Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Windows Vista - Werbung überall im Internet - Nervig

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 14.04.2014, 13:09   #1
Breaker-Fan
 
Windows Vista - Werbung überall im Internet - Nervig - Standard

Windows Vista - Werbung überall im Internet - Nervig



Hey Leute,

ich habe seit mitte Dezember den Vista von meinem Bruder. Nun habe ich leider überall Werbung im Internet und die Wörter stehen manchmal Doppelt da und sind Blau unterlegt.

Mein Betriebssystem:

Windows Vista
Service Pack 1
Arbeitsspeicher 4GB
32 bit System

Ich hatte das Problem schoneinmal gehabt letztes Jahr auf meinem alten Vista und da wurde mir in diesem Forum auch sehr gut geholfen. Ich hoffe ihr könnt mir wieder helfen.

mfg,
Breaker-Fan

Alt 14.04.2014, 14:21   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Windows Vista - Werbung überall im Internet - Nervig - Standard

Windows Vista - Werbung überall im Internet - Nervig



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 14.04.2014, 15:23   #3
Breaker-Fan
 
Windows Vista - Werbung überall im Internet - Nervig - Standard

Windows Vista - Werbung überall im Internet - Nervig



FRST:
FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-04-2014 01
Ran by Simon Heißenbüttel (administrator) on LARS on 14-04-2014 15:15:43
Running from C:\Users\Simon Heißenbüttel\Desktop
Microsoft® Windows Vista™ Home Premium  Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: hxxp://splashurl.com/q4fr4gx 
Download link for 64-Bit Version: hxxp://splashurl.com/o7y27b8 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://splashurl.com/pstt3wa

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Cherished Technololgy LIMITED) C:\ProgramData\IePluginService\PluginService.exe
(Cherished Technololgy LIMITED) C:\ProgramData\WPM\wprotectmanager.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Advanced Micro Devices) C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
() C:\Windows\system32\PnkBstrA.exe
() C:\Program Files\Re-markit\Re-markit153.exe
() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
(RapidSolution Software AG) C:\Program Files\RapidSolution\Scramby\ScrambyServer.exe
() C:\Users\Simon Heißenbüttel\AppData\LocalLow\StumbleUpon\IE\StumbleUponUpdater.exe
() C:\Program Files\V-bates\ExtensionUpdaterService.exe
(Wajam) C:\Program Files\Wajam\Updater\WajamUpdaterV3.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Conduit) C:\Program Files\SearchProtect\Main\bin\CltMngSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Conduit) C:\Program Files\SearchProtect\SearchProtect\bin\cltmng.exe
(Conduit) C:\Program Files\SearchProtect\UI\bin\cltmngui.exe
() C:\Program Files\Re-markit\Re-markit_wd.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe
(Spotify Ltd) C:\Users\Simon Heißenbüttel\AppData\Roaming\Spotify\spotify.exe
(Spotify Ltd) C:\Users\Simon Heißenbüttel\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Akamai Technologies, Inc.) C:\Users\Simon Heißenbüttel\AppData\Local\Akamai\netsession_win.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
(RaduKing) C:\VistaOSX09\RKLauncher.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
(Catalina Group Ltd.) C:\Users\Simon Heißenbüttel\AppData\Local\CatalinaGroup\Update\1.3.25.201\CatalinaCrashHandler.exe
(Akamai Technologies, Inc.) C:\Users\Simon Heißenbüttel\AppData\Local\Akamai\netsession_win.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
() C:\Users\Simon Heißenbüttel\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Simon Heißenbüttel\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Simon Heißenbüttel\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\system32\wuauclt.exe
() C:\Users\Simon Heißenbüttel\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Simon Heißenbüttel\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(Microsoft Corporation) C:\Windows\system32\conime.exe
() C:\Users\Simon Heißenbüttel\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Simon Heißenbüttel\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Program Files\V-bates\PrefHelper.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-03-09] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-20] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [153672 2010-06-14] (Logitech Inc.)
HKU\S-1-5-19\...\Run: [Sidebar] => C:\Program Files\Windows Sidebar\Sidebar.exe [1233920 2008-01-19] (Microsoft Corporation)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [Sidebar] => C:\Program Files\Windows Sidebar\Sidebar.exe [1233920 2008-01-19] (Microsoft Corporation)
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-1542286733-762331249-3556991456-1000\...\Run: [Steam] => C:\Program Files\Steam\Steam.exe [1821888 2014-02-25] (Valve Corporation)
HKU\S-1-5-21-1542286733-762331249-3556991456-1000\...\Run: [Spotify] => C:\Users\Simon Heißenbüttel\AppData\Roaming\Spotify\Spotify.exe [6087224 2014-04-11] (Spotify Ltd)
HKU\S-1-5-21-1542286733-762331249-3556991456-1000\...\Run: [Spotify Web Helper] => C:\Users\Simon Heißenbüttel\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171000 2014-04-11] (Spotify Ltd)
HKU\S-1-5-21-1542286733-762331249-3556991456-1000\...\Run: [CatalinaGroup Update] => C:\Users\Simon Heißenbüttel\AppData\Local\CatalinaGroup\Update\CatalinaUpdate.exe [147440 2013-12-22] (Catalina Group Ltd.)
HKU\S-1-5-21-1542286733-762331249-3556991456-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Simon Heißenbüttel\AppData\Local\Akamai\netsession_win.exe [4672920 2014-03-06] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1542286733-762331249-3556991456-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-1542286733-762331249-3556991456-1000\...\Run: [Clownfish] => C:\Program Files\Clownfish\Clownfish.exe [1309432 2014-02-04] (Bogdan Sharkov)
HKU\S-1-5-21-1542286733-762331249-3556991456-1000\...\Run: [Browser Infrastructure Helper] => C:\Users\Simon Heißenbüttel\AppData\Local\Smartbar\Application\SnapDo.exe [27680 2014-03-04] (Smartbar)
HKU\S-1-5-21-1542286733-762331249-3556991456-1000\...\MountPoints2: {889863bd-5f63-11e3-acc2-001bfc03b934} - J:\pushinst.exe
HKU\S-1-5-21-1542286733-762331249-3556991456-1000\...\MountPoints2: {9106573c-569e-11e3-98e1-001bfc03b934} - L:\LGAutoRun.exe
HKU\S-1-5-21-1542286733-762331249-3556991456-1000\...\MountPoints2: {aa4f6777-418c-11e3-bf7e-001bfc03b934} - K:\LGAutoRun.exe
HKU\S-1-5-21-1542286733-762331249-3556991456-1000\...\MountPoints2: {f4ea3e09-3f44-11e3-97ef-806e6f6e6963} - D:\setup.exe
AppInit_DLLs: C:\PROGRA~1\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => C:\Program Files\SearchProtect\SearchProtect\bin\SPVC32Loader.dll [1050400 2014-03-30] (Conduit)
Startup: C:\Users\Simon Heißenbüttel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dock.lnk
ShortcutTarget: Dock.lnk -> C:\VistaOSX09\RKLauncher.exe (RaduKing)
Startup: C:\Users\Simon Heißenbüttel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GameRanger.lnk
ShortcutTarget: GameRanger.lnk -> C:\Users\Simon Heißenbüttel\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe (GameRanger Technologies)

==================== Internet (Whitelisted) ====================

ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:13828
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://splashurl.com/pf65tzq
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://splashurl.com/okopeop
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://splashurl.com/pnp3u2g
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://splashurl.com/odtdrzx
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://splashurl.com/odtdrzx
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://splashurl.com/pf65tzq
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://splashurl.com/odtdrzx
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://splashurl.com/odtdrzx
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://splashurl.com/q2p7o62
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://splashurl.com/q2p7o62
SearchScopes: HKLM - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://splashurl.com/pzkbn5m
SearchScopes: HKLM - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://splashurl.com/pzkbn5m
SearchScopes: HKCU - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://splashurl.com/pf65tzq
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://splashurl.com/pf65tzq
BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO: Plus-HD-4.9 - {11111111-1111-1111-1111-110411591118} - C:\Program Files\Plus-HD-4.9\Plus-HD-4.9-bho.dll (Plus HD)
BHO: Feven 2.2 - {11111111-1111-1111-1111-110411901112} - C:\Program Files\Feven 2.2\Feven 2.2-bho.dll (Feven)
BHO: V-bates - {21EAF666-26B3-4a3c-ABD0-CA2F5A326744} - C:\Program Files\V-bates\Extension32.dll ()
BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO: Snap.DoEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
BHO: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files\SupTab\SupTab.dll (Thinknice Co. Limited)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: No Name - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} -  No File
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Wajam - {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - C:\Program Files\Wajam\IE\priam_bho.dll (Wajam)
BHO: No Name - {ae48ed75-5a56-4c5f-bbce-6f1ac3875f66} -  No File
BHO: StumbleUpon - {DB616CFF-D989-48A8-9C85-E2A8D56AB2CA} - C:\Users\Simon Heißenbüttel\AppData\LocalLow\StumbleUpon\IE\StumbleUpon.dll (StumbleUpon Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: Softonic Helper Object - {E87806B5-E908-45FD-AF5E-957D83E58E68} - C:\Program Files\Softonic\Softonic\1.8.21.14\bh\Softonic.dll (Softonic.com)
Toolbar: HKLM - No Name - {41564952-412D-5637-00A7-7A786E7484D7} -  No File
Toolbar: HKLM - Softonic Toolbar - {5018CFD2-804D-4C99-9F81-25EAEA2769DE} - C:\Program Files\Softonic\Softonic\1.8.21.14\SoftonicTlbr.dll (Softonic.com)
Toolbar: HKLM - Snap.Do - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {41564952-412D-5637-00A7-7A786E7484D7} -  No File
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog9 01 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 02 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 03 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 04 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 05 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 06 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 07 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 08 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 19 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)
Tcpip\Parameters: [DhcpNameServer] 192.168.42.129

FireFox:
========
FF ProfilePath: C:\Users\Simon Heißenbüttel\AppData\Roaming\Mozilla\Firefox\Profiles\us6z6yh8.default
FF NewTab: hxxp://www.delta-homes.com/newtab/?utm_source=b&utm_medium=wpm0325&utm_campaign=WDCXWD3200AAJS-07RYA0_WD-WCAPZ097979179791&utm_content=nt&from=wpm0325&uid=WDCXWD3200AAJS-07RYA0_WD-WCAPZ097979179791&ts=1396172342
FF Homepage: hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbQlzfY23FxTb9PwZyXtcFePoBG0uZqhQ_6NwvYA4Vr2Y3M-HtsJXg1wuia40lM1Odb9lE4y9gsELHnb6F_rMUjLvetaFwJDQafPwsUt7pX9gYZexn2A4wpD3jnUooJrcERsHwGqDfb_I52mhxXAtH5GhRrb4A_Gat3Xi1gQIVWRAKY,
FF Keyword.URL: hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbQlzfY23FxTb9PwZyXtcFePoBG0uZqhQ_6NwvYA4Vr2Y3M-HtsJXg1wuia40lM1Odb9lE4y9gsELHnb6F_rMUjLvetaFwJDQafPwsUt7pX9jY7z20V_jWmYlwOLvvpyfFT-spae9hCL8yQDlfeqJFkjaMUAgw4pJkRmiwDKP4F_9Hc,&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=16.0.3.51 - C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.3.51 - C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin: @tools.dpliveupdate.com/DealPlyLive Update;version=3 - C:\Program Files\DealPlyLive\Update\1.3.23.0\npGoogleUpdate3.dll (DealPly Technologies Ltd)
FF Plugin: @tools.dpliveupdate.com/DealPlyLive Update;version=9 - C:\Program Files\DealPlyLive\Update\1.3.23.0\npGoogleUpdate3.dll (DealPly Technologies Ltd)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.0 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin HKCU: @catalinahub.com/CatalinaGroup Update;version=3 - C:\Users\Simon Heißenbüttel\AppData\Local\CatalinaGroup\Update\1.3.25.201\npCatalinaUpdate3.dll (Catalina Group Ltd.)
FF Plugin HKCU: @catalinahub.com/CatalinaGroup Update;version=9 - C:\Users\Simon Heißenbüttel\AppData\Local\CatalinaGroup\Update\1.3.25.201\npCatalinaUpdate3.dll (Catalina Group Ltd.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Simon Heißenbüttel\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF SearchPlugin: C:\Users\Simon Heißenbüttel\AppData\Roaming\Mozilla\Firefox\Profiles\us6z6yh8.default\searchplugins\Web Search.xml
FF Extension: Feven 2.2 - C:\Users\Simon Heißenbüttel\AppData\Roaming\Mozilla\Firefox\Profiles\us6z6yh8.default\Extensions\15d84a30-fc9d-4fca-80a7-e5797da621a2@b2cb2d04-e262-4863-aee7-9d0e4333b550.com [2014-03-08]
FF Extension: Plus-HD-4.9 - C:\Users\Simon Heißenbüttel\AppData\Roaming\Mozilla\Firefox\Profiles\us6z6yh8.default\Extensions\d019febe-eb2b-4057-a3f2-7def88f2c9cd@1cced8ec-0ffe-43ea-b4b2-fbce5de8e9a4.com [2014-03-08]
FF Extension: vis - C:\Users\Simon Heißenbüttel\AppData\Roaming\Mozilla\Firefox\Profiles\us6z6yh8.default\Extensions\EFGLQA@78ETGYN-0W7FN789T87.COM [2013-12-07]
FF Extension: StumbleUpon - C:\Users\Simon Heißenbüttel\AppData\Roaming\Mozilla\Firefox\Profiles\us6z6yh8.default\Extensions\toolbar@stumbleupon.com [2013-12-08]
FF Extension: DealPly  Shopping - C:\Users\Simon Heißenbüttel\AppData\Roaming\Mozilla\Firefox\Profiles\us6z6yh8.default\Extensions\{906000a4-88d9-4d52-b209-7a772970d91f} [2013-12-22]
FF Extension: SnapDo - C:\Users\Simon Heißenbüttel\AppData\Roaming\Mozilla\Firefox\Profiles\us6z6yh8.default\Extensions\firefox@splashurl.com.xpi [2014-02-12]
FF Extension: Linksicle - C:\Program Files\Mozilla Firefox\extensions\linksicle@linksicle.com [2013-12-25]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ []
FF HKLM\...\Firefox\Extensions: [linksicle@linksicle.com] - C:\Program Files\Mozilla Firefox\extensions\linksicle@linksicle.com
FF Extension: Linksicle - C:\Program Files\Mozilla Firefox\extensions\linksicle@linksicle.com [2013-12-25]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-11-06]
FF HKLM\...\Firefox\Extensions: [{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}] - C:\Program Files\V-bates\Firefox
FF Extension: V-bates - C:\Program Files\V-bates\Firefox [2014-04-11]
FF HKCU\...\Firefox\Extensions: [{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}] - C:\Program Files\Wajam\Firefox\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpi
FF Extension: Wajam - C:\Program Files\Wajam\Firefox\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpi [2013-10-03]

