Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: WINDOWS 7 kommen ständig PopUps usw...

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 31.05.2014, 20:06   #1
Jackson11
 
WINDOWS 7 kommen ständig PopUps usw... - Standard

WINDOWS 7 kommen ständig PopUps usw...



Hi Leute,
habe Windows 7 64bit Version und bekomme ständig PopUps und dass ich Flashplayer usw neu laden soll.
Frst Log:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 30-05-2014
Ran by (administrator) on -PC on 31-05-2014 20:37:31
Running from C:\Users\\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(Cherished Technololgy LIMITED) C:\ProgramData\IePluginService\PluginService.exe
(Taiwan Shui Mu Chih Ching Technology Limited.) C:\Program Files (x86)\WinZipper\winzipersvc.exe
(Cherished Technololgy LIMITED) C:\ProgramData\WPM\wprotectmanager.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
() C:\Windows\System32\dmwu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
( ) C:\Windows\System32\lxbkcoms.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\18.0.0.128\ccSvcHst.exe
() C:\Program Files (x86)\Re-markit-soft\Re-markit155.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Iminent) C:\Program Files (x86)\Common Files\Umbrella\umbrella.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
(Wajam) C:\Program Files (x86)\Wajam\Updater\WajamUpdaterV3.exe
() C:\Program Files\Web Assistant\ExtensionUpdaterService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() C:\Program Files (x86)\XSManager\WTGService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(4G Systems GmbH & Co. KG) C:\Windows\service4g.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Service.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-Network.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(DealPly Technologies Ltd) C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
(AMD) C:\Windows\System32\atieclxx.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe
(Symantec Corporation) C:\Program Files (x86)\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS\A5E82D02\18.0.0.128\InstStub.exe
() C:\Windows\SysWOW64\jmdp\stij.exe
() C:\Windows\System32\ljkb\stij.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Lexmark International, Inc.) C:\Program Files (x86)\Lexmark X1100 Series\LXBKbmgr.exe
(Google Inc.) C:\Users\\AppData\Local\Google\Update\GoogleUpdate.exe
(Lexmark International, Inc.) C:\Program Files (x86)\Lexmark X1100 Series\LXBKbmon.exe
() C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
(Microsoft Corporation) C:\Windows\System32\wscript.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(4G Systems GmbH & Co. KG) C:\Windows\starter4g.exe
(Iminent) C:\Program Files (x86)\Iminent\Iminent.exe
(Iminent) C:\Program Files (x86)\Iminent\Iminent.Messengers.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(Skillbrains) C:\Users\\AppData\Local\Skillbrains\lightshot\4.4.2.0\Lightshot.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
() C:\Users\\AppData\Roaming\BrowserCompanion\tbhcn.exe
(Comvigo, Inc.) C:\Windows\SysWOW64\qimlsrv.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Comvigo, Inc.) C:\Windows\SysWOW64\dsrviml.exe
(Google Inc.) C:\Users\\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\\AppData\Local\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11464296 2010-09-03] (Realtek Semiconductor)
HKLM\...\Run: [lxbkbmgr.exe] => C:\Program Files (x86)\Lexmark X1100 Series\lxbkbmgr.exe [74408 2008-02-28] (Lexmark International, Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-03] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-09-30] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [starter4g] => C:\Windows\starter4g.exe [160424 2011-03-30] (4G Systems GmbH & Co. KG)
HKLM-x32\...\Run: [Iminent] => C:\Program Files (x86)\Iminent\Iminent.exe [1074736 2013-01-25] (Iminent)
HKLM-x32\...\Run: [IminentMessenger] => C:\Program Files (x86)\Iminent\Iminent.Messengers.exe [884784 2013-01-25] (Iminent)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [737872 2014-05-27] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [mobilegeni daemon] => C:\Program Files (x86)\Mobogenie\DaemonProcess.exe [775872 2014-02-28] ()
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [601928 2013-06-19] (BlueStack Systems, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\.DEFAULT\...\RunOnce: [SPReview] - C:\Windows\System32\SPReview\SPReview.exe [301568 2013-03-20] (Microsoft Corporation)
HKU\S-1-5-21-2465613748-4109621216-2680054910-1000\...\Run: [Google Update] => C:\Users\\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-07-21] (Google Inc.)
HKU\S-1-5-21-2465613748-4109621216-2680054910-1000\...\Run: [LightShot] => C:\Users\\AppData\Local\Skillbrains\lightshot\LightShot.exe [195072 2012-02-02] ()
HKU\S-1-5-21-2465613748-4109621216-2680054910-1000\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3588952 2014-04-25] (Electronic Arts)
HKU\S-1-5-21-2465613748-4109621216-2680054910-1000\...\Run: [Pando Media Booster] => C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [4287536 2013-08-29] ()
HKU\S-1-5-21-2465613748-4109621216-2680054910-1000\...\Run: [NextLive] => C:\Windows\SysWOW64\rundll32.exe "C:\Users\\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
HKU\S-1-5-21-2465613748-4109621216-2680054910-1000\...\MountPoints2: {2aaa724c-a03f-11e3-b7f5-1c6f6549ce08} - G:\LG_PC_Programs.exe
AppInit_DLLs: c:\progra~3\bitguard\271769~1.27\{16cdf~1\loader.dll => c:\progra~3\bitguard\271769~1.27\{16cdf~1\loader.dll File Not Found
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\IML.lnk
ShortcutTarget: IML.lnk -> C:\Windows\System32\iml.vbs ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\IML64.lnk
ShortcutTarget: IML64.lnk -> C:\Windows\SysWOW64\iml.vbs ()
Startup: C:\Users\Elvira\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Users\\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Users\\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tbhcn.lnk
ShortcutTarget: tbhcn.lnk -> C:\Users\\AppData\Roaming\BrowserCompanion\tbhcn.exe ()
Startup: C:\Users\Jürgen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Game Alarm.lnk
ShortcutTarget: Game Alarm.lnk -> C:\Games\Game Alarm\gamealarm.exe (Europe Support Ltd. N.V.)
Startup: C:\Users\Jürgen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:13828
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=0303b1af-65fc-46f7-982c-da10521eeb0f&searchtype=ds&q={searchTerms}&installDate=21/04/2013
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.hyrican.de
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.hyrican.de
HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://www.delta-search.com/?affID=119556&babsrc=HP_ss&mntrId=88084d330000000000001c6f6549ce08
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=0303b1af-65fc-46f7-982c-da10521eeb0f&searchtype=ds&q={searchTerms}&installDate=21/04/2013
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1392503296&from=smt&uid=SAMSUNGXHD103SI_S1VSJD1ZB14888&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.awesomehp.com/web/?type=ds&ts=1392503296&from=smt&uid=SAMSUNGXHD103SI_S1VSJD1ZB14888&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1392503296&from=smt&uid=SAMSUNGXHD103SI_S1VSJD1ZB14888&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.awesomehp.com/web/?type=ds&ts=1392503296&from=smt&uid=SAMSUNGXHD103SI_S1VSJD1ZB14888&q={searchTerms}
URLSearchHook: HKLM-x32 - DVDVideoSoftTB DE Toolbar - {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} - C:\Program Files (x86)\DVDVideoSoftTB_DE\prxtbDVDV.dll (Conduit Ltd.)
URLSearchHook: HKLM-x32 - appbario8 Toolbar - {0cc09160-108c-4759-bab1-5c12c216e005} - C:\Program Files (x86)\appbario8\prxtbappb.dll (Conduit Ltd.)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe hxxp://www.awesomehp.com/?type=sc&ts=1392503296&from=smt&uid=SAMSUNGXHD103SI_S1VSJD1ZB14888
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1392503296&from=smt&uid=SAMSUNGXHD103SI_S1VSJD1ZB14888&q={searchTerms}
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1392503296&from=smt&uid=SAMSUNGXHD103SI_S1VSJD1ZB14888&q={searchTerms}
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=342&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&o=APN10645&apn_uid=1770781391334068&q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1392503296&from=smt&uid=SAMSUNGXHD103SI_S1VSJD1ZB14888&q={searchTerms}
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=0303b1af-65fc-46f7-982c-da10521eeb0f&searchtype=ds&q={searchTerms}&installDate=21/04/2013
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1392503296&from=smt&uid=SAMSUNGXHD103SI_S1VSJD1ZB14888&q={searchTerms}
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=342&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&o=APN10645&apn_uid=1770781391334068&q={searchTerms}
SearchScopes: HKLM-x32 - {BFFED5CA-8BDF-47CC-AED0-23F4E6D77732} URL = hxxp://start.iminent.com/?appId=18887124-D7CB-4033-904E-4E76245108C3&ref=toolbox&q={searchTerms}
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - Plasmoo URL = hxxp://plasmoo.com/index.htm?SearchMashine=true&q={searchTerms}
SearchScopes: HKCU - yandex.ru-230807 URL =
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=0303b1af-65fc-46f7-982c-da10521eeb0f&searchtype=ds&q={searchTerms}&installDate=21/04/2013
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3318857&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SP266CEBB9-47FA-46C0-833E-798853BA4B3B&q={searchTerms}&SSPV=
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.delta-search.com/?q={searchTerms}&affID=119556&babsrc=SP_ss&mntrId=88084d330000000000001c6f6549ce08
SearchScopes: HKCU - {2233C3F4-E3B3-4C3F-BFEE-D89A63D6FEE4} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3227982
SearchScopes: HKCU - {27433C8B-14CF-4B32-8783-43F982AF9813} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3197087
SearchScopes: HKCU - {4327FABE-3C22-4689-8DBF-D226CF777FE9} URL = hxxp://www.searchplusnetwork.com/?sp=vit4&q={searchTerms}
SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKCU - {8BA3C05B-6624-4F7B-8CEC-7B1D1EBA0142} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2625848
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=342&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&o=APN10645&apn_uid=1770781391334068&q={searchTerms}
SearchScopes: HKCU - {CE8D1C5D-05D9-4A78-BF26-DDBB1E0B1560} URL = hxxp://yandex.ru/yandsearch?win=29&clid=1855508&text={searchTerms}
SearchScopes: HKCU - {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} URL = hxxp://mystart.incredibar.com/?a=6R8BbEiZzb&loc=skw&search={searchTerms}&i=26
BHO: HQ-Video-Profession-1.3 - {11111111-1111-1111-1111-110511151178} - C:\Program Files (x86)\HQ-Video-Profession-1.3\HQ-Video-Profession-1.3-bho64.dll (HQ-Video)
BHO: Feven Pro 1.2 - {11111111-1111-1111-1111-110511161182} - C:\Program Files (x86)\Feven Pro 1.2\Feven Pro 1.2-bho64.dll (Feven)
BHO: Bing Bar Helper - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
BHO: Web Assistant - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension64.dll ()
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: IMinent WebBooster (BHO) - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - C:\Program Files (x86)\Iminent\Minibar.InternetExplorer.BHOx64.dll (SIEN)
BHO: DataMngr - {C1ED9DA0-AFD0-4b90-AC6A-D3874F591014} - C:\Program Files (x86)\Search Results Toolbar\Datamngr\x64\BrowserConnection.dll (Bandoo Media Inc)
BHO: DVDVideoSoft IE Extension - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO-x32: DVDVideoSoftTB DE Toolbar - {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} - C:\Program Files (x86)\DVDVideoSoftTB_DE\prxtbDVDV.dll (Conduit Ltd.)
BHO-x32: Browser Companion Helper - {00cbb66b-1d3b-46d3-9577-323a336acb50} - C:\Program Files (x86)\BrowserCompanion\jsloader.dll ( )
BHO-x32: appbario8 Toolbar - {0cc09160-108c-4759-bab1-5c12c216e005} - C:\Program Files (x86)\appbario8\prxtbappb.dll (Conduit Ltd.)
BHO-x32: HQ-Video-Profession-1.3 - {11111111-1111-1111-1111-110511151178} - C:\Program Files (x86)\HQ-Video-Profession-1.3\HQ-Video-Profession-1.3-bho.dll (HQ-Video)
BHO-x32: Shopping Assistant Plugin - {1631550F-191D-4826-B069-D9439253D926} - C:\Program Files (x86)\PriceGong\2.6.4\PriceGongIE.dll (PriceGong)
BHO-x32: Bing Bar Helper - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Web Assistant - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension32.dll ()
BHO-x32: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files (x86)\SupTab\SupTab.dll (Thinknice Co. Limited)
BHO-x32: Incredibar.com Helper Object - {6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll (Montera Technologeis LTD)
BHO-x32: SpecialSavings - {74F475FA-6C75-43BD-AAB9-ECDA6184F600} - C:\Program Files (x86)\SpecialSavings\SpecialSavingsSinged.dll (SpecialSavings)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Browser Companion Helper Verifier - {963B125B-8B21-49A2-A3A8-E37092276531} - C:\Program Files (x86)\BrowserCompanion\updatebhoWin32.dll ( )
BHO-x32: DealPly Shopping - {9cf699ca-2174-4ed8-bec1-ba82095edce0} - C:\Program Files (x86)\DealPly\DealPlyIE.dll (DealPly)
BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: IMinent WebBooster (BHO) - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - C:\Program Files (x86)\Iminent\Minibar.InternetExplorer.BHOx86.dll (SIEN)
BHO-x32: Wajam - {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - C:\Program Files (x86)\Wajam\IE\priam_bho.dll (Wajam)
BHO-x32: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.10.0\bh\delta.dll (Delta-search.com)
BHO-x32: DataMngr - {C1ED9DA0-AFD0-4b90-AC6A-D3874F591014} - C:\Program Files (x86)\Search Results Toolbar\Datamngr\BrowserConnection.dll (Bandoo Media Inc)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DVDVideoSoft IE Extension - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
BHO-x32: Search-Results Toolbar - {f34c9277-6577-4dff-b2d7-7d58092f272f} - C:\PROGRA~2\SEARCH~1\Datamngr\SRTOOL~1\searchresultsDx.dll No File
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File
Toolbar: HKLM - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Incredibar Toolbar - {F9639E4A-801B-4843-AEE3-03D9DA199E77} - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll (Montera Technologeis LTD)
Toolbar: HKLM-x32 - DVDVideoSoftTB DE Toolbar - {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} - C:\Program Files (x86)\DVDVideoSoftTB_DE\prxtbDVDV.dll (Conduit Ltd.)
Toolbar: HKLM-x32 - appbario8 Toolbar - {0cc09160-108c-4759-bab1-5c12c216e005} - C:\Program Files (x86)\appbario8\prxtbappb.dll (Conduit Ltd.)
Toolbar: HKLM-x32 - Search-Results Toolbar - {f34c9277-6577-4dff-b2d7-7d58092f272f} - C:\PROGRA~2\SEARCH~1\Datamngr\SRTOOL~1\searchresultsDx.dll No File
Toolbar: HKLM-x32 - Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.10.0\deltaTlbr.dll (Delta-search.com)
Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File
Toolbar: HKLM-x32 - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKCU - No Name - {0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF} - No File
Toolbar: HKCU - No Name - {09152F0B-739C-4DEC-A245-1AA8A37594F1} - No File
Toolbar: HKCU - No Name - {0CC09160-108C-4759-BAB1-5C12C216E005} - No File
Handler: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - No File
Handler: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - No File
Handler: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - No File
Handler-x32: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)
Handler-x32: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)
Handler-x32: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default
FF SearchEngineOrder.1: Delta Search
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_182.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @videolan.org/vlc,version=2.0.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.0.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF user.js: detected! => C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\user.js
FF SearchPlugin: C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\searchplugins\%Protector Process Name%.xml
FF SearchPlugin: C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\searchplugins\babylon.xml
FF SearchPlugin: C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\searchplugins\bProtect.xml
FF SearchPlugin: C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\searchplugins\conduit-search.xml
FF SearchPlugin: C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\searchplugins\conduit.xml
FF SearchPlugin: C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\searchplugins\delta.xml
FF SearchPlugin: C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\searchplugins\dvdvideosofttb-de-customized-web-search.xml
FF SearchPlugin: C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\searchplugins\MyStart Search.xml
FF SearchPlugin: C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\searchplugins\Plusnetwork.xml
FF SearchPlugin: C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\searchplugins\Search_Results.xml
FF SearchPlugin: C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\searchplugins\Web Search.xml
FF SearchPlugin: C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\searchplugins\yandex.ru-230807.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\delta-homes.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Browser Companion Helper - C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\Extensions\bbrs_002@blabbers.com [2012-08-14]
FF Extension: Plasmoo Search Engine - C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\Extensions\engine@plasmoo.com [2013-10-28]
FF Extension: Delta Toolbar - C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\Extensions\ffxtlbr@delta.com [2013-02-12]
FF Extension: incredibar.com - C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\Extensions\ffxtlbr@incredibar.com [2012-08-05]
FF Extension: SpecialSavings - C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\Extensions\specialsavings@superfish.com [2012-08-14]
FF Extension: DVDVideoSoftTB DE - C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\Extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} [2014-04-08]
FF Extension: BrowseToolE0201 - C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\Extensions\{09152f0b-739c-4dec-a245-1aa8a37594f1} [2014-04-03]
FF Extension: appbario8 - C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\Extensions\{0cc09160-108c-4759-bab1-5c12c216e005} [2013-12-13]
FF Extension: PriceGong - C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\Extensions\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829} [2013-02-19]
FF Extension: Search Assistant - C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\Extensions\{B3834E60-12A8-11E0-A289-939FDFD72085} [2012-09-18]
FF Extension: DealPly Shopping - C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\Extensions\{e53a26f5-7199-4a5b-86f5-d2e86854b979} [2013-10-28]
FF Extension: ep - C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\Extensions\jid1-0xtMKhXFEs4jIg@jetpack.xpi [2014-02-24]
FF HKLM\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\Web Assistant\Firefox
FF Extension: Web Assistant - C:\Program Files\Web Assistant\Firefox [2012-08-05]
FF HKLM\...\Firefox\Extensions: [{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}] - C:\Program Files\Web Assistant\Firefox
FF Extension: Web Assistant - C:\Program Files\Web Assistant\Firefox [2012-08-05]
FF HKLM-x32\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\Web Assistant\Firefox
FF Extension: Web Assistant - C:\Program Files\Web Assistant\Firefox [2012-08-05]
FF HKLM-x32\...\Firefox\Extensions: [webbooster@iminent.com] - C:\Program Files (x86)\Iminent\webbooster@iminent.com
FF Extension: Iminent Minibar - C:\Program Files (x86)\Iminent\webbooster@iminent.com [2013-02-12]
FF HKLM-x32\...\Firefox\Extensions: [{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}] - C:\Program Files\Web Assistant\Firefox
FF Extension: Web Assistant - C:\Program Files\Web Assistant\Firefox [2012-08-05]
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\ []
FF HKLM-x32\...\Firefox\Extensions: [lightningnewtab@gmail.com] - C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\extensions\lightningnewtab@gmail.com.xpi
FF HKCU\...\Firefox\Extensions: [specialsavings@superfish.com] - C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles/3elvxd57.default\extensions\specialsavings@superfish.com
FF Extension: SpecialSavings - C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles/3elvxd57.default\extensions\specialsavings@superfish.com [2012-08-14]
FF HKCU\...\Firefox\Extensions: [{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}] - C:\Program Files (x86)\Wajam\Firefox\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpi
FF Extension: Wajam - C:\Program Files (x86)\Wajam\Firefox\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpi [2013-12-17]
FF HKCU\...\Firefox\Extensions: [{95818252-7aac-4b4b-b6db-2fedbc9902a4}] - C:\Program Files (x86)\Re-markit-soft\155.xpi
FF Extension: Re-markit - C:\Program Files (x86)\Re-markit-soft\155.xpi [2014-02-28]

