2014-10-14 22:13 - 2014-07-07 04:07 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-10-14 22:13 - 2014-07-07 04:07 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2014-10-14 22:13 - 2014-07-07 04:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-10-14 22:13 - 2014-07-07 04:06 - 05551032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-10-14 22:13 - 2014-07-07 04:06 - 04120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-10-14 22:13 - 2014-07-07 04:06 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2014-10-14 22:13 - 2014-07-07 04:06 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-10-14 22:13 - 2014-07-07 04:06 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2014-10-14 22:13 - 2014-07-07 04:06 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2014-10-14 22:13 - 2014-07-07 04:06 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2014-10-14 22:13 - 2014-07-07 04:06 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-10-14 22:13 - 2014-07-07 04:06 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2014-10-14 22:13 - 2014-07-07 04:06 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2014-10-14 22:13 - 2014-07-07 04:06 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-10-14 22:13 - 2014-07-07 04:06 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2014-10-14 22:13 - 2014-07-07 04:06 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-10-14 22:13 - 2014-07-07 04:06 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2014-10-14 22:13 - 2014-07-07 04:06 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2014-10-14 22:13 - 2014-07-07 04:06 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-10-14 22:13 - 2014-07-07 04:06 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-10-14 22:13 - 2014-07-07 04:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-10-14 22:13 - 2014-07-07 04:06 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2014-10-14 22:13 - 2014-07-07 04:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-10-14 22:13 - 2014-07-07 04:06 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2014-10-14 22:13 - 2014-07-07 04:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-10-14 22:13 - 2014-07-07 04:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-10-14 22:13 - 2014-07-07 04:06 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2014-10-14 22:13 - 2014-07-07 04:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2014-10-14 22:13 - 2014-07-07 04:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2014-10-14 22:13 - 2014-07-07 04:05 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-10-14 22:13 - 2014-07-07 04:05 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2014-10-14 22:13 - 2014-07-07 04:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-10-14 22:13 - 2014-07-07 03:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2014-10-14 22:13 - 2014-07-07 03:40 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-10-14 22:13 - 2014-07-07 03:40 - 03208704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-10-14 22:13 - 2014-07-07 03:40 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2014-10-14 22:13 - 2014-07-07 03:40 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-10-14 22:13 - 2014-07-07 03:40 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2014-10-14 22:13 - 2014-07-07 03:40 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2014-10-14 22:13 - 2014-07-07 03:40 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2014-10-14 22:13 - 2014-07-07 03:40 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2014-10-14 22:13 - 2014-07-07 03:40 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2014-10-14 22:13 - 2014-07-07 03:40 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2014-10-14 22:13 - 2014-07-07 03:40 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-10-14 22:13 - 2014-07-07 03:40 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2014-10-14 22:13 - 2014-07-07 03:40 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-10-14 22:13 - 2014-07-07 03:40 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2014-10-14 22:13 - 2014-07-07 03:40 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2014-10-14 22:13 - 2014-07-07 03:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-10-14 22:13 - 2014-07-07 03:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-10-14 22:13 - 2014-07-07 03:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2014-10-14 22:13 - 2014-07-07 03:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-10-14 22:13 - 2014-07-07 03:40 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2014-10-14 22:13 - 2014-07-07 03:40 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2014-10-14 22:13 - 2014-07-07 03:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2014-10-14 22:13 - 2014-07-07 03:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2014-10-14 22:13 - 2014-07-07 03:39 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2014-10-14 22:13 - 2014-07-07 03:39 - 03970488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-10-14 22:13 - 2014-07-07 03:39 - 03914680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-10-14 22:13 - 2014-07-07 03:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-10-14 22:13 - 2014-07-07 03:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-10-14 22:13 - 2014-07-07 03:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-10-14 22:13 - 2014-06-28 02:21 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-10-14 22:13 - 2014-06-28 02:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-10-14 22:13 - 2014-06-28 02:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2014-10-14 22:12 - 2014-10-07 04:54 - 00378552 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-14 22:12 - 2014-10-07 04:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-10-14 22:12 - 2014-09-26 00:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-10-14 22:12 - 2014-09-26 00:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-14 22:12 - 2014-09-26 00:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-14 22:12 - 2014-09-26 00:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-14 22:12 - 2014-09-26 00:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-14 22:12 - 2014-09-19 03:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-14 22:12 - 2014-09-19 03:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-10-14 22:12 - 2014-09-19 03:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-14 22:12 - 2014-09-19 03:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-14 22:12 - 2014-09-19 03:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-10-14 22:12 - 2014-09-19 03:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-14 22:12 - 2014-09-19 03:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-10-14 22:12 - 2014-09-19 03:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-10-14 22:12 - 2014-09-19 03:14 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-14 22:12 - 2014-09-19 03:06 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-14 22:12 - 2014-09-19 03:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-10-14 22:12 - 2014-09-19 03:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-10-14 22:12 - 2014-09-19 02:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-14 22:12 - 2014-09-19 02:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-10-14 22:12 - 2014-09-19 02:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-10-14 22:12 - 2014-09-19 02:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-10-14 22:12 - 2014-09-19 02:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-10-14 22:12 - 2014-09-19 02:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-14 22:12 - 2014-09-19 02:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-14 22:12 - 2014-09-19 02:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-14 22:12 - 2014-09-19 02:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-14 22:12 - 2014-09-19 02:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-14 22:12 - 2014-09-19 01:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-14 22:12 - 2014-08-29 04:07 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-10-14 22:11 - 2014-10-10 04:05 - 00507392 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-10-14 22:11 - 2014-10-10 04:05 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-10-14 22:11 - 2014-10-10 04:00 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-10-14 22:11 - 2014-09-29 02:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-14 22:11 - 2014-09-26 00:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-14 22:11 - 2014-09-26 00:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-14 22:11 - 2014-09-19 04:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-14 22:11 - 2014-09-19 03:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-14 22:11 - 2014-09-19 03:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-14 22:11 - 2014-09-19 03:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-14 22:11 - 2014-09-19 03:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-14 22:11 - 2014-09-19 03:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-14 22:11 - 2014-09-19 03:27 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-14 22:11 - 2014-09-19 03:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-14 22:11 - 2014-09-19 03:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-14 22:11 - 2014-09-19 03:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-14 22:11 - 2014-09-19 03:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-14 22:11 - 2014-09-19 03:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-10-14 22:11 - 2014-09-19 03:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-14 22:11 - 2014-09-19 03:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-14 22:11 - 2014-09-19 02:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-10-14 22:11 - 2014-09-19 02:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-14 22:11 - 2014-09-19 02:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-10-14 22:11 - 2014-09-19 02:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-10-14 22:11 - 2014-09-19 02:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-14 22:11 - 2014-09-19 02:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-10-14 22:11 - 2014-09-19 02:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-10-14 22:11 - 2014-09-19 01:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-14 22:11 - 2014-09-19 01:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-14 22:11 - 2014-09-19 01:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-10-14 22:11 - 2014-09-18 04:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-14 22:11 - 2014-09-18 03:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-10-14 22:11 - 2014-06-19 00:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-14 22:11 - 2014-06-19 00:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-14 22:11 - 2014-06-19 00:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-14 22:11 - 2014-06-19 00:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-14 22:11 - 2014-06-19 00:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-14 22:11 - 2014-06-19 00:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-14 22:10 - 2014-09-04 07:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-14 22:10 - 2014-09-04 07:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-14 22:10 - 2014-07-17 04:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-14 22:10 - 2014-07-17 04:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-14 22:10 - 2014-07-17 04:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-14 22:10 - 2014-07-17 04:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-14 22:10 - 2014-07-17 04:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-10-14 22:10 - 2014-07-17 04:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-10-14 22:10 - 2014-07-17 03:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-10-14 22:10 - 2014-07-17 03:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-10-14 22:10 - 2014-07-17 03:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-10-14 22:10 - 2014-07-17 03:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-14 22:10 - 2014-07-17 03:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-14 22:05 - 2014-09-13 03:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-14 22:05 - 2014-09-13 03:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-14 22:05 - 2014-09-05 04:11 - 06584320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-14 22:05 - 2014-09-05 03:52 - 05703168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-14 21:36 - 2014-10-14 21:36 - 00071934 _____ () C:\Windows\system32\.crusader
2014-10-14 21:00 - 2014-10-14 21:44 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-10-14 21:00 - 2014-10-14 21:00 - 00001905 _____ () C:\Users\Public\Desktop\HitmanPro.lnk
2014-10-14 21:00 - 2014-10-14 21:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2014-10-14 21:00 - 2014-10-14 21:00 - 00000000 ____D () C:\Program Files\HitmanPro
2014-10-14 20:59 - 2014-10-14 20:59 - 11194928 _____ (SurfRight B.V.) C:\Users\Susanne\Downloads\HitmanPro_x64.exe
2014-10-13 04:24 - 2014-10-13 04:24 - 00000000 _____ () C:\autoexec.bat
2014-10-13 03:57 - 2014-10-13 03:58 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-10-08 03:58 - 2014-10-08 04:08 - 00000000 ___HD () C:\Users\Public\Temp
2014-10-04 00:45 - 2014-10-04 00:45 - 15197616 _____ (Ventis Media Inc. ) C:\Users\Susanne\Downloads\MediaMonkey_4.1.4.1709.exe
2014-10-03 00:11 - 2014-10-03 00:11 - 00001141 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Update.lnk
2014-10-02 23:30 - 2014-10-02 23:30 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-10-02 23:30 - 2014-10-02 23:30 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-10-02 23:30 - 2014-10-02 23:30 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-10-02 23:27 - 2014-10-02 23:27 - 00918952 _____ (Oracle Corporation) C:\Users\Susanne\Downloads\jxpiinstall(17).exe
2014-10-02 05:32 - 2014-10-02 05:32 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Susanne\Downloads\mbam-setup-2.0.2.1012(2).exe
2014-10-01 16:22 - 2014-09-25 04:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-10-01 16:22 - 2014-09-25 03:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-10-01 13:45 - 2013-06-12 14:10 - 00033512 _____ () C:\Windows\system32\Drivers\DasPtct.SYS
2014-10-01 13:43 - 2014-10-01 13:44 - 30543696 _____ (Panda Security ) C:\Users\Susanne\Downloads\PandaCloudCleaner.exe
2014-10-01 13:41 - 2014-10-21 16:29 - 00000000 ____D () C:\ProgramData\Spyware Terminator
2014-10-01 13:41 - 2014-10-01 13:41 - 00051496 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\stflt.sys
2014-10-01 13:41 - 2014-10-01 13:41 - 00001038 _____ () C:\Users\Public\Desktop\Spyware Terminator 2012.lnk
2014-10-01 13:41 - 2014-10-01 13:41 - 00000000 ____D () C:\Users\Susanne\AppData\Roaming\Spyware Terminator
2014-10-01 13:41 - 2014-10-01 13:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spyware Terminator 2012
2014-10-01 13:40 - 2014-10-17 18:14 - 00000000 ____D () C:\Program Files (x86)\Spyware Terminator
2014-10-01 13:39 - 2014-10-01 13:39 - 00937232 _____ (Crawler.com ) C:\Users\Susanne\Downloads\SpywareTerminatorSetup.exe
2014-10-01 13:34 - 2014-10-01 13:34 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Susanne\Downloads\mbam-setup-2.0.2.1012(1).exe
2014-09-25 22:02 - 2014-10-15 16:59 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox.bak
2014-09-24 23:26 - 2014-09-10 00:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-24 23:26 - 2014-09-09 23:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-09-23 20:59 - 2014-09-23 20:59 - 00000000 _____ () C:\Users\Susanne\Downloads\FAPEE45.tmp
2014-09-23 20:54 - 2014-09-23 20:54 - 00000000 _____ () C:\Users\Susanne\Downloads\FAP5973.tmp
2014-09-23 20:50 - 2014-09-23 20:50 - 00000000 _____ () C:\Users\Susanne\Downloads\FAP4E49.tmp
2014-09-23 20:44 - 2014-09-23 20:44 - 00000000 _____ () C:\Users\Susanne\Downloads\FAPEE2C.tmp
2014-09-23 20:39 - 2014-09-23 20:39 - 00000000 _____ () C:\Users\Susanne\Downloads\FAP4A7B.tmp
2014-09-23 20:39 - 2014-09-23 20:39 - 00000000 _____ () C:\Users\Susanne\Downloads\FAP3DFA.tmp
2014-09-23 20:37 - 2014-09-23 20:37 - 00000000 _____ () C:\Users\Susanne\Downloads\FAP272D.tmp
2014-09-23 20:35 - 2014-09-23 20:35 - 00000000 _____ () C:\Users\Susanne\Downloads\FAPE0D4.tmp
2014-09-23 20:35 - 2014-09-23 20:35 - 00000000 _____ () C:\Users\Susanne\Downloads\FAPCF25.tmp
2014-09-23 20:35 - 2014-09-23 20:35 - 00000000 _____ () C:\Users\Susanne\Downloads\FAP6A80.tmp
2014-09-23 20:24 - 2014-09-23 20:24 - 00000000 _____ () C:\Users\Susanne\Downloads\FAP1A45.tmp
2014-09-23 20:18 - 2014-09-23 20:18 - 00000000 _____ () C:\Users\Susanne\Downloads\FAP3E74.tmp
2014-09-23 20:01 - 2014-09-23 20:01 - 00000000 _____ () C:\Users\Susanne\Downloads\FAP5AB8.tmp
2014-09-23 19:57 - 2014-09-23 19:57 - 00000000 _____ () C:\Users\Susanne\Downloads\FAP7FF0.tmp