Chrome: 
=======
CHR DefaultSearchKeyword: search.snapdo.com
CHR DefaultSearchURL: hxxp://splashurl.com/pzkbn5m
CHR DefaultNewTabURL: 
CHR Extension: (McAfee Security Scan+) - C:\Users\Simon Heißenbüttel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh [2014-03-16]
CHR Extension: (Search Switch) - C:\Users\Simon Heißenbüttel\AppData\Local\Google\Chrome\User Data\Default\Extensions\dopemniaeocfenlpnoannaefnhfcjcgi [2014-03-30]
CHR Extension: (Softonic Chrome Toolbar) - C:\Users\Simon Heißenbüttel\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf [2014-03-30]
CHR Extension: (Linksicle) - C:\Users\Simon Heißenbüttel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gohhkpbcblcpnaghfmnkfangnkkagacg [2013-12-07]
CHR Extension: (RealDownloader) - C:\Users\Simon Heißenbüttel\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2014-03-30]
CHR Extension: (Lightning Newtab) - C:\Users\Simon Heißenbüttel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo [2013-12-28]
CHR Extension: (Plus-HD-4.9) - C:\Users\Simon Heißenbüttel\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjflmfkjppbmejlfbhlpgjnomdoefkfa [2013-12-07]
CHR Extension: (Wajam) - C:\Users\Simon Heißenbüttel\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp [2014-04-01]
CHR Extension: (V-bates) - C:\Users\Simon Heißenbüttel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljmibnagodajacnnbifpamhggcohblip [2014-04-11]
CHR Extension: (Feven 2.2) - C:\Users\Simon Heißenbüttel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlmbdmpjmlijibeockamioakdpmhjnpk [2014-02-17]
CHR Extension: (Google Wallet) - C:\Users\Simon Heißenbüttel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-17]
CHR Extension: (Extended Protection) - C:\Users\Simon Heißenbüttel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogfjmhfnldnajmfaofeiaepghjenbgjo [2014-04-01]
CHR Extension: (Quick Start) - C:\Users\Simon Heißenbüttel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma [2014-04-01]
CHR Extension: (StumbleUpon) - C:\Users\Simon Heißenbüttel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgifblbjgdjhcelbanblbhkhmbnnmhfg [2013-12-16]
CHR HKLM\...\Chrome\Extension: [aaaaacalgebmfelllfiaoknifldpngjh] - C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7\CRX\ToolbarCR.crx [2013-12-16]
CHR HKLM\...\Chrome\Extension: [dopemniaeocfenlpnoannaefnhfcjcgi] - C:\Users\Simon Heißenbüttel\AppData\Local\Google\Chrome\User Data\Default\Extensions\searchswitch.crx [2014-03-30]
CHR HKLM\...\Chrome\Extension: [elchiiiejkobdbblfejjkbphbddgmljf] - C:\Program Files\Softonic\Softonic\1.8.21.14\Softonic.crx [2013-06-11]
CHR HKLM\...\Chrome\Extension: [gohhkpbcblcpnaghfmnkfangnkkagacg] - C:\Program Files\Linksicle\Chrome\gohhkpbcblcpnaghfmnkfangnkkagacg.crx [2013-12-07]
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14]
CHR HKLM\...\Chrome\Extension: [ifohbjbgfchkkfhphahclmkpgejiplfo] - C:\Users\Simon Heißenbüttel\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx [2013-12-22]
CHR HKLM\...\Chrome\Extension: [jpmbfleldcgkldadpdinhjjopdfpjfjp] - C:\Users\Simon Heißenbüttel\AppData\Local\Wajam\Chrome\wajam.crx [2012-09-14]
CHR HKLM\...\Chrome\Extension: [ogfjmhfnldnajmfaofeiaepghjenbgjo] - C:\Users\Simon Heißenbüttel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ep.crx [2014-03-30]
CHR HKLM\...\Chrome\Extension: [pelmeidfhdlhlbjimpabfcbnnojbboma] - C:\Users\Simon Heißenbüttel\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv3.crx [2014-03-30]
CHR HKLM\...\Chrome\Extension: [pgifblbjgdjhcelbanblbhkhmbnnmhfg] - C:\Users\Simon Heißenbüttel\AppData\LocalLow\StumbleUpon\CHROME\StumbleUpon.crx [2011-11-22]

========================== Services (Whitelisted) =================

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [294400 2011-03-09] (Advanced Micro Devices, Inc.)
R2 AMD Reservation Manager; C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe [140224 2010-06-17] (Advanced Micro Devices)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [1017424 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 CltMngSvc; C:\Program Files\SearchProtect\Main\bin\CltMngSvc.exe [2466080 2014-03-30] (Conduit)
S2 dealplylive; C:\Program Files\DealPlyLive\Update\DealPlyLive.exe [148000 2013-12-22] (DealPly Technologies Ltd)
S3 dealplylivem; C:\Program Files\DealPlyLive\Update\DealPlyLive.exe [148000 2013-12-22] (DealPly Technologies Ltd)
R2 IePluginService; C:\ProgramData\IePluginService\PluginService.exe [705136 2014-04-11] (Cherished Technololgy LIMITED)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [235696 2014-01-16] (McAfee, Inc.)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [66872 2013-11-29] ()
R2 Re-markit; C:\Program Files\Re-markit\Re-markit153.exe [180736 2014-02-12] ()
R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
R2 ScrambyServer; C:\Program Files\RapidSolution\Scramby\ScrambyServer.exe [140025 2007-09-25] (RapidSolution Software AG)
R2 StumbleUponUpdater; C:\Users\Simon Heißenbüttel\AppData\LocalLow\StumbleUpon\IE\StumbleUponUpdater.exe [18432 2011-11-22] ()
R2 V-bates Updater; C:\Program Files\V-bates\ExtensionUpdaterService.exe [209408 2014-01-28] ()
R2 WajamUpdaterV3; C:\Program Files\Wajam\Updater\WajamUpdaterV3.exe [114176 2013-11-11] (Wajam)
R2 Wpm; C:\ProgramData\WPM\wprotectmanager.exe [510608 2014-03-05] (Cherished Technololgy LIMITED)