Chrome:
=======
CHR StartupUrls: "hxxp://search.conduit.com/?ctid=CT3318857&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SP266CEBB9-47FA-46C0-833E-798853BA4B3B&SSPV="
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\\AppData\Local\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\\AppData\Local\Google\Chrome\Application\35.0.1916.114\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Users\\AppData\Local\Google\Chrome\Application\35.0.1916.114\gcswf32.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Bing Bar) - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll No File
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Users\\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll No File
CHR Extension: (BrowseToolE0201) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\bblnhhgpgomleanhbppdnkpofhjijgdp [2012-09-11]
CHR Extension: (PriceGong) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok [2012-08-14]
CHR Extension: (YouTube) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-07-21]
CHR Extension: (Browser Companion Helper) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\bodddioamolcibagionmmobehnbhiakf [2012-08-14]
CHR Extension: (appbario8) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\caloheeledhajihipjihanmihhegodlc [2012-08-14]
CHR Extension: (Google-Suche) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-07-21]
CHR Extension: (Re-markit) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcpfhaghaadpjpgocojgnlhjcieeooel [2014-02-28]
CHR Extension: (Web Assistant) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd [2012-08-08]
CHR Extension: (DealPly French) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejnmnhkgiphcaeefbaooconkceehicfi [2013-10-28]
CHR Extension: (Delta Toolbar) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde [2013-02-13]
CHR Extension: (Iminent) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl [2013-02-20]
CHR Extension: (Search Assistant) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfelndikbdcohbdimnhdhhokfljdidgn [2012-09-18]
CHR Extension: (New tab for Chrome) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg [2012-08-08]
CHR Extension: (Wajam) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp [2014-02-16]
CHR Extension: (Lightshot (Screenshot Tool)) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbniclmhobmnbdlbpiphghaielnnpgdp [2012-09-04]
CHR Extension: (DVDVideoSoft) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp [2013-10-28]
CHR Extension: (Google Wallet) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (SweetPacks Chrome Extension) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj [2014-03-06]
CHR Extension: (Extended Protection) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogfjmhfnldnajmfaofeiaepghjenbgjo [2014-02-27]
CHR Extension: (Google Mail) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-07-21]
CHR HKLM\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\Web Assistant\source.crx [2012-08-05]
CHR HKCU\...\Chrome\Extension: [bblnhhgpgomleanhbppdnkpofhjijgdp] - C:\Users\\AppData\Local\CRE\bblnhhgpgomleanhbppdnkpofhjijgdp.crx [2012-08-13]
CHR HKCU\...\Chrome\Extension: [bhphemoobgnikcoofkgackkaimpfmenm] - C:\Users\\AppData\Local\CRE\bhphemoobgnikcoofkgackkaimpfmenm.crx [2012-08-01]
CHR HKCU\...\Chrome\Extension: [caloheeledhajihipjihanmihhegodlc] - C:\Users\\AppData\Local\CRE\caloheeledhajihipjihanmihhegodlc.crx [2012-07-29]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2013-10-28]
CHR HKLM-x32\...\Chrome\Extension: [bblnhhgpgomleanhbppdnkpofhjijgdp] - C:\Users\\AppData\Local\CRE\bblnhhgpgomleanhbppdnkpofhjijgdp.crx [2012-08-13]
CHR HKLM-x32\...\Chrome\Extension: [bhphemoobgnikcoofkgackkaimpfmenm] - C:\Users\\AppData\Local\CRE\bhphemoobgnikcoofkgackkaimpfmenm.crx [2012-08-01]
CHR HKLM-x32\...\Chrome\Extension: [bkomkajifikmkfnjgphkjcfeepbnojok] - C:\Program Files (x86)\PriceGong\2.6.4\pricegong.crx [2012-03-25]
CHR HKLM-x32\...\Chrome\Extension: [bodddioamolcibagionmmobehnbhiakf] - C:\Program Files (x86)\BrowserCompanion\blabbers-ch.crx [2012-07-02]
CHR HKLM-x32\...\Chrome\Extension: [caloheeledhajihipjihanmihhegodlc] - C:\Users\\AppData\Local\CRE\caloheeledhajihipjihanmihhegodlc.crx [2012-07-29]
CHR HKLM-x32\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\Web Assistant\source.crx [2012-08-05]
CHR HKLM-x32\...\Chrome\Extension: [eooncjejnppfjjklapaamhcdmjbilmde] - C:\Users\\AppData\Roaming\Delta\delta.crx [2012-11-25]
CHR HKLM-x32\...\Chrome\Extension: [fgfdfcbeamjnjdejakdidpniblllnbpg] - C:\Windows\SysWOW64\jmdp\pnte.crx [2012-11-25]
CHR HKLM-x32\...\Chrome\Extension: [jifflliplgeajjdhmkcfnngfpgbjonjg] - C:\Program Files (x86)\Perion\NewTab\newTab.crx [2012-08-05]
CHR HKLM-x32\...\Chrome\Extension: [jpmbfleldcgkldadpdinhjjopdfpjfjp] - C:\Users\\AppData\Local\Wajam\Chrome\wajam.crx [2014-01-14]
CHR HKLM-x32\...\Chrome\Extension: [ogccgbmabaphcakpiclgcnmcnimhokcj] - C:\Windows\SysWOW64\jmdp\SweetNT.crx [2014-04-06]
CHR HKLM-x32\...\Chrome\Extension: [ogfjmhfnldnajmfaofeiaepghjenbgjo] - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\ep.crx [2014-02-27]

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-05-27] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-05-27] (Avira Operations GmbH & Co. KG)
R2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [393032 2013-06-19] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384840 2013-06-19] (BlueStack Systems, Inc.)
S2 dealplylive; C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe [148000 2013-10-28] (DealPly Technologies Ltd)
S3 dealplylivem; C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe [148000 2013-10-28] (DealPly Technologies Ltd)
R2 IBUpdaterService; C:\Windows\system32\dmwu.exe [2276144 2014-04-07] ()
R2 IePluginService; C:\ProgramData\IePluginService\PluginService.exe [705136 2014-04-11] (Cherished Technololgy LIMITED)
R2 lxbk_device; C:\Windows\system32\lxbkcoms.exe [565928 2008-02-19] ( )
R2 lxbk_device; C:\Windows\SysWOW64\lxbkcoms.exe [537256 2008-02-19] ( )
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\18.0.0.128\ccSvcHst.exe [126904 2010-05-23] (Symantec Corporation)
R2 Re-markit; C:\Program Files (x86)\Re-markit-soft\Re-markit155.exe [194560 2014-02-28] ()
R2 SProtection; C:\Program Files (x86)\Common Files\Umbrella\umbrella.exe [3088192 2014-05-28] (Iminent)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2365792 2012-09-19] (TuneUp Software)
R2 WajamUpdaterV3; C:\Program Files (x86)\Wajam\Updater\WajamUpdaterV3.exe [114176 2013-11-20] (Wajam)
R2 Web Assistant; C:\Program Files\Web Assistant\ExtensionUpdaterService.exe [188760 2013-01-29] ()
R2 winzipersvc; C:\Program Files (x86)\WinZipper\winzipersvc.exe [425104 2014-02-27] (Taiwan Shui Mu Chih Ching Technology Limited.)
R2 Wpm; C:\ProgramData\WPM\wprotectmanager.exe [501904 2014-02-26] (Cherished Technololgy LIMITED)
R2 WTGService; C:\Program Files (x86)\XSManager\WTGService.exe [327392 2012-04-05] ()
R2 XS Stick Service; C:\Windows\service4g.exe [145064 2011-03-30] (4G Systems GmbH & Co. KG)

==================== Drivers (Whitelisted) ====================

R3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [31920 2013-06-02] (Wondershare)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [112080 2014-04-29] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-04-29] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-19] (Avira Operations GmbH & Co. KG)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [70984 2013-06-19] (BlueStack Systems)
S3 cmnsusbser; C:\Windows\System32\DRIVERS\cmnsusbser.sys [117888 2012-10-05] (Mobile Connector)
S3 RTL8187B; C:\Windows\System32\DRIVERS\rtl8187B.sys [450048 2010-03-31] (Realtek Semiconductor Corporation )
R3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [762472 2011-10-31] (Realtek Semiconductor Corporation )
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [11880 2012-09-19] (TuneUp Software)
S3 X6va009; \??\C:\Windows\SysWOW64\Drivers\X6va009 [X]
S3 X6va010; \??\C:\Windows\SysWOW64\Drivers\X6va010 [X]
S3 X6va011; \??\C:\Windows\SysWOW64\Drivers\X6va011 [X]
S3 X6va014; \??\C:\Windows\SysWOW64\Drivers\X6va014 [X]
S3 X6va015; \??\C:\Windows\SysWOW64\Drivers\X6va015 [X]
S3 X6va016; \??\C:\Windows\SysWOW64\Drivers\X6va016 [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-31 20:37 - 2014-05-31 20:38 - 00042913 _____ () C:\Users\\Desktop\FRST.txt
2014-05-31 20:37 - 2014-05-31 20:37 - 00000000 ____D () C:\FRST
2014-05-31 20:37 - 2014-05-31 20:36 - 02066944 _____ (Farbar) C:\Users\\Desktop\FRST64.exe
2014-05-31 20:35 - 2014-05-31 20:36 - 02066944 _____ (Farbar) C:\Users\\Downloads\FRST64.exe
2014-05-31 20:10 - 2014-05-31 20:11 - 00250250 _____ () C:\Users\\Downloads\140520063508.jpeg
2014-05-31 16:02 - 2014-05-31 16:02 - 00052891 _____ () C:\Users\Jürgen\Downloads\7B1.tmp
2014-05-29 15:46 - 2014-05-29 15:46 - 00000000 ____D () C:\ProgramData\PopCap Games
2014-05-29 15:46 - 2014-05-29 15:46 - 00000000 ____D () C:\ProgramData\EA Core
2014-05-29 15:43 - 2014-05-29 15:43 - 00001286 _____ () C:\Users\Public\Desktop\Pflanzen gegen Zombies.lnk
2014-05-29 15:43 - 2014-05-29 15:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pflanzen gegen Zombies
2014-05-25 02:51 - 2014-05-25 02:51 - 00000000 _____ () C:\Windows\SysWOW64\sho37D5.tmp
2014-05-18 00:25 - 2014-05-18 00:25 - 00000000 _____ () C:\Windows\SysWOW64\shoE10C.tmp
2014-05-17 10:44 - 2014-05-17 10:44 - 00001072 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1001Core1cf71ac260e523e.job
2014-05-17 00:05 - 2014-05-17 00:05 - 00000000 _____ () C:\Windows\SysWOW64\shoE14A.tmp
2014-05-14 22:03 - 2014-05-06 02:46 - 17847808 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-14 22:03 - 2014-05-06 02:21 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-14 22:03 - 2014-05-06 02:21 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-14 22:03 - 2014-05-06 01:32 - 12347392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-14 22:03 - 2014-05-06 01:14 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-14 22:03 - 2014-05-06 01:14 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-14 14:00 - 2014-05-09 08:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-14 14:00 - 2014-05-09 08:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-14 14:00 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-14 14:00 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-14 14:00 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-14 14:00 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-14 14:00 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-14 14:00 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-14 14:00 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-14 14:00 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-05-14 14:00 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-14 14:00 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-14 14:00 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-14 14:00 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-14 14:00 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-14 14:00 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-14 14:00 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-14 14:00 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-14 14:00 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-14 14:00 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-14 14:00 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-14 14:00 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-14 14:00 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-14 14:00 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-14 14:00 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-14 14:00 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-14 14:00 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-14 14:00 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-14 14:00 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-14 14:00 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-14 14:00 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-14 14:00 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-14 14:00 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-14 14:00 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-14 14:00 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-14 14:00 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-14 14:00 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-14 14:00 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-05-14 14:00 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-05-14 14:00 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-05-14 14:00 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-05-14 14:00 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-14 14:00 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-05-14 14:00 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-14 14:00 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-12 19:41 - 2014-05-12 19:41 - 00994160 _____ () C:\Users\Jürgen\Downloads\setup (17).exe
2014-05-11 17:57 - 2014-05-11 17:58 - 00994160 _____ () C:\Users\Jürgen\Downloads\setup (16).exe
2014-05-11 10:47 - 2014-05-11 10:47 - 00001076 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1002Core1cf6cf59b1b4d7c.job
2014-05-11 07:51 - 2014-05-11 07:51 - 00001076 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1000Core1cf6cdd52a1ae5.job
2014-05-10 19:18 - 2014-05-10 19:19 - 00994160 _____ () C:\Users\Jürgen\Downloads\setup (15).exe
2014-05-09 13:02 - 2014-05-09 13:02 - 00001072 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1003Core1cf6b76210b5906.job
2014-05-07 19:02 - 2014-05-07 19:02 - 00614528 _____ () C:\Users\Jürgen\Downloads\Setup (14).exe
2014-05-02 03:23 - 2014-05-02 03:23 - 00000000 _____ () C:\Windows\SysWOW64\shoF15F.tmp

==================== One Month Modified Files and Folders =======

2014-05-31 20:38 - 2014-05-31 20:37 - 00042913 _____ () C:\Users\\Desktop\FRST.txt
2014-05-31 20:38 - 2013-08-29 02:01 - 00000000 ____D () C:\Users\\AppData\Local\PMB Files
2014-05-31 20:38 - 2012-07-21 10:25 - 00000000 ____D () C:\Users\\AppData\Local\Temp
2014-05-31 20:37 - 2014-05-31 20:37 - 00000000 ____D () C:\FRST
2014-05-31 20:36 - 2014-05-31 20:37 - 02066944 _____ (Farbar) C:\Users\\Desktop\FRST64.exe
2014-05-31 20:36 - 2014-05-31 20:35 - 02066944 _____ (Farbar) C:\Users\\Downloads\FRST64.exe
2014-05-31 20:11 - 2014-05-31 20:10 - 00250250 _____ () C:\Users\\Downloads\140520063508.jpeg
2014-05-31 20:08 - 2012-09-12 01:43 - 00000000 ____D () C:\ProgramData\Origin
2014-05-31 20:07 - 2013-11-27 21:58 - 00000000 ____D () C:\Users\\AppData\Roaming\newnext.me
2014-05-31 20:07 - 2012-09-12 01:43 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-05-31 20:07 - 2012-08-14 02:15 - 00000000 ____D () C:\Users\\AppData\Roaming\BrowserCompanion
2014-05-31 20:07 - 2012-07-21 10:07 - 01106898 _____ () C:\Windows\WindowsUpdate.log
2014-05-31 19:54 - 2014-01-21 14:44 - 00000000 ____D () C:\Users\Jürgen\Documents\FIFA 14
2014-05-31 19:02 - 2012-07-21 14:35 - 00000000 ____D () C:\Users\Jürgen\AppData\Local\Temp
2014-05-31 18:55 - 2014-03-06 18:07 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-05-31 16:02 - 2014-05-31 16:02 - 00052891 _____ () C:\Users\Jürgen\Downloads\7B1.tmp
2014-05-31 15:00 - 2012-07-21 15:12 - 00000000 ____D () C:\Users\Elvira\AppData\Local\Temp
2014-05-31 10:32 - 2009-07-14 06:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-31 10:32 - 2009-07-14 06:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-31 10:25 - 2014-02-27 08:04 - 00000000 ____D () C:\Program Files (x86)\WinZipper
2014-05-31 10:24 - 2013-12-10 00:50 - 00000374 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-05-31 10:22 - 2009-07-14 06:51 - 00178041 _____ () C:\Windows\setupact.log
2014-05-31 08:01 - 2013-12-04 02:02 - 02234293 _____ () C:\Windows\IE11_main.log
2014-05-30 19:35 - 2012-07-21 15:21 - 00000000 ____D () C:\Users\Martina\AppData\Local\Temp
2014-05-30 14:22 - 2012-07-21 10:25 - 00000000 ____D () C:\Users\
2014-05-30 08:22 - 2012-07-21 15:20 - 00002375 _____ () C:\Users\Elvira\Desktop\Google Chrome.lnk
2014-05-29 15:46 - 2014-05-29 15:46 - 00000000 ____D () C:\ProgramData\PopCap Games
2014-05-29 15:46 - 2014-05-29 15:46 - 00000000 ____D () C:\ProgramData\EA Core
2014-05-29 15:43 - 2014-05-29 15:43 - 00001286 _____ () C:\Users\Public\Desktop\Pflanzen gegen Zombies.lnk
2014-05-29 15:43 - 2014-05-29 15:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pflanzen gegen Zombies
2014-05-29 15:43 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-05-29 15:41 - 2010-10-01 08:19 - 00116460 _____ () C:\Windows\DirectX.log
2014-05-29 15:38 - 2012-09-12 01:55 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-05-29 15:05 - 2012-09-12 01:55 - 00000000 ____D () C:\Users\Jürgen\AppData\Roaming\Origin
2014-05-28 15:35 - 2012-08-14 02:38 - 00000000 ____D () C:\Users\Jürgen\AppData\Roaming\.minecraft
2014-05-28 08:14 - 2012-07-21 10:38 - 00002380 _____ () C:\Users\\Desktop\Google Chrome.lnk
2014-05-28 08:09 - 2014-02-28 16:46 - 00000000 ____D () C:\Program Files (x86)\Feven Pro 1.2
2014-05-26 15:56 - 2014-01-08 17:58 - 00000000 ____D () C:\Users\Jürgen\Tracing
2014-05-25 02:51 - 2014-05-25 02:51 - 00000000 _____ () C:\Windows\SysWOW64\sho37D5.tmp
2014-05-23 19:34 - 2012-07-21 14:48 - 00002375 _____ () C:\Users\Jürgen\Desktop\Google Chrome.lnk
2014-05-23 17:13 - 2014-04-12 14:19 - 00000000 _____ () C:\end
2014-05-21 10:29 - 2012-07-21 10:25 - 00000000 ___RD () C:\Users\\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-21 10:29 - 2012-07-21 10:25 - 00000000 ___RD () C:\Users\\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-18 00:25 - 2014-05-18 00:25 - 00000000 _____ () C:\Windows\SysWOW64\shoE10C.tmp
2014-05-17 19:31 - 2012-07-21 15:21 - 00000000 ___RD () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-17 19:31 - 2012-07-21 15:21 - 00000000 ___RD () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-17 10:45 - 2009-07-14 19:58 - 00699884 _____ () C:\Windows\system32\perfh007.dat
2014-05-17 10:45 - 2009-07-14 19:58 - 00149766 _____ () C:\Windows\system32\perfc007.dat
2014-05-17 10:45 - 2009-07-14 07:13 - 01622236 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-17 10:44 - 2014-05-17 10:44 - 00001072 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1001Core1cf71ac260e523e.job
2014-05-17 00:05 - 2014-05-17 00:05 - 00000000 _____ () C:\Windows\SysWOW64\shoE14A.tmp
2014-05-15 16:07 - 2012-07-21 15:12 - 00000000 ___RD () C:\Users\Elvira\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-15 16:07 - 2012-07-21 15:12 - 00000000 ___RD () C:\Users\Elvira\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-15 16:05 - 2012-07-21 14:35 - 00000000 ___RD () C:\Users\Jürgen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-15 16:05 - 2012-07-21 14:35 - 00000000 ___RD () C:\Users\Jürgen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-15 16:01 - 2014-04-30 17:52 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-14 22:00 - 2013-07-13 07:57 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-14 22:00 - 2010-10-01 10:17 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-12 19:41 - 2014-05-12 19:41 - 00994160 _____ () C:\Users\Jürgen\Downloads\setup (17).exe
2014-05-11 17:58 - 2014-05-11 17:57 - 00994160 _____ () C:\Users\Jürgen\Downloads\setup (16).exe
2014-05-11 10:47 - 2014-05-11 10:47 - 00001076 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1002Core1cf6cf59b1b4d7c.job
2014-05-11 07:51 - 2014-05-11 07:51 - 00001076 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1000Core1cf6cdd52a1ae5.job
2014-05-10 19:19 - 2014-05-10 19:18 - 00994160 _____ () C:\Users\Jürgen\Downloads\setup (15).exe
2014-05-10 11:53 - 2010-10-01 09:36 - 00378838 _____ () C:\Windows\PFRO.log
2014-05-09 13:02 - 2014-05-09 13:02 - 00001072 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1003Core1cf6b76210b5906.job
2014-05-09 08:14 - 2014-05-14 14:00 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-09 08:11 - 2014-05-14 14:00 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-07 19:02 - 2014-05-07 19:02 - 00614528 _____ () C:\Users\Jürgen\Downloads\Setup (14).exe
2014-05-06 20:44 - 2012-07-21 15:29 - 00002380 _____ () C:\Users\Martina\Desktop\Google Chrome.lnk
2014-05-06 02:46 - 2014-05-14 22:03 - 17847808 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 02:21 - 2014-05-14 22:03 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-06 02:21 - 2014-05-14 22:03 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-06 01:32 - 2014-05-14 22:03 - 12347392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-06 01:14 - 2014-05-14 22:03 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-06 01:14 - 2014-05-14 22:03 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-04 13:46 - 2012-08-24 17:14 - 00528384 ____H () C:\Users\Jürgen\Downloads\photothumb.db
2014-05-04 13:45 - 2013-10-17 18:56 - 00000000 ____D () C:\Users\Jürgen\Downloads\Karikatur2
2014-05-02 03:23 - 2014-05-02 03:23 - 00000000 _____ () C:\Windows\SysWOW64\shoF15F.tmp