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-22 01:07 - 2014-07-23 03:43 - 01125626 _____ () C:\Windows\WindowsUpdate.log
2014-10-22 01:07 - 2013-03-06 22:19 - 00000000 ____D () C:\Users\Susanne\AppData\Roaming\NetSpeedMonitor
2014-10-22 01:06 - 2012-02-28 04:06 - 00000000 ____D () C:\Users\Susanne\AppData\Roaming\Spamihilator
2014-10-22 01:01 - 2014-09-08 15:27 - 00000000 _RSHD () C:\360SANDBOX
2014-10-22 01:01 - 2012-02-28 02:14 - 00000000 ____D () C:\Users\Susanne
2014-10-22 00:51 - 2009-07-14 06:45 - 00028624 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-22 00:51 - 2009-07-14 06:45 - 00028624 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-22 00:40 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-22 00:32 - 2012-03-01 22:33 - 00000000 ____D () C:\Users\Susanne\AppData\Local\CrashDumps
2014-10-22 00:20 - 2014-06-18 00:51 - 00000000 ____D () C:\Windows\system32\log
2014-10-22 00:20 - 2013-12-21 20:13 - 00000000 ____D () C:\AdwCleaner
2014-10-22 00:12 - 2014-09-11 22:36 - 00000000 __SHD () C:\ProgramData\360Quarant
2014-10-22 00:12 - 2014-09-11 18:10 - 00000000 __SHD () C:\$360Section
2014-10-21 23:55 - 2014-06-03 14:06 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-21 23:51 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-10-21 22:37 - 2014-06-03 14:05 - 00000787 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-10-21 22:37 - 2014-06-03 14:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-10-21 22:34 - 2012-08-11 03:52 - 00000936 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3723462230-206843849-3249284018-1000UA.job
2014-10-21 16:34 - 2012-08-11 03:52 - 00000914 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3723462230-206843849-3249284018-1000Core.job
2014-10-20 22:13 - 2013-12-23 01:51 - 00000000 ____D () C:\Users\Susanne\AppData\Roaming\Wise Care 365
2014-10-20 22:13 - 2013-02-09 18:50 - 00000000 ____D () C:\Users\Susanne\AppData\Roaming\MediaMonkey
2014-10-17 23:29 - 2014-09-08 15:27 - 00000000 ____D () C:\Windows\Tasks\360Disabled
2014-10-17 23:29 - 2013-12-23 01:52 - 00003080 _____ () C:\Windows\System32\Tasks\Wise Turbo Checker
2014-10-16 20:53 - 2014-05-19 16:25 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-10-15 18:58 - 2012-04-25 01:01 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-10-15 00:54 - 2013-05-02 11:51 - 00043064 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-10-15 00:54 - 2013-03-28 22:11 - 00131608 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-10-15 00:54 - 2013-03-28 22:11 - 00119272 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-10-15 00:47 - 2014-08-27 21:37 - 00000000 ____D () C:\Users\Susanne\AppData\Local\Adobe
2014-10-15 00:47 - 2012-04-04 16:14 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-10-15 00:47 - 2012-04-04 16:14 - 00003824 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-10-15 00:47 - 2012-02-28 01:32 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-10-14 23:03 - 2012-02-28 01:04 - 00700118 _____ () C:\Windows\system32\perfh007.dat
2014-10-14 23:03 - 2012-02-28 01:04 - 00149968 _____ () C:\Windows\system32\perfc007.dat
2014-10-14 23:03 - 2011-02-11 01:03 - 01596508 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-10-14 23:03 - 2009-07-14 07:13 - 01596508 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-14 22:59 - 2013-01-23 03:35 - 00000000 ____D () C:\Users\Susanne\AppData\Local\Abelssoft
2014-10-14 22:38 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-10-14 22:31 - 2014-04-22 20:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-10-14 22:31 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-10-14 22:31 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-10-14 22:23 - 2013-08-14 13:50 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-14 22:14 - 2012-02-28 05:29 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-10-14 18:46 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-10-14 18:46 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2014-10-14 18:45 - 2014-09-08 15:27 - 00000000 ____D () C:\ProgramData\360safe
2014-10-14 18:45 - 2012-12-24 02:36 - 00000000 ____D () C:\Users\Susanne\AppData\Roaming\IObit
2014-10-13 02:53 - 2014-09-08 15:34 - 00000000 __SHD () C:\Users\Susanne\AppData\Roaming\360Quarant
2014-10-08 04:49 - 2014-09-08 15:27 - 00000000 ____D () C:\Users\Susanne\AppData\Roaming\360safe
2014-10-08 04:10 - 2013-10-29 01:03 - 00001382 _____ () C:\Users\Susanne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-10-08 04:10 - 2012-02-28 03:12 - 00001283 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-10-08 04:10 - 2012-02-28 03:12 - 00001271 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-10-08 04:10 - 2012-02-28 02:16 - 00001643 _____ () C:\Users\Susanne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-10-08 03:58 - 2014-06-05 00:28 - 00000000 ____D () C:\ProgramData\Package Cache
2014-10-04 00:48 - 2013-02-09 18:50 - 00000742 _____ () C:\Users\Public\Desktop\MediaMonkey.lnk
2014-10-04 00:48 - 2013-02-09 18:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MediaMonkey
2014-10-03 03:34 - 2012-02-28 02:25 - 00000000 ____D () C:\Update
2014-10-03 03:27 - 2014-09-14 02:10 - 00000000 ____D () C:\Windows\Temp083112BD-D59E-8962-B4C4-F089FCBF1BD7-Signatures
2014-10-03 03:27 - 2012-02-28 01:22 - 00000000 ____D () C:\temp
2014-10-03 00:11 - 2012-02-28 01:28 - 00000000 ____D () C:\Windows\System32\Tasks\Sony Corporation
2014-10-03 00:11 - 2012-02-28 01:06 - 00000000 ____D () C:\ProgramData\Sony Corporation
2014-10-03 00:10 - 2012-02-28 01:16 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-10-03 00:10 - 2012-02-28 01:06 - 00000000 ____D () C:\Program Files\Sony
2014-10-02 23:31 - 2013-09-26 13:13 - 00000000 ____D () C:\ProgramData\Oracle
2014-10-02 23:30 - 2014-08-11 15:49 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-10-01 15:52 - 2012-02-29 03:40 - 00000000 ____D () C:\Users\Susanne\AppData\Roaming\SoftGrid Client
2014-10-01 11:11 - 2014-06-03 14:05 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-10-01 11:11 - 2014-06-03 14:05 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-10-01 11:11 - 2014-06-03 14:05 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-09-27 03:14 - 2013-04-27 03:19 - 00000000 ____D () C:\Users\Susanne\AppData\Roaming\DVDVideoSoft
2014-09-22 08:42 - 2010-11-21 05:27 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

Files to move or delete:
====================
C:\Users\Susanne\fbchathistory.dat


Some content of TEMP:
====================
C:\Users\Susanne\AppData\Local\Temp\avgnt.exe
C:\Users\Susanne\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-02 18:34

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---


Hi,
gestern ist der Rechner fast wieder normal gelaufen und heute gehen immer wieder irgenwelche neue Seiten auf. Gerade war es ein Tuneup-Angebot. Vorher etwas das den PC schneller machen soll, ein Gratis-Scan etc. Auf den geöffneten Seiten blenden sich jetzt auch oft Werbefenster ein, die ich halt dann wieder weggeklickt habe.
Das ist irgendwie was hartnäckiges.........

Jetzt muss ich nochmal bitte was fragen, plötzlich läuft die ganze Zeit das Gebläse. Ist das normal? Kann ich das irgendwo wieder abschalten?

Alt 23.10.2014, 19:42   #10
schrauber
/// the machine
/// TB-Ausbilder
 

Pepper zip - Standard

Pepper zip



In welchem Browser kommt das?

Deinstalliere Spyware Terminator und 360 Security.


ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 23.10.2014, 21:14   #11
Merline
 
Pepper zip - Standard

Pepper zip



Ich nutze den Firefox. Gestern bzw. heute in den frühen Morgenstunden ist mir der Rechner abgestürzt. Er zeigte so einen blauen Bildschirm. Hat auch neu gestartet, aber wollte nicht mehr hochfahren. Dann ging das auf so ein Starthilfeprogramm, das angab, dass die Probleme nichht behoben werden können. Ich hab den Rechner dann ausgeschaltet und ein paar Stunden später wieder gestartet, dann ging es wieder. Jetzt muss ich den Rechner auch neu starten nach den beiden Deinstallationen und hoffe, dass er wieder hochfährt.
Irgendwas stimmt auch nicht mit Java, da wurde was eingeblendet, aber ich kenne mich nicht so toll aus, wenn der PC krank ist. Vielleicht kann ich wegen dem Java nicht mehr so gut über den Rechner Fernsehen.......

Alt 24.10.2014, 16:39   #12
schrauber
/// the machine
/// TB-Ausbilder
 

Pepper zip - Standard

Pepper zip



Mach mal obiges. Dann:

Revo Uninstaller - Download - Filepony
damit Firefox deinstallieren, keine Daten behalten, Reste entfernen lassen, neu installieren.

Dann:
https://support.mozilla.org/de/kb/fi...einfach-loesen
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 24.10.2014, 19:55   #13
Merline
 
Pepper zip - Standard

Pepper zip



Ich weiß. dass ich nervig bin, aber das kann ich nicht finden und wenn ich auch noch so danach suche:

C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten. Der Eset-Scanner ha angegeben dass der schon mal gelaufen ist und ich habe es gefunden, das muss irgendwann im Juni gewesen sein. Warum das so war weiß ich allerdings nicht mehr.

Den Firefox möchte ich bitte wenn es irgendwie geht nicht mit allen Daten löschen, ich hab da ganz viele Lesezeichen gesetzt, die ich auch beruflich brauche und vor allem über Last Pass alle meine Passwörter gesichert. Kann ich das bitte umgehen?

Vielleicht ist das ja die Log-Datei:FRST Additions Logfile:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-10-2014 01
Ran by Susanne at 2014-10-19 21:21:18
Running from C:\Users\Susanne\DOWNLOADS
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AV: 360 Total Security (Disabled - Up to date) {2B66EE1E-E5C8-C2F7-648F-4E55AC68D37D}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: 360 Total Security (Disabled - Up to date) {90070FFA-C3F2-CD79-5E3F-7527D7EF99C0}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