==================== Drivers (Whitelisted) ====================

R3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag.sys [23040 2011-09-06] (LG Electronics Inc.)
R3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem.sys [27776 2011-09-06] (LG Electronics Inc.)
R3 andnetndis; C:\Windows\System32\DRIVERS\lgandnetndis.sys [70400 2011-09-16] (LG Electronics Inc.)
R3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdLH3.sys [97296 2010-11-17] (Advanced Micro Devices)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [281760 2013-11-23] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [90400 2013-12-19] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [135648 2013-12-19] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-10-10] (Avira Operations GmbH & Co. KG)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [4352 2010-10-01] (AVM Berlin)
S3 fwlanusb4; C:\Windows\System32\DRIVERS\fwlanusb4.sys [926080 2010-10-01] (AVM GmbH)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25888 2013-11-23] ()
R1 lsnfd; C:\Windows\System32\drivers\lsnfd.sys [52688 2013-10-02] (Linksicle)
R3 scramby; C:\Windows\System32\drivers\scramby.sys [25896 2007-02-13] (RapidSolution Software AG)
R3 scramby_out; C:\Windows\System32\drivers\scramby_out.sys [23840 2007-08-08] (RapidSolution Software AG)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-10-10] (Avira GmbH)
R3 WmBEnum; C:\Windows\System32\drivers\WmBEnum.sys [22856 2010-04-27] (Logitech Inc.)
R3 WmFilter; C:\Windows\System32\drivers\WmFilter.sys [37704 2010-04-27] (Logitech Inc.)
R3 WmHidLo; C:\Windows\System32\drivers\WmHidLo.sys [31816 2010-04-27] (Logitech Inc.)
R3 WmVirHid; C:\Windows\System32\drivers\WmVirHid.sys [15048 2010-04-27] (Logitech Inc.)
R3 WmXlCore; C:\Windows\System32\drivers\WmXlCore.sys [66632 2010-04-27] (Logitech Inc.)
S3 AODDriver4.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [X]
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S1 iSafeNetFilter; \??\C:\Program Files\iSafe\iSafeNetFilter.sys [X]
S3 LGBusEnum; system32\drivers\LGBusEnum.sys [X]
S3 LGVirHid; system32\drivers\LGVirHid.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-14 15:06 - 2014-04-14 15:16 - 00030663 _____ () C:\Users\Simon Heißenbüttel\Desktop\FRST.txt
2014-04-14 15:05 - 2014-04-14 15:15 - 00000000 ____D () C:\FRST
2014-04-14 15:05 - 2014-04-14 15:05 - 01146368 _____ (Farbar) C:\Users\Simon Heißenbüttel\Desktop\FRST.exe
2014-04-12 18:56 - 2013-05-15 23:32 - 00000085 _____ () C:\Users\Simon Heißenbüttel\Documents\color.tobj
2014-04-12 18:16 - 2014-04-12 18:30 - 00000000 ____D () C:\Users\Simon Heißenbüttel\Documents\Neuer Ordner
2014-04-12 18:10 - 2014-04-12 18:11 - 00000218 _____ () C:\Users\Simon Heißenbüttel\Desktop\color8.sii
2014-04-12 17:53 - 2014-04-12 18:08 - 02796344 _____ () C:\Users\Simon Heißenbüttel\Desktop\colore.dds
2014-04-12 17:53 - 2014-04-12 17:54 - 00000086 _____ () C:\Users\Simon Heißenbüttel\Desktop\colore.tobj
2014-04-12 17:35 - 2014-04-12 20:14 - 02796344 _____ () C:\Users\Simon Heißenbüttel\Documents\color.dds
2014-04-12 17:29 - 2014-04-12 17:29 - 00177295 _____ () C:\Users\Simon Heißenbüttel\AppData\Local\recently-used.xbel
2014-04-12 17:19 - 2014-04-12 17:34 - 12582966 _____ () C:\Users\Simon Heißenbüttel\Documents\norm.bmp
2014-04-12 10:04 - 2014-04-12 10:06 - 39911349 _____ () C:\Users\Simon Heißenbüttel\Desktop\Renault_Range_T_byDiesel3d.rar
2014-04-12 09:23 - 2014-04-12 09:23 - 00000328 _____ () C:\Windows\PFRO.log
2014-04-11 23:20 - 2014-04-11 23:20 - 00000000 ____D () C:\Users\Simon Heißenbüttel\Desktop\Mercedes_Mp4_By_Axeet
2014-04-11 23:19 - 2014-04-11 23:19 - 16776180 _____ () C:\Users\Simon Heißenbüttel\Desktop\InteriorSound.scs
2014-04-11 23:14 - 2014-04-11 23:14 - 23850497 _____ () C:\Users\Simon Heißenbüttel\Desktop\DAF-XF-105-Euro-6-DAF-Promo.scs
2014-04-11 23:07 - 2014-04-11 23:09 - 66638038 _____ () C:\Users\Simon Heißenbüttel\Desktop\InteriorSound.rar
2014-04-11 22:32 - 2014-04-11 22:33 - 39181142 _____ () C:\Users\Simon Heißenbüttel\Desktop\Mercedes_Mp4_By_Axeet.rar
2014-04-11 20:13 - 2014-04-14 15:14 - 00000308 _____ () C:\Windows\Tasks\FF Watcher {70B6126A-858D-435C-AC76-98BE142C8EE8}.job
2014-04-11 20:13 - 2014-04-11 20:13 - 00000000 ____D () C:\Program Files\V-bates
2014-04-11 20:05 - 2014-04-11 20:16 - 00000000 ____D () C:\Program Files\Logitech
2014-04-11 20:05 - 2014-04-11 20:05 - 00000000 ____D () C:\Users\Simon Heißenbüttel\{114fa454-7233-41c0-88ea-d535fdf6d22f}
2014-04-11 20:05 - 1998-06-17 19:07 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\Mfc42loc.dll
2014-04-11 20:04 - 2014-04-11 20:13 - 00004497 _____ () C:\LGSInst.Log
2014-04-11 20:03 - 2014-04-11 20:03 - 09358288 _____ (Logitech Inc. ) C:\Users\Simon Heißenbüttel\Desktop\lgs460enu.exe
2014-04-11 19:44 - 2014-04-11 20:04 - 00000000 ____D () C:\Program Files\Logitech Gaming Software
2014-04-11 19:44 - 2014-04-11 19:44 - 00000000 ____D () C:\ProgramData\Package Cache
2014-04-11 19:42 - 2014-04-11 19:42 - 00000000 ____D () C:\Users\Simon Heißenbüttel\AppData\Roaming\Logitech
2014-04-11 19:42 - 2014-04-11 19:42 - 00000000 ____D () C:\Users\Simon Heißenbüttel\AppData\Roaming\Logishrd
2014-04-11 19:40 - 2014-04-11 19:41 - 58157448 _____ (Logitech Inc.) C:\Users\Simon Heißenbüttel\Desktop\LGS_8.53.148_x86_Logitech.exe
2014-04-11 19:07 - 2014-04-11 19:53 - 00000000 ____D () C:\Users\Simon Heißenbüttel\AppData\Local\Logitech
2014-04-11 19:06 - 2014-04-11 20:16 - 00000000 ____D () C:\Program Files\Common Files\Logitech
2014-04-11 19:06 - 2014-04-11 19:06 - 00000000 ____D () C:\Users\Simon Heißenbüttel\{ee7a1e82-84b7-4c01-a68d-03cb8d757beb}
2014-04-11 19:04 - 2014-04-11 19:05 - 00000000 ____D () C:\Users\Simon Heißenbüttel\AppData\Local\SearchProtect
2014-04-11 19:04 - 2014-04-11 19:04 - 00000000 ____D () C:\Program Files\SearchProtect
2014-04-11 19:03 - 2014-04-11 19:03 - 00236920 _____ () C:\Users\Simon Heißenbüttel\Desktop\LogitechDrivingForceProGamingSoftware_downloader-5GVFeteS.exe
2014-04-11 19:03 - 2014-04-11 19:03 - 00000000 _____ () C:\END
2014-04-04 12:58 - 2014-04-04 13:11 - 111310708 _____ () C:\Users\Simon Heißenbüttel\Film.wmv
2014-04-04 11:28 - 2014-04-04 11:28 - 00000000 ____D () C:\Users\Simon Heißenbüttel\Lars
2014-04-04 11:28 - 2014-04-04 01:14 - 34817473 ____N () C:\Users\Simon Heißenbüttel\IMG_3499.mov
2014-04-04 11:28 - 2014-04-03 23:53 - 38289815 ____N () C:\Users\Simon Heißenbüttel\Lars.zip
2014-04-01 18:20 - 2014-04-01 18:25 - 00133440 _____ () C:\Users\Simon Heißenbüttel\Desktop\PlatteSoundFinal.ogg
2014-03-31 15:43 - 2014-03-31 18:46 - 00000000 ____D () C:\Users\Simon Heißenbüttel\Documents\New Unity Project
2014-03-30 11:39 - 2014-04-11 17:35 - 00000000 ____D () C:\ProgramData\IePluginService
2014-03-30 11:39 - 2014-03-30 11:39 - 00000904 _____ () C:\Users\Simon Heißenbüttel\Desktop\337 GAMES.lnk
2014-03-30 11:39 - 2014-03-30 11:39 - 00000000 ____D () C:\Users\Simon Heißenbüttel\AppData\Roaming\SupTab
2014-03-30 11:39 - 2014-03-30 11:39 - 00000000 ____D () C:\Users\Simon Heißenbüttel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\337Games
2014-03-30 11:39 - 2014-03-30 11:39 - 00000000 ____D () C:\Users\Simon Heißenbüttel\AppData\Roaming\337Games
2014-03-30 11:39 - 2014-03-30 11:39 - 00000000 ____D () C:\Program Files\SupTab
2014-03-28 19:58 - 2014-03-28 20:08 - 254316038 _____ () C:\Users\Simon Heißenbüttel\Vierkant Software.7z
2014-03-27 19:49 - 2014-04-14 15:13 - 00000000 ___HD () C:\Users\Simon Heißenbüttel\tututu
2014-03-26 19:34 - 2014-04-11 20:17 - 00000068 _____ () C:\Windows\setupact.log
2014-03-26 19:34 - 2014-03-26 19:34 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-26 18:01 - 2014-03-26 18:01 - 00001074 _____ () C:\Users\Public\Desktop\Virtual Rides 2.lnk
2014-03-26 18:01 - 2014-03-26 18:01 - 00000000 ____D () C:\Users\Simon Heißenbüttel\AppData\Roaming\Vierkant Software
2014-03-26 18:00 - 2014-03-26 18:00 - 00000000 ____D () C:\Program Files\Vierkant Software
2014-03-26 16:39 - 2014-03-26 16:39 - 00328368 _____ () C:\Windows\Minidump\Mini032614-01.dmp
2014-03-26 16:38 - 2014-03-26 16:39 - 196072102 _____ () C:\Windows\MEMORY.DMP
2014-03-23 18:46 - 2014-03-23 18:46 - 00000000 ____D () C:\Users\Simon Heißenbüttel\Desktop\Big City - Basic Version
2014-03-23 18:26 - 2014-03-23 18:32 - 211480931 _____ () C:\Users\Simon Heißenbüttel\Desktop\Big City - Basic Version.rar
2014-03-17 19:25 - 2014-03-17 19:39 - 00275500 _____ () C:\Users\Simon Heißenbüttel\Desktop\MOTORBreakDance.wav
2014-03-16 16:51 - 2014-03-19 22:11 - 00000000 ____D () C:\Users\Simon Heißenbüttel\AppData\Local\Razer
2014-03-16 16:50 - 2014-03-19 22:11 - 00000000 ____D () C:\ProgramData\Razer
2014-03-16 16:50 - 2014-03-19 22:11 - 00000000 ____D () C:\Program Files\Razer
2014-03-16 16:46 - 2014-03-16 16:47 - 41926696 _____ (Razer Inc. ) C:\Users\Simon Heißenbüttel\Desktop\RazerGameBoosterSetup_4.2.42.0.exe
2014-03-15 22:32 - 2014-03-15 22:32 - 00000000 ____D () C:\ProgramData\WindowsSearch