Files to move or delete:
====================
C:\ProgramData\0tbpw.pad
C:\ProgramData\winiml.dat


Some content of TEMP:
====================
C:\Users\Elvira\AppData\Local\Temp\AskSLib.dll
C:\Users\Elvira\AppData\Local\Temp\avgnt.exe
C:\Users\Elvira\AppData\Local\Temp\i4jdel0.exe
C:\Users\Elvira\AppData\Local\Temp\rtdrvmon.exe
C:\Users\Elvira\AppData\Local\Temp\SPSetup.exe
C:\Users\\AppData\Local\Temp\APNStub.exe
C:\Users\\AppData\Local\Temp\AskSLib.dll
C:\Users\\AppData\Local\Temp\avgnt.exe
C:\Users\\AppData\Local\Temp\BackupSetup.exe
C:\Users\\AppData\Local\Temp\Browser_Helper_Companion_DE.exe
C:\Users\\AppData\Local\Temp\ezLooker-S-Setup_Suite1.exe
C:\Users\\AppData\Local\Temp\fp_pl_pfs_installer-1.exe
C:\Users\\AppData\Local\Temp\fp_pl_pfs_installer-2.exe
C:\Users\\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\\AppData\Local\Temp\FreeTwitTube-S-Setup_Suite1.exe
C:\Users\\AppData\Local\Temp\FreeTwitTube-S-Setup_Suite1[1].exe
C:\Users\\AppData\Local\Temp\IEHistory.exe
C:\Users\\AppData\Local\Temp\InstalledPrograms.exe
C:\Users\\AppData\Local\Temp\installhelper.dll
C:\Users\\AppData\Local\Temp\IT_CON__95-V32_4.exe
C:\Users\\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\\AppData\Local\Temp\MyBabylonTB_google_20120807.exe
C:\Users\\AppData\Local\Temp\nsa2C4D.exe
C:\Users\\AppData\Local\Temp\nsf1320.exe
C:\Users\\AppData\Local\Temp\nsf3C94.exe
C:\Users\\AppData\Local\Temp\nsfC1D.exe
C:\Users\\AppData\Local\Temp\nsi4C98.exe
C:\Users\\AppData\Local\Temp\nsi908B.exe
C:\Users\\AppData\Local\Temp\nsn464F.exe
C:\Users\\AppData\Local\Temp\nsq19C6.exe
C:\Users\\AppData\Local\Temp\nsq33FC.exe
C:\Users\\AppData\Local\Temp\nst92ED.exe
C:\Users\\AppData\Local\Temp\nst95AC.exe
C:\Users\\AppData\Local\Temp\nsu62F0.exe
C:\Users\\AppData\Local\Temp\nsy494D.exe
C:\Users\\AppData\Local\Temp\Optimizer_Pro.exe
C:\Users\\AppData\Local\Temp\rtdrvmon.exe
C:\Users\\AppData\Local\Temp\setup_fsu_cid.exe
C:\Users\\AppData\Local\Temp\SkypeSetup.exe
C:\Users\\AppData\Local\Temp\smt_awesomehp_new.exe
C:\Users\\AppData\Local\Temp\softonic_ssk_conduit.exe
C:\Users\\AppData\Local\Temp\SPSetup.exe
C:\Users\\AppData\Local\Temp\SPWrap.exe
C:\Users\\AppData\Local\Temp\sqlite3.dll
C:\Users\\AppData\Local\Temp\SRAssetsHelper.dll
C:\Users\\AppData\Local\Temp\swt-win32-3740.dll
C:\Users\\AppData\Local\Temp\tbiNTE.dll
C:\Users\\AppData\Local\Temp\uninst1.exe
C:\Users\\AppData\Local\Temp\vcredist_x64.exe
C:\Users\\AppData\Local\Temp\vlc-2.0.2-win32.exe
C:\Users\\AppData\Local\Temp\wajam_download.exe
C:\Users\\AppData\Local\Temp\YontooSetup-S.exe
C:\Users\Jürgen\AppData\Local\Temp\avgnt.exe
C:\Users\Jürgen\AppData\Local\Temp\i4jdel0.exe
C:\Users\Jürgen\AppData\Local\Temp\i4jdel1.exe
C:\Users\Jürgen\AppData\Local\Temp\i4jdel2.exe
C:\Users\Jürgen\AppData\Local\Temp\jansi-32-git-Bukkit-1.5.2-R1.0-b2788jnks.dll
C:\Users\Jürgen\AppData\Local\Temp\javagiac0.016783020975253415.dll
C:\Users\Jürgen\AppData\Local\Temp\rtdrvmon.exe
C:\Users\Jürgen\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Jürgen\AppData\Local\Temp\{E5A0C4BB-6690-4D2C-A990-4C6110C79388}-34.0.1847.137_34.0.1847.131_chrome_updater.exe
C:\Users\Martina\AppData\Local\Temp\AskSLib.dll
C:\Users\Martina\AppData\Local\Temp\avgnt.exe
C:\Users\Martina\AppData\Local\Temp\rtdrvmon.exe
C:\Users\Martina\AppData\Local\Temp\SPSetup.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-09-01 11:24

==================== End Of Log ============================


Addition:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-05-2014
Ran by at 2014-05-31 20:38:47
Running from C:\Users\\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Norton Internet Security (Disabled - Up to date) {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}
AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Internet Security (Disabled - Up to date) {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}
FW: Norton Internet Security (Disabled) {B0F2DB13-C654-2E74-30D4-99C9310F0F2E}

==================== Installed Programs ======================

Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.7.700.224 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.182 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.2.122 - Adobe Systems, Inc.)
Alcatraz (HKLM-x32\...\Alcatraz/DE-German_is1) (Version: - City Interactive)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - ATI Technologies Inc.) Hidden
Apowersoft kostenloser Bildschirmrekorder V1.2.4 (HKLM-x32\...\{4EFA42DB-E4EC-4537-9DF3-5158D08A9785}_is1) (Version: 1.2.4 - Apowersoft)
appbario8 Toolbar (HKLM-x32\...\appbario8 Toolbar) (Version: 6.9.0.16 - appbario8)
Arma 3 (HKLM-x32\...\Steam App 107410) (Version: - Bohemia Interactive)
Arma 3 Tools (HKLM-x32\...\Steam App 233800) (Version: - Bohemia Interactive)
ATI Catalyst Install Manager (HKLM\...\{8DF9D3DF-6D03-A04F-217F-F2577D973DBE}) (Version: 3.0.795.0 - ATI Technologies, Inc.)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.4.642 - Avira)
Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.7.14.901 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{9D84E30F-6757-4A56-BCB5-51ADE3AE8631}) (Version: 0.7.14.901 - BlueStack Systems, Inc.)
BrowserCompanion (HKLM-x32\...\BrowserCompanion) (Version: - ) <==== ATTENTION
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2010.0930.2237.38732 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.0930.2237.38732 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2010.0930.2237.38732 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2010.0930.2237.38732 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Czech (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Danish (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Dutch (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help English (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Finnish (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help French (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help German (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Greek (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Italian (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Japanese (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Korean (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Polish (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Russian (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Spanish (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Swedish (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Thai (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Turkish (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
ccc-core-static (x32 Version: 2010.0930.2237.38732 - Ihr Firmenname) Hidden
ccc-utility64 (Version: 2010.0930.2237.38732 - ATI) Hidden
Cross Fire En (HKLM-x32\...\Cross Fire_is1) (Version: - Z8Games.com)
Crossfire Europe (HKLM-x32\...\Crossfire Europe) (Version: 1181 - SG INTERACTIVE)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dealply (HKCU\...\Dealply) (Version: - ) <==== ATTENTION
DealPly (remove only) (HKLM-x32\...\DealPly) (Version: 4.8.7.3 - DealPly Technologies Ltd.) <==== ATTENTION
Delta Chrome Toolbar (HKLM-x32\...\{177586E7-E42E-4F38-83D1-D15B4AF5B714}) (Version: 1.0.0.0 - DeltaInstaller) <==== ATTENTION
Delta toolbar (HKLM-x32\...\delta) (Version: 1.8.10.0 - Delta) <==== ATTENTION
DVDVideoSoftTB DE Toolbar (HKLM-x32\...\DVDVideoSoftTB_DE Toolbar) (Version: 6.9.0.16 - DVDVideoSoftTB DE)
Feven Pro 1.2 (HKLM-x32\...\Feven Pro 1.2) (Version: 1.34.2.13 - Feven) <==== ATTENTION
FIFA 13 (HKLM-x32\...\{A29E18C2-7AB1-4b6b-848C-5D5E2C85F0C0}) (Version: 1.2.0.0 - Electronic Arts)
FIFA 14 (HKLM-x32\...\{AA7A2800-1E75-4240-855B-03AFF8E5171E}) (Version: 1.0.0.7 - Electronic Arts)
Free Audio CD to MP3 Converter version 1.3.12.1228 (HKLM-x32\...\Free Audio CD to MP3 Converter_is1) (Version: 1.3.12.1228 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.14.1022 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.14.1022 - DVDVideoSoft Ltd.)
GIMP 2.8.6 (HKLM\...\GIMP-2_is1) (Version: 2.8.6 - The GIMP Team)
Google Chrome (HKCU\...\Google Chrome) (Version: 35.0.1916.114 - Google Inc.)
Google Update Helper (x32 Version: 1.3.23.0 - DealPly Technologies Ltd) Hidden <==== ATTENTION
Hama Black Force Pad (HKLM-x32\...\{4999B2F1-3E74-409A-B8B5-E94448AA9EA6}) (Version: 2007.01.01 - )
HQ-Video-Profession-1.3 (HKLM-x32\...\HQ-Video-Profession-1.3) (Version: 1.34.2.13 - HQ-Video) <==== ATTENTION
HydraVision (x32 Version: 4.2.180.0 - ATI Technologies Inc.) Hidden
IB Updater Service (HKLM-x32\...\WNLT) (Version: 5.0.8.6 - ) <==== ATTENTION
IePluginService12.27.0.3326 (HKLM-x32\...\IePlugins) (Version: 12.27.0.3326 - Cherished Technololgy LIMITED) <==== ATTENTION
iLivid (HKLM-x32\...\iLivid) (Version: 4.0.0.2208 - Bandoo Media Inc) <==== ATTENTION
IM Lock (HKLM-x32\...\IMLock) (Version: - Comvigo, Inc.)
Iminent (HKLM-x32\...\IMBoosterARP) (Version: 6.4.56.0 - Iminent) <==== ATTENTION
Iminent (x32 Version: 6.4.56.0 - Iminent) Hidden <==== ATTENTION
Incredibar Toolbar on IE (HKLM-x32\...\incredibar) (Version: - ) <==== ATTENTION
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)
ISY N150 Micro WLAN USB-Adapter (HKLM-x32\...\{B20F9D1C-A0A5-4cd8-8306-DA03872311B1}) (Version: 1.00.0155 - ISY)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Lexmark X1100 Series (HKLM\...\Lexmark X1100 Series) (Version: - Lexmark International, Inc.)
lightshot-4.4.2.0 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 4.4.2.0 - Skillbrains)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mobogenie (HKLM-x32\...\Mobogenie) (Version: - Mobogenie.com) <==== ATTENTION
Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
Need For Speed™ World (HKLM-x32\...\{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1) (Version: 1.0.0.993 - Electronic Arts)
Norton Internet Security (HKLM-x32\...\NIS) (Version: 18.0.0.128 - Symantec Corporation)
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.0.2.2065 - Electronic Arts, Inc.)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.9 - Pando Networks Inc.)
Pflanzen gegen Zombies™ (HKLM-x32\...\{5E6536C2-E79A-49CF-83EA-817AD81F9FC8}) (Version: 1.2.0.1093 - Electronic Arts, Inc.)
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
PriceGong 2.6.4 (HKLM-x32\...\PriceGong) (Version: 2.6.4 - PriceGong) <==== ATTENTION
Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6121 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6194 - Realtek Semiconductor Corp.)
Re-markit (HKLM-x32\...\f4dc7792-3f3d-43d0-ad79-cb3520fae36c) (Version: - Re-markit Software) <==== ATTENTION
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Sniper - Art of Victory (HKLM-x32\...\sniper_de_is1) (Version: - City Interactive)
SpecialSavings (HKLM-x32\...\SpecialSavings) (Version: - ) <==== ATTENTION
SpeedUpMyPC (HKLM-x32\...\{E55B3271-7CA8-4D0C-AE06-69A24856E996}_is1) (Version: 5.3.4.4 - Uniblue Systems Ltd) <==== ATTENTION
Spelling Dictionaries Support For Adobe Reader 9 (HKLM-x32\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
SupTab (HKLM-x32\...\SupTab) (Version: 1.1.1.0 - ) <==== ATTENTION
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.8.1 - TeamSpeak Systems GmbH)
TuneUp Utilities 2013 (HKLM-x32\...\TuneUp Utilities 2013) (Version: 13.0.2020.4 - TuneUp Software)
TuneUp Utilities 2013 (x32 Version: 13.0.2020.4 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (x32 Version: 13.0.2020.4 - TuneUp Software) Hidden
Video Downloader (HKLM-x32\...\Video Downloader) (Version: 1.14 - hxxp://www.vgrabber.com)
VLC media player 2.0.3 (HKLM-x32\...\VLC media player) (Version: 2.0.3 - VideoLAN)
VO Package (HKLM-x32\...\VOPackage) (Version: 1.0.0.0 - ) <==== ATTENTION
Wajam (HKLM-x32\...\Wajam) (Version: 2.11 - Wajam) <==== ATTENTION
Web Assistant 2.0.0.573 (HKLM\...\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1) (Version: 2.0.0.573 - IncrediBar) <==== ATTENTION
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger Companion Core (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WinZipper (HKLM-x32\...\WinZipper) (Version: 1.5.29 - Taiwan Shui Mu Chih Ching Technology Limited.) <==== ATTENTION
WiseConvert (HKLM-x32\...\WiseConvert) (Version: 1.0 - WiseConvert)
WMV9/VC-1 Video Playback (Version: 1.00.0000 - ATI Technologies Inc.) Hidden
World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812}_is1) (Version: - Wargaming.net)
XSManager (HKLM-x32\...\XSManager) (Version: 3.2 - XSManager)

==================== Restore Points =========================

23-05-2014 17:38:13 Windows Update
23-05-2014 23:00:11 Windows Update
24-05-2014 16:20:14 Windows Update
24-05-2014 18:08:19 Windows Update
25-05-2014 00:48:34 Windows Update
25-05-2014 19:14:34 Windows Update
26-05-2014 19:21:38 Windows Update
27-05-2014 19:56:06 Windows Update
28-05-2014 10:10:08 Windows Update
29-05-2014 00:56:57 Windows Update
29-05-2014 13:36:46 DirectX wurde installiert
29-05-2014 23:00:34 Windows Update
30-05-2014 06:27:09 Windows Update
31-05-2014 01:00:50 Windows Update
31-05-2014 05:58:19 Windows Update