1-abc.net Drive Space Organizer (Remove only) (HKLM-x32\...\1-abc.net Drive Space Organizer) (Version:  - )
2.01 (HKLM-x32\...\Vollversion 2.01 Fix-Anzeiger_is1) (Version:  - Michael Zinke-Trentsch)
360 Total Security (HKLM-x32\...\360TotalSecurity) (Version: 5.0.0.2001 - 360 Security Center)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
ActiveX контрола на Windows Live Mesh за отдалечени връзки (HKLM-x32\...\{B3BA4D1C-23EF-4859-9C11-1B2CCB7FADBB}) (Version: 15.4.5722.2 - Microsoft Corporation)
ActiveX-kontroll för fjärranslutningar för Windows Live Mesh (HKLM-x32\...\{376D59B1-42D9-4FA2-B6CC-E346B6BE14F5}) (Version: 15.4.5722.2 - Microsoft Corporation)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.7.0.19460 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 2.7.0.19460 - Adobe Systems Incorporated) Hidden
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.2.1.650 - Adobe Systems Incorporated)
Adobe Community Help (x32 Version: 3.2.1 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.189 - Adobe Systems Incorporated)
Adobe Photoshop Elements 9 (HKLM-x32\...\Adobe Photoshop Elements 9) (Version: 9.0 - Adobe Systems Incorporated)
Adobe Photoshop Elements 9 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Playpanel (HKLM-x32\...\{69967F97-E880-44B9-8383-5278BBC8809B}) (Version: 1.3.0.33 - Adobe Systems Incorporated)
Adobe Premiere Elements 9 (HKLM-x32\...\PremElem90) (Version: 9.0 - Adobe Systems Incorporated)
Adobe Premiere Elements 9 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.)
Advanced SystemCare 6 (HKLM-x32\...\Advanced SystemCare 6_is1) (Version: 6.0 - IObit)
Amazon Cloud Player (HKCU\...\Amazon Amazon Cloud Player) (Version: 2.3.0.422 - Amazon Services LLC)
AMD APP SDK Runtime (Version: 2.4.595.10 - Advanced Micro Devices Inc.) Hidden
AniFX 1.0 (HKLM-x32\...\AniFX_is1) (Version:  - )
AnVir Task Manager (HKLM-x32\...\AnVir Task Manager) (Version:  - AnVir Software)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft Magic-i Visual Effects 2 (HKLM-x32\...\{B1893E3F-9BDF-443F-BED0-1AAA2D9E0D68}) (Version: 2.0.149 - ArcSoft)
ArcSoft WebCam Companion 4 (HKLM-x32\...\{B77DE05C-7C84-4011-B93F-A29D0D2840F4}) (Version: 4.0.444 - ArcSoft)
Ashampoo WinOptimizer 10 v.10.2.6 (HKLM-x32\...\{4209F371-88D4-AB00-ED2B-D6520C84D9D5}_is1) (Version: 10.02.06 - Ashampoo GmbH & Co. KG)
Ashampoo WinOptimizer 2013 v.1.0.0 (HKLM-x32\...\{4209F371-7B85-60AD-E5CE-E4409D39E3DE}_is1) (Version: 1.00.00 - Ashampoo GmbH & Co. KG)
Ashampoo WinOptimizer 8 v.8.14.00 (HKLM-x32\...\{4209F371-4927-659B-6665-F7524E53AE40}_is1) (Version: 8.14.00 - Ashampoo GmbH & Co. KG)
ATI Catalyst Install Manager (HKLM\...\{E34DB4F2-8F02-EBB7-7E42-28B8986A7850}) (Version: 3.0.825.0 - ATI Technologies, Inc.)
Audials (HKLM-x32\...\{2E5052A2-8E3D-4229-A5EB-2465B260D917}) (Version: 8.0.54900.0 - RapidSolution Software AG)
Audials (HKLM-x32\...\{8ABEEC21-B23C-4610-B57A-BE94345D4096}) (Version: 9.0.57913.1300 - RapidSolution Software AG)
Audials TV (HKLM-x32\...\{24EE4523-711A-4BD1-95EA-F73A8A6950D3}) (Version: 1.3.10803.300 - RapidSolution Software AG)
Autostart-Manager (HKLM-x32\...\{5C2C73F6-CE73-4A01-868E-7045B7805334}) (Version: 6.02.0000 - Wirth IT Design )
Avira (HKLM-x32\...\{df495620-2ba9-412d-828d-b27f020d9fc8}) (Version: 1.1.18.28431 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.18.28431 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.7.306 - Avira)
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.04.000.82 - Atheros Communications)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center (x32 Version: 2011.0630.809.12749 - Ihr Firmenname) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2011.0630.809.12749 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2011.0630.809.12749 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2011.0630.809.12749 - ATI) Hidden
Catalyst Control Center Profiles Mobile (x32 Version: 2011.0630.809.12749 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2011.0630.0808.12749 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2011.0630.0808.12749 - ATI) Hidden
CCC Help Czech (x32 Version: 2011.0630.0808.12749 - ATI) Hidden
CCC Help Danish (x32 Version: 2011.0630.0808.12749 - ATI) Hidden
CCC Help Dutch (x32 Version: 2011.0630.0808.12749 - ATI) Hidden
CCC Help English (x32 Version: 2011.0630.0808.12749 - ATI) Hidden
CCC Help Finnish (x32 Version: 2011.0630.0808.12749 - ATI) Hidden
CCC Help French (x32 Version: 2011.0630.0808.12749 - ATI) Hidden
CCC Help German (x32 Version: 2011.0630.0808.12749 - ATI) Hidden
CCC Help Greek (x32 Version: 2011.0630.0808.12749 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2011.0630.0808.12749 - ATI) Hidden
CCC Help Italian (x32 Version: 2011.0630.0808.12749 - ATI) Hidden
CCC Help Japanese (x32 Version: 2011.0630.0808.12749 - ATI) Hidden
CCC Help Korean (x32 Version: 2011.0630.0808.12749 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2011.0630.0808.12749 - ATI) Hidden
CCC Help Polish (x32 Version: 2011.0630.0808.12749 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2011.0630.0808.12749 - ATI) Hidden
CCC Help Russian (x32 Version: 2011.0630.0808.12749 - ATI) Hidden
CCC Help Spanish (x32 Version: 2011.0630.0808.12749 - ATI) Hidden
CCC Help Swedish (x32 Version: 2011.0630.0808.12749 - ATI) Hidden
CCC Help Thai (x32 Version: 2011.0630.0808.12749 - ATI) Hidden
CCC Help Turkish (x32 Version: 2011.0630.0808.12749 - ATI) Hidden
ccc-utility64 (Version: 2011.0630.809.12749 - ATI) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.13 - Piriform)
CHIP Updater (HKLM-x32\...\CHIP Updater_is1) (Version: 2.33 - Abelssoft)
CloudScout (x32 Version: 1.0.0.1 - CloudGuard) Hidden
concept/design Video Jukebox (HKLM-x32\...\{37569A10-CB38-4615-8B32-0BF9FF5D887D}_is1) (Version: 1.3.0.0 - concept/design GmbH)
Control ActiveX Windows Live Mesh pentru conexiuni la distanță (HKLM-x32\...\{260E3D78-94E6-47EC-8E29-46301572BB1E}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (HKLM-x32\...\{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}) (Version: 15.4.5722.2 - Microsoft Corporation)
CPUID CPU-Z 1.69.2 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
CrystalDiskInfo 6.2.1 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.2.1 - Crystal Dew World)
CursorFX (HKLM-x32\...\CursorFX) (Version: 2.13 - Stardock Corporation)
CursorFX (HKLM-x32\...\CursorFX2.11) (Version: 2.11 - Stardock Corporation)
CursorMania Toolbar (HKLM-x32\...\CursorMania_7lbar Uninstall) (Version:  - Mindspark Interactive Network) <==== ATTENTION
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DC-Bass Source 1.3.0 (HKLM-x32\...\DC-Bass Source) (Version:  - )
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.8 - DivX, LLC)
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.7000.6 - Dolby Laboratories Inc)
Driver Booster (HKLM-x32\...\Driver Booster_is1) (Version: 1.5 - IObit)
EasyCleaner (HKLM-x32\...\{F5346614-B7C4-4E94-826A-E2363155233D}) (Version: 2.0.6.380 - )
eJuice Me Up (HKLM-x32\...\{28107FBC-832A-4E18-9C9D-4E771B441F69}) (Version: 10.5.0.0 - Breaktru Software)
Elements 9 Organizer (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Elements STI Installer (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Evernote v. 4.4 (HKLM-x32\...\{F761359C-9CED-45AE-9A51-9D6605CD55C4}) (Version: 4.4.0.4848 - Evernote Corp.)
Facebook Messenger 2.1.4814.0 (HKLM-x32\...\{7204BDEE-1A48-4D95-A964-44A9250B439E}) (Version: 2.1.4814.0 - Facebook)
FaceFilter Studio 2 (HKLM-x32\...\{F59205C8-E5FB-43F5-AAB2-16C1760D4F59}) (Version: 2.0 - Reallusion)
FeedDemon (HKLM-x32\...\FeedDemon_is1) (Version: 4.1.0.0 - NewsGator Technologies, Inc.)
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych (HKLM-x32\...\{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}) (Version: 15.4.5722.2 - Microsoft Corporation)
FRANZIS onlineTV 8 (HKLM-x32\...\{CBC88F0E-1960-4AC3-8C38-8BAD44E3F6E3}_is1) (Version: 8.5.0.10 - FRANZIS Verlag GmbH)
Free Internet Tuner v1.0.0.0 (HKLM-x32\...\Free Internet Tuner_is1) (Version: 1.0.0.0 - FreeInternetTuner.com)
Free Registry Tuner v1.0.0.6 (HKLM-x32\...\Free Registry Tuner_is1) (Version: 1.0.0.6 - FreeRegistryTuner.com)
Free Studio version 2013 (HKLM-x32\...\Free Studio_is1) (Version: 6.1.1.426 - DVDVideoSoft Ltd.)
Free Windows Tuner v2.0.0.6 (HKLM-x32\...\Free Windows Tuner_is1) (Version: 2.0.0.6 - FreeWindowsTuner.com)
Free YouTube to iPhone Converter version 2.12.2.426 (HKLM-x32\...\Free YouTube to iPhone Converter_is1) (Version: 2.12.2.426 - DVDVideoSoft Ltd.)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
GIMP 2.6.12 (HKLM-x32\...\WinGimp-2.0_is1) (Version: 2.6.12 - The GIMP Team)
Glary Utilities 4.1 (HKLM-x32\...\Glary Utilities 4) (Version: 4.1.0.61 - Glarysoft Ltd)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version:  - )
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.225 - SurfRight B.V.)
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
IncrediMail (x32 Version: 6.3.9.5260 - IncrediMail) Hidden
IncrediMail 2.0 (HKLM-x32\...\IncrediMail) (Version: 6.3.9.5260 - IncrediMail Ltd.)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Display Audio Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 6.14.00.3074 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.5.0.1026 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.35 - Irfan Skiljan)
iTunes (HKLM\...\{33E28B58-7BA0-47B7-AA01-9225ABA2B8A9}) (Version: 11.3.0.54 - Apple Inc.)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
K-Lite Codec Pack 6.0.4 (Basic) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 6.0.4 - )
LastPass(Nur deinstallieren) (HKLM-x32\...\LastPass) (Version:  - LastPass)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Media Gallery (Version: 1.5.0.17250 - Your Company Name) Hidden
Media Go (HKLM-x32\...\{362AB21A-E2C4-40CE-81C2-8C4D62B0635A}) (Version: 2.4.256 - Sony)
Media Go Video Playback Engine 1.116.108.02030 (HKLM-x32\...\{54215B8A-6212-8DB8-39B4-98EE2BB98BD1}) (Version: 1.116.108.02030 - Sony)
MediaMonkey 4.1 (HKLM-x32\...\MediaMonkey_is1) (Version: 4.1 - Ventis Media Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Antimalware Service DE-DE Language Pack (Version: 3.0.8402.2 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Fix it Center (HKLM\...\{B7588D45-AFDC-4C93-9E2E-A100F3554B64}) (Version: 1.0.0100 - Microsoft Corporation)
Microsoft Office 365 Home Premium - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 15.0.4569.1508 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Security Client (Version: 4.6.0305.0 - Microsoft Corporation) Hidden
Microsoft Security Client DE-DE Language Pack (Version: 2.1.1116.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 17.0.2003.1112 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Mozilla Firefox 33.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 33.0 (x86 de)) (Version: 33.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
NetSpeedMonitor 2.5.4.0 x64 (HKLM\...\{88F41EE2-949B-4B52-933D-C7F8F67BC1D2}) (Version: 2.5.4.0 - Florian Gilles)
Numerus Mystikos Version 1.0 (HKLM-x32\...\{A3B18492-11B6-4345-BEAA-2B6A67F4AB7B}_is1) (Version: 1.0 - Angelina Schulze Verlag)
Nur Entfernen der CopyTrans Suite möglich (HKCU\...\CopyTrans Suite) (Version: 2.37 - WindSolutions)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4569.1508 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4569.1508 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4569.1508 - Microsoft Corporation) Hidden
OpenOffice 4.0.0 (HKLM-x32\...\{B28DBCBA-60F8-40ED-B35B-F510C327946C}) (Version: 4.00.9702 - Apache Software Foundation)
OpenSource Flash Video Splitter 1.0.0.5 (HKLM-x32\...\OpenSource Flash Video Splitter) (Version: 1.0.0.5 - )
Orphalese Tarot (HKLM-x32\...\{BFC1259A-0CAF-4EAE-9513-06F180BDF0C9}) (Version: 9.0 - Orphalese Data Solution Ltd.)
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM-x32\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia (HKLM-x32\...\{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}) (Version: 15.4.5722.2 - Microsoft Corporation)
Panda Cloud Cleaner (HKLM-x32\...\{92B2B132-C7F0-43DC-921A-4493C04F78A4}_is1) (Version: 1.0.68 - Panda Security)
PepperZip 1.0 (HKLM-x32\...\PepperZip) (Version: 1.0 - PepperWare Co.) <==== ATTENTION
Photo Notifier and Animation Creator (x32 Version: 1.0.0.1009 - Ihr Firmenname) Hidden
Photomizer (HKLM-x32\...\{A00F8237-F496-44D2-0001-E3CCF8CD58AE}) (Version: 1.3.12.723 - Engelmann Media GmbH)
PlayMemories Home Plug-in (Version: 2.0.00.14170 - Sony Corporation) Hidden
PlayMemories Home/PMB VAIO Edition Plug-in 3D Theme Data (x32 Version: 1.0.00.16130 - Sony Corporation) Hidden
PlayMemories Home/PMB VAIO Edition Plug-in Ver.2.2 Upgrade Program (x32 Version: 2.2.00.18250 - Sony Corporation) Hidden
PlayStation(R)Network Downloader (HKLM-x32\...\{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}) (Version: 2.07.00849 - Sony Computer Entertainment Inc.)
PlayStation(R)Store (HKLM-x32\...\{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}) (Version: 4.14.6.15183 - Sony Computer Entertainment Inc.)
Plus500 (HKLM-x32\...\Plus500) (Version:  - )
PMB (HKLM-x32\...\{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}) (Version: 5.6.01.03300 - Sony Corporation)
PMB VAIO Edition Guide (x32 Version: 1.6.00.06030 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (x32 Version: 1.6.00.06010 - Sony Corporation) Hidden
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Qualcomm Atheros Direct Connect (x32 Version: 3.0 - Qualcomm Atheros) Hidden
Quick Web Access (HKLM-x32\...\splashtop) (Version: 1.4.7.2 - Sony Corporation)
Quick Web Access (x32 Version: 1.4.7.2 - Sony Corporation) Hidden
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6602 - Realtek Semiconductor Corp.)
Reg Organizer version 6.31 (HKLM-x32\...\Reg Organizer_is1) (Version: 6.31 - ChemTable Software)
Remote Keyboard (x32 Version: 1.1.1.07060 - Sony Corporation) Hidden
Remote Play with PlayStation 3 (x32 Version: 1.1.0.15072 - Sony Corporation) Hidden
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.32.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.32.0 - Renesas Electronics Corporation) Hidden
Schoener Fernsehen 0.0.0.1 (HKLM-x32\...\Schoener Fernsehen) (Version: 0.0.0.1 - © schoener-fernsehen.com)
Schriftenbibliothek (HKLM-x32\...\Schriftenbibliothek_is1) (Version:  - )
Screen Recording Suite V2.5.0 (HKLM-x32\...\{EB9F3F92-4857-4121-AA6F-1C424AC6C266}_is1) (Version: 2.5.0 - Apowersoft)
SecondLifeViewer (remove only) (HKLM-x32\...\SecondLifeViewer) (Version:  - )
SIW 2013 Home Edition (HKLM-x32\...\{AB67580-257C-45FF-B8F4-C8C30682091A}_is1) (Version: 2013.05.14 - Topala Software Solutions)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
SmartSound Quicktracks for Premiere Elements 9.0 (HKLM-x32\...\InstallShield_{6748E773-5DA0-4D19-8AA5-273B4133A09B}) (Version: 3.12.3090 - SmartSound Software Inc)
SmartSound Quicktracks for Premiere Elements 9.0 (x32 Version: 3.12.3090 - SmartSound Software Inc) Hidden
Sony Corporation (Version: 1.0.0 - Default Company Name) Hidden
Spamihilator 1.5.0 (64-Bit) (HKLM\...\{A0D450C6-07C4-40C7-8D2B-840565E91987}) (Version: 1.5.0 - Michel Krämer)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Spotify (HKCU\...\Spotify) (Version: 0.9.0.128.g3134f863 - Spotify AB)
Spyware Terminator 2012 (HKLM-x32\...\{56736259-613E-4A3B-B428-6235F2E76F44}_is1) (Version: 3.0.0.82 - Crawler, LLC)
SSLx64 (Version: 1.0.0 - Sony Corporation ) Hidden
SSLx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.2.6.0 - Synaptics Incorporated)
Tarot Office 1.1 (HKLM-x32\...\ST6UNST #1) (Version:  - )
Total Video Converter 3.71 100812 (HKLM-x32\...\Total Video Converter 3.71_is1) (Version:  - EffectMatrix Inc.)
TubeBox (HKLM-x32\...\{dfba3ed5-70d7-4801-8429-7e77a5fb11ea}) (Version: 5.0.0.0 - Freetec)
TubeBox (x32 Version: 5.0.0.0 - Freetec) Hidden
TuneUp Utilities Language Pack (de-DE) (x32 Version: 12.0.3600.73 - TuneUp Software) Hidden
Typograf 5.1f (HKLM-x32\...\Typograf) (Version: 5.1f - Neuber Software)
Uzak Bağlantılar İçin Windows Live Mesh ActiveX Denetimi (HKLM-x32\...\{241E7104-937A-4366-AD57-8FDDDB003939}) (Version: 15.4.5722.2 - Microsoft Corporation)
VAIO - Media Gallery (HKLM-x32\...\{FA870BF1-44A1-4B7D-93E1-C101369AF0C1}) (Version: 1.5.0.18100 - Sony Corporation)
VAIO - PlayMemories Home Plug-in (HKLM-x32\...\InstallShield_{F9395F3D-4198-476C-8C41-63D0B5B51E35}) (Version: 2.2.00.18250 - Sony Corporation)
VAIO - PMB VAIO Edition Guide (HKLM-x32\...\InstallShield_{66081CDD-C1FE-415F-BB3A-F2622BA27461}) (Version: 1.6.00.06030 - Sony Corporation)
VAIO - Remote Play mit PlayStation®3 (HKLM-x32\...\{07441A52-E208-478A-92B7-5C337CA8C131}) (Version: 1.1.0.15072 - Sony Corporation)
VAIO - Remote-Tastatur  (HKLM-x32\...\{7396FB15-9AB4-4B78-BDD8-24A9C15D2C65}) (Version: 1.1.0.07060 - Sony Corporation)
VAIO Care (HKLM\...\{4D95D095-8C6F-4357-BDD8-27E295F37FB1}) (Version: 7.3.1.05290 - Sony Corporation)
VAIO Control Center (HKLM-x32\...\{8E797841-A110-41FD-B17A-3ABC0641187A}) (Version: 5.0.0.07070 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.7.0.05270 - Sony Corporation)
VAIO Data Restore Tool (x32 Version: 1.7.0.05270 - Sony Corporation) Hidden
VAIO Easy Connect (HKLM-x32\...\InstallShield_{7C80D30A-AC02-4E3F-B95D-29F0E4FF937B}) (Version: 1.1.2.01120 - Sony Corporation)
VAIO Easy Connect (x32 Version: 1.1.2.01120 - Sony Corporation) Hidden
VAIO Gate (HKLM-x32\...\{A7C30414-2382-4086-B0D6-01A88ABA21C3}) (Version: 2.4.2.02200 - Sony Corporation)
VAIO Gate Default (HKLM-x32\...\{B7546697-2A80-4256-A24B-1C33163F535B}) (Version: 2.5.0.07080 - Sony Corporation)
VAIO Hero Screensaver - Fall 2011 Screensaver (HKLM-x32\...\VAIO Hero Screensaver - Fall 2011 Screensaver) (Version:  - )
VAIO Improvement (HKLM-x32\...\{3A26D9BD-0F73-432D-B522-2BA18138F7EF}) (Version: 1.1.0.06030 - Sony Corporation)
VAIO Improvement Validation (HKLM\...\{75C95C84-264F-4CC7-8A7E-346444E6C7C1}) (Version: 1.0.4.01190 - Sony Corporation)
VAIO Sample Contents (HKLM-x32\...\{547C9EB4-4CA6-402F-9D1B-8BD30DC71E44}) (Version: 1.4.2.09010 - Sony Corporation)
VAIO Smart Network (HKLM-x32\...\{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}) (Version: 3.8.1.08270 - Sony Corporation)
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.0.1.02280 - Sony Corporation)
VAIO-Handbuch (HKLM-x32\...\{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}) (Version: 1.4.0.05310 - Sony Corporation)
VAIO-Support für Übertragungen (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.4.0.14230 - Sony Corporation)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VCCx64 (Version: 1.0.0 - Sony Corporation) Hidden
VCCx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VGClientX64 (Version: 1.0.0 - Sony Corporation) Hidden
VGClientX86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VHD (x32 Version: 1.0.0 - Sony Corporation) Hidden
Video Download Converter version 1.0.0.0 (HKLM-x32\...\VDC_is1) (Version: 1.0.0.0 - ) <==== ATTENTION
Video-Saver (HKLM-x32\...\f22187b0-6c9e-44b9-a107-987fcc360c64) (Version:  - Video-Saver Soft)
VIx64 (Version: 1.0.0 - Sony Corporation) Hidden
VIx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VLC media player 2.0.0 (HKLM-x32\...\VLC media player) (Version: 2.0.0 - VideoLAN)
VPMx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VSNx64 (Version: 1.0.0 - Sony Corporation) Hidden
VSNx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VU5x64 (Version: 1.1.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.1.0 - Sony Corporation ) Hidden
VWSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogaléria (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalleri (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotoğraf Galerisi (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotótár (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Корпорація Майкрософт) Hidden
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-kontroll for eksterne tilkoblinger (HKLM-x32\...\{09B7C7EB-3140-4B5E-842F-9C79A7137139}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-objekt til fjernforbindelser (HKLM-x32\...\{57220148-3B2B-412A-A2E0-82B9DF423696}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz (HKLM-x32\...\{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Meshin etäyhteyksien ActiveX-komponentti (HKLM-x32\...\{4CF6F287-5121-483C-A5A2-07BDE19D8B4E}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Корпорація Майкрософт) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Temel Parçalar (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven asennustyökalu (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven sähköposti (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven valokuvavalikoima (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Wise Care 365 Version 2.92 (HKLM-x32\...\{E864A1C8-EEE1-47D0-A7F8-00CC86D26D5E}_is1) (Version: 3.1.6 - WiseCleaner.com, Inc.)
YouTube Song Downloader (HKLM-x32\...\{4281435C-AD1D-4C8A-B9C0-3961C11EF142}_is1) (Version: 8.2 - Abelssoft)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основи Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотоколекція Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3723462230-206843849-3249284018-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Susanne\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3723462230-206843849-3249284018-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Susanne\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3723462230-206843849-3249284018-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Susanne\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3723462230-206843849-3249284018-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Susanne\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3723462230-206843849-3249284018-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Susanne\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points  =========================