==================== One Month Modified Files and Folders =======

2014-04-16 14:13 - 2014-02-09 22:22 - 00000000 ____D () C:\Users\Simon Heißenbüttel\AppData\Local\Akamai
2014-04-14 15:16 - 2014-04-14 15:06 - 00030663 _____ () C:\Users\Simon Heißenbüttel\Desktop\FRST.txt
2014-04-14 15:15 - 2014-04-14 15:05 - 00000000 ____D () C:\FRST
2014-04-14 15:14 - 2014-04-11 20:13 - 00000308 _____ () C:\Windows\Tasks\FF Watcher {70B6126A-858D-435C-AC76-98BE142C8EE8}.job
2014-04-14 15:13 - 2014-03-27 19:49 - 00000000 ___HD () C:\Users\Simon Heißenbüttel\tututu
2014-04-14 15:09 - 2014-02-12 16:19 - 00000386 _____ () C:\Windows\Tasks\Re-markit Update.job
2014-04-14 15:08 - 2013-11-01 22:30 - 00000000 ____D () C:\Users\Simon Heißenbüttel\AppData\Roaming\Skype
2014-04-14 15:05 - 2014-04-14 15:05 - 01146368 _____ (Farbar) C:\Users\Simon Heißenbüttel\Desktop\FRST.exe
2014-04-14 15:02 - 2014-02-23 16:15 - 00000000 ____D () C:\Users\Simon Heißenbüttel\Documents\Euro Truck Simulator 2
2014-04-14 14:56 - 2013-10-30 21:01 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-14 14:46 - 2006-11-02 14:47 - 00003664 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-14 14:46 - 2006-11-02 14:47 - 00003664 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-14 14:38 - 2013-12-07 19:26 - 00000000 ____D () C:\Users\Simon Heißenbüttel\AppData\Roaming\Spotify
2014-04-14 14:26 - 2013-12-22 12:20 - 00000990 _____ () C:\Windows\Tasks\CatalinaGroupUpdateTaskUserS-1-5-21-1542286733-762331249-3556991456-1000UA.job
2014-04-14 14:25 - 2013-12-22 12:20 - 00000918 _____ () C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineUA.job
2014-04-14 14:20 - 2013-12-22 12:20 - 00000322 _____ () C:\Windows\Tasks\Dealply.job
2014-04-14 14:18 - 2013-11-17 14:52 - 00001122 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-14 12:26 - 2006-11-02 14:52 - 01238134 _____ () C:\Windows\WindowsUpdate.log
2014-04-14 11:25 - 2013-12-22 12:20 - 00000938 _____ () C:\Windows\Tasks\CatalinaGroupUpdateTaskUserS-1-5-21-1542286733-762331249-3556991456-1000Core.job
2014-04-14 11:25 - 2013-12-22 12:20 - 00000914 _____ () C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineCore.job
2014-04-14 11:11 - 2006-11-02 12:33 - 01604872 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-14 11:03 - 2013-11-03 14:26 - 00000000 ____D () C:\Program Files\Steam
2014-04-14 10:47 - 2014-02-12 16:20 - 00002398 _____ () C:\Windows\Tasks\Feven 2.2-validator.job
2014-04-14 10:47 - 2014-02-12 16:20 - 00002224 _____ () C:\Windows\Tasks\Feven 2.2-firefoxinstaller.job
2014-04-14 10:47 - 2014-02-12 16:20 - 00001510 _____ () C:\Windows\Tasks\Feven 2.2-updater.job
2014-04-14 10:47 - 2014-02-12 16:20 - 00001466 _____ () C:\Windows\Tasks\Feven 2.2-codedownloader.job
2014-04-14 10:47 - 2014-02-12 16:20 - 00001364 _____ () C:\Windows\Tasks\Feven 2.2-enabler.job
2014-04-14 10:47 - 2014-02-12 16:19 - 00000372 _____ () C:\Windows\Tasks\Re-markit_wd.job
2014-04-14 10:47 - 2013-12-07 22:58 - 00001832 _____ () C:\Windows\Tasks\Plus-HD-4.9-firefoxinstaller.job
2014-04-14 10:47 - 2013-12-07 22:58 - 00001310 _____ () C:\Windows\Tasks\Plus-HD-4.9-updater.job
2014-04-14 10:47 - 2013-12-07 22:58 - 00001212 _____ () C:\Windows\Tasks\Plus-HD-4.9-codedownloader.job
2014-04-14 10:47 - 2013-12-07 22:58 - 00001112 _____ () C:\Windows\Tasks\Plus-HD-4.9-enabler.job
2014-04-14 10:47 - 2013-12-07 22:57 - 00001906 _____ () C:\Windows\Tasks\Plus-HD-4.9-chromeinstaller.job
2014-04-14 10:47 - 2013-11-17 14:52 - 00001118 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-14 10:46 - 2006-11-02 15:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-13 22:48 - 2006-11-02 15:01 - 00032534 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-04-13 22:47 - 2013-10-30 21:09 - 00000000 ____D () C:\VistaOSX09
2014-04-13 15:29 - 2013-12-07 19:27 - 00000000 ____D () C:\Users\Simon Heißenbüttel\AppData\Local\Spotify
2014-04-12 20:37 - 2013-12-08 00:32 - 00000000 ____D () C:\Users\Simon Heißenbüttel\.gimp-2.8
2014-04-12 20:14 - 2014-04-12 17:35 - 02796344 _____ () C:\Users\Simon Heißenbüttel\Documents\color.dds
2014-04-12 18:30 - 2014-04-12 18:16 - 00000000 ____D () C:\Users\Simon Heißenbüttel\Documents\Neuer Ordner
2014-04-12 18:11 - 2014-04-12 18:10 - 00000218 _____ () C:\Users\Simon Heißenbüttel\Desktop\color8.sii
2014-04-12 18:08 - 2014-04-12 17:53 - 02796344 _____ () C:\Users\Simon Heißenbüttel\Desktop\colore.dds
2014-04-12 17:54 - 2014-04-12 17:53 - 00000086 _____ () C:\Users\Simon Heißenbüttel\Desktop\colore.tobj
2014-04-12 17:51 - 2013-11-03 18:49 - 00000000 ____D () C:\Users\Simon Heißenbüttel\AppData\Roaming\vlc
2014-04-12 17:34 - 2014-04-12 17:19 - 12582966 _____ () C:\Users\Simon Heißenbüttel\Documents\norm.bmp
2014-04-12 17:29 - 2014-04-12 17:29 - 00177295 _____ () C:\Users\Simon Heißenbüttel\AppData\Local\recently-used.xbel
2014-04-12 15:05 - 2013-12-08 00:34 - 00000000 ____D () C:\Users\Simon Heißenbüttel\AppData\Local\gtk-2.0
2014-04-12 10:06 - 2014-04-12 10:04 - 39911349 _____ () C:\Users\Simon Heißenbüttel\Desktop\Renault_Range_T_byDiesel3d.rar
2014-04-12 09:23 - 2014-04-12 09:23 - 00000328 _____ () C:\Windows\PFRO.log
2014-04-11 23:20 - 2014-04-11 23:20 - 00000000 ____D () C:\Users\Simon Heißenbüttel\Desktop\Mercedes_Mp4_By_Axeet
2014-04-11 23:19 - 2014-04-11 23:19 - 16776180 _____ () C:\Users\Simon Heißenbüttel\Desktop\InteriorSound.scs
2014-04-11 23:14 - 2014-04-11 23:14 - 23850497 _____ () C:\Users\Simon Heißenbüttel\Desktop\DAF-XF-105-Euro-6-DAF-Promo.scs
2014-04-11 23:09 - 2014-04-11 23:07 - 66638038 _____ () C:\Users\Simon Heißenbüttel\Desktop\InteriorSound.rar
2014-04-11 22:48 - 2014-02-21 13:52 - 00000000 ____D () C:\Users\Simon Heißenbüttel\Desktop\ets
2014-04-11 22:33 - 2014-04-11 22:32 - 39181142 _____ () C:\Users\Simon Heißenbüttel\Desktop\Mercedes_Mp4_By_Axeet.rar
2014-04-11 20:17 - 2014-03-26 19:34 - 00000068 _____ () C:\Windows\setupact.log
2014-04-11 20:16 - 2014-04-11 20:05 - 00000000 ____D () C:\Program Files\Logitech
2014-04-11 20:16 - 2014-04-11 19:06 - 00000000 ____D () C:\Program Files\Common Files\Logitech
2014-04-11 20:13 - 2014-04-11 20:13 - 00000000 ____D () C:\Program Files\V-bates
2014-04-11 20:13 - 2014-04-11 20:04 - 00004497 _____ () C:\LGSInst.Log
2014-04-11 20:13 - 2013-11-02 10:59 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-04-11 20:10 - 2013-10-27 22:59 - 00000000 ____D () C:\Users\Simon Heißenbüttel
2014-04-11 20:05 - 2014-04-11 20:05 - 00000000 ____D () C:\Users\Simon Heißenbüttel\{114fa454-7233-41c0-88ea-d535fdf6d22f}
2014-04-11 20:04 - 2014-04-11 19:44 - 00000000 ____D () C:\Program Files\Logitech Gaming Software
2014-04-11 20:03 - 2014-04-11 20:03 - 09358288 _____ (Logitech Inc. ) C:\Users\Simon Heißenbüttel\Desktop\lgs460enu.exe
2014-04-11 19:53 - 2014-04-11 19:07 - 00000000 ____D () C:\Users\Simon Heißenbüttel\AppData\Local\Logitech
2014-04-11 19:44 - 2014-04-11 19:44 - 00000000 ____D () C:\ProgramData\Package Cache
2014-04-11 19:42 - 2014-04-11 19:42 - 00000000 ____D () C:\Users\Simon Heißenbüttel\AppData\Roaming\Logitech
2014-04-11 19:42 - 2014-04-11 19:42 - 00000000 ____D () C:\Users\Simon Heißenbüttel\AppData\Roaming\Logishrd
2014-04-11 19:41 - 2014-04-11 19:40 - 58157448 _____ (Logitech Inc.) C:\Users\Simon Heißenbüttel\Desktop\LGS_8.53.148_x86_Logitech.exe
2014-04-11 19:18 - 2013-11-02 11:20 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-11 19:14 - 2006-11-02 12:24 - 88028728 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-04-11 19:06 - 2014-04-11 19:06 - 00000000 ____D () C:\Users\Simon Heißenbüttel\{ee7a1e82-84b7-4c01-a68d-03cb8d757beb}
2014-04-11 19:05 - 2014-04-11 19:04 - 00000000 ____D () C:\Users\Simon Heißenbüttel\AppData\Local\SearchProtect
2014-04-11 19:04 - 2014-04-11 19:04 - 00000000 ____D () C:\Program Files\SearchProtect
2014-04-11 19:03 - 2014-04-11 19:03 - 00236920 _____ () C:\Users\Simon Heißenbüttel\Desktop\LogitechDrivingForceProGamingSoftware_downloader-5GVFeteS.exe
2014-04-11 19:03 - 2014-04-11 19:03 - 00000000 _____ () C:\END
2014-04-11 17:35 - 2014-03-30 11:39 - 00000000 ____D () C:\ProgramData\IePluginService
2014-04-04 14:25 - 2013-12-07 23:26 - 00000000 ____D () C:\Users\Simon Heißenbüttel\GermanKirmesFactory
2014-04-04 13:12 - 2013-11-01 21:52 - 00088576 _____ () C:\Users\Simon Heißenbüttel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-04-04 13:11 - 2014-04-04 12:58 - 111310708 _____ () C:\Users\Simon Heißenbüttel\Film.wmv
2014-04-04 11:28 - 2014-04-04 11:28 - 00000000 ____D () C:\Users\Simon Heißenbüttel\Lars
2014-04-04 01:14 - 2014-04-04 11:28 - 34817473 ____N () C:\Users\Simon Heißenbüttel\IMG_3499.mov
2014-04-03 23:53 - 2014-04-04 11:28 - 38289815 ____N () C:\Users\Simon Heißenbüttel\Lars.zip
2014-04-01 18:30 - 2013-12-08 01:10 - 00000000 ____D () C:\Users\Simon Heißenbüttel\AppData\Roaming\Audacity
2014-04-01 18:25 - 2014-04-01 18:20 - 00133440 _____ () C:\Users\Simon Heißenbüttel\Desktop\PlatteSoundFinal.ogg
2014-03-31 18:46 - 2014-03-31 15:43 - 00000000 ____D () C:\Users\Simon Heißenbüttel\Documents\New Unity Project
2014-03-31 15:20 - 2013-12-22 14:20 - 00000127 _____ () C:\Users\Simon Heißenbüttel\AppData\Roaming\WB.CFG
2014-03-30 11:39 - 2014-03-30 11:39 - 00000904 _____ () C:\Users\Simon Heißenbüttel\Desktop\337 GAMES.lnk
2014-03-30 11:39 - 2014-03-30 11:39 - 00000000 ____D () C:\Users\Simon Heißenbüttel\AppData\Roaming\SupTab
2014-03-30 11:39 - 2014-03-30 11:39 - 00000000 ____D () C:\Users\Simon Heißenbüttel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\337Games
2014-03-30 11:39 - 2014-03-30 11:39 - 00000000 ____D () C:\Users\Simon Heißenbüttel\AppData\Roaming\337Games
2014-03-30 11:39 - 2014-03-30 11:39 - 00000000 ____D () C:\Program Files\SupTab
2014-03-30 11:38 - 2013-12-22 12:22 - 00000000 ____D () C:\ProgramData\WPM
2014-03-28 20:08 - 2014-03-28 19:58 - 254316038 _____ () C:\Users\Simon Heißenbüttel\Vierkant Software.7z
2014-03-26 19:34 - 2014-03-26 19:34 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-26 18:01 - 2014-03-26 18:01 - 00001074 _____ () C:\Users\Public\Desktop\Virtual Rides 2.lnk
2014-03-26 18:01 - 2014-03-26 18:01 - 00000000 ____D () C:\Users\Simon Heißenbüttel\AppData\Roaming\Vierkant Software
2014-03-26 18:00 - 2014-03-26 18:00 - 00000000 ____D () C:\Program Files\Vierkant Software
2014-03-26 16:39 - 2014-03-26 16:39 - 00328368 _____ () C:\Windows\Minidump\Mini032614-01.dmp
2014-03-26 16:39 - 2014-03-26 16:38 - 196072102 _____ () C:\Windows\MEMORY.DMP
2014-03-26 16:39 - 2013-12-16 22:44 - 00000000 ____D () C:\Windows\Minidump
2014-03-26 16:37 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\LiveKernelReports
2014-03-23 18:46 - 2014-03-23 18:46 - 00000000 ____D () C:\Users\Simon Heißenbüttel\Desktop\Big City - Basic Version
2014-03-23 18:32 - 2014-03-23 18:26 - 211480931 _____ () C:\Users\Simon Heißenbüttel\Desktop\Big City - Basic Version.rar
2014-03-19 22:15 - 2013-10-28 07:16 - 00000000 ____D () C:\Windows\PANTHER
2014-03-19 22:11 - 2014-03-16 16:51 - 00000000 ____D () C:\Users\Simon Heißenbüttel\AppData\Local\Razer
2014-03-19 22:11 - 2014-03-16 16:50 - 00000000 ____D () C:\ProgramData\Razer
2014-03-19 22:11 - 2014-03-16 16:50 - 00000000 ____D () C:\Program Files\Razer
2014-03-18 18:06 - 2013-11-17 18:42 - 00000000 ____D () C:\Program Files\Common Files\InstallShield
2014-03-17 19:39 - 2014-03-17 19:25 - 00275500 _____ () C:\Users\Simon Heißenbüttel\Desktop\MOTORBreakDance.wav
2014-03-16 16:47 - 2014-03-16 16:46 - 41926696 _____ (Razer Inc. ) C:\Users\Simon Heißenbüttel\Desktop\RazerGameBoosterSetup_4.2.42.0.exe
2014-03-15 22:32 - 2014-03-15 22:32 - 00000000 ____D () C:\ProgramData\WindowsSearch