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {00CDF369-5C82-4B09-A8B8-22E0110976DE} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1001Core => C:\Users\Elvira\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-21] (Google Inc.)
Task: {162D19D2-88E6-425F-ACF9-085709C10976} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1003Core => C:\Users\Jürgen\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-21] (Google Inc.)
Task: {180C32E6-A575-49A3-AA4D-7E9EDC44A1AA} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2013\OneClick.exe [2012-09-19] (TuneUp Software)
Task: {1FD7E7FA-4C1B-46AA-B808-A6B47969B523} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1000UA => C:\Users\\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-21] (Google Inc.)
Task: {25715EC7-88B9-4811-B0FD-540AC855053B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1002UA => C:\Users\Martina\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-21] (Google Inc.)
Task: {2D13B59E-4C34-49F2-81B8-8A7F2D96CC2F} - System32\Tasks\PC Performer Manager => Sc.exe start PC Performer Manager
Task: {620FBD68-8B3D-47C5-BEE1-EA19B1705EC4} - System32\Tasks\Games\UpdateCheck_S-1-5-21-2465613748-4109621216-2680054910-1001
Task: {62745FA6-88B4-4F26-B2F4-09469D925348} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {635AC757-77D2-41EE-A578-F6A8974BF31D} - System32\Tasks\AdobeFlashPlayerUpdate => C:\Windows\SysWOW64\FlashPlayerUpdateService.exe
Task: {6875CA21-089D-4DC0-A439-FE49B1E33DB4} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: {6E350C8D-3672-4719-8CF1-5A8B8CA44909} - System32\Tasks\update-S-1-5-21-2465613748-4109621216-2680054910-1003 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2013-02-23] ()
Task: {77E350C2-2250-4BEE-B575-EF12CA6A03F8} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2013-02-23] ()
Task: {820F5D76-F745-4811-BE70-3E99A14E89D9} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1002Core => C:\Users\Martina\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-21] (Google Inc.)
Task: {9C4EF4AE-24AC-494E-BB1E-389E59772369} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-11] (Adobe Systems Incorporated)
Task: {A66165D0-A739-46B9-AA91-33C0AE65F710} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1003UA => C:\Users\Jürgen\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-21] (Google Inc.)
Task: {ABD96266-25AF-494C-B2F5-17C5D8F015E2} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1001UA => C:\Users\Elvira\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-21] (Google Inc.)
Task: {B3ACA1F2-AC10-4A74-A012-61E186CB35DD} - System32\Tasks\update-S-1-5-21-2465613748-4109621216-2680054910-1000 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2013-02-23] ()
Task: {BEE6EDB5-D13A-4C37-B3C9-40075E803219} - System32\Tasks\AdobeFlashPlayerUpdate 2 => C:\Windows\SysWOW64\FlashPlayerUpdateService.exe
Task: {D1301EC2-67C9-4E08-9A87-56DB18075640} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1000Core => C:\Users\\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-21] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineCore.job => C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe <==== ATTENTION
Task: C:\Windows\Tasks\Feven Pro 1.2-chromeinstaller.job => C:\Program Files (x86)\Feven Pro 1.2\Feven Pro 1.2-chromeinstaller.exe <==== ATTENTION
Task: C:\Windows\Tasks\Feven Pro 1.2-codedownloader.job => C:\Program Files (x86)\Feven Pro 1.2\Feven Pro 1.2-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\Feven Pro 1.2-enabler.job => C:\Program Files (x86)\Feven Pro 1.2\Feven Pro 1.2-enabler.exe <==== ATTENTION
Task: C:\Windows\Tasks\Feven Pro 1.2-firefoxinstaller.job => C:\Program Files (x86)\Feven Pro 1.2\Feven Pro 1.2-firefoxinstaller.exe <==== ATTENTION
Task: C:\Windows\Tasks\Feven Pro 1.2-updater.job => C:\Program Files (x86)\Feven Pro 1.2\Feven Pro 1.2-updater.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1000Core1cf6cdd52a1ae5.job => C:\Users\\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1000UA.job => C:\Users\\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1001Core1cf71ac260e523e.job => C:\Users\Elvira\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1001UA.job => C:\Users\Elvira\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1002Core1cf6cf59b1b4d7c.job => C:\Users\Martina\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1002UA.job => C:\Users\Martina\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1003Core1cf6b76210b5906.job => C:\Users\Jürgen\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1003UA.job => C:\Users\Jürgen\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HQ-Video-Profession-1.3-chromeinstaller.job => C:\Program Files (x86)\HQ-Video-Profession-1.3\HQ-Video-Profession-1.3-chromeinstaller.exe <==== ATTENTION
Task: C:\Windows\Tasks\HQ-Video-Profession-1.3-codedownloader.job => C:\Program Files (x86)\HQ-Video-Profession-1.3\HQ-Video-Profession-1.3-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\HQ-Video-Profession-1.3-enabler.job => C:\Program Files (x86)\HQ-Video-Profession-1.3\HQ-Video-Profession-1.3-enabler.exe <==== ATTENTION
Task: C:\Windows\Tasks\HQ-Video-Profession-1.3-firefoxinstaller.job => C:\Program Files (x86)\HQ-Video-Profession-1.3\HQ-Video-Profession-1.3-firefoxinstaller.exe <==== ATTENTION
Task: C:\Windows\Tasks\HQ-Video-Profession-1.3-updater.job => C:\Program Files (x86)\HQ-Video-Profession-1.3\HQ-Video-Profession-1.3-updater.exe <==== ATTENTION
Task: C:\Windows\Tasks\PCHelpers1st.job => C:\Program Files (x86)\Optimizer Elite Max\Optimizer Elite Max.exe <==== ATTENTION
Task: C:\Windows\Tasks\PCHelpers_period.job => C:\Program Files (x86)\Optimizer Elite Max\Optimizer Elite Max.exe <==== ATTENTION
Task: C:\Windows\Tasks\Re-markit Update.job => C:\Program Files (x86)\Re-markit-soft\ReMar.exe <==== ATTENTION
Task: C:\Windows\Tasks\Re-markit_wd.job => C:\Program Files (x86)\Re-markit-soft\Re-markit_wd.exe <==== ATTENTION
Task: C:\Windows\Tasks\SpeedUpMyPC.job => C:\Program Files (x86)\Uniblue\SpeedUpMyPC\sump.exe <==== ATTENTION
Task: C:\Windows\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013.job => C:\Program Files (x86)\TuneUp Utilities 2013\OneClick.exe
Task: C:\Windows\Tasks\update-S-1-5-21-2465613748-4109621216-2680054910-1000.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\Windows\Tasks\update-S-1-5-21-2465613748-4109621216-2680054910-1003.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\Windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe

==================== Loaded Modules (whitelisted) =============

2012-09-03 21:48 - 2014-04-07 16:57 - 02276144 _____ () C:\Windows\system32\dmwu.exe
2014-02-28 16:37 - 2014-02-28 16:37 - 00194560 _____ () C:\Program Files (x86)\Re-markit-soft\Re-markit155.exe
2012-08-05 21:47 - 2013-01-29 15:28 - 00188760 _____ () C:\Program Files\Web Assistant\ExtensionUpdaterService.exe
2012-10-05 10:38 - 2012-04-05 17:35 - 00327392 ____N () C:\Program Files (x86)\XSManager\WTGService.exe
2014-04-07 16:57 - 2014-04-07 16:57 - 01100592 _____ () C:\Windows\SysWOW64\jmdp\stij.exe
2014-04-07 16:57 - 2014-04-07 16:57 - 01303856 _____ () C:\Windows\System32\ljkb\stij.exe
2014-04-07 16:57 - 2014-04-07 16:57 - 01571120 _____ () C:\Windows\System32\ljkb\lmrn.dll
2013-08-29 01:39 - 2013-08-29 01:40 - 04287536 _____ () C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
2013-11-27 21:58 - 2014-02-28 15:16 - 00775872 _____ () C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
2012-07-02 11:16 - 2012-07-02 11:16 - 00695448 _____ () C:\Users\\AppData\Roaming\BrowserCompanion\tbhcn.exe
2010-08-04 15:58 - 2010-08-04 15:58 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2010-09-30 22:36 - 2010-09-30 22:36 - 00270336 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2014-02-27 08:04 - 2014-02-27 08:04 - 00612496 _____ () C:\Program Files (x86)\WinZipper\sqlite3.dll
2014-02-14 11:30 - 2014-02-14 11:30 - 00170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\bfd5296be62268bc7a31a424f0d1ad5f\IsdiInterop.ni.dll
2010-10-01 09:40 - 2010-03-03 20:08 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2014-04-07 16:57 - 2014-04-07 16:57 - 01266992 _____ () C:\Windows\SysWOW64\jmdp\lmrn.dll
2014-02-28 15:17 - 2014-02-28 15:16 - 00061440 _____ () C:\Program Files (x86)\Mobogenie\Device.dll
2014-02-28 15:17 - 2014-02-28 15:16 - 00471040 _____ () C:\Program Files (x86)\Mobogenie\DCR.dll
2012-08-10 16:51 - 2012-08-10 16:51 - 00985088 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
2014-05-28 08:14 - 2014-05-14 01:40 - 00716616 _____ () C:\Users\\AppData\Local\Google\Chrome\Application\35.0.1916.114\libglesv2.dll
2014-05-28 08:14 - 2014-05-14 01:40 - 00126280 _____ () C:\Users\\AppData\Local\Google\Chrome\Application\35.0.1916.114\libegl.dll
2014-05-28 08:14 - 2014-05-14 01:40 - 04217672 _____ () C:\Users\\AppData\Local\Google\Chrome\Application\35.0.1916.114\pdf.dll
2014-05-28 08:14 - 2014-05-14 01:40 - 00414536 _____ () C:\Users\\AppData\Local\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll
2014-05-28 08:14 - 2014-05-14 01:40 - 01732424 _____ () C:\Users\\AppData\Local\Google\Chrome\Application\35.0.1916.114\ffmpegsumo.dll
2014-05-28 08:14 - 2014-05-14 01:40 - 13695816 _____ () C:\Users\\AppData\Local\Google\Chrome\Application\35.0.1916.114\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\\Downloads\Bestaetigung_Rechnung_zu_Ihrer_byebye_Reise_21200789.eml:OECustomProperty
AlternateDataStreams: C:\Users\\Downloads\nachricht (1).eml:OECustomProperty
AlternateDataStreams: C:\Users\\Downloads\nachricht.eml:OECustomProperty

==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/31/2014 08:01:20 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst konnte nicht heruntergefahren werden. Aufgetretener Fehler: System.InvalidOperationException: UpdatePendingStatus kann nur während der Verarbeitung von Befehlen zum Starten, Beenden, Anhalten und Fortsetzen aufgerufen werden.
bei System.ServiceProcess.ServiceBase.RequestAdditionalTime(Int32 milliseconds)
bei BlueStacks.hyperDroid.Service.Service.CleanupHelperProcess(Process proc, String name)
bei BlueStacks.hyperDroid.Service.Service.OnStop()
bei BlueStacks.hyperDroid.Service.Service.OnShutdown()
bei System.ServiceProcess.ServiceBase.DeferredShutdown()

Error: (05/31/2014 08:01:11 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Re-markit155.exe, Version: 1.155.0.0, Zeitstempel: 0x530db243
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18409, Zeitstempel: 0x53159a86
Ausnahmecode: 0xe06d7363
Fehleroffset: 0x0000c42d
ID des fehlerhaften Prozesses: 0xf28
Startzeit der fehlerhaften Anwendung: 0xRe-markit155.exe0
Pfad der fehlerhaften Anwendung: Re-markit155.exe1
Pfad des fehlerhaften Moduls: Re-markit155.exe2
Berichtskennung: Re-markit155.exe3

Error: (05/30/2014 00:39:14 PM) (Source: Iminent) (EventID: 0) (User: )
Description: Unexpected exception.

System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.NullReferenceException: Der Objektverweis wurde nicht auf eine Objektinstanz festgelegt.
bei Iminent.Mediator.Server.ApplicationService.<>c__DisplayClassa.<WarmUp>b__9(Composite composite)
--- Ende der internen Ausnahmestapelüberwachung ---
bei System.RuntimeMethodHandle.InvokeMethod(Object target, Object[] arguments, Signature sig, Boolean constructor)
bei System.Reflection.RuntimeMethodInfo.UnsafeInvokeInternal(Object obj, Object[] parameters, Object[] arguments)
bei System.Delegate.DynamicInvokeImpl(Object[] args)
bei System.Windows.Threading.ExceptionWrapper.InternalRealCall(Delegate callback, Object args, Int32 numArgs)
bei MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(Object source, Delegate method, Object args, Int32 numArgs, Delegate catchHandler)

Error: (05/30/2014 01:04:15 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Re-markit155.exe, Version: 1.155.0.0, Zeitstempel: 0x530db243
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18409, Zeitstempel: 0x53159a86
Ausnahmecode: 0xe06d7363
Fehleroffset: 0x0000c42d
ID des fehlerhaften Prozesses: 0x8a4
Startzeit der fehlerhaften Anwendung: 0xRe-markit155.exe0
Pfad der fehlerhaften Anwendung: Re-markit155.exe1
Pfad des fehlerhaften Moduls: Re-markit155.exe2
Berichtskennung: Re-markit155.exe3

Error: (05/29/2014 09:24:43 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Explorer.EXE, Version 6.1.7601.17567 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: bdc

Startzeit: 01cf7b2654df9e89

Endzeit: 142

Anwendungspfad: C:\Windows\Explorer.EXE

Berichts-ID: c652360f-e766-11e3-b952-1c6f6549ce08

Error: (05/29/2014 03:00:37 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Re-markit155.exe, Version: 1.155.0.0, Zeitstempel: 0x530db243
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18409, Zeitstempel: 0x53159a86
Ausnahmecode: 0xe06d7363
Fehleroffset: 0x0000c42d
ID des fehlerhaften Prozesses: 0x894
Startzeit der fehlerhaften Anwendung: 0xRe-markit155.exe0
Pfad der fehlerhaften Anwendung: Re-markit155.exe1
Pfad des fehlerhaften Moduls: Re-markit155.exe2
Berichtskennung: Re-markit155.exe3

Error: (05/27/2014 09:59:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Re-markit155.exe, Version: 1.155.0.0, Zeitstempel: 0x530db243
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18409, Zeitstempel: 0x53159a86
Ausnahmecode: 0xe06d7363
Fehleroffset: 0x0000c42d
ID des fehlerhaften Prozesses: 0x81c
Startzeit der fehlerhaften Anwendung: 0xRe-markit155.exe0
Pfad der fehlerhaften Anwendung: Re-markit155.exe1
Pfad des fehlerhaften Moduls: Re-markit155.exe2
Berichtskennung: Re-markit155.exe3

Error: (05/26/2014 09:25:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Re-markit155.exe, Version: 1.155.0.0, Zeitstempel: 0x530db243
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18409, Zeitstempel: 0x53159a86
Ausnahmecode: 0xe06d7363
Fehleroffset: 0x0000c42d
ID des fehlerhaften Prozesses: 0x864
Startzeit der fehlerhaften Anwendung: 0xRe-markit155.exe0
Pfad der fehlerhaften Anwendung: Re-markit155.exe1
Pfad des fehlerhaften Moduls: Re-markit155.exe2
Berichtskennung: Re-markit155.exe3

Error: (05/25/2014 09:17:55 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst konnte nicht heruntergefahren werden. Aufgetretener Fehler: System.InvalidOperationException: UpdatePendingStatus kann nur während der Verarbeitung von Befehlen zum Starten, Beenden, Anhalten und Fortsetzen aufgerufen werden.
bei System.ServiceProcess.ServiceBase.RequestAdditionalTime(Int32 milliseconds)
bei BlueStacks.hyperDroid.Service.Service.OnStop()
bei BlueStacks.hyperDroid.Service.Service.OnShutdown()
bei System.ServiceProcess.ServiceBase.DeferredShutdown()

Error: (05/25/2014 09:17:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Re-markit155.exe, Version: 1.155.0.0, Zeitstempel: 0x530db243
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18409, Zeitstempel: 0x53159a86
Ausnahmecode: 0xe06d7363
Fehleroffset: 0x0000c42d
ID des fehlerhaften Prozesses: 0x83c
Startzeit der fehlerhaften Anwendung: 0xRe-markit155.exe0
Pfad der fehlerhaften Anwendung: Re-markit155.exe1
Pfad des fehlerhaften Moduls: Re-markit155.exe2
Berichtskennung: Re-markit155.exe3


System errors:
=============
Error: (05/31/2014 06:55:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (05/31/2014 06:55:43 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.

Error: (05/31/2014 01:37:41 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F48FC5B2-094A-44C7-B48C-289738C9582D}

Error: (05/31/2014 08:01:13 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Re-markit" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/31/2014 08:01:05 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Internet Explorer 11 für Windows 7 für x64-basierte Systeme

Error: (05/31/2014 07:27:08 AM) (Source: Server) (EventID: 2505) (User: )
Description: Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht \Device\NetBT_Tcpip_{2A1A7AD7-DF00-40FC-9333-1E858D256B18} vom Serverdienst nicht gebunden werden. Der Serverdienst konnte nicht gestartet werden.

Error: (05/31/2014 03:03:40 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Internet Explorer 11 für Windows 7 für x64-basierte Systeme

Error: (05/31/2014 03:00:29 AM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0

Error: (05/30/2014 00:52:11 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F48FC5B2-094A-44C7-B48C-289738C9582D}

Error: (05/30/2014 00:38:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Norton Internet Security" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053


Microsoft Office Sessions:
=========================
Error: (05/31/2014 08:01:20 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst konnte nicht heruntergefahren werden. Aufgetretener Fehler: System.InvalidOperationException: UpdatePendingStatus kann nur während der Verarbeitung von Befehlen zum Starten, Beenden, Anhalten und Fortsetzen aufgerufen werden.
bei System.ServiceProcess.ServiceBase.RequestAdditionalTime(Int32 milliseconds)
bei BlueStacks.hyperDroid.Service.Service.CleanupHelperProcess(Process proc, String name)
bei BlueStacks.hyperDroid.Service.Service.OnStop()
bei BlueStacks.hyperDroid.Service.Service.OnShutdown()
bei System.ServiceProcess.ServiceBase.DeferredShutdown()

Error: (05/31/2014 08:01:11 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Re-markit155.exe1.155.0.0530db243KERNELBASE.dll6.1.7601.1840953159a86e06d73630000c42df2801cf7bf37a4253e5C:\Program Files (x86)\Re-markit-soft\Re-markit155.exeC:\Windows\syswow64\KERNELBASE.dllf6f536a7-e888-11e3-9d00-1c6f6549ce08

Error: (05/30/2014 00:39:14 PM) (Source: Iminent) (EventID: 0) (User: )
Description: Unexpected exception.

System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.NullReferenceException: Der Objektverweis wurde nicht auf eine Objektinstanz festgelegt.
bei Iminent.Mediator.Server.ApplicationService.<>c__DisplayClassa.<WarmUp>b__9(Composite composite)
--- Ende der internen Ausnahmestapelüberwachung ---
bei System.RuntimeMethodHandle.InvokeMethod(Object target, Object[] arguments, Signature sig, Boolean constructor)
bei System.Reflection.RuntimeMethodInfo.UnsafeInvokeInternal(Object obj, Object[] parameters, Object[] arguments)
bei System.Delegate.DynamicInvokeImpl(Object[] args)
bei System.Windows.Threading.ExceptionWrapper.InternalRealCall(Delegate callback, Object args, Int32 numArgs)
bei MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(Object source, Delegate method, Object args, Int32 numArgs, Delegate catchHandler)

Error: (05/30/2014 01:04:15 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Re-markit155.exe1.155.0.0530db243KERNELBASE.dll6.1.7601.1840953159a86e06d73630000c42d8a401cf7b2651844dc6C:\Program Files (x86)\Re-markit-soft\Re-markit155.exeC:\Windows\syswow64\KERNELBASE.dll8db42bc3-e785-11e3-b952-1c6f6549ce08

Error: (05/29/2014 09:24:43 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Explorer.EXE6.1.7601.17567bdc01cf7b2654df9e89142C:\Windows\Explorer.EXEc652360f-e766-11e3-b952-1c6f6549ce08

Error: (05/29/2014 03:00:37 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Re-markit155.exe1.155.0.0530db243KERNELBASE.dll6.1.7601.1840953159a86e06d73630000c42d89401cf7a63585a967bC:\Program Files (x86)\Re-markit-soft\Re-markit155.exeC:\Windows\syswow64\KERNELBASE.dlla4e53e31-e6cc-11e3-b8fd-1c6f6549ce08

Error: (05/27/2014 09:59:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Re-markit155.exe1.155.0.0530db243KERNELBASE.dll6.1.7601.1840953159a86e06d73630000c42d81c01cf799b0a1f0c71C:\Program Files (x86)\Re-markit-soft\Re-markit155.exeC:\Windows\syswow64\KERNELBASE.dll661f4893-e5d9-11e3-b36f-1c6f6549ce08

Error: (05/26/2014 09:25:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Re-markit155.exe1.155.0.0530db243KERNELBASE.dll6.1.7601.1840953159a86e06d73630000c42d86401cf78e6a8b756c4C:\Program Files (x86)\Re-markit-soft\Re-markit155.exeC:\Windows\syswow64\KERNELBASE.dll7f5aa995-e50b-11e3-a4d9-1c6f6549ce08

Error: (05/25/2014 09:17:55 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst konnte nicht heruntergefahren werden. Aufgetretener Fehler: System.InvalidOperationException: UpdatePendingStatus kann nur während der Verarbeitung von Befehlen zum Starten, Beenden, Anhalten und Fortsetzen aufgerufen werden.
bei System.ServiceProcess.ServiceBase.RequestAdditionalTime(Int32 milliseconds)
bei BlueStacks.hyperDroid.Service.Service.OnStop()
bei BlueStacks.hyperDroid.Service.Service.OnShutdown()
bei System.ServiceProcess.ServiceBase.DeferredShutdown()

Error: (05/25/2014 09:17:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Re-markit155.exe1.155.0.0530db243KERNELBASE.dll6.1.7601.1840953159a86e06d73630000c42d83c01cf77e7a66b93feC:\Program Files (x86)\Re-markit-soft\Re-markit155.exeC:\Windows\syswow64\KERNELBASE.dll41f967c5-e441-11e3-9d94-1c6f6549ce08


==================== Memory info ===========================

Percentage of memory in use: 74%
Total physical RAM: 3959.48 MB
Available physical RAM: 995.35 MB
Total Pagefile: 7917.15 MB
Available Pagefile: 3216.21 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:727.71 GB) (Free:467.25 GB) NTFS
Drive d: (Volume) (Fixed) (Total:195.31 GB) (Free:195.22 GB) NTFS
Drive e: (Recovery) (Fixed) (Total:8 GB) (Free:2.57 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 30B6D843)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=728 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=195 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=8 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Hoffe, das ihr mir helfen könnt. Besten Dank im Vorraus !!!
Gruß
Jackson11

Alt 31.05.2014, 20:08   #2
M-K-D-B
/// TB-Ausbilder
 
WINDOWS 7 kommen ständig PopUps usw... - Standard

WINDOWS 7 kommen ständig PopUps usw...






Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.


Bitte beachte folgende Hinweise:
  • Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
  • Lies dir die Anleitungen sorgfältig durch. Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
  • Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo.
    Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
  • Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
  • Alle zu verwendenen Programme sind auf dem Desktop abzuspeichern und von dort zu starten!


Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!






Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________

__________________

Alt 31.05.2014, 20:12   #3
Jackson11
 
WINDOWS 7 kommen ständig PopUps usw... - Standard

WINDOWS 7 kommen ständig PopUps usw...




FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 30-05-2014
Ran by  (administrator) on -PC on 31-05-2014 20:37:31
Running from C:\Users\\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(Cherished Technololgy LIMITED) C:\ProgramData\IePluginService\PluginService.exe
(Taiwan Shui Mu Chih Ching Technology Limited.) C:\Program Files (x86)\WinZipper\winzipersvc.exe
(Cherished Technololgy LIMITED) C:\ProgramData\WPM\wprotectmanager.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
() C:\Windows\System32\dmwu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
( ) C:\Windows\System32\lxbkcoms.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\18.0.0.128\ccSvcHst.exe
() C:\Program Files (x86)\Re-markit-soft\Re-markit155.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Iminent) C:\Program Files (x86)\Common Files\Umbrella\umbrella.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
(Wajam) C:\Program Files (x86)\Wajam\Updater\WajamUpdaterV3.exe
() C:\Program Files\Web Assistant\ExtensionUpdaterService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() C:\Program Files (x86)\XSManager\WTGService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(4G Systems GmbH & Co. KG) C:\Windows\service4g.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Service.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-Network.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(DealPly Technologies Ltd) C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
(AMD) C:\Windows\System32\atieclxx.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe
(Symantec Corporation) C:\Program Files (x86)\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS\A5E82D02\18.0.0.128\InstStub.exe
() C:\Windows\SysWOW64\jmdp\stij.exe
() C:\Windows\System32\ljkb\stij.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Lexmark International, Inc.) C:\Program Files (x86)\Lexmark X1100 Series\LXBKbmgr.exe
(Google Inc.) C:\Users\\AppData\Local\Google\Update\GoogleUpdate.exe
(Lexmark International, Inc.) C:\Program Files (x86)\Lexmark X1100 Series\LXBKbmon.exe
() C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
(Microsoft Corporation) C:\Windows\System32\wscript.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(4G Systems GmbH & Co. KG) C:\Windows\starter4g.exe
(Iminent) C:\Program Files (x86)\Iminent\Iminent.exe
(Iminent) C:\Program Files (x86)\Iminent\Iminent.Messengers.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(Skillbrains) C:\Users\\AppData\Local\Skillbrains\lightshot\4.4.2.0\Lightshot.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
() C:\Users\\AppData\Roaming\BrowserCompanion\tbhcn.exe
(Comvigo, Inc.) C:\Windows\SysWOW64\qimlsrv.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Comvigo, Inc.) C:\Windows\SysWOW64\dsrviml.exe
(Google Inc.) C:\Users\\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\\AppData\Local\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11464296 2010-09-03] (Realtek Semiconductor)
HKLM\...\Run: [lxbkbmgr.exe] => C:\Program Files (x86)\Lexmark X1100 Series\lxbkbmgr.exe [74408 2008-02-28] (Lexmark International, Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-03] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-09-30] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [starter4g] => C:\Windows\starter4g.exe [160424 2011-03-30] (4G Systems GmbH & Co. KG)
HKLM-x32\...\Run: [Iminent] => C:\Program Files (x86)\Iminent\Iminent.exe [1074736 2013-01-25] (Iminent)
HKLM-x32\...\Run: [IminentMessenger] => C:\Program Files (x86)\Iminent\Iminent.Messengers.exe [884784 2013-01-25] (Iminent)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [737872 2014-05-27] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [mobilegeni daemon] => C:\Program Files (x86)\Mobogenie\DaemonProcess.exe [775872 2014-02-28] ()
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [601928 2013-06-19] (BlueStack Systems, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\.DEFAULT\...\RunOnce: [SPReview] - C:\Windows\System32\SPReview\SPReview.exe [301568 2013-03-20] (Microsoft Corporation)
HKU\S-1-5-21-2465613748-4109621216-2680054910-1000\...\Run: [Google Update] => C:\Users\\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-07-21] (Google Inc.)
HKU\S-1-5-21-2465613748-4109621216-2680054910-1000\...\Run: [LightShot] => C:\Users\\AppData\Local\Skillbrains\lightshot\LightShot.exe [195072 2012-02-02] ()
HKU\S-1-5-21-2465613748-4109621216-2680054910-1000\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3588952 2014-04-25] (Electronic Arts)
HKU\S-1-5-21-2465613748-4109621216-2680054910-1000\...\Run: [Pando Media Booster] => C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [4287536 2013-08-29] ()
HKU\S-1-5-21-2465613748-4109621216-2680054910-1000\...\Run: [NextLive] => C:\Windows\SysWOW64\rundll32.exe "C:\Users\\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
HKU\S-1-5-21-2465613748-4109621216-2680054910-1000\...\MountPoints2: {2aaa724c-a03f-11e3-b7f5-1c6f6549ce08} - G:\LG_PC_Programs.exe
AppInit_DLLs: c:\progra~3\bitguard\271769~1.27\{16cdf~1\loader.dll => c:\progra~3\bitguard\271769~1.27\{16cdf~1\loader.dll File Not Found
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\IML.lnk
ShortcutTarget: IML.lnk -> C:\Windows\System32\iml.vbs ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\IML64.lnk
ShortcutTarget: IML64.lnk -> C:\Windows\SysWOW64\iml.vbs ()
Startup: C:\Users\Elvira\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Users\\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Users\\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tbhcn.lnk
ShortcutTarget: tbhcn.lnk -> C:\Users\\AppData\Roaming\BrowserCompanion\tbhcn.exe ()
Startup: C:\Users\Jürgen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Game Alarm.lnk
ShortcutTarget: Game Alarm.lnk -> C:\Games\Game Alarm\gamealarm.exe (Europe Support Ltd. N.V.)
Startup: C:\Users\Jürgen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:13828
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=0303b1af-65fc-46f7-982c-da10521eeb0f&searchtype=ds&q={searchTerms}&installDate=21/04/2013
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.hyrican.de
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.hyrican.de
HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://www.delta-search.com/?affID=119556&babsrc=HP_ss&mntrId=88084d330000000000001c6f6549ce08
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=0303b1af-65fc-46f7-982c-da10521eeb0f&searchtype=ds&q={searchTerms}&installDate=21/04/2013
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1392503296&from=smt&uid=SAMSUNGXHD103SI_S1VSJD1ZB14888&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.awesomehp.com/web/?type=ds&ts=1392503296&from=smt&uid=SAMSUNGXHD103SI_S1VSJD1ZB14888&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1392503296&from=smt&uid=SAMSUNGXHD103SI_S1VSJD1ZB14888&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.awesomehp.com/web/?type=ds&ts=1392503296&from=smt&uid=SAMSUNGXHD103SI_S1VSJD1ZB14888&q={searchTerms}
URLSearchHook: HKLM-x32 - DVDVideoSoftTB DE Toolbar - {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} - C:\Program Files (x86)\DVDVideoSoftTB_DE\prxtbDVDV.dll (Conduit Ltd.)
URLSearchHook: HKLM-x32 - appbario8 Toolbar - {0cc09160-108c-4759-bab1-5c12c216e005} - C:\Program Files (x86)\appbario8\prxtbappb.dll (Conduit Ltd.)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe hxxp://www.awesomehp.com/?type=sc&ts=1392503296&from=smt&uid=SAMSUNGXHD103SI_S1VSJD1ZB14888
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1392503296&from=smt&uid=SAMSUNGXHD103SI_S1VSJD1ZB14888&q={searchTerms}
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1392503296&from=smt&uid=SAMSUNGXHD103SI_S1VSJD1ZB14888&q={searchTerms}
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=342&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&o=APN10645&apn_uid=1770781391334068&q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1392503296&from=smt&uid=SAMSUNGXHD103SI_S1VSJD1ZB14888&q={searchTerms}
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=0303b1af-65fc-46f7-982c-da10521eeb0f&searchtype=ds&q={searchTerms}&installDate=21/04/2013
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1392503296&from=smt&uid=SAMSUNGXHD103SI_S1VSJD1ZB14888&q={searchTerms}
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=342&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&o=APN10645&apn_uid=1770781391334068&q={searchTerms}
SearchScopes: HKLM-x32 - {BFFED5CA-8BDF-47CC-AED0-23F4E6D77732} URL = hxxp://start.iminent.com/?appId=18887124-D7CB-4033-904E-4E76245108C3&ref=toolbox&q={searchTerms}
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - Plasmoo URL = hxxp://plasmoo.com/index.htm?SearchMashine=true&q={searchTerms}
SearchScopes: HKCU - yandex.ru-230807 URL = 
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=0303b1af-65fc-46f7-982c-da10521eeb0f&searchtype=ds&q={searchTerms}&installDate=21/04/2013
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3318857&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SP266CEBB9-47FA-46C0-833E-798853BA4B3B&q={searchTerms}&SSPV=
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.delta-search.com/?q={searchTerms}&affID=119556&babsrc=SP_ss&mntrId=88084d330000000000001c6f6549ce08
SearchScopes: HKCU - {2233C3F4-E3B3-4C3F-BFEE-D89A63D6FEE4} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3227982
SearchScopes: HKCU - {27433C8B-14CF-4B32-8783-43F982AF9813} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3197087
SearchScopes: HKCU - {4327FABE-3C22-4689-8DBF-D226CF777FE9} URL = hxxp://www.searchplusnetwork.com/?sp=vit4&q={searchTerms}
SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
SearchScopes: HKCU - {8BA3C05B-6624-4F7B-8CEC-7B1D1EBA0142} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2625848
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=342&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&o=APN10645&apn_uid=1770781391334068&q={searchTerms}
SearchScopes: HKCU - {CE8D1C5D-05D9-4A78-BF26-DDBB1E0B1560} URL = hxxp://yandex.ru/yandsearch?win=29&clid=1855508&text={searchTerms}
SearchScopes: HKCU - {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} URL = hxxp://mystart.incredibar.com/?a=6R8BbEiZzb&loc=skw&search={searchTerms}&i=26
BHO: HQ-Video-Profession-1.3 - {11111111-1111-1111-1111-110511151178} - C:\Program Files (x86)\HQ-Video-Profession-1.3\HQ-Video-Profession-1.3-bho64.dll (HQ-Video)
BHO: Feven Pro 1.2 - {11111111-1111-1111-1111-110511161182} - C:\Program Files (x86)\Feven Pro 1.2\Feven Pro 1.2-bho64.dll (Feven)
BHO: Bing Bar Helper - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
BHO: Web Assistant - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension64.dll ()
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: IMinent WebBooster (BHO) - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - C:\Program Files (x86)\Iminent\Minibar.InternetExplorer.BHOx64.dll (SIEN)
BHO: DataMngr - {C1ED9DA0-AFD0-4b90-AC6A-D3874F591014} - C:\Program Files (x86)\Search Results Toolbar\Datamngr\x64\BrowserConnection.dll (Bandoo Media Inc)
BHO: DVDVideoSoft IE Extension - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO-x32: DVDVideoSoftTB DE Toolbar - {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} - C:\Program Files (x86)\DVDVideoSoftTB_DE\prxtbDVDV.dll (Conduit Ltd.)
BHO-x32: Browser Companion Helper - {00cbb66b-1d3b-46d3-9577-323a336acb50} - C:\Program Files (x86)\BrowserCompanion\jsloader.dll ( )
BHO-x32: appbario8 Toolbar - {0cc09160-108c-4759-bab1-5c12c216e005} - C:\Program Files (x86)\appbario8\prxtbappb.dll (Conduit Ltd.)
BHO-x32: HQ-Video-Profession-1.3 - {11111111-1111-1111-1111-110511151178} - C:\Program Files (x86)\HQ-Video-Profession-1.3\HQ-Video-Profession-1.3-bho.dll (HQ-Video)
BHO-x32: Shopping Assistant Plugin - {1631550F-191D-4826-B069-D9439253D926} - C:\Program Files (x86)\PriceGong\2.6.4\PriceGongIE.dll (PriceGong)
BHO-x32: Bing Bar Helper - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Web Assistant - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension32.dll ()
BHO-x32: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files (x86)\SupTab\SupTab.dll (Thinknice Co. Limited)
BHO-x32: Incredibar.com Helper Object - {6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll (Montera Technologeis LTD)
BHO-x32: SpecialSavings - {74F475FA-6C75-43BD-AAB9-ECDA6184F600} - C:\Program Files (x86)\SpecialSavings\SpecialSavingsSinged.dll (SpecialSavings)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Browser Companion Helper Verifier - {963B125B-8B21-49A2-A3A8-E37092276531} - C:\Program Files (x86)\BrowserCompanion\updatebhoWin32.dll ( )
BHO-x32: DealPly Shopping - {9cf699ca-2174-4ed8-bec1-ba82095edce0} - C:\Program Files (x86)\DealPly\DealPlyIE.dll (DealPly)
BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: IMinent WebBooster (BHO) - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - C:\Program Files (x86)\Iminent\Minibar.InternetExplorer.BHOx86.dll (SIEN)
BHO-x32: Wajam - {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - C:\Program Files (x86)\Wajam\IE\priam_bho.dll (Wajam)
BHO-x32: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.10.0\bh\delta.dll (Delta-search.com)
BHO-x32: DataMngr - {C1ED9DA0-AFD0-4b90-AC6A-D3874F591014} - C:\Program Files (x86)\Search Results Toolbar\Datamngr\BrowserConnection.dll (Bandoo Media Inc)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DVDVideoSoft IE Extension - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
BHO-x32: Search-Results Toolbar - {f34c9277-6577-4dff-b2d7-7d58092f272f} - C:\PROGRA~2\SEARCH~1\Datamngr\SRTOOL~1\searchresultsDx.dll No File
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKLM - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Incredibar Toolbar - {F9639E4A-801B-4843-AEE3-03D9DA199E77} - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll (Montera Technologeis LTD)
Toolbar: HKLM-x32 - DVDVideoSoftTB DE Toolbar - {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} - C:\Program Files (x86)\DVDVideoSoftTB_DE\prxtbDVDV.dll (Conduit Ltd.)
Toolbar: HKLM-x32 - appbario8 Toolbar - {0cc09160-108c-4759-bab1-5c12c216e005} - C:\Program Files (x86)\appbario8\prxtbappb.dll (Conduit Ltd.)
Toolbar: HKLM-x32 - Search-Results Toolbar - {f34c9277-6577-4dff-b2d7-7d58092f272f} - C:\PROGRA~2\SEARCH~1\Datamngr\SRTOOL~1\searchresultsDx.dll No File
Toolbar: HKLM-x32 - Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.10.0\deltaTlbr.dll (Delta-search.com)
Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKLM-x32 - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKCU - No Name - {0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF} -  No File
Toolbar: HKCU - No Name - {09152F0B-739C-4DEC-A245-1AA8A37594F1} -  No File
Toolbar: HKCU - No Name - {0CC09160-108C-4759-BAB1-5C12C216E005} -  No File
Handler: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -  No File
Handler: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -  No File
Handler: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -  No File
Handler-x32: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)
Handler-x32: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)
Handler-x32: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default
FF SearchEngineOrder.1: Delta Search
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_182.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @videolan.org/vlc,version=2.0.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.0.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF user.js: detected! => C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\user.js
FF SearchPlugin: C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\searchplugins\%Protector Process Name%.xml
FF SearchPlugin: C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\searchplugins\babylon.xml
FF SearchPlugin: C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\searchplugins\bProtect.xml
FF SearchPlugin: C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\searchplugins\conduit-search.xml
FF SearchPlugin: C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\searchplugins\conduit.xml
FF SearchPlugin: C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\searchplugins\delta.xml
FF SearchPlugin: C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\searchplugins\dvdvideosofttb-de-customized-web-search.xml
FF SearchPlugin: C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\searchplugins\MyStart Search.xml
FF SearchPlugin: C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\searchplugins\Plusnetwork.xml
FF SearchPlugin: C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\searchplugins\Search_Results.xml
FF SearchPlugin: C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\searchplugins\Web Search.xml
FF SearchPlugin: C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\searchplugins\yandex.ru-230807.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\delta-homes.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Browser Companion Helper - C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\Extensions\bbrs_002@blabbers.com [2012-08-14]
FF Extension: Plasmoo Search Engine - C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\Extensions\engine@plasmoo.com [2013-10-28]
FF Extension: Delta Toolbar - C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\Extensions\ffxtlbr@delta.com [2013-02-12]
FF Extension: incredibar.com - C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\Extensions\ffxtlbr@incredibar.com [2012-08-05]
FF Extension: SpecialSavings - C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\Extensions\specialsavings@superfish.com [2012-08-14]
FF Extension: DVDVideoSoftTB DE  - C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\Extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} [2014-04-08]
FF Extension: BrowseToolE0201  - C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\Extensions\{09152f0b-739c-4dec-a245-1aa8a37594f1} [2014-04-03]
FF Extension: appbario8  - C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\Extensions\{0cc09160-108c-4759-bab1-5c12c216e005} [2013-12-13]
FF Extension: PriceGong - C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\Extensions\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829} [2013-02-19]
FF Extension: Search Assistant - C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\Extensions\{B3834E60-12A8-11E0-A289-939FDFD72085} [2012-09-18]
FF Extension: DealPly  Shopping - C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\Extensions\{e53a26f5-7199-4a5b-86f5-d2e86854b979} [2013-10-28]
FF Extension: ep - C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\Extensions\jid1-0xtMKhXFEs4jIg@jetpack.xpi [2014-02-24]
FF HKLM\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\Web Assistant\Firefox
FF Extension: Web Assistant - C:\Program Files\Web Assistant\Firefox [2012-08-05]
FF HKLM\...\Firefox\Extensions: [{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}] - C:\Program Files\Web Assistant\Firefox
FF Extension: Web Assistant - C:\Program Files\Web Assistant\Firefox [2012-08-05]
FF HKLM-x32\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\Web Assistant\Firefox
FF Extension: Web Assistant - C:\Program Files\Web Assistant\Firefox [2012-08-05]
FF HKLM-x32\...\Firefox\Extensions: [webbooster@iminent.com] - C:\Program Files (x86)\Iminent\webbooster@iminent.com
FF Extension: Iminent Minibar - C:\Program Files (x86)\Iminent\webbooster@iminent.com [2013-02-12]
FF HKLM-x32\...\Firefox\Extensions: [{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}] - C:\Program Files\Web Assistant\Firefox
FF Extension: Web Assistant - C:\Program Files\Web Assistant\Firefox [2012-08-05]
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\ []
FF HKLM-x32\...\Firefox\Extensions: [lightningnewtab@gmail.com] - C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\extensions\lightningnewtab@gmail.com.xpi
FF HKCU\...\Firefox\Extensions: [specialsavings@superfish.com] - C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles/3elvxd57.default\extensions\specialsavings@superfish.com
FF Extension: SpecialSavings - C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles/3elvxd57.default\extensions\specialsavings@superfish.com [2012-08-14]
FF HKCU\...\Firefox\Extensions: [{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}] - C:\Program Files (x86)\Wajam\Firefox\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpi
FF Extension: Wajam - C:\Program Files (x86)\Wajam\Firefox\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpi [2013-12-17]
FF HKCU\...\Firefox\Extensions: [{95818252-7aac-4b4b-b6db-2fedbc9902a4}] - C:\Program Files (x86)\Re-markit-soft\155.xpi
FF Extension: Re-markit - C:\Program Files (x86)\Re-markit-soft\155.xpi [2014-02-28]