15-10-2014 14:34:29 Prüfpunkt von HitmanPro
15-10-2014 17:13:54 Prüfpunkt von HitmanPro
15-10-2014 20:11:29 Prüfpunkt von HitmanPro
16-10-2014 13:14:42 Prüfpunkt von HitmanPro
17-10-2014 01:12:34 Prüfpunkt von HitmanPro
17-10-2014 22:22:21 Prüfpunkt von HitmanPro
18-10-2014 18:48:17 Windows Update
19-10-2014 15:01:37 Prüfpunkt von HitmanPro

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {00100451-4915-4BFC-9A66-860E7EEBBFE6} - System32\Tasks\Sony Corporation\VAIO Personalization Manager\VpmLM Task Music Susanne => C:\Program Files\Sony\VAIO Personalization Manager\VpmLM.exe [2011-02-08] (Sony Corporation)
Task: {018BEE90-BC4B-4039-A8D7-A6AF53599C86} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2011-06-03] (Sony Corporation)
Task: {01D3B376-BD66-496B-9F61-A0BCE3E08FDE} - System32\Tasks\Sony Corporation\VAIO Power Management\VPM Session Change => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2011-05-31] (Sony Corporation)
Task: {03A6420F-BADE-4783-88B5-084E135F40EE} - \Omiga Plus RunAsStdUser No Task File <==== ATTENTION
Task: {04459E68-1D4D-4E22-8E30-FD726DB2609B} - System32\Tasks\RegOrganizerQuickLaunch => C:\Program Files (x86)\Reg Organizer\RegOrganizer.exe [2013-11-29] (ChemTable Software)
Task: {074DE514-7EDE-4B88-AA3D-A4C51DED0449} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-07-25] (Oracle Corporation)
Task: {0C7C9878-B2D6-4638-A33A-FA204577976D} - \Desk 365 RunAsStdUser No Task File <==== ATTENTION
Task: {0E383AD7-ADFA-458D-AF6A-B771E926457F} - System32\Tasks\Wise Care 365 PC Checkup Task => I:\Program Files (x86)\Wise\Wise Care 365\WiseCare365.exe [2014-07-07] (WiseCleaner.com)
Task: {1073D293-EC3E-4C1E-A0D4-ECDDA578B705} - \Driver Booster Update No Task File <==== ATTENTION
Task: {215B20E7-C7D7-4DB7-9B13-E35DE0E66CF0} - System32\Tasks\Sony Corporation\VAIO Smart Network\VSN Logon Start => C:\Program Files\Sony\VAIO Smart Network\VSNClient
Task: {2CB21669-F34B-4AA2-A9C1-09B79AC02097} - System32\Tasks\Sony Corporation\VAIO Improvement Validation\VAIO Improvement Validation => C:\Program Files\Sony\VAIO Improvement Validation\viv.exe [2011-01-20] (Sony Corporation)
Task: {34E17C3B-99BB-463E-82A1-6AF941E1A7BB} - \globalUpdateUpdateTaskMachineCore No Task File <==== ATTENTION
Task: {3A580C90-A7E9-44BD-AB1E-77496A0D3306} - System32\Tasks\Driver Booster SkipUAC (Susanne) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2014-08-06] (IObit)
Task: {4D99A1F7-F2CE-4274-A07C-C7F74C21CFBB} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {500E000B-82F9-4F20-A7E4-9F92216B25CF} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {5201EBE1-486F-4238-836F-3AAAC53567F9} - System32\Tasks\CrystalDiskInfo => I:\Program Files (x86)\CrystalDiskInfo\DiskInfo.exe
Task: {61B9E396-316A-42BC-B440-01355CE6CE16} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-23] (Google Inc.)
Task: {62A441C1-2D0B-417F-96A3-B100AB067F71} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2014-02-28] (Sony Corporation)
Task: {64F717B0-8B4F-4EA2-B949-3C3F9B9DA765} - System32\Tasks\Abelssoft\Updater scan => C:\PROGRAM FILES (X86)\CHIP UPDATER\CHIPUPDATER.EXE [2014-09-19] (CHIP)
Task: {790336FF-148A-4A7B-BE94-9E0FB12557E7} - System32\Tasks\Sony Corporation\VAIO Power Management\VPM Logon Start => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2011-05-31] (Sony Corporation)
Task: {7962B592-B1E5-45CB-B50E-D6104326510C} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-03-21] (Microsoft Corporation)
Task: {7970B1D3-0BBC-4578-8A91-B84BB4BF9283} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21] (Adobe Systems Incorporated)
Task: {7EB3FB41-6CFF-4B06-890D-E6A5D60555FB} - \DigitalSite No Task File <==== ATTENTION
Task: {83256664-CBC8-46FC-B0DD-9F295E13F1AB} - System32\Tasks\Sony Corporation\VAIO Gate\StartExecuteProxy => C:\Program Files\Sony\VAIO Gate\ExecutionProxy.exe [2012-02-20] (Sony Corporation)
Task: {8C1E3425-3F93-4340-B506-C7194F25E500} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe <==== ATTENTION
Task: {9081B203-D24A-4CDD-8008-60703AC8F3A5} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3723462230-206843849-3249284018-1000Core => C:\Users\Susanne\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-08-03] (Facebook Inc.)
Task: {91CCAD29-D235-4B0B-BD8A-B264FE798C2F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-23] (Google Inc.)
Task: {9C9E4051-E38A-45C3-A759-9B8427BF90F7} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2014-03-01] (Sony Corporation)
Task: {A1D60D55-A6B8-401B-BC05-2938E02DF2F2} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => d:\program files\windows defender\MpCmdRun.exe
Task: {A27ED53A-EEA7-4A3B-A551-E83ED75A4E51} - System32\Tasks\Driver Booster Scan => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [2014-08-01] (IObit)
Task: {A2BE4CBE-A878-404E-9059-2222C0E555E3} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Month => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2011-07-07] (Sony Corporation)
Task: {AC472EA5-8AEE-43FC-A4BA-B3251E92492A} - System32\Tasks\Wise Turbo Checker => I:\Program Files (x86)\Wise\Wise Care 365\WiseTurbo.exe [2014-06-23] (WiseCleaner.COM)
Task: {AEE57DB0-EA87-47F6-BFCD-26295E888FEF} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2013-11-20] (Apple Inc.)
Task: {B7D7E8A0-48CC-4250-95AE-224D1260FDB4} - \Scheduled Update for Ask Toolbar No Task File <==== ATTENTION
Task: {C31F665D-01D7-4D23-AC3A-8F67758577C9} - \RegClean Pro No Task File <==== ATTENTION
Task: {C32719A0-8205-4911-9BD2-CD93052D7A94} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Daily => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2011-07-07] (Sony Corporation)
Task: {CD885DEB-8331-4278-885E-4BED39A27009} - \ASP No Task File <==== ATTENTION
Task: {CDD4EE34-722B-4F3C-8C7F-F71B7EF11E6C} - System32\Tasks\Sony Corporation\Sony Home Network Library\SOHLib TaskTray => C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe [2011-02-23] (Sony Corporation)
Task: {CE89EE4D-4EA1-4468-A75B-858E89B10847} - System32\Tasks\AnVir Task Manager => I:\Program Files (x86)\AnVir Task Manager\anvir.exe [2013-12-04] (AnVir Software)
Task: {D2E2F10D-72DB-48BC-9FA4-4E48DD157597} - System32\Tasks\GlaryInitialize 4 => I:\Program Files (x86)\Glary Utilities 4\Initialize.exe [2013-12-04] (Glarysoft Ltd)
Task: {D5F7FBFD-E89C-4C48-BD7F-D028A5DFCF3A} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2012-02-20] (Sony Corporation)
Task: {D7D8B0DE-B04F-44EB-A171-01DA1D0B550E} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate Restart => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2012-02-20] (Sony Corporation)
Task: {DD92AE22-439A-4DEF-91BC-838C490A8E8C} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3723462230-206843849-3249284018-1000UA => C:\Users\Susanne\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-08-03] (Facebook Inc.)
Task: {E236B00C-ED2E-4540-B4E7-B6950D49E454} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2013-12-17] (Microsoft Corporation)
Task: {E25DBD18-ECFF-48B6-9628-FAA7F7ED8A37} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-04-17] (Piriform Ltd)
Task: {E572F690-0476-4B3E-89C0-BE31073F3E31} - System32\Tasks\ASC6_PerformanceMonitor => I:\Program Files (x86)\IObit\Advanced SystemCare 6\Monitor.exe [2012-10-29] (IObit)
Task: {E80040EC-D915-440F-BE5C-B439B191DB78} - \DealPly No Task File <==== ATTENTION
Task: {E8F3E8FD-A780-445C-87BF-5BB6BBED18FF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-10-15] (Adobe Systems Incorporated)
Task: {F8994A0D-C89C-498A-A4F3-30A44F2FDD3D} - \DSite No Task File <==== ATTENTION
Task: {F9CECD6E-4801-4C6A-90D1-0DF208073524} - \globalUpdateUpdateTaskMachineUA No Task File <==== ATTENTION
Task: {FB744C94-B3BB-497F-9AB1-9D7B0C9C56BA} - System32\Tasks\Sony Corporation\VAIO Power Management\VPM Unlock => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2011-05-31] (Sony Corporation)
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3723462230-206843849-3249284018-1000Core.job => C:\Users\Susanne\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3723462230-206843849-3249284018-1000UA.job => C:\Users\Susanne\AppData\Local\Facebook\Update\FacebookUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-09-08 15:26 - 2014-08-29 05:55 - 00707184 _____ () C:\PROGRAM FILES (X86)\360\TOTAL SECURITY\SAFEMON\QHACTIVEDEFENSE.EXE
2014-03-21 07:22 - 2013-10-31 18:13 - 00102568 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-09-14 15:09 - 2014-01-02 19:41 - 00621736 _____ () C:\Program Files\Microsoft Office 15\ClientX64\StreamServer.dll
2014-04-13 02:40 - 2014-04-13 02:40 - 00073728 _____ () C:\Program Files\Spamihilator\zlib1.dll
2014-04-13 02:40 - 2014-04-13 02:40 - 00380928 _____ () C:\PROGRAM FILES\SPAMIHILATOR\sqlite3.dll
2014-09-08 15:26 - 2014-08-29 05:55 - 00707184 _____ () C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-02-28 01:28 - 2011-07-07 16:44 - 00013824 _____ () C:\Program Files (x86)\Sony\VAIO Control Center\VESBasePS.dll
2012-12-24 02:36 - 2012-10-30 16:37 - 00348032 _____ () I:\Program Files (x86)\IObit\Advanced SystemCare 6\madExcept_.bpl
2012-12-24 02:36 - 2012-10-30 16:37 - 00182656 _____ () I:\Program Files (x86)\IObit\Advanced SystemCare 6\madBasic_.bpl
2012-12-24 02:36 - 2012-10-30 16:37 - 00050048 _____ () I:\Program Files (x86)\IObit\Advanced SystemCare 6\madDisAsm_.bpl
2010-01-30 19:49 - 2011-10-24 19:00 - 00067728 _____ () C:\Program Files (x86)\Stardock\CursorFX\zlib1.dll
2014-10-08 15:35 - 2014-07-14 16:49 - 00049744 ____N () C:\Users\Susanne\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
2014-10-15 16:48 - 2014-10-15 16:48 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\c152a64e30c5b94894d75ac86aa7aad2\IsdiInterop.ni.dll
2012-02-28 01:16 - 2011-04-30 01:28 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2013-03-14 21:42 - 2013-03-14 21:42 - 00033128 _____ () C:\Program Files (x86)\IncrediMail\Bin\IMHttpComm.dll
2013-03-14 21:42 - 2013-03-14 21:42 - 00072104 _____ () C:\Program Files (x86)\IncrediMail\Bin\wlessfp1.dll
2013-03-14 21:42 - 2013-03-14 21:42 - 00268712 _____ () C:\Program Files (x86)\IncrediMail\Bin\ImLookExU.dll
2013-01-23 17:17 - 2013-01-23 17:17 - 00108888 _____ () C:\Program Files (x86)\IncrediMail\Bin\pmc.dll
2013-09-09 21:33 - 2012-03-29 15:21 - 01152365 _____ () C:\Users\Susanne\AppData\Roaming\LavFilters\avformat-lav-54.dll
2013-09-09 21:33 - 2012-03-29 15:21 - 06582226 _____ () C:\Users\Susanne\AppData\Roaming\LavFilters\avcodec-lav-54.dll
2013-09-09 21:33 - 2012-03-29 15:21 - 00207872 _____ () C:\Users\Susanne\AppData\Roaming\LavFilters\avutil-lav-51.dll
2013-09-09 21:33 - 2012-03-29 15:21 - 00172032 _____ () C:\Users\Susanne\AppData\Roaming\LavFilters\libbluray.dll
2013-02-26 15:48 - 2004-05-26 00:06 - 00417792 _____ () I:\Program Files (x86)\Total Video Converter\ac3filter.cpl
2013-03-14 21:42 - 2013-03-14 21:42 - 00133544 _____ () C:\Program Files (x86)\IncrediMail\Bin\ImComUtlU.dll
2013-03-14 21:42 - 2013-03-14 21:42 - 00080296 _____ () C:\Program Files (x86)\IncrediMail\bin\ImAppRU.dll
2010-11-11 12:55 - 2013-03-14 21:42 - 01034096 _____ () C:\Program Files (x86)\IncrediMail\bin\AE\ActionEngine.dll
2014-10-15 16:59 - 2014-10-15 16:59 - 03649648 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-08-19 00:00 - 2014-08-19 00:00 - 01020928 _____ () C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\extensions\support@lastpass.com\platform\WINNT_x86-msvc\components\lpxpcom.dll
2014-10-15 00:47 - 2014-10-15 00:47 - 16832176 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:373E1720