ZeroAccess:
C:\Users\Simon Heißenbüttel\AppData\Local\Temp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\1157.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\1157.tmp.fbx
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\3358.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\3358.tmp.fbx
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\3536.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\3536.tmp.fbx
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\45B7.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\4FD7.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\4FD7.tmp.fbx
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\5DB4.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\5DB4.tmp.fbx
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\6695.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\6695.tmp.fbx
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\6D25.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\70C3.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\70C3.tmp.fbx
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\782D.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\782D.tmp.fbx
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\7ED4.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\7ED4.tmp.fbx
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\802F.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\802F.tmp.fbx
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\83B6.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\83B6.tmp.fbx
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\9680.blend
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\A341.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\A341.tmp.fbx
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\Adobelm_Cleanup.0001
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\B76F.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\B76F.tmp.fbx
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\blender.crash.txt
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\C43B.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\C43B.tmp.fbx
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\CA36.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\CA36.tmp.fbx
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\CFG5800.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\chrome_installer.log
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\D1D1.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\D4.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\D4.tmp.fbx
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\D753.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\D753.tmp.fbx
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\DA0F.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\DA0F.tmp.fbx
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\dd_vcredist_x86_20140411194351.log
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\dd_vcredist_x86_20140411194351_0_vcRuntimeMinimum_x86.log
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\dd_vcredist_x86_20140411194351_1_vcRuntimeAdditional_x86.log
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\DE71.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\DE71.tmp.fbx
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\E886.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\E886.tmp.fbx
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\EA30.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\EA30.tmp.fbx
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\EB7A.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\F6D3.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\F6D3.tmp.fbx
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\fla52D6.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\Gast.bmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\JavaDeployReg.log
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\jusched.log
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\LGAutoRun_C.Log
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\LGAutoRun_L.Log
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\LGSInst.log
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\log3
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\MSetup_2014-04-11_194331.log
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\MSIe9dc4.LOG
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\nsd9A81.exe
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\nsd9A81.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\nsdB92.exe
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\nsdB92.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\nsiA378.exe
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\nsiA378.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\nsiECA5.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\nsiF79D.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\nsn10FF.exe
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\nsn10FF.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\nsn6A1.exe
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\nsn6A1.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\nsn8CBA.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\nss9F33.exe
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\nss9F33.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\others
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\quit.blend
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\set2FB7.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\Simon Heißenbüttel.bmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\SketchUpUndo0.log
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\SketchUpUndo1.log
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\SketchUpUndo2.log
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\SketchUpUndo3.log
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\SketchUpUndo4.log
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\skp3F91.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\skp53CA.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\skp8337.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\sp-downloader.exe
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\tmpD725.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\tmpDF46.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\TWAIN.LOG
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\Twain001.Mtx
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\Twunk001.MTX
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\Twunk002.MTX
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\upe1575.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\upe166F.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\upe1EB7.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\upe21D3.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\upe25E9.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\upe2667.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\upe276E.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\upe2B18.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\upe2C30.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\upe2CDC.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\upe2DB7.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\upe2FAD.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\upe399.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\upe3B0E.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\upe3C37.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\upe4819.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\upe48E4.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\upe4DB4.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\upe4EDD.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\upe5255.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\upe541A.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\upe54E5.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\upe54F3.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\upe57F.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\upe58DC.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\upe5E77.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\upe6384.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\upe6D53.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\upe6EBC.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\upe6ECB.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\upe7022.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\upe74E4.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\upe762A.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\upe8029.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\upe81E1.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\upe8278.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\upe849C.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\upe85C4.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\upe8942.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\upe9231.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\upe9609.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\upe97AE.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\upe9C31.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\upeA076.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\upeA2D6.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\upeA5A2.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\upeA7E3.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\upeA862.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\upeA892.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\upeABC9.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\upeABDA.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\upeACE2.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\upeBA5A.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\upeBB06.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\upeBB08.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\upeC61C.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\upeC64B.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\upeC775.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\upeC9D5.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\upeCE18.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\upeCF9F.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\upeCFB0.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\upeD22E.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\upeD568.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\upeD5B8.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\upeDD73.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\upeE199.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\upeEAD0.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\upeEDF7.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\upeF308.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\upeF41F.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\upeF77C.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\upeFCF6.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\upr1498.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\upr15E1.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\upr44EB.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\upr5D0D.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\upr6CB7.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\upr6E0D.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\upr6F2C.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\upr70E0.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\upr8130.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\upr929.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\upr9359.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\upr979D.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\upr97AC.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\upr9BB2.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\uprA016.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\uprA5A3.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\uprA794.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\uprAD7D.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\uprB663.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\uprBDA3.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\uprBEDC.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\uprC17A.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\uprC32F.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\uprC3F.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\uprCA92.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\uprCCA1.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\uprD9DF.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\uprDDEF.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\uprE233.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\uprF2C6.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\uprF601.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\v-bates.exe
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\WER8A86.tmp.version.txt
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\wmplog00.sqm
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\wmplog01.sqm
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\wmplog02.sqm
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\wmplog03.sqm
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\wmplog04.sqm
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\wmplog05.sqm
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\wmplog06.sqm
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\wmplog07.sqm
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\wmplog08.sqm
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\wmplog09.sqm
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\wmplog10.sqm
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\wmplog11.sqm
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\wmplog12.sqm
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\wmplog13.sqm
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\wmplog14.sqm
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\wmplog15.sqm
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\wmplog16.sqm
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\wmplog17.sqm
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\wmplog18.sqm
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\wmplog19.sqm
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\wmsetup.log
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\{B79E1375-296D-4F23-A199-F618E1206184}\fpb.tmp
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\135b3c44.ku2
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\1h30jibl.qwy
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\4axijwxu.ipg
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\4l5dpmco.ixb
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\ayhzdsyo.hsz
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\cgx2akjq.15x
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\ino4n0k1.334
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\js3rgr0x.h03
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\mfs3dceq.ypx
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\phzoetvw.5ew
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\pt21z5ws.c4w
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\pzry4mr4.o23
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioData.xml
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\rtm2qnm1.0mx
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\TVData.xml
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\vd0qyt1h.bu2
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\1001276787.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\1032580196.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\1049633276.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\1087330818.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\10910262.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\1104610067.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\1147580050.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\1163213760.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\1204718153.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\121835881.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\122472738.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\1230328089.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\1298762877.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\1310107020.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\1326063932.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\1345014714.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\1349390236.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\1369710219.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\1373235683.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\1386532862.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\1394199207.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\1407761077.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\1415894710.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\1418938224.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\1424569337.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\1448618572.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\1481822820.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\1493636833.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\1509927059.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\1517724479.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\154459894.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\155412559.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\1669310521.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\1679097045.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\168641980.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\1758576778.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\1761620300.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\1772830074.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\179336091.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\1804880237.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\1893260371.png
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\1924605918.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\1955680767.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\2030579034.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\2035413131.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\2042360304.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\2054100928.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\2085154025.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\2098956121.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\2100782698.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\2132085398.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\2133340426.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\2135235822.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\2157068549.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\2172383622.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\2188799041.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\2197254446.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\2237253885.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\2299189749.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\2314318620.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\2319664488.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\2351760750.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\2352788679.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\2434806465.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\2448178934.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\2527570036.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\2538377536.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\2538400399.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\2540923269.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\2558778520.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\2571747616.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\2583444921.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\2587409586.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\2590608011.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\2591439044.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\2612287955.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\2628037879.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\2653061757.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\2675558977.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\2710200799.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\273527147.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\2751319937.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\2776020400.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\2787724300.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\2797249473.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\2842060987.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\285939796.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\2931527065.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\2952973582.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\2984351418.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\3033724325.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\3042219480.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\3063365749.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\3064150577.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\3082581872.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\309514462.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\3120382369.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\3122142557.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\3165264072.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\3182409528.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\3184054012.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\3187131776.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\319401273.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\3232831230.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\3233771152.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\3250796059.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\3278133524.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\3282864392.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\3308340081.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\3329535649.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\333136190.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\3353459484.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\3369034760.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\3383800463.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\3386776517.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\3423014897.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\3453891725.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\3458352640.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\3489211912.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\3498988851.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\3500507916.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\355292266.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\3561459644.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\3590131191.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\3596627549.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\3620542188.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\3663645435.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\3696038166.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\3702168251.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\3741228717.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\3763336611.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\3766425313.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\3789643263.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\3813878146.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\3814325319.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\3823133617.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\3823177572.png
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\3835949179.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\3837055614.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\3847014217.png
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\3855687987.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\3856427893.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\3862616577.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\3864747753.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\3872957308.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\3885036774.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\3887458186.png
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\3890543285.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\3944243447.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\3948768214.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\3966688001.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\3970689814.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\3976347681.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\3994114319.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\40007619.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\4032896534.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\4040521507.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\4047869151.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\4059135308.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\4108659329.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\4111842662.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\4124855599.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\4156122664.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\4160168922.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\4162666780.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\4180019228.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\42509276.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\4258041623.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\426489121.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\4289669010.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\439796844.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\446498293.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\462705098.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\502425151.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\505295175.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\554680345.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\573901993.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\610494985.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\620039489.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\647184093.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\652777024.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\655303227.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\735399138.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\765389517.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\767227599.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\768979132.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\788754019.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\813749843.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\876609851.png
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\881006563.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\90069336.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\90299962.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\918057842.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\RadioTVIcons\953710841.gif
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\smartbar\43c71630-caa2-404b-8012-95c2d0c2396d\LinkuryInstaller.msi
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\Skype\DbTemp\temp-a7JnPBhErMLwiF637brvd5d1
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\Skype\DbTemp\temp-Le0w3CjHnDZsD0OofWvrwlfh
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\Skype\DbTemp\temp-P60XLmLTmxWPvwoZENePm975
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\Skype\DbTemp\temp-ymNHHbiPzaJ7mhfo62ev5LcI
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\nsiF79D\SpSetup.exe
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\Low\JavaDeployReg.log
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\LGS-8.53.148\LGS-8.53.148.exe
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\LGS-8.53.148\LGSHlpr.dll
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\LGS-8.53.148\LGS_Hlpr2.dll
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\LGS-8.53.148\Upgrade.msi
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\LGS-8.53.148\vcredist.exe
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\L\config.ini
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\L\LGAutoRun.exe
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\L\P5_LGPsLvDlChk.dll
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\L\Progress.avi
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\L\SendScsiCmd.dll
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5\desktop.ini
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5\index.dat
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5\W3A2PW2Y\desktop.ini
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5\IU4JGJBF\desktop.ini
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5\0UT2F4MT\desktop.ini
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5\0MTZU805\desktop.ini
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\acro_rd_dir\History\History.IE5\desktop.ini
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\acro_rd_dir\History\History.IE5\index.dat
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\acro_rd_dir\Cookies\index.dat
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\7zOE836.tmp\horn.ogg
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\7zODD2F.tmp\paintjob_man.dds
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\7zODD26.tmp\emblem.dds
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\7zOD5ED.tmp\reverse.ogg
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\7zOC7FF.tmp\paintjob_DAFE6.dds
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\7zOAB1E.tmp\color.dds
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\7zO938F.tmp\horn.ogg
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\7zO4ABC.tmp\reverse.ogg
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\7zO23E5.tmp\color2.sii

Some content of TEMP:
====================
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\avgnt.exe
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\nsd9A81.exe
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\nsdB92.exe
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\nsiA378.exe
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\nsn10FF.exe
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\nsn6A1.exe
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\nss9F33.exe
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\sp-downloader.exe
C:\Users\Simon Heißenbüttel\AppData\Local\Temp\v-bates.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-14 10:52

==================== End Of Log ============================
         
--- --- ---
__________________

Alt 14.04.2014, 15:24   #4
Breaker-Fan
 
Windows Vista - Werbung überall im Internet - Nervig - Standard

Windows Vista - Werbung überall im Internet - Nervig



Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 13-04-2014 01
Ran by Simon Heißenbüttel at 2014-04-14 15:16:33
Running from C:\Users\Simon Heißenbüttel\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