Chrome: 
=======
CHR StartupUrls: "hxxp://search.conduit.com/?ctid=CT3318857&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SP266CEBB9-47FA-46C0-833E-798853BA4B3B&SSPV="
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\\AppData\Local\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\\AppData\Local\Google\Chrome\Application\35.0.1916.114\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Users\\AppData\Local\Google\Chrome\Application\35.0.1916.114\gcswf32.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Bing Bar) - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll No File
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Users\\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll No File
CHR Extension: (BrowseToolE0201) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\bblnhhgpgomleanhbppdnkpofhjijgdp [2012-09-11]
CHR Extension: (PriceGong) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok [2012-08-14]
CHR Extension: (YouTube) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-07-21]
CHR Extension: (Browser Companion Helper) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\bodddioamolcibagionmmobehnbhiakf [2012-08-14]
CHR Extension: (appbario8) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\caloheeledhajihipjihanmihhegodlc [2012-08-14]
CHR Extension: (Google-Suche) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-07-21]
CHR Extension: (Re-markit) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcpfhaghaadpjpgocojgnlhjcieeooel [2014-02-28]
CHR Extension: (Web Assistant) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd [2012-08-08]
CHR Extension: (DealPly French) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejnmnhkgiphcaeefbaooconkceehicfi [2013-10-28]
CHR Extension: (Delta Toolbar) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde [2013-02-13]
CHR Extension: (Iminent) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl [2013-02-20]
CHR Extension: (Search Assistant) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfelndikbdcohbdimnhdhhokfljdidgn [2012-09-18]
CHR Extension: (New tab for Chrome) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg [2012-08-08]
CHR Extension: (Wajam) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp [2014-02-16]
CHR Extension: (Lightshot (Screenshot Tool)) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbniclmhobmnbdlbpiphghaielnnpgdp [2012-09-04]
CHR Extension: (DVDVideoSoft) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp [2013-10-28]
CHR Extension: (Google Wallet) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (SweetPacks Chrome Extension) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj [2014-03-06]
CHR Extension: (Extended Protection) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogfjmhfnldnajmfaofeiaepghjenbgjo [2014-02-27]
CHR Extension: (Google Mail) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-07-21]
CHR HKLM\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\Web Assistant\source.crx [2012-08-05]
CHR HKCU\...\Chrome\Extension: [bblnhhgpgomleanhbppdnkpofhjijgdp] - C:\Users\\AppData\Local\CRE\bblnhhgpgomleanhbppdnkpofhjijgdp.crx [2012-08-13]
CHR HKCU\...\Chrome\Extension: [bhphemoobgnikcoofkgackkaimpfmenm] - C:\Users\\AppData\Local\CRE\bhphemoobgnikcoofkgackkaimpfmenm.crx [2012-08-01]
CHR HKCU\...\Chrome\Extension: [caloheeledhajihipjihanmihhegodlc] - C:\Users\\AppData\Local\CRE\caloheeledhajihipjihanmihhegodlc.crx [2012-07-29]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2013-10-28]
CHR HKLM-x32\...\Chrome\Extension: [bblnhhgpgomleanhbppdnkpofhjijgdp] - C:\Users\\AppData\Local\CRE\bblnhhgpgomleanhbppdnkpofhjijgdp.crx [2012-08-13]
CHR HKLM-x32\...\Chrome\Extension: [bhphemoobgnikcoofkgackkaimpfmenm] - C:\Users\\AppData\Local\CRE\bhphemoobgnikcoofkgackkaimpfmenm.crx [2012-08-01]
CHR HKLM-x32\...\Chrome\Extension: [bkomkajifikmkfnjgphkjcfeepbnojok] - C:\Program Files (x86)\PriceGong\2.6.4\pricegong.crx [2012-03-25]
CHR HKLM-x32\...\Chrome\Extension: [bodddioamolcibagionmmobehnbhiakf] - C:\Program Files (x86)\BrowserCompanion\blabbers-ch.crx [2012-07-02]
CHR HKLM-x32\...\Chrome\Extension: [caloheeledhajihipjihanmihhegodlc] - C:\Users\\AppData\Local\CRE\caloheeledhajihipjihanmihhegodlc.crx [2012-07-29]
CHR HKLM-x32\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\Web Assistant\source.crx [2012-08-05]
CHR HKLM-x32\...\Chrome\Extension: [eooncjejnppfjjklapaamhcdmjbilmde] - C:\Users\\AppData\Roaming\Delta\delta.crx [2012-11-25]
CHR HKLM-x32\...\Chrome\Extension: [fgfdfcbeamjnjdejakdidpniblllnbpg] - C:\Windows\SysWOW64\jmdp\pnte.crx [2012-11-25]
CHR HKLM-x32\...\Chrome\Extension: [jifflliplgeajjdhmkcfnngfpgbjonjg] - C:\Program Files (x86)\Perion\NewTab\newTab.crx [2012-08-05]
CHR HKLM-x32\...\Chrome\Extension: [jpmbfleldcgkldadpdinhjjopdfpjfjp] - C:\Users\\AppData\Local\Wajam\Chrome\wajam.crx [2014-01-14]
CHR HKLM-x32\...\Chrome\Extension: [ogccgbmabaphcakpiclgcnmcnimhokcj] - C:\Windows\SysWOW64\jmdp\SweetNT.crx [2014-04-06]
CHR HKLM-x32\...\Chrome\Extension: [ogfjmhfnldnajmfaofeiaepghjenbgjo] - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\ep.crx [2014-02-27]

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-05-27] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-05-27] (Avira Operations GmbH & Co. KG)
R2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [393032 2013-06-19] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384840 2013-06-19] (BlueStack Systems, Inc.)
S2 dealplylive; C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe [148000 2013-10-28] (DealPly Technologies Ltd)
S3 dealplylivem; C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe [148000 2013-10-28] (DealPly Technologies Ltd)
R2 IBUpdaterService; C:\Windows\system32\dmwu.exe [2276144 2014-04-07] ()
R2 IePluginService; C:\ProgramData\IePluginService\PluginService.exe [705136 2014-04-11] (Cherished Technololgy LIMITED)
R2 lxbk_device; C:\Windows\system32\lxbkcoms.exe [565928 2008-02-19] ( )
R2 lxbk_device; C:\Windows\SysWOW64\lxbkcoms.exe [537256 2008-02-19] ( )
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\18.0.0.128\ccSvcHst.exe [126904 2010-05-23] (Symantec Corporation)
R2 Re-markit; C:\Program Files (x86)\Re-markit-soft\Re-markit155.exe [194560 2014-02-28] ()
R2 SProtection; C:\Program Files (x86)\Common Files\Umbrella\umbrella.exe [3088192 2014-05-28] (Iminent)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2365792 2012-09-19] (TuneUp Software)
R2 WajamUpdaterV3; C:\Program Files (x86)\Wajam\Updater\WajamUpdaterV3.exe [114176 2013-11-20] (Wajam)
R2 Web Assistant; C:\Program Files\Web Assistant\ExtensionUpdaterService.exe [188760 2013-01-29] ()
R2 winzipersvc; C:\Program Files (x86)\WinZipper\winzipersvc.exe [425104 2014-02-27] (Taiwan Shui Mu Chih Ching Technology Limited.)
R2 Wpm; C:\ProgramData\WPM\wprotectmanager.exe [501904 2014-02-26] (Cherished Technololgy LIMITED)
R2 WTGService; C:\Program Files (x86)\XSManager\WTGService.exe [327392 2012-04-05] ()
R2 XS Stick Service; C:\Windows\service4g.exe [145064 2011-03-30] (4G Systems GmbH & Co. KG)

==================== Drivers (Whitelisted) ====================

R3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [31920 2013-06-02] (Wondershare)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [112080 2014-04-29] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-04-29] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-19] (Avira Operations GmbH & Co. KG)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [70984 2013-06-19] (BlueStack Systems)
S3 cmnsusbser; C:\Windows\System32\DRIVERS\cmnsusbser.sys [117888 2012-10-05] (Mobile Connector)
S3 RTL8187B; C:\Windows\System32\DRIVERS\rtl8187B.sys [450048 2010-03-31] (Realtek Semiconductor Corporation                           )
R3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [762472 2011-10-31] (Realtek Semiconductor Corporation                           )
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [11880 2012-09-19] (TuneUp Software)
S3 X6va009; \??\C:\Windows\SysWOW64\Drivers\X6va009 [X]
S3 X6va010; \??\C:\Windows\SysWOW64\Drivers\X6va010 [X]
S3 X6va011; \??\C:\Windows\SysWOW64\Drivers\X6va011 [X]
S3 X6va014; \??\C:\Windows\SysWOW64\Drivers\X6va014 [X]
S3 X6va015; \??\C:\Windows\SysWOW64\Drivers\X6va015 [X]
S3 X6va016; \??\C:\Windows\SysWOW64\Drivers\X6va016 [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-31 20:37 - 2014-05-31 20:38 - 00042913 _____ () C:\Users\\Desktop\FRST.txt
2014-05-31 20:37 - 2014-05-31 20:37 - 00000000 ____D () C:\FRST
2014-05-31 20:37 - 2014-05-31 20:36 - 02066944 _____ (Farbar) C:\Users\\Desktop\FRST64.exe
2014-05-31 20:35 - 2014-05-31 20:36 - 02066944 _____ (Farbar) C:\Users\\Downloads\FRST64.exe
2014-05-31 20:10 - 2014-05-31 20:11 - 00250250 _____ () C:\Users\\Downloads\140520063508.jpeg
2014-05-31 16:02 - 2014-05-31 16:02 - 00052891 _____ () C:\Users\Jürgen\Downloads\7B1.tmp
2014-05-29 15:46 - 2014-05-29 15:46 - 00000000 ____D () C:\ProgramData\PopCap Games
2014-05-29 15:46 - 2014-05-29 15:46 - 00000000 ____D () C:\ProgramData\EA Core
2014-05-29 15:43 - 2014-05-29 15:43 - 00001286 _____ () C:\Users\Public\Desktop\Pflanzen gegen Zombies.lnk
2014-05-29 15:43 - 2014-05-29 15:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pflanzen gegen Zombies
2014-05-25 02:51 - 2014-05-25 02:51 - 00000000 _____ () C:\Windows\SysWOW64\sho37D5.tmp
2014-05-18 00:25 - 2014-05-18 00:25 - 00000000 _____ () C:\Windows\SysWOW64\shoE10C.tmp
2014-05-17 10:44 - 2014-05-17 10:44 - 00001072 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1001Core1cf71ac260e523e.job
2014-05-17 00:05 - 2014-05-17 00:05 - 00000000 _____ () C:\Windows\SysWOW64\shoE14A.tmp
2014-05-14 22:03 - 2014-05-06 02:46 - 17847808 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-14 22:03 - 2014-05-06 02:21 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-14 22:03 - 2014-05-06 02:21 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-14 22:03 - 2014-05-06 01:32 - 12347392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-14 22:03 - 2014-05-06 01:14 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-14 22:03 - 2014-05-06 01:14 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-14 14:00 - 2014-05-09 08:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-14 14:00 - 2014-05-09 08:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-14 14:00 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-14 14:00 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-14 14:00 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-14 14:00 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-14 14:00 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-14 14:00 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-14 14:00 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-14 14:00 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-05-14 14:00 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-14 14:00 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-14 14:00 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-14 14:00 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-14 14:00 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-14 14:00 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-14 14:00 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-14 14:00 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-14 14:00 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-14 14:00 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-14 14:00 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-14 14:00 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-14 14:00 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-14 14:00 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-14 14:00 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-14 14:00 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-14 14:00 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-14 14:00 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-14 14:00 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-14 14:00 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-14 14:00 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-14 14:00 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-14 14:00 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-14 14:00 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-14 14:00 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-14 14:00 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-14 14:00 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-14 14:00 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-05-14 14:00 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-05-14 14:00 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-05-14 14:00 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-05-14 14:00 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-14 14:00 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-05-14 14:00 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-14 14:00 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-12 19:41 - 2014-05-12 19:41 - 00994160 _____ () C:\Users\Jürgen\Downloads\setup (17).exe
2014-05-11 17:57 - 2014-05-11 17:58 - 00994160 _____ () C:\Users\Jürgen\Downloads\setup (16).exe
2014-05-11 10:47 - 2014-05-11 10:47 - 00001076 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1002Core1cf6cf59b1b4d7c.job
2014-05-11 07:51 - 2014-05-11 07:51 - 00001076 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1000Core1cf6cdd52a1ae5.job
2014-05-10 19:18 - 2014-05-10 19:19 - 00994160 _____ () C:\Users\Jürgen\Downloads\setup (15).exe
2014-05-09 13:02 - 2014-05-09 13:02 - 00001072 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1003Core1cf6b76210b5906.job
2014-05-07 19:02 - 2014-05-07 19:02 - 00614528 _____ () C:\Users\Jürgen\Downloads\Setup (14).exe
2014-05-02 03:23 - 2014-05-02 03:23 - 00000000 _____ () C:\Windows\SysWOW64\shoF15F.tmp