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Install LastPass FF RunOnce.lnk => C:\Windows\pss\Install LastPass FF RunOnce.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Susanne^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Facebook Messenger.lnk => C:\Windows\pss\Facebook Messenger.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => 
MSCONFIG\startupreg: ApplePhotoStreams => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
MSCONFIG\startupreg: CursorMania Search Scope Monitor => "C:\PROGRA~2\CURSOR~2\bar\1.bin\7lsrchmn.exe" /m=2 /w /h
MSCONFIG\startupreg: DivXMediaServer => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
MSCONFIG\startupreg: Facebook Update => "C:\Users\Susanne\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: iCloudServices => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: PMBVolumeWatcher => c:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s

========================= Accounts: ==========================

Administrator (S-1-5-21-3723462230-206843849-3249284018-500 - Administrator - Disabled)
Gast (S-1-5-21-3723462230-206843849-3249284018-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3723462230-206843849-3249284018-1002 - Limited - Enabled)
Susanne (S-1-5-21-3723462230-206843849-3249284018-1000 - Administrator - Enabled) => C:\Users\Susanne

==================== Faulty Device Manager Devices =============

Name: Microsoft-ISATAP-Adapter
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Microsoft-ISATAP-Adapter #2
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (10/19/2014 07:59:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 33.0.0.5397, Zeitstempel: 0x543924b1
Name des fehlerhaften Moduls: mozalloc.dll, Version: 33.0.0.5397, Zeitstempel: 0x5438ffbb
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001425
ID des fehlerhaften Prozesses: 0x3784
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3

Error: (10/19/2014 05:51:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4259

Error: (10/19/2014 05:51:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4259

Error: (10/19/2014 05:51:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/19/2014 05:51:04 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3198

Error: (10/19/2014 05:51:04 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3198

Error: (10/19/2014 05:51:04 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/19/2014 05:51:03 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2184

Error: (10/19/2014 05:51:03 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2184

Error: (10/19/2014 05:51:03 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (10/19/2014 09:21:25 PM) (Source: cdrom) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\CdRom0 gefunden.

Error: (10/19/2014 09:21:25 PM) (Source: cdrom) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\CdRom0 gefunden.

Error: (10/19/2014 09:21:25 PM) (Source: cdrom) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\CdRom0 gefunden.

Error: (10/19/2014 09:21:25 PM) (Source: cdrom) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\CdRom0 gefunden.

Error: (10/19/2014 09:21:25 PM) (Source: cdrom) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\CdRom0 gefunden.

Error: (10/19/2014 09:21:25 PM) (Source: cdrom) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\CdRom0 gefunden.

Error: (10/19/2014 09:21:25 PM) (Source: cdrom) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\CdRom0 gefunden.

Error: (10/19/2014 09:21:25 PM) (Source: cdrom) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\CdRom0 gefunden.

Error: (10/19/2014 09:21:25 PM) (Source: cdrom) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\CdRom0 gefunden.

Error: (10/19/2014 09:21:25 PM) (Source: cdrom) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\CdRom0 gefunden.


Microsoft Office Sessions:
=========================
Error: (10/19/2014 07:59:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe33.0.0.5397543924b1mozalloc.dll33.0.0.53975438ffbb8000000300001425378401cfebc35f54bc90C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dlla50848ae-57b9-11e4-b602-f0bf97e53575

Error: (10/19/2014 05:51:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4259

Error: (10/19/2014 05:51:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4259

Error: (10/19/2014 05:51:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/19/2014 05:51:04 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3198

Error: (10/19/2014 05:51:04 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3198

Error: (10/19/2014 05:51:04 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/19/2014 05:51:03 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2184

Error: (10/19/2014 05:51:03 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2184

Error: (10/19/2014 05:51:03 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


CodeIntegrity Errors:
===================================
  Date: 2014-06-10 04:29:49.638
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\nhcDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-06-10 04:29:49.519
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\nhcDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-06-10 04:29:49.283
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\nhcDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-06-10 04:29:49.156
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\nhcDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-06-10 04:29:48.923
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\nhcDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-06-10 04:29:48.800
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\nhcDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-06-10 04:29:48.555
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\nhcDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-06-10 04:29:48.446
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\nhcDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-06-10 04:29:48.235
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\nhcDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-06-10 04:29:48.132
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\nhcDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-2430M CPU @ 2.40GHz
Percentage of memory in use: 54%
Total physical RAM: 8103.14 MB
Available physical RAM: 3702.73 MB
Total Pagefile: 16204.45 MB
Available Pagefile: 10637.55 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:251.97 GB) (Free:126.65 GB) NTFS
Drive i: (Volume) (Fixed) (Total:195.31 GB) (Free:92.75 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: E6B480BB)
Partition 1: (Not Active) - (Size=18.4 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=252 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=195.3 GB) - (Type=OF Extended)

==================== End Of Log ============================
         
--- --- ---

Alt 25.10.2014, 14:59   #14
schrauber
/// the machine
/// TB-Ausbilder
 

Pepper zip - Standard

Pepper zip



Lesezeichen kannste vorher exportieren. Wenn Du die Seuche behalten willst lass das mit Firefox

Frischs FRST log fehlt.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 26.10.2014, 05:12   #15
Merline
 
Pepper zip - Standard

Pepper zip



ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=0cd1c551de2bd4418c04c3b12968b9b4
# engine=20777
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-10-26 03:16:26
# local_time=2014-10-26 04:16:26 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Avira Desktop'
# compatibility_mode=1810 16777213 100 100 90612 279716676 0 0
# compatibility_mode_1='Microsoft Security Essentials'
# compatibility_mode=5895 16777213 100 100 2799723 108470996 0 0
# scanned=331588
# found=29
# cleaned=0
# scan_time=31350
sh=828CCC8757617B9631424F1F3C90B4F804089A13 ft=1 fh=5346a69be11e80cb vn="Variante von Win64/Toolbar.Perion.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Web Assistant\Extension64.dll.vir"
sh=1AF085E91001E9A7B98FACD4FF0E72EA02ADEBD8 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Perion.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Web Assistant\source.crx.vir"
sh=4CC975F50CBC5FBEF47AE3D295288D7CD861509B ft=1 fh=991c1086c06a4e6d vn="Variante von Win32/Conduit.SearchProtect.N evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\ORBTR\uninstall.exe.vir"
sh=6D2D5521F8C15D587F05119C714F0A431D053BE9 ft=1 fh=374f94ddfd2f4cb1 vn="Variante von Win32/Toolbar.MyWebSearch.AH evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\PopularScreensavers\NPp5Stub.dll.vir"
sh=394D5B32C42AD951A2F1BA6E22A3DA2E754ABE98 ft=1 fh=bc9d2deedbf2e121 vn="Variante von Win32/Toolbar.MyWebSearch.AC evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\PopularScreensavers\p5cjpeg.dll.vir"
sh=7C73445F65C0FD08EAAD3A3E7FE1A28F5F482D08 ft=1 fh=dc7dda4109371c06 vn="Variante von Win64/Toolbar.MyWebSearch.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\TelevisionFanatic\bar\1.bin\64auxstb64.dll.vir"
sh=ED5F07C2013EC69C4A03AC9B48BBC6A3896347DA ft=1 fh=572d0aa7c713be6e vn="Variante von Win64/Toolbar.MyWebSearch.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\TelevisionFanatic\bar\1.bin\64brmon64.exe.vir"
sh=02647F8CD70D673E477EC052154028FE08A86AD7 ft=1 fh=c1ea64bddc5cb8f1 vn="Variante von Win64/Toolbar.MyWebSearch.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\TelevisionFanatic\bar\1.bin\64brstub64.dll.vir"
sh=30017B37C5E874DA90B03618CE9432551D52244D ft=1 fh=33c46fedbb586f3b vn="Variante von Win64/Toolbar.MyWebSearch.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\TelevisionFanatic\bar\1.bin\64dlghk64.dll.vir"
sh=74BB4E32B185DCD8553F2822D28977FF6A299BDE ft=1 fh=db00904785107d2d vn="Variante von Win32/Toolbar.MyWebSearch.AL evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\TelevisionFanatic\bar\1.bin\64highin.exe.vir"
sh=87E77F21EBBEE058158B046F24EF159203328931 ft=1 fh=4096f84f5d42b246 vn="Variante von Win32/Toolbar.MyWebSearch.AJ evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\TelevisionFanatic\bar\1.bin\64skplay.exe.vir"
sh=27701684B9B28362D3FEA99A07818FFA492D3A4E ft=1 fh=bcc2ec90b8678e6e vn="Win32/Toolbar.MyWebSearch.AJ evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\TelevisionFanatic\bar\1.bin\64SrchMn.exe.vir"
sh=72489280930F183E34FE5AF817F207A5EB65F8D4 ft=1 fh=033eb58713fd33d4 vn="Variante von Win32/Toolbar.MyWebSearch.AA evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\TelevisionFanatic\bar\1.bin\64tpinst.dll.vir"
sh=03AF68978658C3350452ACA5567A9F1358E3D387 ft=1 fh=ca334dce2d24b211 vn="Variante von Win32/Toolbar.MyWebSearch.AI evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\TelevisionFanatic\bar\1.bin\DPNMNGR.DLL.vir"
sh=293AE2F735B9C76ACF2BE9410EBFF2CD88D47F96 ft=1 fh=59afe8ea20712c28 vn="Variante von Win32/Toolbar.MyWebSearch.AI evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\TelevisionFanatic\bar\1.bin\EXEMANAGER.DLL.vir"
sh=A8D6DF53AA92AEDABC2F4E2B520024AC3563B7E6 ft=1 fh=871f764e48b7f7a8 vn="Variante von Win32/Toolbar.MyWebSearch.AL evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\TelevisionFanatic\bar\1.bin\NP64Stub.dll.vir"
sh=DD0123C4D8DA38E948888E4EC29778DE0B0DA4D4 ft=1 fh=dea466b0175c3c32 vn="Win32/Toolbar.MyWebSearch.AL evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\TelevisionFanatic\bar\1.bin\UNIFIEDLOGGING.DLL.vir"
sh=7E476CBC20B540F11239EC2A5C617FF221BF52CC ft=1 fh=80c7b6f3be1d69d2 vn="Variante von Win32/Toolbar.MyWebSearch.AI evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\64ffxtbr@TelevisionFanatic.com\plugi ns\FF-NativeMessagingDispatcher.dll.vir"
sh=7671FBBD26BCEECB772D1A26CC7B1911B7A20E3E ft=1 fh=4fd638d5eab7a926 vn="Variante von Win64/Systweak.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Windows\System32\roboot64.exe.vir"
sh=852987FA6905363E49BF8C662EF78E48D4D5C090 ft=0 fh=0000000000000000 vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Windows\SysWOW64\jmdp\pnte.crx.vir"
sh=3921B3425C5C561B5478A3ABBBD49C11775A0882 ft=0 fh=0000000000000000 vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Windows\SysWOW64\jmdp\SweetNT.crx.vir"
sh=CC18702134AFA0E40EE32B76A8F3B5C696E82EAF ft=1 fh=b3505ea92771f677 vn="Variante von Win32/ELEX.AS evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Susanne\Downloads\yet_another_cleaner_sk.exe"
sh=DCA78553945F138C0DA17A70EB93610F7DBDF45F ft=0 fh=0000000000000000 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="I:\SUSANNE-VAIO\Backup Set 2014-07-27 224247\Backup Files 2014-07-27 224247\Backup files 15.zip"
sh=31282B1AF0C6236B4E06F6C67581CBB8FA51B3E8 ft=0 fh=0000000000000000 vn="Variante von Win32/DownloadGuide.A evtl. unerwünschte Anwendung" ac=I fn="I:\SUSANNE-VAIO\Backup Set 2014-07-27 224247\Backup Files 2014-07-27 224247\Backup files 21.zip"
sh=83E4FC2D7014D8820EB67E6C1712E3F1D8F24426 ft=0 fh=0000000000000000 vn="Variante von Win32/ELEX.AS evtl. unerwünschte Anwendung" ac=I fn="I:\SUSANNE-VAIO\Backup Set 2014-07-27 224247\Backup Files 2014-07-27 224247\Backup files 22.zip"
sh=0C9C7E74B011B78B4CA0F7C09F6DC44787503376 ft=0 fh=0000000000000000 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="I:\SUSANNE-VAIO\Backup Set 2014-08-24 190002\Backup Files 2014-08-24 190002\Backup files 15.zip"
sh=26E6978D8B6539D8A70A8CA0AF6B873607A41B89 ft=0 fh=0000000000000000 vn="Variante von Win32/AdWare.iBryte.AL Anwendung" ac=I fn="I:\SUSANNE-VAIO\Backup Set 2014-08-24 190002\Backup Files 2014-08-24 190002\Backup files 20.zip"
sh=172421ACEE92E0AE399CB5AAB03C5C36F603A98E ft=0 fh=0000000000000000 vn="Win32/SoftonicDownloader.G evtl. unerwünschte Anwendung" ac=I fn="I:\SUSANNE-VAIO\Backup Set 2014-08-24 190002\Backup Files 2014-08-24 190002\Backup files 21.zip"
sh=3939708928CBFEF17463161F4D4302E89FB3208F ft=0 fh=0000000000000000 vn="Variante von Win32/ELEX.AS evtl. unerwünschte Anwendung" ac=I fn="I:\SUSANNE-VAIO\Backup Set 2014-08-24 190002\Backup Files 2014-08-24 190002\Backup files 22.zip"