337 GAMES (HKCU\...\337Games) (Version: 1.1.1.0 - )
7-Zip 9.20 (HKLM\...\7-Zip) (Version:  - )
Adobe Flash Player 12 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Help Center 1.0 (Version: 1.0.1 - Adobe Systems) Hidden
Adobe Photoshop CS2 (HKLM\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
Adobe Photoshop CS2 (Version: 9.0 - Adobe Systems, Inc.) Hidden
Adobe Stock Photos 1.0 (Version: 1.0.1 - Adobe Systems) Hidden
Akamai NetSession Interface (HKCU\...\Akamai) (Version:  - Akamai Technologies, Inc)
Albert 2.3 (HKLM\...\ST6UNST #1) (Version:  - )
AMD APP SDK Runtime (Version: 2.4.595.9 - Advanced Micro Devices Inc.) Hidden
AMD Fuel (Version: 2011.0308.2325.42017 - Ihr Firmenname) Hidden
Any Video Converter 5.5.2 (HKLM\...\Any Video Converter_is1) (Version:  - Any-Video-Converter.com)
ATI AVIVO Codecs (Version: 11.6.0.10308 - ATI Technologies Inc.) Hidden
ATI Catalyst Install Manager (HKLM\...\{850DA472-9981-5D13-9C1A-118B6DF47DFF}) (Version: 3.0.816.0 - ATI Technologies, Inc.)
Audacity 2.0.5 (HKLM\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Avira Free Antivirus (HKLM\...\Avira AntiVir Desktop) (Version: 14.0.3.350 - Avira)
Avira SearchFree Toolbar (HKLM\...\{41564952-412D-5637-00A7-A758B70C0A00}) (Version: 12.10.0.2949 - APN, LLC)
Blender (HKLM\...\Blender) (Version: 2.69 - Blender Foundation)
Caesar IV (HKLM\...\{B7666229-351B-47D9-AA6F-DF777CF04BBF}) (Version: 0.18.13 - Tilted Mill Entertainment)
Catalyst Control Center - Branding (Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center (Version: 2011.0308.2325.42017 - Ihr Firmenname) Hidden
Catalyst Control Center Graphics Previews Common (Version: 2011.0308.2325.42017 - ATI) Hidden
Catalyst Control Center InstallProxy (Version: 2011.0308.2325.42017 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (Version: 2011.0308.2325.42017 - ATI) Hidden
CCC Help Chinese Standard (Version: 2011.0308.2324.42017 - ATI) Hidden
CCC Help Chinese Traditional (Version: 2011.0308.2324.42017 - ATI) Hidden
CCC Help Czech (Version: 2011.0308.2324.42017 - ATI) Hidden
CCC Help Danish (Version: 2011.0308.2324.42017 - ATI) Hidden
CCC Help Dutch (Version: 2011.0308.2324.42017 - ATI) Hidden
CCC Help English (Version: 2011.0308.2324.42017 - ATI) Hidden
CCC Help Finnish (Version: 2011.0308.2324.42017 - ATI) Hidden
CCC Help French (Version: 2011.0308.2324.42017 - ATI) Hidden
CCC Help German (Version: 2011.0308.2324.42017 - ATI) Hidden
CCC Help Greek (Version: 2011.0308.2324.42017 - ATI) Hidden
CCC Help Hungarian (Version: 2011.0308.2324.42017 - ATI) Hidden
CCC Help Italian (Version: 2011.0308.2324.42017 - ATI) Hidden
CCC Help Japanese (Version: 2011.0308.2324.42017 - ATI) Hidden
CCC Help Korean (Version: 2011.0308.2324.42017 - ATI) Hidden
CCC Help Norwegian (Version: 2011.0308.2324.42017 - ATI) Hidden
CCC Help Polish (Version: 2011.0308.2324.42017 - ATI) Hidden
CCC Help Portuguese (Version: 2011.0308.2324.42017 - ATI) Hidden
CCC Help Russian (Version: 2011.0308.2324.42017 - ATI) Hidden
CCC Help Spanish (Version: 2011.0308.2324.42017 - ATI) Hidden
CCC Help Swedish (Version: 2011.0308.2324.42017 - ATI) Hidden
CCC Help Thai (Version: 2011.0308.2324.42017 - ATI) Hidden
CCC Help Turkish (Version: 2011.0308.2324.42017 - ATI) Hidden
ccc-utility (Version: 2011.0308.2325.42017 - ATI) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.07 - Piriform)
Citrio (HKCU\...\Citrio) (Version: 31.0.1650.224 - © CATALINA GROUP LTD.)
Clownfish for Skype (HKLM\...\Clownfish) (Version:  - )
Das große Fahrzeugpaket - Bonuspack 2 1.0  (HKLM\...\Das große Fahrzeugpaket - Bonuspack 2) (Version: 1.0 - Halycon Media)
Dealply (HKCU\...\Dealply) (Version:  - ) <==== ATTENTION
Die Sims™ 3 (HKLM\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.63.5 - Electronic Arts)
Eisenbahn.exe Professional 6.1 Classic (HKLM\...\{0F341812-B97B-44EF-A3BB-BDE65CE44ACB}) (Version: 6.00.0000 - Trend)
Euro Truck Simulator 2 (HKLM\...\{1B705E8F-9893-4486-B5D7-4F7FEB9C871E}_is1) (Version: 1.1.1 - SCS Software)
Far Cry 2 (HKLM\...\{F2835483-37F2-4123-B4FE-0E77D58447F2}) (Version: 1.03.00 - Ubisoft)
FCS - Bonuspack 3 1.0  (HKLM\...\FCS - Bonuspack 3) (Version: 1.0 - Halycon Media)
FCS - Bonuspack 5 1.0  (HKLM\...\FCS - Bonuspack 5) (Version: 1.0 - Halycon Media)
FCS - Bonuspack 6 1.0  (HKLM\...\FCS - Bonuspack 6) (Version: 1.0 - Halycon Media)
FCS - Bonuspack 7 1.0  (HKLM\...\FCS - Bonuspack 7) (Version: 1.0 - Halycon Media)
Feven 2.2 (HKLM\...\Feven 2.2) (Version: 1.34.1.29 - Feven) <==== ATTENTION
FilesFrog Update Checker (HKLM\...\FilesFrog Update Checker) (Version:  - ) <==== ATTENTION
Font Creator Program 3.1.3 (HKLM\...\Font Creator Program_is1) (Version:  - )
Fraps (remove only) (HKLM\...\Fraps) (Version:  - )
Free YouTube to MP3 Converter version 3.12.16.1030 (HKLM\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.16.1030 - DVDVideoSoft Ltd.)
GameRanger (HKCU\...\GameRanger) (Version:  - GameRanger Technologies)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Google Chrome (HKLM\...\Google Chrome) (Version: 34.0.1847.116 - Google Inc.)
Google SketchUp Pro 8 (HKLM\...\{5882F1F6-305C-47BE-89AF-DA5D9AD56EE8}) (Version: 3.0.14358 - Google, Inc.)
Google Update Helper (Version: 1.3.23.9 - Google Inc.) Hidden
Grand Theft Auto IV (HKLM\...\Steam App 12210) (Version:  - Rockstar North)
HydraVision (Version: 4.2.188.0 - ATI Technologies Inc.) Hidden
IrfanView (remove only) (HKLM\...\IrfanView) (Version: 4.36 - Irfan Skiljan)
Java 7 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Konga Simulation Version V 1.0 (HKLM\...\{FF46A65C-CAAF-41AF-BA21-C7506152D3D7}_is1) (Version: V 1.0 - 3D Mega Ride Simulations)
LG United Mobile Drivers (HKLM\...\{C2944BE7-9BFF-4EF0-A362-CB3281B7C50D}) (Version: 3.6.0.0 - LG Electronics)
Linksicle (HKLM\...\Linksicle) (Version: 1.8.2.0 - Linksicle)
Logitech Gaming Software 5.10 (HKLM\...\{60D32CDC-E3BE-4578-BA10-29322307CDDC}) (Version: 5.10.127 - Logitech)
LogonStudio (HKLM\...\LogonStudio) (Version:  - )
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.141.11 - McAfee, Inc.)
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE (HKLM\...\{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}) (Version: 3.1.186.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Train Simulator (HKLM\...\Train Simulator 1.0) (Version:  - )
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Mozilla Firefox 26.0 (x86 en-US) (HKLM\...\Mozilla Firefox 26.0 (x86 en-US)) (Version: 26.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 26.0 - Mozilla)
MRB Mak G1206 - ACTS & Portfeeders Pack verwijderen (HKLM\...\{D8913A3F-B9C6-4C6C-90B4-F6509F1ACEE4}_is1) (Version:  - MstsRouteBouwers - De Bilt)
MSTS Patch 1.8.0105 CZ (HKLM\...\{587A2120-41D3-11DB-3D6C-00E19E4D4AE1}) (Version: 1.8.010516 - George)
OpenOffice 4.0.1 (HKLM\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Origin (HKLM\...\Origin) (Version: 9.0.14.2148 - Electronic Arts, Inc.)
Perfect Effects 4.0.4 (HKLM\...\{385E6A4D-A440-43E2-9BAF-A012FB5FC2E2}) (Version: 4.0.4 - onOne Software)
Plus-HD-4.9 (HKLM\...\Plus-HD-4.9) (Version: 1.30.153.0 - Plus HD) <==== ATTENTION
PunkBuster Services (HKLM\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.)
RaceRoom Racing Experience Launcher (HKLM\...\{1FD9F07F-7BBF-4C91-B3F0-A23714A3A913}_is1) (Version: 1.0 - SimBin)
RealDownloader (Version: 1.3.3 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM\...\RealPlayer 16.0) (Version: 16.0.3 - RealNetworks)
RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden
Re-markit (HKLM\...\ca687a17-862c-4dd2-975f-e7eb5357b557) (Version:  - Re-markit Software) <==== ATTENTION
Scramby (HKLM\...\{69082C8E-38F6-445A-8617-C19008DD5392}) (Version: 2.0.40.0 - Rapid Solution Software AG)
Search Protect (HKLM\...\SearchProtect) (Version: 2.12.11.11 - Conduit) <==== ATTENTION
Skype™ 6.14 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Snap.Do (HKLM\...\{F4F6F37C-8D19-4DAD-BF7B-0953133FD43F}) (Version: 11.20.1.15636 - ReSoft Ltd.) <==== ATTENTION
Softonic toolbar  on IE and Chrome (HKLM\...\Softonic) (Version: 1.8.21.14 - Softonic) <==== ATTENTION
Spotify (HKCU\...\Spotify) (Version: 0.9.8.296.g91f68827 - Spotify AB)
Steam (HKLM\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
SupTab (HKLM\...\SupTab) (Version: 1.1.1.0 - ) <==== ATTENTION
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)
Train Store (German Language Pack) (HKLM\...\Train Store (German Language Pack)) (Version:  - )
Train Store V3.2 (HKLM\...\Train Store V3.2) (Version:  - )
TrainSimPro "Brandenburg-Frankfurt ( Oder )" 1.0 (HKLM\...\TrainSimPro "Brandenburg-Frankfurt ( Oder )" 1.0) (Version: 1.0 - BlueSky Interactive)
Unity (HKLM\...\Unity) (Version:  - Unity Technologies ApS)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
V-bates 2.0.0.438 (HKLM\...\{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}_is1) (Version: 2.0.0.438 - Southstarco) <==== ATTENTION
Virtual Rides 2 Version 1.0 (HKLM\...\{A71636CD-637E-4975-B7BF-E2FAF34BD11F}_is1) (Version: 1.0 - rondomedia Marketing & Vertriebs GmbH)
VirtualRides - Der Fahrgeschäftsimulator Version 1.0 (HKLM\...\{A29906AD-C03C-4A1A-9D88-1B77EA561B25}_is1) (Version: 1.0 - VirtualRides Developement Team)
VIS (HKLM\...\VIS) (Version:  - ) <==== ATTENTION
VistaGlazz 2.4 (HKLM\...\VistaGlazz_is1) (Version: 2.4 - CodeGazer)
VLC media player 2.1.0 (HKLM\...\VLC media player) (Version: 2.1.0 - VideoLAN)
Wajam (HKLM\...\Wajam) (Version: 2.05 - Wajam) <==== ATTENTION
Windows Live ID Sign-in Assistant (HKLM\...\{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}) (Version: 6.500.3165.0 - Microsoft Corporation)
YTD Video Downloader 4.7.1 (HKLM\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 4.7.1 - GreenTree Applications SRL)

==================== Restore Points  =========================

20-02-2014 19:33:48 Geplanter Prüfpunkt
05-03-2014 13:26:18 Geplanter Prüfpunkt
06-03-2014 13:52:10 Geplanter Prüfpunkt
15-03-2014 19:22:40 Geplanter Prüfpunkt
18-03-2014 16:20:54 Removed Snap.Do
18-03-2014 16:26:50 Removed Snap.Do
19-03-2014 21:01:25 Windows Update
11-04-2014 17:06:27 Gerätetreiber-Paketinstallation: Logitech Eingabegeräte (Human Interface Devices)
11-04-2014 17:13:51 Windows Update
11-04-2014 17:36:04 Removed Logitech Gaming Software 5.10.
11-04-2014 17:43:51 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
11-04-2014 17:44:44 Gerätetreiber-Paketinstallation: Logitech, Inc. Audio-, Video- und Gamecontroller
11-04-2014 17:46:37 Gerätetreiber-Paketinstallation: Logitech
11-04-2014 17:47:49 Gerätetreiber-Paketinstallation: Logitech Mäuse und andere Zeigegeräte
11-04-2014 17:48:54 Gerätetreiber-Paketinstallation: Logitech Eingabegeräte (Human Interface Devices)
11-04-2014 17:50:00 Gerätetreiber-Paketinstallation: Logitech Systemgeräte
11-04-2014 17:51:23 Gerätetreiber-Paketinstallation: Logitech Eingabegeräte (Human Interface Devices)
11-04-2014 18:04:52 Installed Logitech Gaming Software
11-04-2014 18:05:16 Gerätetreiber-Paketinstallation: Logitech Eingabegeräte (Human Interface Devices)
11-04-2014 18:07:05 Removed Logitech Gaming Software
11-04-2014 18:09:10 Installed Logitech Gaming Software
11-04-2014 18:09:40 Gerätetreiber-Paketinstallation: Logitech Systemgeräte
11-04-2014 18:12:48 Removed Logitech Gaming Software