==================== One Month Modified Files and Folders =======

2014-05-31 20:38 - 2014-05-31 20:37 - 00042913 _____ () C:\Users\\Desktop\FRST.txt
2014-05-31 20:38 - 2013-08-29 02:01 - 00000000 ____D () C:\Users\\AppData\Local\PMB Files
2014-05-31 20:38 - 2012-07-21 10:25 - 00000000 ____D () C:\Users\\AppData\Local\Temp
2014-05-31 20:37 - 2014-05-31 20:37 - 00000000 ____D () C:\FRST
2014-05-31 20:36 - 2014-05-31 20:37 - 02066944 _____ (Farbar) C:\Users\\Desktop\FRST64.exe
2014-05-31 20:36 - 2014-05-31 20:35 - 02066944 _____ (Farbar) C:\Users\\Downloads\FRST64.exe
2014-05-31 20:11 - 2014-05-31 20:10 - 00250250 _____ () C:\Users\\Downloads\140520063508.jpeg
2014-05-31 20:08 - 2012-09-12 01:43 - 00000000 ____D () C:\ProgramData\Origin
2014-05-31 20:07 - 2013-11-27 21:58 - 00000000 ____D () C:\Users\\AppData\Roaming\newnext.me
2014-05-31 20:07 - 2012-09-12 01:43 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-05-31 20:07 - 2012-08-14 02:15 - 00000000 ____D () C:\Users\\AppData\Roaming\BrowserCompanion
2014-05-31 20:07 - 2012-07-21 10:07 - 01106898 _____ () C:\Windows\WindowsUpdate.log
2014-05-31 19:54 - 2014-01-21 14:44 - 00000000 ____D () C:\Users\Jürgen\Documents\FIFA 14
2014-05-31 19:02 - 2012-07-21 14:35 - 00000000 ____D () C:\Users\Jürgen\AppData\Local\Temp
2014-05-31 18:55 - 2014-03-06 18:07 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-05-31 16:02 - 2014-05-31 16:02 - 00052891 _____ () C:\Users\Jürgen\Downloads\7B1.tmp
2014-05-31 15:00 - 2012-07-21 15:12 - 00000000 ____D () C:\Users\Elvira\AppData\Local\Temp
2014-05-31 10:32 - 2009-07-14 06:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-31 10:32 - 2009-07-14 06:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-31 10:25 - 2014-02-27 08:04 - 00000000 ____D () C:\Program Files (x86)\WinZipper
2014-05-31 10:24 - 2013-12-10 00:50 - 00000374 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-05-31 10:22 - 2009-07-14 06:51 - 00178041 _____ () C:\Windows\setupact.log
2014-05-31 08:01 - 2013-12-04 02:02 - 02234293 _____ () C:\Windows\IE11_main.log
2014-05-30 19:35 - 2012-07-21 15:21 - 00000000 ____D () C:\Users\Martina\AppData\Local\Temp
2014-05-30 14:22 - 2012-07-21 10:25 - 00000000 ____D () C:\Users\
2014-05-30 08:22 - 2012-07-21 15:20 - 00002375 _____ () C:\Users\Elvira\Desktop\Google Chrome.lnk
2014-05-29 15:46 - 2014-05-29 15:46 - 00000000 ____D () C:\ProgramData\PopCap Games
2014-05-29 15:46 - 2014-05-29 15:46 - 00000000 ____D () C:\ProgramData\EA Core
2014-05-29 15:43 - 2014-05-29 15:43 - 00001286 _____ () C:\Users\Public\Desktop\Pflanzen gegen Zombies.lnk
2014-05-29 15:43 - 2014-05-29 15:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pflanzen gegen Zombies
2014-05-29 15:43 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-05-29 15:41 - 2010-10-01 08:19 - 00116460 _____ () C:\Windows\DirectX.log
2014-05-29 15:38 - 2012-09-12 01:55 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-05-29 15:05 - 2012-09-12 01:55 - 00000000 ____D () C:\Users\Jürgen\AppData\Roaming\Origin
2014-05-28 15:35 - 2012-08-14 02:38 - 00000000 ____D () C:\Users\Jürgen\AppData\Roaming\.minecraft
2014-05-28 08:14 - 2012-07-21 10:38 - 00002380 _____ () C:\Users\\Desktop\Google Chrome.lnk
2014-05-28 08:09 - 2014-02-28 16:46 - 00000000 ____D () C:\Program Files (x86)\Feven Pro 1.2
2014-05-26 15:56 - 2014-01-08 17:58 - 00000000 ____D () C:\Users\Jürgen\Tracing
2014-05-25 02:51 - 2014-05-25 02:51 - 00000000 _____ () C:\Windows\SysWOW64\sho37D5.tmp
2014-05-23 19:34 - 2012-07-21 14:48 - 00002375 _____ () C:\Users\Jürgen\Desktop\Google Chrome.lnk
2014-05-23 17:13 - 2014-04-12 14:19 - 00000000 _____ () C:\end
2014-05-21 10:29 - 2012-07-21 10:25 - 00000000 ___RD () C:\Users\\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-21 10:29 - 2012-07-21 10:25 - 00000000 ___RD () C:\Users\\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-18 00:25 - 2014-05-18 00:25 - 00000000 _____ () C:\Windows\SysWOW64\shoE10C.tmp
2014-05-17 19:31 - 2012-07-21 15:21 - 00000000 ___RD () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-17 19:31 - 2012-07-21 15:21 - 00000000 ___RD () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-17 10:45 - 2009-07-14 19:58 - 00699884 _____ () C:\Windows\system32\perfh007.dat
2014-05-17 10:45 - 2009-07-14 19:58 - 00149766 _____ () C:\Windows\system32\perfc007.dat
2014-05-17 10:45 - 2009-07-14 07:13 - 01622236 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-17 10:44 - 2014-05-17 10:44 - 00001072 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1001Core1cf71ac260e523e.job
2014-05-17 00:05 - 2014-05-17 00:05 - 00000000 _____ () C:\Windows\SysWOW64\shoE14A.tmp
2014-05-15 16:07 - 2012-07-21 15:12 - 00000000 ___RD () C:\Users\Elvira\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-15 16:07 - 2012-07-21 15:12 - 00000000 ___RD () C:\Users\Elvira\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-15 16:05 - 2012-07-21 14:35 - 00000000 ___RD () C:\Users\Jürgen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-15 16:05 - 2012-07-21 14:35 - 00000000 ___RD () C:\Users\Jürgen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-15 16:01 - 2014-04-30 17:52 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-14 22:00 - 2013-07-13 07:57 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-14 22:00 - 2010-10-01 10:17 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-12 19:41 - 2014-05-12 19:41 - 00994160 _____ () C:\Users\Jürgen\Downloads\setup (17).exe
2014-05-11 17:58 - 2014-05-11 17:57 - 00994160 _____ () C:\Users\Jürgen\Downloads\setup (16).exe
2014-05-11 10:47 - 2014-05-11 10:47 - 00001076 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1002Core1cf6cf59b1b4d7c.job
2014-05-11 07:51 - 2014-05-11 07:51 - 00001076 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1000Core1cf6cdd52a1ae5.job
2014-05-10 19:19 - 2014-05-10 19:18 - 00994160 _____ () C:\Users\Jürgen\Downloads\setup (15).exe
2014-05-10 11:53 - 2010-10-01 09:36 - 00378838 _____ () C:\Windows\PFRO.log
2014-05-09 13:02 - 2014-05-09 13:02 - 00001072 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1003Core1cf6b76210b5906.job
2014-05-09 08:14 - 2014-05-14 14:00 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-09 08:11 - 2014-05-14 14:00 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-07 19:02 - 2014-05-07 19:02 - 00614528 _____ () C:\Users\Jürgen\Downloads\Setup (14).exe
2014-05-06 20:44 - 2012-07-21 15:29 - 00002380 _____ () C:\Users\Martina\Desktop\Google Chrome.lnk
2014-05-06 02:46 - 2014-05-14 22:03 - 17847808 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 02:21 - 2014-05-14 22:03 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-06 02:21 - 2014-05-14 22:03 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-06 01:32 - 2014-05-14 22:03 - 12347392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-06 01:14 - 2014-05-14 22:03 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-06 01:14 - 2014-05-14 22:03 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-04 13:46 - 2012-08-24 17:14 - 00528384 ____H () C:\Users\Jürgen\Downloads\photothumb.db
2014-05-04 13:45 - 2013-10-17 18:56 - 00000000 ____D () C:\Users\Jürgen\Downloads\Karikatur2
2014-05-02 03:23 - 2014-05-02 03:23 - 00000000 _____ () C:\Windows\SysWOW64\shoF15F.tmp

Files to move or delete:
====================
C:\ProgramData\0tbpw.pad
C:\ProgramData\winiml.dat


Some content of TEMP:
====================
C:\Users\Elvira\AppData\Local\Temp\AskSLib.dll
C:\Users\Elvira\AppData\Local\Temp\avgnt.exe
C:\Users\Elvira\AppData\Local\Temp\i4jdel0.exe
C:\Users\Elvira\AppData\Local\Temp\rtdrvmon.exe
C:\Users\Elvira\AppData\Local\Temp\SPSetup.exe
C:\Users\\AppData\Local\Temp\APNStub.exe
C:\Users\\AppData\Local\Temp\AskSLib.dll
C:\Users\\AppData\Local\Temp\avgnt.exe
C:\Users\\AppData\Local\Temp\BackupSetup.exe
C:\Users\\AppData\Local\Temp\Browser_Helper_Companion_DE.exe
C:\Users\\AppData\Local\Temp\ezLooker-S-Setup_Suite1.exe
C:\Users\\AppData\Local\Temp\fp_pl_pfs_installer-1.exe
C:\Users\\AppData\Local\Temp\fp_pl_pfs_installer-2.exe
C:\Users\\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\\AppData\Local\Temp\FreeTwitTube-S-Setup_Suite1.exe
C:\Users\\AppData\Local\Temp\FreeTwitTube-S-Setup_Suite1[1].exe
C:\Users\\AppData\Local\Temp\IEHistory.exe
C:\Users\\AppData\Local\Temp\InstalledPrograms.exe
C:\Users\\AppData\Local\Temp\installhelper.dll
C:\Users\\AppData\Local\Temp\IT_CON__95-V32_4.exe
C:\Users\\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\\AppData\Local\Temp\MyBabylonTB_google_20120807.exe
C:\Users\\AppData\Local\Temp\nsa2C4D.exe
C:\Users\\AppData\Local\Temp\nsf1320.exe
C:\Users\\AppData\Local\Temp\nsf3C94.exe
C:\Users\\AppData\Local\Temp\nsfC1D.exe
C:\Users\\AppData\Local\Temp\nsi4C98.exe
C:\Users\\AppData\Local\Temp\nsi908B.exe
C:\Users\\AppData\Local\Temp\nsn464F.exe
C:\Users\\AppData\Local\Temp\nsq19C6.exe
C:\Users\\AppData\Local\Temp\nsq33FC.exe
C:\Users\\AppData\Local\Temp\nst92ED.exe
C:\Users\\AppData\Local\Temp\nst95AC.exe
C:\Users\\AppData\Local\Temp\nsu62F0.exe
C:\Users\\AppData\Local\Temp\nsy494D.exe
C:\Users\\AppData\Local\Temp\Optimizer_Pro.exe
C:\Users\\AppData\Local\Temp\rtdrvmon.exe
C:\Users\\AppData\Local\Temp\setup_fsu_cid.exe
C:\Users\\AppData\Local\Temp\SkypeSetup.exe
C:\Users\\AppData\Local\Temp\smt_awesomehp_new.exe
C:\Users\\AppData\Local\Temp\softonic_ssk_conduit.exe
C:\Users\\AppData\Local\Temp\SPSetup.exe
C:\Users\\AppData\Local\Temp\SPWrap.exe
C:\Users\\AppData\Local\Temp\sqlite3.dll
C:\Users\\AppData\Local\Temp\SRAssetsHelper.dll
C:\Users\\AppData\Local\Temp\swt-win32-3740.dll
C:\Users\\AppData\Local\Temp\tbiNTE.dll
C:\Users\\AppData\Local\Temp\uninst1.exe
C:\Users\\AppData\Local\Temp\vcredist_x64.exe
C:\Users\\AppData\Local\Temp\vlc-2.0.2-win32.exe
C:\Users\\AppData\Local\Temp\wajam_download.exe
C:\Users\\AppData\Local\Temp\YontooSetup-S.exe
C:\Users\Jürgen\AppData\Local\Temp\avgnt.exe
C:\Users\Jürgen\AppData\Local\Temp\i4jdel0.exe
C:\Users\Jürgen\AppData\Local\Temp\i4jdel1.exe
C:\Users\Jürgen\AppData\Local\Temp\i4jdel2.exe
C:\Users\Jürgen\AppData\Local\Temp\jansi-32-git-Bukkit-1.5.2-R1.0-b2788jnks.dll
C:\Users\Jürgen\AppData\Local\Temp\javagiac0.016783020975253415.dll
C:\Users\Jürgen\AppData\Local\Temp\rtdrvmon.exe
C:\Users\Jürgen\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Jürgen\AppData\Local\Temp\{E5A0C4BB-6690-4D2C-A990-4C6110C79388}-34.0.1847.137_34.0.1847.131_chrome_updater.exe
C:\Users\Martina\AppData\Local\Temp\AskSLib.dll
C:\Users\Martina\AppData\Local\Temp\avgnt.exe
C:\Users\Martina\AppData\Local\Temp\rtdrvmon.exe
C:\Users\Martina\AppData\Local\Temp\SPSetup.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-09-01 11:24

==================== End Of Log ============================
         
--- --- ---





Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-05-2014
Ran by  at 2014-05-31 20:38:47
Running from C:\Users\\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Norton Internet Security (Disabled - Up to date) {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}
AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Internet Security (Disabled - Up to date) {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}
FW: Norton Internet Security (Disabled) {B0F2DB13-C654-2E74-30D4-99C9310F0F2E}

==================== Installed Programs ======================

Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.7.700.224 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.182 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.2.122 - Adobe Systems, Inc.)
Alcatraz (HKLM-x32\...\Alcatraz/DE-German_is1) (Version:  - City Interactive)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - ATI Technologies Inc.) Hidden
Apowersoft kostenloser Bildschirmrekorder V1.2.4 (HKLM-x32\...\{4EFA42DB-E4EC-4537-9DF3-5158D08A9785}_is1) (Version: 1.2.4 - Apowersoft)
appbario8 Toolbar (HKLM-x32\...\appbario8 Toolbar) (Version: 6.9.0.16 - appbario8)
Arma 3 (HKLM-x32\...\Steam App 107410) (Version:  - Bohemia Interactive)
Arma 3 Tools (HKLM-x32\...\Steam App 233800) (Version:  - Bohemia Interactive)
ATI Catalyst Install Manager (HKLM\...\{8DF9D3DF-6D03-A04F-217F-F2577D973DBE}) (Version: 3.0.795.0 - ATI Technologies, Inc.)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.4.642 - Avira)
Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.7.14.901 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{9D84E30F-6757-4A56-BCB5-51ADE3AE8631}) (Version: 0.7.14.901 - BlueStack Systems, Inc.)
BrowserCompanion (HKLM-x32\...\BrowserCompanion) (Version:  - ) <==== ATTENTION
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2010.0930.2237.38732 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.0930.2237.38732 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2010.0930.2237.38732 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2010.0930.2237.38732 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Czech (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Danish (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Dutch (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help English (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Finnish (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help French (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help German (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Greek (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Italian (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Japanese (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Korean (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Polish (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Russian (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Spanish (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Swedish (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Thai (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Turkish (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
ccc-core-static (x32 Version: 2010.0930.2237.38732 - Ihr Firmenname) Hidden
ccc-utility64 (Version: 2010.0930.2237.38732 - ATI) Hidden
Cross Fire En (HKLM-x32\...\Cross Fire_is1) (Version:  - Z8Games.com)
Crossfire Europe (HKLM-x32\...\Crossfire Europe) (Version: 1181 - SG INTERACTIVE)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dealply (HKCU\...\Dealply) (Version:  - ) <==== ATTENTION
DealPly (remove only) (HKLM-x32\...\DealPly) (Version: 4.8.7.3 - DealPly Technologies Ltd.) <==== ATTENTION
Delta Chrome Toolbar (HKLM-x32\...\{177586E7-E42E-4F38-83D1-D15B4AF5B714}) (Version: 1.0.0.0 - DeltaInstaller) <==== ATTENTION
Delta toolbar   (HKLM-x32\...\delta) (Version: 1.8.10.0 - Delta) <==== ATTENTION
DVDVideoSoftTB DE Toolbar (HKLM-x32\...\DVDVideoSoftTB_DE Toolbar) (Version: 6.9.0.16 - DVDVideoSoftTB DE)
Feven Pro 1.2 (HKLM-x32\...\Feven Pro 1.2) (Version: 1.34.2.13 - Feven) <==== ATTENTION
FIFA 13 (HKLM-x32\...\{A29E18C2-7AB1-4b6b-848C-5D5E2C85F0C0}) (Version: 1.2.0.0 - Electronic Arts)
FIFA 14 (HKLM-x32\...\{AA7A2800-1E75-4240-855B-03AFF8E5171E}) (Version: 1.0.0.7 - Electronic Arts)
Free Audio CD to MP3 Converter version 1.3.12.1228 (HKLM-x32\...\Free Audio CD to MP3 Converter_is1) (Version: 1.3.12.1228 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.14.1022 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.14.1022 - DVDVideoSoft Ltd.)
GIMP 2.8.6 (HKLM\...\GIMP-2_is1) (Version: 2.8.6 - The GIMP Team)
Google Chrome (HKCU\...\Google Chrome) (Version: 35.0.1916.114 - Google Inc.)
Google Update Helper (x32 Version: 1.3.23.0 - DealPly Technologies Ltd) Hidden <==== ATTENTION
Hama Black Force Pad (HKLM-x32\...\{4999B2F1-3E74-409A-B8B5-E94448AA9EA6}) (Version: 2007.01.01 - )
HQ-Video-Profession-1.3 (HKLM-x32\...\HQ-Video-Profession-1.3) (Version: 1.34.2.13 - HQ-Video) <==== ATTENTION
HydraVision (x32 Version: 4.2.180.0 - ATI Technologies Inc.) Hidden
IB Updater Service (HKLM-x32\...\WNLT) (Version: 5.0.8.6 - ) <==== ATTENTION
IePluginService12.27.0.3326 (HKLM-x32\...\IePlugins) (Version: 12.27.0.3326 - Cherished Technololgy LIMITED) <==== ATTENTION
iLivid (HKLM-x32\...\iLivid) (Version: 4.0.0.2208 - Bandoo Media Inc) <==== ATTENTION
IM Lock (HKLM-x32\...\IMLock) (Version:  - Comvigo, Inc.)
Iminent (HKLM-x32\...\IMBoosterARP) (Version: 6.4.56.0 - Iminent) <==== ATTENTION
Iminent (x32 Version: 6.4.56.0 - Iminent) Hidden <==== ATTENTION
Incredibar Toolbar  on IE (HKLM-x32\...\incredibar) (Version:  - ) <==== ATTENTION
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)
ISY N150 Micro WLAN USB-Adapter (HKLM-x32\...\{B20F9D1C-A0A5-4cd8-8306-DA03872311B1}) (Version: 1.00.0155 - ISY)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Lexmark X1100 Series (HKLM\...\Lexmark X1100 Series) (Version:  - Lexmark International, Inc.)
lightshot-4.4.2.0 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 4.4.2.0 - Skillbrains)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mobogenie (HKLM-x32\...\Mobogenie) (Version:  - Mobogenie.com) <==== ATTENTION
Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
Need For Speed™ World (HKLM-x32\...\{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1) (Version: 1.0.0.993 - Electronic Arts)
Norton Internet Security (HKLM-x32\...\NIS) (Version: 18.0.0.128 - Symantec Corporation)
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.0.2.2065 - Electronic Arts, Inc.)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.9 - Pando Networks Inc.)
Pflanzen gegen Zombies™ (HKLM-x32\...\{5E6536C2-E79A-49CF-83EA-817AD81F9FC8}) (Version: 1.2.0.1093 - Electronic Arts, Inc.)
PhotoScape (HKLM-x32\...\PhotoScape) (Version:  - )
PriceGong 2.6.4 (HKLM-x32\...\PriceGong) (Version: 2.6.4 - PriceGong) <==== ATTENTION
Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6121 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6194 - Realtek Semiconductor Corp.)
Re-markit (HKLM-x32\...\f4dc7792-3f3d-43d0-ad79-cb3520fae36c) (Version:  - Re-markit Software) <==== ATTENTION
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Sniper - Art of Victory (HKLM-x32\...\sniper_de_is1) (Version:  - City Interactive)
SpecialSavings (HKLM-x32\...\SpecialSavings) (Version:  - ) <==== ATTENTION
SpeedUpMyPC (HKLM-x32\...\{E55B3271-7CA8-4D0C-AE06-69A24856E996}_is1) (Version: 5.3.4.4 - Uniblue Systems Ltd) <==== ATTENTION
Spelling Dictionaries Support For Adobe Reader 9 (HKLM-x32\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
SupTab (HKLM-x32\...\SupTab) (Version: 1.1.1.0 - ) <==== ATTENTION
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.8.1 - TeamSpeak Systems GmbH)
TuneUp Utilities 2013 (HKLM-x32\...\TuneUp Utilities 2013) (Version: 13.0.2020.4 - TuneUp Software)
TuneUp Utilities 2013 (x32 Version: 13.0.2020.4 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (x32 Version: 13.0.2020.4 - TuneUp Software) Hidden
Video Downloader (HKLM-x32\...\Video Downloader) (Version: 1.14 - hxxp://www.vgrabber.com)
VLC media player 2.0.3 (HKLM-x32\...\VLC media player) (Version: 2.0.3 - VideoLAN)
VO Package (HKLM-x32\...\VOPackage) (Version: 1.0.0.0 - ) <==== ATTENTION
Wajam (HKLM-x32\...\Wajam) (Version: 2.11 - Wajam) <==== ATTENTION
Web Assistant 2.0.0.573 (HKLM\...\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1) (Version: 2.0.0.573 - IncrediBar) <==== ATTENTION
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger Companion Core (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WinZipper (HKLM-x32\...\WinZipper) (Version: 1.5.29 - Taiwan Shui Mu Chih Ching Technology Limited.) <==== ATTENTION
WiseConvert (HKLM-x32\...\WiseConvert) (Version: 1.0 - WiseConvert)
WMV9/VC-1 Video Playback (Version: 1.00.0000 - ATI Technologies Inc.) Hidden
World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812}_is1) (Version:  - Wargaming.net)
XSManager (HKLM-x32\...\XSManager) (Version: 3.2 - XSManager)