Results of screen317's Security Check version 0.99.89
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Avira Desktop
Microsoft Security Essentials
Antivirus up to date! (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
TuneUp Utilities Language Pack (de-DE)
Panda Cloud Cleaner
EasyCleaner
Java 7 Update 67
Java 8 Update 25
Adobe Flash Player 15.0.0.189
Adobe Reader XI
Mozilla Firefox (33.0.1)
````````Process Check: objlist.exe by Laurent````````
Microsoft Security Essentials MSMpEng.exe
Microsoft Security Essentials msseces.exe
Avira Antivir avgnt.exe
Avira Antivir avguard.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````


FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-10-2014
Ran by Susanne (administrator) on SUSANNE-VAIO on 26-10-2014 05:05:52
Running from C:\Users\Susanne\Downloads
Loaded Profile: Susanne (Available profiles: Susanne)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IObit) I:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(mst software GmbH, Germany) C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 10\DfSdkS64.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
(Sony Corporation) C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files\Sony\VCM Manager Settings\VcmMgrNotification64.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(IObit) I:\Program Files (x86)\IObit\Advanced SystemCare 6\Monitor.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Stardock Corporation) C:\Program Files (x86)\Stardock\CursorFX\CursorFX.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
(Michel Krämer) C:\Program Files\Spamihilator\spamihilator.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(IncrediMail, Ltd.) C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe
(IncrediMail, Ltd.) C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_189.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_189.exe
(Farbar) C:\Users\Susanne\Downloads\FRST64(1).exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1158248 2012-03-09] (Realtek Semiconductor)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM\...\Run: [SpywareTerminatorShield] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
HKLM\...\Run: [SpywareTerminatorUpdater] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [500736 2011-05-02] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [703736 2014-10-14] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-07-08] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3723462230-206843849-3249284018-1000\...\Run: [CursorFX] => C:\Program Files (x86)\Stardock\CursorFX\CursorFX.exe [432784 2012-05-10] (Stardock Corporation)
HKU\S-1-5-21-3723462230-206843849-3249284018-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-3723462230-206843849-3249284018-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass IE RunOnce.lnk
ShortcutTarget: Install LastPass IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass)
Startup: C:\Users\Susanne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Spamihilator.lnk
ShortcutTarget: Spamihilator.lnk -> C:\Program Files\Spamihilator\spamihilator.exe (Michel Krämer)
BootExecute: autocheck autochk *  BootDefrag.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://de.yhs4.search.yahoo.com/yhs/search?type=prc265&hspart=avast&hsimp=yhs-001&p={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://sony.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://de.yahoo.com?fr=hp-avast&type=prc265
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Google
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = Google
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKLM-x32 - {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {17ADD2FE-1208-4BBD-913F-0C8732DCBD44} URL = hxxp://services.zinio.com/search?s={searchTerms}&rf=sonyslices
SearchScopes: HKCU - {E4BD2B01-14CD-45F9-B958-3FFAB7DB3D0E} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-27/4?mpre=hxxp://shop.ebay.de/?oemInLn=ieSrch-Q311&_nkw={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: No Name -> {9030D464-4C02-4ABF-8ECC-5164760863C6} ->  No File
BHO: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {5786D022-540E-4699-B350-B4BE0AE94B79} -  No File
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{05A7A838-BBFC-4DA9-9F78-5FC886D82879}: [NameServer] 5.135.12.56,199.203.35.78

FireFox:
========
FF ProfilePath: C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default
FF NewTab: Google
FF DefaultSearchUrl: hxxp://de.yhs4.search.yahoo.com/yhs/search
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: Google
FF NetworkProxy: "backup.ftp", "178.219.12.210"
FF NetworkProxy: "backup.ftp_port", 6666
FF NetworkProxy: "backup.socks", "178.219.12.210"
FF NetworkProxy: "backup.socks_port", 6666
FF NetworkProxy: "backup.ssl", "178.219.12.210"
FF NetworkProxy: "backup.ssl_port", 6666
FF NetworkProxy: "ftp", "www-proxy.t-online.de"
FF NetworkProxy: "ftp_port", 80
FF NetworkProxy: "http", "www-proxy.t-online.de"
FF NetworkProxy: "http_port", 80
FF NetworkProxy: "no_proxies_on", "localhost, 127.0.0.1, stealthy.co"
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "www-proxy.t-online.de"
FF NetworkProxy: "socks_port", 80
FF NetworkProxy: "ssl", "www-proxy.t-online.de"
FF NetworkProxy: "ssl_port", 80
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_189.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @playstation.com/PsndlCheck,version=1.00 -> C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll (Sony Computer Entertainment Inc.)
FF Plugin-x32: @popularscreensavers.com/Plugin -> C:\Program Files (x86)\PopularScreensavers\NPp5Stub.dll No File
FF Plugin-x32: @SonyCreativeSoftware.com/Media Go,version=1.0 -> C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: facebook.com/fbDesktopPlugin -> C:\Users\Susanne\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF SearchPlugin: C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\searchplugins\speedfox.xml
FF SearchPlugin: C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\searchplugins\yahoo-avast.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Advanced SystemCare Surfing Protection - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\ascsurfingprotection@iobit.com [2013-09-24]
FF Extension: SpeedFox - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\jid1-uabu5A9hduqzCw@jetpack [2013-08-18]
FF Extension: LastPass - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\support@lastpass.com [2014-08-19]
FF Extension: ColorfulTabs - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe} [2014-09-29]
FF Extension: TV-Fox - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\{2f17f610-5e97-4fed-828f-9940b7b577a4} [2013-12-21]
FF Extension: AddThis - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\{3e0e7d2a-070f-4a47-b019-91fe5385ba79} [2013-05-31]
FF Extension: ReminderFox - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae} [2014-04-19]
FF Extension: DownloadHelper - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-09-08]
FF Extension: Evernote Web Clipper - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\{E0B8C461-F8FB-49b4-8373-FE32E9252800} [2013-12-18]
FF Extension: everygain Translator - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\ck@everygain.com.xpi [2013-04-18]
FF Extension: anonymoX - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\client@anonymox.net.xpi [2013-04-30]
FF Extension: Shareaholic - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\firefox-extension@shareaholic.com.xpi [2013-04-19]
FF Extension: hidefbticker - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\hidefbticker@shebo.com.xpi [2013-07-02]
FF Extension: i2Symbol (Emoticons, Smileys, Symbols) - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\i2symbol@sciweavers.org.xpi [2013-04-19]
FF Extension: ProxTube - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\ich@maltegoetz.de.xpi [2014-09-10]
FF Extension: iFamebook  - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\ifamebook@stormvision.it.xpi [2013-08-03]
FF Extension: iKute Emoticons for Facebook Chat - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\ikuteteam@gmail.com.xpi [2013-07-02]
FF Extension: Telekom YouTube Turbo - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\info@maltegoetz.de.xpi [2013-04-19]
FF Extension: HMA! IP Checker - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\ipinfo@hidemyass.com.xpi [2013-04-19]
FF Extension: Big Emo For Facebook - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\jid0-3w5IeNyk2A0kYZWgtBwRAxwtyTo@jetpack.xpi [2013-07-02]
FF Extension: Invite All (for Facebook) - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\jid0-zs24wecdcQo0Lp18D7QOV4WSZFo@jetpack.xpi [2013-08-03]
FF Extension: RSS Icon - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\kitsuneymg@gmail.com.xpi [2013-04-19]
FF Extension: NASA Night Launch - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\nasanightlaunch@example.com.xpi [2013-10-07]
FF Extension: Personas Plus - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\personas@christopher.beard.xpi [2013-04-19]
FF Extension: Silvermel - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\silvermel@pardal.de.xpi [2013-05-27]
FF Extension: Smiley Xtra - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\smxtra5@smileyxtra.co.uk.xpi [2013-04-18]
FF Extension: Stealthy - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\stealthyextension@gmail.com.xpi [2013-08-09]
FF Extension: YouTube to MP3 - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\youtube2mp3@mondayx.de.xpi [2013-04-19]
FF Extension: All-in-One Sidebar - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\{097d3191-e6fa-4728-9826-b533d755359d}.xpi [2013-04-19]
FF Extension: Stylish Sync - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\{0e3fc079-afbb-4a00-87e5-9486062d0f9c}.xpi [2013-04-26]
FF Extension: Session Manager - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi [2013-04-15]
FF Extension: FlashGot - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi [2013-04-19]
FF Extension: ShareThis - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\{1b8cc170-8c85-11db-b606-0800200c9a66}.xpi [2013-04-19]
FF Extension: Facebook Messenger - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\{249b4e45-4fb9-4f6b-9754-7c0c1e605d44}.xpi [2014-08-02]
FF Extension: AniWeather - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\{4176DFF4-4698-11DE-BEEB-45DA55D89593}.xpi [2013-04-19]
FF Extension: Stylish - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi [2013-04-15]
FF Extension: Quick Translator - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\{5C655500-E712-41e7-9349-CE462F844B19}.xpi [2013-04-18]
FF Extension: Charamel - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\{961408A3-C970-4577-970A-D97C29839A67}.xpi [2013-05-27]
FF Extension: Soundcloud SUPER +2: Downloader and Recommender - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\{988da70d-b78d-44a1-a9c7-ed11832a9e2e}.xpi [2013-04-19]
FF Extension: ImTranslator - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi [2013-04-15]
FF Extension: StumbleUpon - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696}.xpi [2013-04-18]
FF Extension: SoundCloud Downloader - Technowise - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\{c8d3bc80-0810-4d21-a2c2-be5f2b2832ac}.xpi [2013-04-19]
FF Extension: FoxTab - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}.xpi [2013-08-09]
FF Extension: Download Manager Tweak - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\{F8A55C97-3DB6-4961-A81D-0DE0080E53CB}.xpi [2013-04-18]
FF Extension: Noia 4 - C:\Users\Susanne\AppData\Roaming\Mozilla\Firefox\Profiles\njo8w0dk.default\Extensions\{faf13420-5e24-11e0-80e3-0800200c9a66}.xpi [2013-07-03]

Chrome: 
=======
CHR Profile: C:\Users\Susanne\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (No Name) - C:\Users\Susanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\2.0.0.0_0 [2013-01-22]
CHR HKLM-x32\...\Chrome\Extension: [nfengeggddojhakldhlpjdlddgkkjkdd] - I:\Program Files (x86)\IObit\Advanced SystemCare 6\BrowerProtect\ASC_GhromePluginFor6.crx [2012-12-24]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AdvancedSystemCareService6; I:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [464256 2012-10-31] (IObit)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-10-15] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-10-14] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [994552 2014-10-14] (Avira Operations GmbH & Co. KG)
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [138400 2011-07-05] (Atheros) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [98976 2011-07-05] (Atheros Commnucations) [File not signed]
S3 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [141392 2014-07-14] (Avira Operations GmbH & Co. KG)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2169016 2014-03-01] (Microsoft Corporation)
S3 DCDhcpService; C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe [104096 2011-07-19] (Atheros Communication Inc.) [File not signed]
R2 DfSdkS; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 10\DfsdkS64.exe [544768 2009-08-24] (mst software GmbH, Germany) [File not signed]
R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [127752 2014-10-14] (SurfRight B.V.)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [105024 2011-02-23] (ArcSoft, Inc.)
R2 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [960160 2011-12-29] (Sony Corporation)
R3 VUAgent; C:\PROGRAM FILES\SONY\VAIO UPDATE\VUAGENT.EXE [1642544 2014-02-28] (Sony Corporation)
S3 WiseBootAssistant; I:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe [580232 2013-12-09] (WiseCleaner.com)
S2 楗敳潂瑯獁楳瑳湡tI"; 㩉停潲牧浡䘠汩獥⠠㡸⤶坜獩履楗敳䌠牡⁥㘳尵潂瑯楔敭攮數 [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [31968 2012-10-08] (Wondershare)
R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-14] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-10-14] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-01] (Avira Operations GmbH & Co. KG)
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [128200 2014-03-13] (Qualcomm Atheros Co., Ltd.)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [100312 2014-05-16] (Intel Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
R2 risdsnpe; C:\Windows\System32\DRIVERS\risdsnxc64.sys [98816 2011-06-24] (REDC)
S3 RRNetCap; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2012-01-03] (RapidSolution Software AG)
R3 RRNetCapMP; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2012-01-03] (RapidSolution Software AG)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [33008 2014-04-10] (Synaptics Incorporated)
S3 WiseHDInfo; I:\Program Files (x86)\Wise\Wise Care 365\WiseHDInfo64.dll [11304 2014-06-04] (wisecleaner.com)
S1 BAPIDRV; system32\DRIVERS\BAPIDRV64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-26 05:04 - 2014-10-26 05:05 - 02112512 _____ (Farbar) C:\Users\Susanne\Downloads\FRST64(1).exe
2014-10-26 04:58 - 2014-10-26 04:58 - 00854448 _____ () C:\Users\Susanne\Downloads\SecurityCheck.exe
2014-10-25 20:41 - 2014-10-25 20:41 - 00821760 _____ (Browser Opt-out) C:\Users\Susanne\Downloads\uninstall.exe