==================== Hosts content: ==========================

2006-11-02 12:23 - 2006-09-18 23:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
::1             localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {00868A3B-7EB0-4053-809B-BC3B7FB97F0F} - System32\Tasks\FF Watcher {70B6126A-858D-435C-AC76-98BE142C8EE8} => C:\Program Files\V-bates\PrefHelper.exe [2014-01-28] ()
Task: {0526A7FB-AD22-4C4B-902D-3AFD47629964} - System32\Tasks\DealPlyLiveUpdateTaskMachineCore => C:\Program Files\DealPlyLive\Update\DealPlyLive.exe [2013-12-22] (DealPly Technologies Ltd) <==== ATTENTION
Task: {11761D09-CA55-4EB8-8C5F-E91C0E23F0F4} - System32\Tasks\Desk 365 RunAsStdUser => C:\Program Files\Desk 365\desk365.exe <==== ATTENTION
Task: {13F80D8B-CC28-46E2-9B3E-3EDC2735A6A9} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1542286733-762331249-3556991456-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {2085B821-CFF1-48AB-8763-BB47603AA5D9} - System32\Tasks\Plus-HD-4.9-updater => C:\Program Files\Plus-HD-4.9\Plus-HD-4.9-updater.exe [2013-12-07] (Plus HD) <==== ATTENTION
Task: {224A8070-D95B-4FE4-BD15-72D0821EAEB2} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1542286733-762331249-3556991456-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {3D46F410-5CA6-4222-8A44-DB02A49E62B2} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-10-22] (Piriform Ltd)
Task: {428DA084-97BD-4B00-B8ED-9C14841AD5E2} - System32\Tasks\Plus-HD-4.9-chromeinstaller => C:\Program Files\Plus-HD-4.9\Plus-HD-4.9-chromeinstaller.exe [2013-12-07] (Plus HD) <==== ATTENTION
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-19] (Microsoft Corporation)
Task: {5E46ED15-0393-4132-8202-E841CE3BF3CA} - System32\Tasks\DealPlyLiveUpdateTaskMachineUA => C:\Program Files\DealPlyLive\Update\DealPlyLive.exe [2013-12-22] (DealPly Technologies Ltd) <==== ATTENTION
Task: {61A9A967-87ED-429A-BFB8-BA405A8D66FD} - System32\Tasks\CatalinaGroupUpdateTaskUserS-1-5-21-1542286733-762331249-3556991456-1000UA => C:\Users\Simon Heißenbüttel\AppData\Local\CatalinaGroup\Update\CatalinaUpdate.exe [2013-12-22] (Catalina Group Ltd.)
Task: {62361745-801B-4B16-848B-B478E96B56CD} - System32\Tasks\Re-markit Update => C:\Program Files\Re-markit\ReMarkit_up.exe [2014-02-12] () <==== ATTENTION
Task: {74E01144-0A00-4411-8DA6-9BFE829D209A} - System32\Tasks\Re-markit_wd => C:\Program Files\Re-markit\Re-markit_wd.exe [2014-02-12] () <==== ATTENTION
Task: {798A299F-9E1B-4F86-B63B-794CDA7C8237} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {8086407D-03E3-4546-B102-C6B767BDFE50} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-11-17] (Google Inc.)
Task: {8C2CFE51-BEC7-40FA-89EF-44B0792A970C} - System32\Tasks\Feven 2.2-firefoxinstaller => C:\Program Files\Feven 2.2\Feven 2.2-firefoxinstaller.exe [2014-02-12] (Feven) <==== ATTENTION
Task: {97AD0388-D2E6-4727-ABB0-7971EF508B65} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-11-17] (Google Inc.)
Task: {A50F286A-4883-4BA4-ADD4-D97798043A9D} - System32\Tasks\Feven 2.2-updater => C:\Program Files\Feven 2.2\Feven 2.2-updater.exe [2014-02-12] (Feven) <==== ATTENTION
Task: {A728AE6B-5AB8-4223-AD3E-E6341441A01C} - System32\Tasks\Microsoft\Windows\PLA\System\ConvertLogEntries => Rundll32.exe %windir%\system32\pla.dll,PlaConvertLogEntries
Task: {AD8F7BAB-4658-4AF1-97A1-5C3BA64ECC9B} - System32\Tasks\Plus-HD-4.9-enabler => C:\Program Files\Plus-HD-4.9\Plus-HD-4.9-enabler.exe [2013-12-07] (Plus HD) <==== ATTENTION
Task: {B49B6864-8F20-49F3-8BE9-6B53A86BDF92} - System32\Tasks\Dealply => C:\Users\Simon Heißenbüttel\AppData\Roaming\Dealply\UpdateProc\UpdateTask.exe [2013-12-22] () <==== ATTENTION
Task: {BE5F307F-9FC6-433A-90D2-EDAB119496CD} - System32\Tasks\Plus-HD-4.9-codedownloader => C:\Program Files\Plus-HD-4.9\Plus-HD-4.9-codedownloader.exe [2013-12-07] (Plus HD) <==== ATTENTION
Task: {BE619539-6D14-469F-9770-2ABB43B669A1} - System32\Tasks\Plus-HD-4.9-firefoxinstaller => C:\Program Files\Plus-HD-4.9\Plus-HD-4.9-firefoxinstaller.exe [2013-12-07] (Plus HD) <==== ATTENTION
Task: {C242EE9A-ECED-479C-93F3-3538643FA838} - System32\Tasks\CatalinaGroupUpdateTaskUserS-1-5-21-1542286733-762331249-3556991456-1000Core => C:\Users\Simon Heißenbüttel\AppData\Local\CatalinaGroup\Update\CatalinaUpdate.exe [2013-12-22] (Catalina Group Ltd.)
Task: {C5F5BCB0-AA1C-4363-A8CF-DC3469E4A2FE} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\VistaSP1CEIP => C:\Windows\servicing\vsp1ceip.exe [2008-01-19] (Microsoft Corporation)
Task: {D2FDBF07-E5A5-4DE7-9339-2458DAB7316D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-12] (Adobe Systems Incorporated)
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-05] ()
Task: {E8E02BAF-8431-43D3-943A-0181F87048D5} - System32\Tasks\Feven 2.2-validator => C:\Program Files\Feven 2.2\Feven 2.2-validator.exe [2014-02-12] (Feven) <==== ATTENTION
Task: {F2128696-2857-4983-A933-AEB44AE2F070} - System32\Tasks\Feven 2.2-enabler => C:\Program Files\Feven 2.2\Feven 2.2-enabler.exe [2014-02-12] (Feven) <==== ATTENTION
Task: {FE165FC7-0F10-43E5-A7C4-5487726E8FD3} - System32\Tasks\Feven 2.2-codedownloader => C:\Program Files\Feven 2.2\Feven 2.2-codedownloader.exe [2014-02-12] (Feven) <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\CatalinaGroupUpdateTaskUserS-1-5-21-1542286733-762331249-3556991456-1000Core.job => C:\Users\Simon Heißenbüttel\AppData\Local\CatalinaGroup\Update\CatalinaUpdate.exe
Task: C:\Windows\Tasks\CatalinaGroupUpdateTaskUserS-1-5-21-1542286733-762331249-3556991456-1000UA.job => C:\Users\Simon Heißenbüttel\AppData\Local\CatalinaGroup\Update\CatalinaUpdate.exe
Task: C:\Windows\Tasks\Dealply.job => C:\Users\SIMONH~1\AppData\Roaming\Dealply\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineCore.job => C:\Program Files\DealPlyLive\Update\DealPlyLive.exe <==== ATTENTION
Task: C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineUA.job => C:\Program Files\DealPlyLive\Update\DealPlyLive.exe <==== ATTENTION
Task: C:\Windows\Tasks\Feven 2.2-codedownloader.job => C:\Program Files\Feven 2.2\Feven 2.2-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\Feven 2.2-enabler.job => C:\Program Files\Feven 2.2\Feven 2.2-enabler.exe <==== ATTENTION
Task: C:\Windows\Tasks\Feven 2.2-firefoxinstaller.job => C:\Program Files\Feven 2.2\Feven 2.2-firefoxinstaller.exe <==== ATTENTION
Task: C:\Windows\Tasks\Feven 2.2-updater.job => C:\Program Files\Feven 2.2\Feven 2.2-updater.exe <==== ATTENTION
Task: C:\Windows\Tasks\Feven 2.2-validator.job => C:\Program Files\Feven 2.2\Feven 2.2-validator.exe <==== ATTENTION
Task: C:\Windows\Tasks\FF Watcher {70B6126A-858D-435C-AC76-98BE142C8EE8}.job => C:\Program Files\V-bates\PrefHelper.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Plus-HD-4.9-chromeinstaller.job => C:\Program Files\Plus-HD-4.9\Plus-HD-4.9-chromeinstaller.exe <==== ATTENTION
Task: C:\Windows\Tasks\Plus-HD-4.9-codedownloader.job => C:\Program Files\Plus-HD-4.9\Plus-HD-4.9-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\Plus-HD-4.9-enabler.job => C:\Program Files\Plus-HD-4.9\Plus-HD-4.9-enabler.exe <==== ATTENTION
Task: C:\Windows\Tasks\Plus-HD-4.9-firefoxinstaller.job => C:\Program Files\Plus-HD-4.9\Plus-HD-4.9-firefoxinstaller.exe <==== ATTENTION
Task: C:\Windows\Tasks\Plus-HD-4.9-updater.job => C:\Program Files\Plus-HD-4.9\Plus-HD-4.9-updater.exe <==== ATTENTION
Task: C:\Windows\Tasks\Re-markit Update.job => C:\Program Files\Re-markit\ReMarkit_up.exe <==== ATTENTION
Task: C:\Windows\Tasks\Re-markit_wd.job => C:\Program Files\Re-markit\Re-markit_wd.exe <==== ATTENTION

==================== Loaded Modules (whitelisted) =============

2013-11-03 13:25 - 2013-10-10 20:14 - 00394824 _____ () C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll
2013-11-29 20:17 - 2013-11-29 20:17 - 00066872 _____ () C:\Windows\system32\PnkBstrA.exe
2014-02-12 16:19 - 2014-02-12 16:19 - 00180736 _____ () C:\Program Files\Re-markit\Re-markit153.exe
2013-08-14 16:19 - 2013-08-14 16:19 - 00039056 _____ () C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
2007-07-24 15:27 - 2007-07-24 15:27 - 00266240 _____ () C:\Program Files\RapidSolution\Scramby\ecp.dll
2011-11-22 10:59 - 2011-11-22 10:59 - 00018432 _____ () C:\Users\Simon Heißenbüttel\AppData\LocalLow\StumbleUpon\IE\StumbleUponUpdater.exe
2014-04-11 20:13 - 2014-01-28 14:06 - 00209408 _____ () C:\Program Files\V-bates\ExtensionUpdaterService.exe
2011-03-09 02:04 - 2011-03-09 02:04 - 00072192 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Services.dll
2014-02-12 16:19 - 2014-02-12 16:19 - 00093184 _____ () C:\Program Files\Re-markit\Re-markit_wd.exe
2011-03-09 06:16 - 2011-03-09 06:16 - 00023040 _____ () C:\Windows\system32\atitmpxx.dll
2013-12-07 19:27 - 2014-04-11 18:37 - 36966968 _____ () C:\Users\Simon Heißenbüttel\AppData\Roaming\Spotify\Data\libcef.dll
2013-11-01 21:39 - 2004-01-25 09:44 - 00135168 _____ () C:\VistaOSX09\docklets\recyclebin\RecycleBin.dll
2013-11-01 21:39 - 2005-10-24 11:04 - 00528384 _____ () C:\VistaOSX09\plugins\RKGenieEffectDX\RKGenieEffectDX.dll
2011-03-09 02:05 - 2011-03-09 02:05 - 00095232 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2011-03-09 01:24 - 2011-03-09 01:24 - 00243712 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2013-12-07 19:27 - 2014-04-11 18:37 - 00602680 _____ () C:\Users\Simon Heißenbüttel\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
2013-12-07 19:27 - 2014-04-11 18:37 - 00886840 _____ () C:\Users\Simon Heißenbüttel\AppData\Roaming\Spotify\Data\libglesv2.dll
2013-12-07 19:27 - 2014-04-11 18:37 - 00108600 _____ () C:\Users\Simon Heißenbüttel\AppData\Roaming\Spotify\Data\libegl.dll
2013-12-25 13:30 - 2013-12-25 13:31 - 03559024 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2014-03-12 17:56 - 2014-03-12 17:56 - 16276872 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll
2014-04-11 20:13 - 2014-01-28 14:06 - 00336384 _____ () C:\Program Files\V-bates\PrefHelper.exe

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupreg: ApnTBMon => "C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
MSCONFIG\startupreg: Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Steam => "C:\Program Files\Steam\Steam.exe" -silent
MSCONFIG\startupreg: Windows Defender => %ProgramFiles%\Windows Defender\MSASCui.exe -hide

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/14/2014 00:31:14 PM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung eurotrucks2.exe, Version 1.8.1.48930, Zeitstempel 0x529f585d, fehlerhaftes Modul kernel32.dll, Version 6.0.6001.18631, Zeitstempel 0x4da467f0, Ausnahmecode 0xc0000025, Fehleroffset 0x00044503,
Prozess-ID 0x5340, Anwendungsstartzeit eurotrucks2.exe0.