2014-10-25 19:27 - 2014-10-25 19:28 - 02347384 _____ (ESET) C:\Users\Susanne\Downloads\esetsmartinstaller_deu(2).exe
2014-10-25 19:12 - 2014-10-25 19:12 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-10-23 21:39 - 2014-10-23 21:40 - 02347384 _____ (ESET) C:\Users\Susanne\Downloads\esetsmartinstaller_deu(1).exe
2014-10-23 21:16 - 2014-10-23 21:16 - 00001102 _____ () C:\Windows\PFRO.log
2014-10-23 21:16 - 2014-10-23 21:16 - 00000056 _____ () C:\Windows\setupact.log
2014-10-23 21:16 - 2014-10-23 21:16 - 00000000 _____ () C:\Windows\setuperr.log
2014-10-23 21:09 - 2014-08-29 04:55 - 00023752 _____ (360安全中心) C:\Windows\SysWOW64\Drivers\efimon.sys
2014-10-23 18:31 - 2014-10-23 18:31 - 00405504 _____ () C:\Users\Susanne\Downloads\intel_srldetect_4.5.13.0.msi
2014-10-23 04:55 - 2014-10-23 04:55 - 00000000 ____D () C:\Program Files (x86)\SystemRequirementsLab
2014-10-23 04:54 - 2014-10-23 04:54 - 00000000 ____D () C:\Users\Susanne\SystemRequirementsLab
2014-10-23 04:44 - 2014-10-23 04:44 - 00638888 _____ (Oracle Corporation) C:\Users\Susanne\Downloads\jxpiinstall(18).exe
2014-10-23 01:19 - 2014-10-23 01:18 - 00319912 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-10-23 01:18 - 2014-10-23 01:18 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-10-23 01:18 - 2014-10-23 01:18 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-10-23 01:14 - 2014-10-23 01:15 - 31029672 _____ (Oracle Corporation) C:\Users\Susanne\Downloads\jre-7u71-windows-x64.exe
2014-10-22 23:03 - 2014-10-22 23:03 - 00159578 _____ () C:\Users\Susanne\Downloads\JavaRa-2.6.zip
2014-10-22 22:46 - 2014-10-22 22:46 - 00448512 _____ (OldTimer Tools) C:\Users\Susanne\Downloads\TFC.exe
2014-10-22 21:20 - 2014-10-21 19:25 - 01706144 _____ (Thisisu) C:\Users\Susanne\Desktop\JRT_NEW.exe
2014-10-22 21:04 - 2014-10-22 21:05 - 00502544 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-22 21:01 - 2014-10-22 21:01 - 00129984 _____ () C:\Users\Susanne\AppData\Local\GDIPFONTCACHEV1.DAT
2014-10-22 00:01 - 2014-10-22 00:01 - 19152896 _____ () C:\Windows\system32\config\SYSTEM.iobit
2014-10-22 00:01 - 2014-10-22 00:01 - 103727104 _____ () C:\Windows\system32\config\SOFTWARE.iobit
2014-10-22 00:01 - 2014-10-22 00:01 - 01064960 _____ () C:\Windows\system32\config\DEFAULT.iobit
2014-10-22 00:01 - 2014-10-22 00:01 - 00057344 _____ () C:\Windows\system32\config\SAM.iobit
2014-10-22 00:01 - 2014-10-22 00:01 - 00024576 _____ () C:\Windows\system32\config\SECURITY.iobit
2014-10-22 00:01 - 2014-10-22 00:01 - 00000000 ____D () C:\Users\Susanne\Downloads\FRST-OlderVersion
2014-10-21 23:34 - 2014-10-21 23:34 - 00001501 _____ () C:\Users\Susanne\Desktop\JRT.txt
2014-10-21 23:31 - 2014-10-21 23:31 - 01706144 _____ (Thisisu) C:\Users\Susanne\Downloads\JRT.exe
2014-10-21 23:25 - 2014-10-21 23:25 - 00011948 _____ () C:\Users\Susanne\Desktop\AdwCleaner[S2].txt
2014-10-21 23:12 - 2014-10-21 23:12 - 01962496 _____ () C:\Users\Susanne\Downloads\AdwCleaner_4.001.exe
2014-10-21 23:11 - 2014-10-21 23:09 - 00001784 _____ () C:\Users\Susanne\Desktop\mbam.txt
2014-10-21 21:36 - 2014-10-21 21:36 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\Susanne\Downloads\mbam-setup-2.0.3.1025.exe
2014-10-20 21:16 - 2014-10-20 21:16 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Susanne\Downloads\revosetup95.exe
2014-10-20 21:16 - 2014-10-20 21:16 - 00001264 _____ () C:\Users\Susanne\Desktop\Revo Uninstaller.lnk
2014-10-20 21:16 - 2014-10-20 21:16 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-10-19 19:31 - 2014-10-19 19:31 - 01110476 _____ () C:\Users\Susanne\Downloads\7z920.exe
2014-10-19 19:31 - 2014-10-19 19:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2014-10-19 19:31 - 2014-10-19 19:31 - 00000000 ____D () C:\Program Files (x86)\7-Zip
2014-10-19 16:42 - 2014-10-19 20:21 - 00064874 _____ () C:\Users\Susanne\Downloads\Addition.txt
2014-10-19 16:40 - 2014-10-26 05:06 - 00000000 ____D () C:\FRST
2014-10-19 16:40 - 2014-10-26 05:05 - 00029120 _____ () C:\Users\Susanne\Downloads\FRST.txt
2014-10-19 16:38 - 2014-10-22 00:01 - 02110976 _____ (Farbar) C:\Users\Susanne\Downloads\FRST64.exe
2014-10-17 20:48 - 2014-10-17 20:48 - 01705698 _____ (Thisisu) C:\Users\Susanne\Downloads\JRT633.exe
2014-10-15 15:35 - 2014-10-15 15:36 - 00000000 ____D () C:\Users\Susanne\AppData\Roaming\Free Internet Tuner
2014-10-15 15:06 - 2014-10-15 15:38 - 91670064 _____ (The GIMP Team ) C:\Users\Susanne\Downloads\gimp-2.8.14-setup.exe
2014-10-14 21:59 - 2014-10-14 21:59 - 00000000 ____D () C:\Windows\System32\Tasks\Abelssoft
2014-10-14 21:59 - 2014-10-14 21:59 - 00000000 ____D () C:\Users\Susanne\AppData\Roaming\Abelssoft
2014-10-14 21:59 - 2014-10-14 21:59 - 00000000 ____D () C:\ProgramData\XDMessagingv4
2014-10-14 21:58 - 2014-10-14 21:58 - 00001050 _____ () C:\Users\Public\Desktop\CHIP Updater.lnk
2014-10-14 21:58 - 2014-10-14 21:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CHIP Updater
2014-10-14 21:58 - 2014-10-14 21:58 - 00000000 ____D () C:\Program Files (x86)\CHIP Updater
2014-10-14 21:55 - 2014-10-14 21:55 - 03205232 _____ (Abelssoft ) C:\Users\Susanne\Downloads\CHIP_Updater_2.33.exe
2014-10-14 21:13 - 2014-08-19 04:11 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2014-10-14 21:13 - 2014-08-19 04:10 - 00616352 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2014-10-14 21:13 - 2014-08-19 04:08 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-10-14 21:13 - 2014-08-19 04:08 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2014-10-14 21:13 - 2014-08-19 04:08 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2014-10-14 21:13 - 2014-08-19 04:07 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2014-10-14 21:13 - 2014-08-19 04:07 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2014-10-14 21:13 - 2014-08-19 04:07 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2014-10-14 21:13 - 2014-08-19 04:07 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2014-10-14 21:13 - 2014-08-19 04:07 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2014-10-14 21:13 - 2014-08-19 03:41 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2014-10-14 21:13 - 2014-08-19 03:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2014-10-14 21:13 - 2014-08-19 03:06 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2014-10-14 21:13 - 2014-07-07 03:07 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-10-14 21:13 - 2014-07-07 03:07 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2014-10-14 21:13 - 2014-07-07 03:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-10-14 21:13 - 2014-07-07 03:06 - 05551032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-10-14 21:13 - 2014-07-07 03:06 - 04120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-10-14 21:13 - 2014-07-07 03:06 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2014-10-14 21:13 - 2014-07-07 03:06 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-10-14 21:13 - 2014-07-07 03:06 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2014-10-14 21:13 - 2014-07-07 03:06 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2014-10-14 21:13 - 2014-07-07 03:06 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2014-10-14 21:13 - 2014-07-07 03:06 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-10-14 21:13 - 2014-07-07 03:06 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2014-10-14 21:13 - 2014-07-07 03:06 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2014-10-14 21:13 - 2014-07-07 03:06 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-10-14 21:13 - 2014-07-07 03:06 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2014-10-14 21:13 - 2014-07-07 03:06 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-10-14 21:13 - 2014-07-07 03:06 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2014-10-14 21:13 - 2014-07-07 03:06 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2014-10-14 21:13 - 2014-07-07 03:06 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-10-14 21:13 - 2014-07-07 03:06 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-10-14 21:13 - 2014-07-07 03:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-10-14 21:13 - 2014-07-07 03:06 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2014-10-14 21:13 - 2014-07-07 03:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-10-14 21:13 - 2014-07-07 03:06 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2014-10-14 21:13 - 2014-07-07 03:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-10-14 21:13 - 2014-07-07 03:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-10-14 21:13 - 2014-07-07 03:06 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2014-10-14 21:13 - 2014-07-07 03:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2014-10-14 21:13 - 2014-07-07 03:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2014-10-14 21:13 - 2014-07-07 03:05 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-10-14 21:13 - 2014-07-07 03:05 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2014-10-14 21:13 - 2014-07-07 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-10-14 21:13 - 2014-07-07 02:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2014-10-14 21:13 - 2014-07-07 02:40 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-10-14 21:13 - 2014-07-07 02:40 - 03208704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-10-14 21:13 - 2014-07-07 02:40 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2014-10-14 21:13 - 2014-07-07 02:40 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-10-14 21:13 - 2014-07-07 02:40 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2014-10-14 21:13 - 2014-07-07 02:40 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2014-10-14 21:13 - 2014-07-07 02:40 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2014-10-14 21:13 - 2014-07-07 02:40 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2014-10-14 21:13 - 2014-07-07 02:40 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2014-10-14 21:13 - 2014-07-07 02:40 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2014-10-14 21:13 - 2014-07-07 02:40 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-10-14 21:13 - 2014-07-07 02:40 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2014-10-14 21:13 - 2014-07-07 02:40 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-10-14 21:13 - 2014-07-07 02:40 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2014-10-14 21:13 - 2014-07-07 02:40 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2014-10-14 21:13 - 2014-07-07 02:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-10-14 21:13 - 2014-07-07 02:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-10-14 21:13 - 2014-07-07 02:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2014-10-14 21:13 - 2014-07-07 02:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-10-14 21:13 - 2014-07-07 02:40 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2014-10-14 21:13 - 2014-07-07 02:40 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2014-10-14 21:13 - 2014-07-07 02:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2014-10-14 21:13 - 2014-07-07 02:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2014-10-14 21:13 - 2014-07-07 02:39 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2014-10-14 21:13 - 2014-07-07 02:39 - 03970488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-10-14 21:13 - 2014-07-07 02:39 - 03914680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-10-14 21:13 - 2014-07-07 02:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-10-14 21:13 - 2014-07-07 02:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-10-14 21:13 - 2014-07-07 02:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-10-14 21:13 - 2014-06-28 01:21 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-10-14 21:13 - 2014-06-28 01:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-10-14 21:13 - 2014-06-28 01:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2014-10-14 21:12 - 2014-10-07 03:54 - 00378552 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-14 21:12 - 2014-10-07 03:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-10-14 21:12 - 2014-09-25 23:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-10-14 21:12 - 2014-09-25 23:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-14 21:12 - 2014-09-25 23:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-14 21:12 - 2014-09-25 23:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-14 21:12 - 2014-09-25 23:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-14 21:12 - 2014-09-19 02:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-14 21:12 - 2014-09-19 02:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-10-14 21:12 - 2014-09-19 02:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-14 21:12 - 2014-09-19 02:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-14 21:12 - 2014-09-19 02:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-10-14 21:12 - 2014-09-19 02:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-14 21:12 - 2014-09-19 02:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-10-14 21:12 - 2014-09-19 02:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-10-14 21:12 - 2014-09-19 02:14 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-14 21:12 - 2014-09-19 02:06 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-14 21:12 - 2014-09-19 02:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-10-14 21:12 - 2014-09-19 02:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-10-14 21:12 - 2014-09-19 01:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-14 21:12 - 2014-09-19 01:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-10-14 21:12 - 2014-09-19 01:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-10-14 21:12 - 2014-09-19 01:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-10-14 21:12 - 2014-09-19 01:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-10-14 21:12 - 2014-09-19 01:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-14 21:12 - 2014-09-19 01:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-14 21:12 - 2014-09-19 01:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-14 21:12 - 2014-09-19 01:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-14 21:12 - 2014-09-19 01:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-14 21:12 - 2014-09-19 00:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-14 21:12 - 2014-08-29 03:07 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-10-14 21:11 - 2014-10-10 03:05 - 00507392 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-10-14 21:11 - 2014-10-10 03:05 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-10-14 21:11 - 2014-10-10 03:00 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-10-14 21:11 - 2014-09-29 01:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-14 21:11 - 2014-09-25 23:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-14 21:11 - 2014-09-25 23:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-14 21:11 - 2014-09-19 03:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-14 21:11 - 2014-09-19 02:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-14 21:11 - 2014-09-19 02:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-14 21:11 - 2014-09-19 02:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-14 21:11 - 2014-09-19 02:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-14 21:11 - 2014-09-19 02:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-14 21:11 - 2014-09-19 02:27 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-14 21:11 - 2014-09-19 02:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-14 21:11 - 2014-09-19 02:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-14 21:11 - 2014-09-19 02:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-14 21:11 - 2014-09-19 02:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-14 21:11 - 2014-09-19 02:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-10-14 21:11 - 2014-09-19 02:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-14 21:11 - 2014-09-19 02:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-14 21:11 - 2014-09-19 01:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-10-14 21:11 - 2014-09-19 01:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-14 21:11 - 2014-09-19 01:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-10-14 21:11 - 2014-09-19 01:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-10-14 21:11 - 2014-09-19 01:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-14 21:11 - 2014-09-19 01:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-10-14 21:11 - 2014-09-19 01:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-10-14 21:11 - 2014-09-19 00:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-14 21:11 - 2014-09-19 00:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-14 21:11 - 2014-09-19 00:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-10-14 21:11 - 2014-09-18 03:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-14 21:11 - 2014-09-18 02:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-10-14 21:11 - 2014-06-18 23:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-14 21:11 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-14 21:11 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-14 21:11 - 2014-06-18 23:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-14 21:11 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-14 21:11 - 2014-06-18 23:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-14 21:10 - 2014-09-04 06:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-14 21:10 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-14 21:10 - 2014-07-17 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-14 21:10 - 2014-07-17 03:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-14 21:10 - 2014-07-17 03:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-14 21:10 - 2014-07-17 03:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-14 21:10 - 2014-07-17 03:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-10-14 21:10 - 2014-07-17 03:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-10-14 21:10 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-10-14 21:10 - 2014-07-17 02:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-10-14 21:10 - 2014-07-17 02:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-10-14 21:10 - 2014-07-17 02:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-14 21:10 - 2014-07-17 02:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-14 21:05 - 2014-09-13 02:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-14 21:05 - 2014-09-13 02:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-14 21:05 - 2014-09-05 03:11 - 06584320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-14 21:05 - 2014-09-05 02:52 - 05703168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-14 20:36 - 2014-10-14 20:36 - 00071934 _____ () C:\Windows\system32\.crusader
2014-10-14 20:00 - 2014-10-14 20:44 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-10-14 20:00 - 2014-10-14 20:00 - 00001905 _____ () C:\Users\Public\Desktop\HitmanPro.lnk
2014-10-14 20:00 - 2014-10-14 20:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2014-10-14 20:00 - 2014-10-14 20:00 - 00000000 ____D () C:\Program Files\HitmanPro
2014-10-14 19:59 - 2014-10-14 19:59 - 11194928 _____ (SurfRight B.V.) C:\Users\Susanne\Downloads\HitmanPro_x64.exe
2014-10-13 03:24 - 2014-10-13 03:24 - 00000000 _____ () C:\autoexec.bat
2014-10-08 02:58 - 2014-10-08 03:08 - 00000000 ___HD () C:\Users\Public\Temp
2014-10-03 23:45 - 2014-10-03 23:45 - 15197616 _____ (Ventis Media Inc. ) C:\Users\Susanne\Downloads\MediaMonkey_4.1.4.1709.exe
2014-10-02 23:11 - 2014-10-02 23:11 - 00001141 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Update.lnk
2014-10-02 22:30 - 2014-10-02 22:30 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-10-02 22:30 - 2014-10-02 22:30 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-10-02 22:30 - 2014-10-02 22:30 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-10-02 22:27 - 2014-10-02 22:27 - 00918952 _____ (Oracle Corporation) C:\Users\Susanne\Downloads\jxpiinstall(17).exe
2014-10-02 04:32 - 2014-10-02 04:32 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Susanne\Downloads\mbam-setup-2.0.2.1012(2).exe
2014-10-01 15:22 - 2014-09-25 03:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-10-01 15:22 - 2014-09-25 02:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-10-01 12:45 - 2013-06-12 13:10 - 00033512 _____ () C:\Windows\system32\Drivers\DasPtct.SYS
2014-10-01 12:43 - 2014-10-01 12:44 - 30543696 _____ (Panda Security ) C:\Users\Susanne\Downloads\PandaCloudCleaner.exe
2014-10-01 12:41 - 2014-10-01 12:41 - 00051496 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\stflt.sys
2014-10-01 12:39 - 2014-10-01 12:39 - 00937232 _____ (Crawler.com ) C:\Users\Susanne\Downloads\SpywareTerminatorSetup.exe
2014-10-01 12:34 - 2014-10-01 12:34 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Susanne\Downloads\mbam-setup-2.0.2.1012(1).exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-26 05:07 - 2012-02-28 03:06 - 00000000 ____D () C:\Users\Susanne\AppData\Roaming\Spamihilator
2014-10-26 05:06 - 2013-03-06 21:19 - 00000000 ____D () C:\Users\Susanne\AppData\Roaming\NetSpeedMonitor
2014-10-26 03:00 - 2014-07-23 02:43 - 01502825 _____ () C:\Windows\WindowsUpdate.log
2014-10-25 20:41 - 2014-05-23 01:57 - 00003170 _____ () C:\Windows\System32\Tasks\{D980E11C-6568-45AC-AF71-C4394AFE809C}
2014-10-25 20:41 - 2014-05-22 03:51 - 00003110 _____ () C:\Windows\System32\Tasks\{D490671D-C500-49B0-A18B-6B01B126ECC9}
2014-10-25 20:41 - 2014-04-30 18:22 - 00002778 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-10-25 20:41 - 2014-03-27 02:03 - 00002860 _____ () C:\Windows\System32\Tasks\Driver Booster SkipUAC (Susanne)
2014-10-25 20:41 - 2013-03-24 23:46 - 00003212 _____ () C:\Windows\System32\Tasks\{2A36CFBB-8293-47A4-934C-A2D9B93F765D}
2014-10-25 20:41 - 2013-03-14 20:46 - 00003178 _____ () C:\Windows\System32\Tasks\{B4973C1F-4D4B-4234-A234-659075DDF756}
2014-10-25 20:41 - 2013-03-14 20:45 - 00003178 _____ () C:\Windows\System32\Tasks\{023AB62D-0182-4EB0-8844-9195F00E0F35}
2014-10-25 20:41 - 2013-03-13 22:59 - 00003188 _____ () C:\Windows\System32\Tasks\{43E5FA5E-0D59-4002-917A-63BB48C77D54}
2014-10-25 20:41 - 2012-12-28 00:21 - 00003158 _____ () C:\Windows\System32\Tasks\{D2BF5758-35FE-4C2F-B428-C4F0C8596651}
2014-10-25 20:41 - 2012-12-24 01:37 - 00003100 _____ () C:\Windows\System32\Tasks\ASC6_PerformanceMonitor
2014-10-25 20:41 - 2012-08-11 02:52 - 00003928 _____ () C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3723462230-206843849-3249284018-1000UA
2014-10-25 20:41 - 2012-08-11 02:52 - 00003560 _____ () C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3723462230-206843849-3249284018-1000Core
2014-10-25 20:41 - 2012-08-11 02:52 - 00000936 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3723462230-206843849-3249284018-1000UA.job
2014-10-25 20:41 - 2012-08-11 02:52 - 00000914 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3723462230-206843849-3249284018-1000Core.job
2014-10-25 20:41 - 2012-03-01 21:33 - 00000000 ____D () C:\Users\Susanne\AppData\Local\CrashDumps
2014-10-25 19:12 - 2012-04-25 00:01 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-10-25 19:03 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-10-24 19:51 - 2012-02-28 23:33 - 00744960 ___SH () C:\Users\Susanne\Documents\Thumbs.db
2014-10-23 21:25 - 2009-07-14 05:45 - 00028624 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-23 21:25 - 2009-07-14 05:45 - 00028624 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-23 21:20 - 2014-09-08 14:26 - 00000000 ____D () C:\Program Files (x86)\360
2014-10-23 21:16 - 2014-09-08 14:27 - 00000000 ____D () C:\360SANDBOX
2014-10-23 21:16 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-23 18:03 - 2014-09-11 21:36 - 00000000 __SHD () C:\ProgramData\360Quarant
2014-10-23 18:03 - 2014-09-11 17:10 - 00000000 __SHD () C:\$360Section
2014-10-23 15:56 - 2013-02-16 19:35 - 00000000 ____D () C:\Windows\Minidump
2014-10-23 15:14 - 2014-06-03 13:06 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-23 04:54 - 2012-02-28 01:14 - 00000000 ____D () C:\Users\Susanne
2014-10-23 04:51 - 2013-09-26 12:13 - 00000000 ____D () C:\ProgramData\Oracle
2014-10-23 04:46 - 2014-08-11 14:49 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-10-23 04:46 - 2013-09-26 12:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-10-23 04:46 - 2012-02-28 00:25 - 00000000 ____D () C:\Program Files (x86)\Java
2014-10-23 01:18 - 2014-08-23 02:11 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-10-21 23:20 - 2014-06-17 23:51 - 00000000 ____D () C:\Windows\system32\log
2014-10-21 23:20 - 2013-12-21 19:13 - 00000000 ____D () C:\AdwCleaner
2014-10-21 21:37 - 2014-06-03 13:05 - 00000787 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-10-21 21:37 - 2014-06-03 13:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-10-20 21:13 - 2013-12-23 00:51 - 00000000 ____D () C:\Users\Susanne\AppData\Roaming\Wise Care 365
2014-10-20 21:13 - 2013-02-09 17:50 - 00000000 ____D () C:\Users\Susanne\AppData\Roaming\MediaMonkey
2014-10-17 22:29 - 2014-09-08 14:27 - 00000000 ____D () C:\Windows\Tasks\360Disabled
2014-10-17 22:29 - 2013-12-23 00:52 - 00003080 _____ () C:\Windows\System32\Tasks\Wise Turbo Checker
2014-10-16 19:53 - 2014-05-19 15:25 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-10-14 23:54 - 2013-05-02 10:51 - 00043064 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-10-14 23:54 - 2013-03-28 21:11 - 00131608 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-10-14 23:54 - 2013-03-28 21:11 - 00119272 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-10-14 23:47 - 2014-08-27 20:37 - 00000000 ____D () C:\Users\Susanne\AppData\Local\Adobe
2014-10-14 23:47 - 2012-04-04 15:14 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-10-14 23:47 - 2012-04-04 15:14 - 00003824 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-10-14 23:47 - 2012-02-28 00:32 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-10-14 22:03 - 2012-02-28 00:04 - 00700118 _____ () C:\Windows\system32\perfh007.dat
2014-10-14 22:03 - 2012-02-28 00:04 - 00149968 _____ () C:\Windows\system32\perfc007.dat
2014-10-14 22:03 - 2011-02-11 00:03 - 01596508 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-10-14 22:03 - 2009-07-14 06:13 - 01596508 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-14 21:59 - 2013-01-23 02:35 - 00000000 ____D () C:\Users\Susanne\AppData\Local\Abelssoft
2014-10-14 21:38 - 2009-07-14 06:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-10-14 21:31 - 2014-04-22 19:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-10-14 21:31 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-10-14 21:31 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-10-14 21:23 - 2013-08-14 12:50 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-14 21:14 - 2012-02-28 04:29 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-10-14 17:46 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-10-14 17:46 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2014-10-14 17:45 - 2012-12-24 01:36 - 00000000 ____D () C:\Users\Susanne\AppData\Roaming\IObit
2014-10-08 03:10 - 2013-10-29 00:03 - 00001382 _____ () C:\Users\Susanne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-10-08 03:10 - 2012-02-28 02:12 - 00001283 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-10-08 03:10 - 2012-02-28 02:12 - 00001271 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-10-08 03:10 - 2012-02-28 01:16 - 00001643 _____ () C:\Users\Susanne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-10-08 02:58 - 2014-06-04 23:28 - 00000000 ____D () C:\ProgramData\Package Cache
2014-10-03 23:48 - 2013-02-09 17:50 - 00000742 _____ () C:\Users\Public\Desktop\MediaMonkey.lnk
2014-10-03 23:48 - 2013-02-09 17:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MediaMonkey
2014-10-03 02:34 - 2012-02-28 01:25 - 00000000 ____D () C:\Update
2014-10-03 02:27 - 2014-09-14 01:10 - 00000000 ____D () C:\Windows\Temp083112BD-D59E-8962-B4C4-F089FCBF1BD7-Signatures
2014-10-03 02:27 - 2012-02-28 00:22 - 00000000 ____D () C:\temp
2014-10-02 23:11 - 2012-02-28 00:28 - 00000000 ____D () C:\Windows\System32\Tasks\Sony Corporation
2014-10-02 23:11 - 2012-02-28 00:06 - 00000000 ____D () C:\ProgramData\Sony Corporation
2014-10-02 23:10 - 2012-02-28 00:16 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-10-02 23:10 - 2012-02-28 00:06 - 00000000 ____D () C:\Program Files\Sony
2014-10-01 14:52 - 2012-02-29 02:40 - 00000000 ____D () C:\Users\Susanne\AppData\Roaming\SoftGrid Client
2014-10-01 10:11 - 2014-06-03 13:05 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-10-01 10:11 - 2014-06-03 13:05 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-10-01 10:11 - 2014-06-03 13:05 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-09-27 02:14 - 2013-04-27 02:19 - 00000000 ____D () C:\Users\Susanne\AppData\Roaming\DVDVideoSoft

Files to move or delete:
====================
C:\Users\Susanne\fbchathistory.dat


Some content of TEMP:
====================
C:\Users\Susanne\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-02 17:34

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---

Hi,
ich hoffe dass ich jetz alles richtig gemacht habe.
Grüße
Merline

Antwort

Themen zu Pepper zip
cursormania toolbar entfernen, fehlercode 0x40000015, fehlercode 0x80000003, fehlercode 0xc0000005, fehlercode 24, fehlercode windows, pepperzip 1.0 entfernen, pup.optional.outbrowse, this device cannot start. (code10), win32/adware.ibryte.al, win32/conduit.searchprotect.n, win32/downloadguide.a, win32/downloadsponsor.a, win32/elex.as, win32/sweetim.l, win32/toolbar.mywebsearch.aa, win32/toolbar.mywebsearch.ac, win32/toolbar.mywebsearch.ah, win32/toolbar.mywebsearch.ai, win32/toolbar.mywebsearch.aj, win32/toolbar.mywebsearch.al, win32/toolbar.perion.d, win64/systweak.a, win64/toolbar.mywebsearch.b, win64/toolbar.perion.a




Zum Thema Pepper zip - Hallo zusammen, ich bin ganz neu hier und habe auch schon ein Problem. Ich hatte plötzlich das Programm oder was das auch immer sein soll Pepper zip auf meinem Laptop. - Pepper zip...
Archiv
Du betrachtest: Pepper zip auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.