Error: (04/14/2014 10:50:41 AM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall

Error: (04/13/2014 10:48:11 PM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung Re-markit153.exe, Version 1.33.0.0, Zeitstempel 0x52f9cacf, fehlerhaftes Modul kernel32.dll, Version 6.0.6001.18631, Zeitstempel 0x4da467f0, Ausnahmecode 0xe06d7363, Fehleroffset 0x00044503,
Prozess-ID 0x420, Anwendungsstartzeit Re-markit153.exe0.

Error: (04/13/2014 07:11:39 PM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung eurotrucks2.exe, Version 1.8.1.48930, Zeitstempel 0x529f585d, fehlerhaftes Modul eurotrucks2.exe, Version 1.8.1.48930, Zeitstempel 0x529f585d, Ausnahmecode 0x40000015, Fehleroffset 0x00466acf,
Prozess-ID 0x79bc, Anwendungsstartzeit eurotrucks2.exe0.

Error: (04/13/2014 02:01:43 PM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall

Error: (04/12/2014 05:19:59 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (04/12/2014 02:06:55 PM) (Source: Windows Search Service) (User: )
Description: Eintrag <C:\USERS\SIMON HEIßENBÜTTEL\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\US6Z6YH8.DEFAULT\SAFEBROWSING-TO_DELETE> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

Error: (04/12/2014 02:06:55 PM) (Source: Windows Search Service) (User: )
Description: Eintrag <C:\USERS\SIMON HEIßENBÜTTEL\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\US6Z6YH8.DEFAULT\SAFEBROWSING-BACKUP> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

Error: (04/12/2014 02:06:54 PM) (Source: Windows Search Service) (User: )
Description: Eintrag <C:\USERS\SIMON HEIßENBÜTTEL\DOCUMENTS\EURO TRUCK SIMULATOR 2\PROFILES\4C617273\SAVE\AUTOSAVE_DRIVE\GAME.SII~> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

Error: (04/12/2014 02:06:53 PM) (Source: Windows Search Service) (User: )
Description: Eintrag <C:\USERS\SIMON HEIßENBÜTTEL\DOCUMENTS\EURO TRUCK SIMULATOR 2\PROFILES\4C617273\SAVE\AUTOSAVE_DRIVE\INFO.SII~> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)


System errors:
=============
Error: (04/14/2014 10:47:50 AM) (Source: Service Control Manager) (User: )
Description: AODDriver4.0%%3

Error: (04/14/2014 10:47:50 AM) (Source: Service Control Manager) (User: )
Description: iSafeNetFilter

Error: (04/14/2014 10:47:12 AM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058

Error: (04/14/2014 10:46:48 AM) (Source: HTTP) (User: )
Description: \Device\Http\ReqQueueKerberos

Error: (04/13/2014 10:47:36 PM) (Source: DCOM) (User: )
Description: {6295DF2D-35EE-11D1-8707-00C04FD93327}

Error: (04/13/2014 01:57:46 PM) (Source: Service Control Manager) (User: )
Description: AODDriver4.0%%3

Error: (04/13/2014 01:57:46 PM) (Source: Service Control Manager) (User: )
Description: iSafeNetFilter

Error: (04/13/2014 01:57:46 PM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058

Error: (04/13/2014 01:56:45 PM) (Source: HTTP) (User: )
Description: \Device\Http\ReqQueueKerberos

Error: (04/12/2014 10:45:58 PM) (Source: DCOM) (User: )
Description: {6295DF2D-35EE-11D1-8707-00C04FD93327}


Microsoft Office Sessions:
=========================
Error: (04/14/2014 00:31:14 PM) (Source: Application Error)(User: )
Description: eurotrucks2.exe1.8.1.48930529f585dkernel32.dll6.0.6001.186314da467f0c000002500044503534001cf57c38ad42a54

Error: (04/14/2014 10:50:41 AM) (Source: Steam Client Service)(User: )
Description: Failed to poke open firewall

Error: (04/13/2014 10:48:11 PM) (Source: Application Error)(User: )
Description: Re-markit153.exe1.33.0.052f9cacfkernel32.dll6.0.6001.186314da467f0e06d73630004450342001cf570f72c5afcb

Error: (04/13/2014 07:11:39 PM) (Source: Application Error)(User: )
Description: eurotrucks2.exe1.8.1.48930529f585deurotrucks2.exe1.8.1.48930529f585d4000001500466acf79bc01cf573463d0a59b

Error: (04/13/2014 02:01:43 PM) (Source: Steam Client Service)(User: )
Description: Failed to poke open firewall

Error: (04/12/2014 05:19:59 PM) (Source: SideBySide)(User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Users\Simon Heißenbüttel\Documents\vegaspro12.0.770.exe

Error: (04/12/2014 02:06:55 PM) (Source: Windows Search Service)(User: )
Description: Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)
C:\USERS\SIMON HEIßENBÜTTEL\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\US6Z6YH8.DEFAULT\SAFEBROWSING-TO_DELETE

Error: (04/12/2014 02:06:55 PM) (Source: Windows Search Service)(User: )
Description: Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)
C:\USERS\SIMON HEIßENBÜTTEL\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\US6Z6YH8.DEFAULT\SAFEBROWSING-BACKUP

Error: (04/12/2014 02:06:54 PM) (Source: Windows Search Service)(User: )
Description: Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)
C:\USERS\SIMON HEIßENBÜTTEL\DOCUMENTS\EURO TRUCK SIMULATOR 2\PROFILES\4C617273\SAVE\AUTOSAVE_DRIVE\GAME.SII~

Error: (04/12/2014 02:06:53 PM) (Source: Windows Search Service)(User: )
Description: Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)
C:\USERS\SIMON HEIßENBÜTTEL\DOCUMENTS\EURO TRUCK SIMULATOR 2\PROFILES\4C617273\SAVE\AUTOSAVE_DRIVE\INFO.SII~


CodeIntegrity Errors:
===================================
  Date: 2014-04-14 15:16:13.116
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-04-14 15:16:13.024
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-04-14 15:16:12.932
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-04-14 15:16:12.841
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-04-14 15:16:12.746
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-04-14 15:16:12.656
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-04-14 15:16:12.564
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-04-14 15:16:12.473
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-04-14 15:11:22.634
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-04-14 15:11:22.509
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 47%
Total physical RAM: 3325.64 MB
Available physical RAM: 1736.88 MB
Total Pagefile: 6891.82 MB
Available Pagefile: 4537.29 MB
Total Virtual: 2047.88 MB
Available Virtual: 1915.29 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:298.09 GB) (Free:38.17 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (VirtualRides2) (CDROM) (Total:0.36 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298 GB) (Disk ID: BC8322E6)

Partition: GPT Partition Type.

==================== End Of Log ============================
         

Alt 15.04.2014, 11:59   #5
schrauber
/// the machine
/// TB-Ausbilder
 

Windows Vista - Werbung überall im Internet - Nervig - Standard

Windows Vista - Werbung überall im Internet - Nervig



Revo Uninstaller - Download - Filepony
Damit alles deinstallieren was Du in der Additional.txt findest mit dem Zusatz <== ATTENTION

Mit Revo auch Moderat die Reste entfernen lassen.



Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.


__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 15.04.2014, 19:40   #6
Breaker-Fan
 
Windows Vista - Werbung überall im Internet - Nervig - Standard

Windows Vista - Werbung überall im Internet - Nervig



Werden mit dem Revo wirklich jedes Programm entfernt? Wirklich alle?

Alt 16.04.2014, 19:55   #7
schrauber
/// the machine
/// TB-Ausbilder
 

Windows Vista - Werbung überall im Internet - Nervig - Standard

Windows Vista - Werbung überall im Internet - Nervig



Du sollst nur die entfernen, bei denen in deiner Additional.txt das Wort ATTENTION dahinter steht.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Windows Vista - Werbung überall im Internet - Nervig
alten, betriebssystem, blau, dezember, doppel, doppelt, forum, hoffe, inter, interne, internet, leute, nervig, problem, stehe, vista, werbung, windows, windows vista, wörter, überall



Ähnliche Themen: Windows Vista - Werbung überall im Internet - Nervig


  1. Windows Vista -64 Bit - Werbung, überall Werbung!
    Log-Analyse und Auswertung - 29.03.2015 (15)
  2. Überall Werbung... Fenster öffnen sich automatisch mit werbung HILFE!!!
    Plagegeister aller Art und deren Bekämpfung - 07.02.2015 (5)
  3. Pc langsam, überall Werbung, neue Fenster mit Werbung, Adblocker verschlimmerte alles
    Plagegeister aller Art und deren Bekämpfung - 14.11.2014 (3)
  4. Windows 8 unterstreicht Wörter doppelt und überall blinkt Werbung auf
    Plagegeister aller Art und deren Bekämpfung - 08.09.2014 (3)
  5. Windows 7: Internet Explorer startet automatisch Werbung/ Webseiten werden auf Werbung umgeleitet
    Log-Analyse und Auswertung - 27.07.2014 (7)
  6. Windows 7: Werbung überall und Tabs öffnen sich von selbst
    Log-Analyse und Auswertung - 25.07.2014 (9)
  7. Windows explorer funktioniert erst nicht, dann taucht überall Werbung auf.
    Log-Analyse und Auswertung - 19.05.2014 (3)
  8. Windows 8: Werbung überall, Scrollen klappt nicht
    Plagegeister aller Art und deren Bekämpfung - 07.05.2014 (29)
  9. Werbung überall
    Log-Analyse und Auswertung - 13.04.2014 (1)
  10. Überall Werbung
    Plagegeister aller Art und deren Bekämpfung - 13.03.2014 (5)
  11. Internet-Überall Werbung
    Plagegeister aller Art und deren Bekämpfung - 03.03.2014 (1)
  12. Seit Update auf Windows 8.1 überall Werbung auf dem Desktop, Reste von Imminent?
    Plagegeister aller Art und deren Bekämpfung - 08.02.2014 (9)
  13. Windows 7: Penetrante Werbung und Werbelinks (überall!) im Browser!
    Log-Analyse und Auswertung - 19.11.2013 (16)
  14. Im Internet plötzlich überall Werbung !
    Plagegeister aller Art und deren Bekämpfung - 11.11.2013 (10)
  15. Werbung und Dateien, nervig.
    Plagegeister aller Art und deren Bekämpfung - 18.10.2013 (7)
  16. Werbung überall
    Plagegeister aller Art und deren Bekämpfung - 15.08.2013 (9)
  17. Windows Updates funktionieren nicht mehr, zusätzlich überall Werbung beim surfen
    Plagegeister aller Art und deren Bekämpfung - 08.08.2013 (25)

Zum Thema Windows Vista - Werbung überall im Internet - Nervig - Hey Leute, ich habe seit mitte Dezember den Vista von meinem Bruder. Nun habe ich leider überall Werbung im Internet und die Wörter stehen manchmal Doppelt da und sind Blau - Windows Vista - Werbung überall im Internet - Nervig...
Archiv
Du betrachtest: Windows Vista - Werbung überall im Internet - Nervig auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.