==================== Restore Points  =========================

23-05-2014 17:38:13 Windows Update
23-05-2014 23:00:11 Windows Update
24-05-2014 16:20:14 Windows Update
24-05-2014 18:08:19 Windows Update
25-05-2014 00:48:34 Windows Update
25-05-2014 19:14:34 Windows Update
26-05-2014 19:21:38 Windows Update
27-05-2014 19:56:06 Windows Update
28-05-2014 10:10:08 Windows Update
29-05-2014 00:56:57 Windows Update
29-05-2014 13:36:46 DirectX wurde installiert
29-05-2014 23:00:34 Windows Update
30-05-2014 06:27:09 Windows Update
31-05-2014 01:00:50 Windows Update
31-05-2014 05:58:19 Windows Update

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {00CDF369-5C82-4B09-A8B8-22E0110976DE} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1001Core => C:\Users\Elvira\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-21] (Google Inc.)
Task: {162D19D2-88E6-425F-ACF9-085709C10976} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1003Core => C:\Users\Jürgen\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-21] (Google Inc.)
Task: {180C32E6-A575-49A3-AA4D-7E9EDC44A1AA} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2013\OneClick.exe [2012-09-19] (TuneUp Software)
Task: {1FD7E7FA-4C1B-46AA-B808-A6B47969B523} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1000UA => C:\Users\\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-21] (Google Inc.)
Task: {25715EC7-88B9-4811-B0FD-540AC855053B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1002UA => C:\Users\Martina\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-21] (Google Inc.)
Task: {2D13B59E-4C34-49F2-81B8-8A7F2D96CC2F} - System32\Tasks\PC Performer Manager => Sc.exe start PC Performer Manager
Task: {620FBD68-8B3D-47C5-BEE1-EA19B1705EC4} - System32\Tasks\Games\UpdateCheck_S-1-5-21-2465613748-4109621216-2680054910-1001
Task: {62745FA6-88B4-4F26-B2F4-09469D925348} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {635AC757-77D2-41EE-A578-F6A8974BF31D} - System32\Tasks\AdobeFlashPlayerUpdate => C:\Windows\SysWOW64\FlashPlayerUpdateService.exe
Task: {6875CA21-089D-4DC0-A439-FE49B1E33DB4} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: {6E350C8D-3672-4719-8CF1-5A8B8CA44909} - System32\Tasks\update-S-1-5-21-2465613748-4109621216-2680054910-1003 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2013-02-23] ()
Task: {77E350C2-2250-4BEE-B575-EF12CA6A03F8} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2013-02-23] ()
Task: {820F5D76-F745-4811-BE70-3E99A14E89D9} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1002Core => C:\Users\Martina\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-21] (Google Inc.)
Task: {9C4EF4AE-24AC-494E-BB1E-389E59772369} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-11] (Adobe Systems Incorporated)
Task: {A66165D0-A739-46B9-AA91-33C0AE65F710} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1003UA => C:\Users\Jürgen\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-21] (Google Inc.)
Task: {ABD96266-25AF-494C-B2F5-17C5D8F015E2} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1001UA => C:\Users\Elvira\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-21] (Google Inc.)
Task: {B3ACA1F2-AC10-4A74-A012-61E186CB35DD} - System32\Tasks\update-S-1-5-21-2465613748-4109621216-2680054910-1000 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2013-02-23] ()
Task: {BEE6EDB5-D13A-4C37-B3C9-40075E803219} - System32\Tasks\AdobeFlashPlayerUpdate 2 => C:\Windows\SysWOW64\FlashPlayerUpdateService.exe
Task: {D1301EC2-67C9-4E08-9A87-56DB18075640} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1000Core => C:\Users\\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-21] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineCore.job => C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe <==== ATTENTION
Task: C:\Windows\Tasks\Feven Pro 1.2-chromeinstaller.job => C:\Program Files (x86)\Feven Pro 1.2\Feven Pro 1.2-chromeinstaller.exe <==== ATTENTION
Task: C:\Windows\Tasks\Feven Pro 1.2-codedownloader.job => C:\Program Files (x86)\Feven Pro 1.2\Feven Pro 1.2-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\Feven Pro 1.2-enabler.job => C:\Program Files (x86)\Feven Pro 1.2\Feven Pro 1.2-enabler.exe <==== ATTENTION
Task: C:\Windows\Tasks\Feven Pro 1.2-firefoxinstaller.job => C:\Program Files (x86)\Feven Pro 1.2\Feven Pro 1.2-firefoxinstaller.exe <==== ATTENTION
Task: C:\Windows\Tasks\Feven Pro 1.2-updater.job => C:\Program Files (x86)\Feven Pro 1.2\Feven Pro 1.2-updater.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1000Core1cf6cdd52a1ae5.job => C:\Users\\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1000UA.job => C:\Users\\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1001Core1cf71ac260e523e.job => C:\Users\Elvira\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1001UA.job => C:\Users\Elvira\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1002Core1cf6cf59b1b4d7c.job => C:\Users\Martina\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1002UA.job => C:\Users\Martina\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1003Core1cf6b76210b5906.job => C:\Users\Jürgen\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1003UA.job => C:\Users\Jürgen\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HQ-Video-Profession-1.3-chromeinstaller.job => C:\Program Files (x86)\HQ-Video-Profession-1.3\HQ-Video-Profession-1.3-chromeinstaller.exe <==== ATTENTION
Task: C:\Windows\Tasks\HQ-Video-Profession-1.3-codedownloader.job => C:\Program Files (x86)\HQ-Video-Profession-1.3\HQ-Video-Profession-1.3-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\HQ-Video-Profession-1.3-enabler.job => C:\Program Files (x86)\HQ-Video-Profession-1.3\HQ-Video-Profession-1.3-enabler.exe <==== ATTENTION
Task: C:\Windows\Tasks\HQ-Video-Profession-1.3-firefoxinstaller.job => C:\Program Files (x86)\HQ-Video-Profession-1.3\HQ-Video-Profession-1.3-firefoxinstaller.exe <==== ATTENTION
Task: C:\Windows\Tasks\HQ-Video-Profession-1.3-updater.job => C:\Program Files (x86)\HQ-Video-Profession-1.3\HQ-Video-Profession-1.3-updater.exe <==== ATTENTION
Task: C:\Windows\Tasks\PCHelpers1st.job => C:\Program Files (x86)\Optimizer Elite Max\Optimizer Elite Max.exe <==== ATTENTION
Task: C:\Windows\Tasks\PCHelpers_period.job => C:\Program Files (x86)\Optimizer Elite Max\Optimizer Elite Max.exe <==== ATTENTION
Task: C:\Windows\Tasks\Re-markit Update.job => C:\Program Files (x86)\Re-markit-soft\ReMar.exe <==== ATTENTION
Task: C:\Windows\Tasks\Re-markit_wd.job => C:\Program Files (x86)\Re-markit-soft\Re-markit_wd.exe <==== ATTENTION
Task: C:\Windows\Tasks\SpeedUpMyPC.job => C:\Program Files (x86)\Uniblue\SpeedUpMyPC\sump.exe <==== ATTENTION
Task: C:\Windows\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013.job => C:\Program Files (x86)\TuneUp Utilities 2013\OneClick.exe
Task: C:\Windows\Tasks\update-S-1-5-21-2465613748-4109621216-2680054910-1000.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\Windows\Tasks\update-S-1-5-21-2465613748-4109621216-2680054910-1003.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\Windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe

==================== Loaded Modules (whitelisted) =============

2012-09-03 21:48 - 2014-04-07 16:57 - 02276144 _____ () C:\Windows\system32\dmwu.exe
2014-02-28 16:37 - 2014-02-28 16:37 - 00194560 _____ () C:\Program Files (x86)\Re-markit-soft\Re-markit155.exe
2012-08-05 21:47 - 2013-01-29 15:28 - 00188760 _____ () C:\Program Files\Web Assistant\ExtensionUpdaterService.exe
2012-10-05 10:38 - 2012-04-05 17:35 - 00327392 ____N () C:\Program Files (x86)\XSManager\WTGService.exe
2014-04-07 16:57 - 2014-04-07 16:57 - 01100592 _____ () C:\Windows\SysWOW64\jmdp\stij.exe
2014-04-07 16:57 - 2014-04-07 16:57 - 01303856 _____ () C:\Windows\System32\ljkb\stij.exe
2014-04-07 16:57 - 2014-04-07 16:57 - 01571120 _____ () C:\Windows\System32\ljkb\lmrn.dll
2013-08-29 01:39 - 2013-08-29 01:40 - 04287536 _____ () C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
2013-11-27 21:58 - 2014-02-28 15:16 - 00775872 _____ () C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
2012-07-02 11:16 - 2012-07-02 11:16 - 00695448 _____ () C:\Users\\AppData\Roaming\BrowserCompanion\tbhcn.exe
2010-08-04 15:58 - 2010-08-04 15:58 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2010-09-30 22:36 - 2010-09-30 22:36 - 00270336 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2014-02-27 08:04 - 2014-02-27 08:04 - 00612496 _____ () C:\Program Files (x86)\WinZipper\sqlite3.dll
2014-02-14 11:30 - 2014-02-14 11:30 - 00170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\bfd5296be62268bc7a31a424f0d1ad5f\IsdiInterop.ni.dll
2010-10-01 09:40 - 2010-03-03 20:08 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2014-04-07 16:57 - 2014-04-07 16:57 - 01266992 _____ () C:\Windows\SysWOW64\jmdp\lmrn.dll
2014-02-28 15:17 - 2014-02-28 15:16 - 00061440 _____ () C:\Program Files (x86)\Mobogenie\Device.dll
2014-02-28 15:17 - 2014-02-28 15:16 - 00471040 _____ () C:\Program Files (x86)\Mobogenie\DCR.dll
2012-08-10 16:51 - 2012-08-10 16:51 - 00985088 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
2014-05-28 08:14 - 2014-05-14 01:40 - 00716616 _____ () C:\Users\\AppData\Local\Google\Chrome\Application\35.0.1916.114\libglesv2.dll
2014-05-28 08:14 - 2014-05-14 01:40 - 00126280 _____ () C:\Users\\AppData\Local\Google\Chrome\Application\35.0.1916.114\libegl.dll
2014-05-28 08:14 - 2014-05-14 01:40 - 04217672 _____ () C:\Users\\AppData\Local\Google\Chrome\Application\35.0.1916.114\pdf.dll
2014-05-28 08:14 - 2014-05-14 01:40 - 00414536 _____ () C:\Users\\AppData\Local\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll
2014-05-28 08:14 - 2014-05-14 01:40 - 01732424 _____ () C:\Users\\AppData\Local\Google\Chrome\Application\35.0.1916.114\ffmpegsumo.dll
2014-05-28 08:14 - 2014-05-14 01:40 - 13695816 _____ () C:\Users\\AppData\Local\Google\Chrome\Application\35.0.1916.114\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\\Downloads\Bestaetigung_Rechnung_zu_Ihrer_byebye_Reise_21200789.eml:OECustomProperty
AlternateDataStreams: C:\Users\\Downloads\nachricht (1).eml:OECustomProperty
AlternateDataStreams: C:\Users\\Downloads\nachricht.eml:OECustomProperty

==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/31/2014 08:01:20 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst konnte nicht heruntergefahren werden. Aufgetretener Fehler: System.InvalidOperationException: UpdatePendingStatus kann nur während der Verarbeitung von Befehlen zum Starten, Beenden, Anhalten und Fortsetzen aufgerufen werden.
   bei System.ServiceProcess.ServiceBase.RequestAdditionalTime(Int32 milliseconds)
   bei BlueStacks.hyperDroid.Service.Service.CleanupHelperProcess(Process proc, String name)
   bei BlueStacks.hyperDroid.Service.Service.OnStop()
   bei BlueStacks.hyperDroid.Service.Service.OnShutdown()
   bei System.ServiceProcess.ServiceBase.DeferredShutdown()

Error: (05/31/2014 08:01:11 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Re-markit155.exe, Version: 1.155.0.0, Zeitstempel: 0x530db243
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18409, Zeitstempel: 0x53159a86
Ausnahmecode: 0xe06d7363
Fehleroffset: 0x0000c42d
ID des fehlerhaften Prozesses: 0xf28
Startzeit der fehlerhaften Anwendung: 0xRe-markit155.exe0
Pfad der fehlerhaften Anwendung: Re-markit155.exe1
Pfad des fehlerhaften Moduls: Re-markit155.exe2
Berichtskennung: Re-markit155.exe3

Error: (05/30/2014 00:39:14 PM) (Source: Iminent) (EventID: 0) (User: )
Description: Unexpected exception.

System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.NullReferenceException: Der Objektverweis wurde nicht auf eine Objektinstanz festgelegt.
   bei Iminent.Mediator.Server.ApplicationService.<>c__DisplayClassa.<WarmUp>b__9(Composite composite)
   --- Ende der internen Ausnahmestapelüberwachung ---
   bei System.RuntimeMethodHandle.InvokeMethod(Object target, Object[] arguments, Signature sig, Boolean constructor)
   bei System.Reflection.RuntimeMethodInfo.UnsafeInvokeInternal(Object obj, Object[] parameters, Object[] arguments)
   bei System.Delegate.DynamicInvokeImpl(Object[] args)
   bei System.Windows.Threading.ExceptionWrapper.InternalRealCall(Delegate callback, Object args, Int32 numArgs)
   bei MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(Object source, Delegate method, Object args, Int32 numArgs, Delegate catchHandler)

Error: (05/30/2014 01:04:15 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Re-markit155.exe, Version: 1.155.0.0, Zeitstempel: 0x530db243
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18409, Zeitstempel: 0x53159a86
Ausnahmecode: 0xe06d7363
Fehleroffset: 0x0000c42d
ID des fehlerhaften Prozesses: 0x8a4
Startzeit der fehlerhaften Anwendung: 0xRe-markit155.exe0
Pfad der fehlerhaften Anwendung: Re-markit155.exe1
Pfad des fehlerhaften Moduls: Re-markit155.exe2
Berichtskennung: Re-markit155.exe3

Error: (05/29/2014 09:24:43 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Explorer.EXE, Version 6.1.7601.17567 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: bdc

Startzeit: 01cf7b2654df9e89

Endzeit: 142

Anwendungspfad: C:\Windows\Explorer.EXE

Berichts-ID: c652360f-e766-11e3-b952-1c6f6549ce08

Error: (05/29/2014 03:00:37 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Re-markit155.exe, Version: 1.155.0.0, Zeitstempel: 0x530db243
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18409, Zeitstempel: 0x53159a86
Ausnahmecode: 0xe06d7363
Fehleroffset: 0x0000c42d
ID des fehlerhaften Prozesses: 0x894
Startzeit der fehlerhaften Anwendung: 0xRe-markit155.exe0
Pfad der fehlerhaften Anwendung: Re-markit155.exe1
Pfad des fehlerhaften Moduls: Re-markit155.exe2
Berichtskennung: Re-markit155.exe3

Error: (05/27/2014 09:59:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Re-markit155.exe, Version: 1.155.0.0, Zeitstempel: 0x530db243
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18409, Zeitstempel: 0x53159a86
Ausnahmecode: 0xe06d7363
Fehleroffset: 0x0000c42d
ID des fehlerhaften Prozesses: 0x81c
Startzeit der fehlerhaften Anwendung: 0xRe-markit155.exe0
Pfad der fehlerhaften Anwendung: Re-markit155.exe1
Pfad des fehlerhaften Moduls: Re-markit155.exe2
Berichtskennung: Re-markit155.exe3

Error: (05/26/2014 09:25:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Re-markit155.exe, Version: 1.155.0.0, Zeitstempel: 0x530db243
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18409, Zeitstempel: 0x53159a86
Ausnahmecode: 0xe06d7363
Fehleroffset: 0x0000c42d
ID des fehlerhaften Prozesses: 0x864
Startzeit der fehlerhaften Anwendung: 0xRe-markit155.exe0
Pfad der fehlerhaften Anwendung: Re-markit155.exe1
Pfad des fehlerhaften Moduls: Re-markit155.exe2
Berichtskennung: Re-markit155.exe3

Error: (05/25/2014 09:17:55 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst konnte nicht heruntergefahren werden. Aufgetretener Fehler: System.InvalidOperationException: UpdatePendingStatus kann nur während der Verarbeitung von Befehlen zum Starten, Beenden, Anhalten und Fortsetzen aufgerufen werden.
   bei System.ServiceProcess.ServiceBase.RequestAdditionalTime(Int32 milliseconds)
   bei BlueStacks.hyperDroid.Service.Service.OnStop()
   bei BlueStacks.hyperDroid.Service.Service.OnShutdown()
   bei System.ServiceProcess.ServiceBase.DeferredShutdown()

Error: (05/25/2014 09:17:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Re-markit155.exe, Version: 1.155.0.0, Zeitstempel: 0x530db243
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18409, Zeitstempel: 0x53159a86
Ausnahmecode: 0xe06d7363
Fehleroffset: 0x0000c42d
ID des fehlerhaften Prozesses: 0x83c
Startzeit der fehlerhaften Anwendung: 0xRe-markit155.exe0
Pfad der fehlerhaften Anwendung: Re-markit155.exe1
Pfad des fehlerhaften Moduls: Re-markit155.exe2
Berichtskennung: Re-markit155.exe3


System errors:
=============
Error: (05/31/2014 06:55:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (05/31/2014 06:55:43 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.

Error: (05/31/2014 01:37:41 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F48FC5B2-094A-44C7-B48C-289738C9582D}

Error: (05/31/2014 08:01:13 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Re-markit" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/31/2014 08:01:05 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Internet Explorer 11 für Windows 7 für x64-basierte Systeme

Error: (05/31/2014 07:27:08 AM) (Source: Server) (EventID: 2505) (User: )
Description: Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht \Device\NetBT_Tcpip_{2A1A7AD7-DF00-40FC-9333-1E858D256B18} vom Serverdienst nicht gebunden werden. Der Serverdienst konnte nicht gestartet werden.

Error: (05/31/2014 03:03:40 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Internet Explorer 11 für Windows 7 für x64-basierte Systeme

Error: (05/31/2014 03:00:29 AM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0

Error: (05/30/2014 00:52:11 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F48FC5B2-094A-44C7-B48C-289738C9582D}

Error: (05/30/2014 00:38:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Norton Internet Security" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053


Microsoft Office Sessions:
=========================
Error: (05/31/2014 08:01:20 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst konnte nicht heruntergefahren werden. Aufgetretener Fehler: System.InvalidOperationException: UpdatePendingStatus kann nur während der Verarbeitung von Befehlen zum Starten, Beenden, Anhalten und Fortsetzen aufgerufen werden.
   bei System.ServiceProcess.ServiceBase.RequestAdditionalTime(Int32 milliseconds)
   bei BlueStacks.hyperDroid.Service.Service.CleanupHelperProcess(Process proc, String name)
   bei BlueStacks.hyperDroid.Service.Service.OnStop()
   bei BlueStacks.hyperDroid.Service.Service.OnShutdown()
   bei System.ServiceProcess.ServiceBase.DeferredShutdown()

Error: (05/31/2014 08:01:11 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Re-markit155.exe1.155.0.0530db243KERNELBASE.dll6.1.7601.1840953159a86e06d73630000c42df2801cf7bf37a4253e5C:\Program Files (x86)\Re-markit-soft\Re-markit155.exeC:\Windows\syswow64\KERNELBASE.dllf6f536a7-e888-11e3-9d00-1c6f6549ce08

Error: (05/30/2014 00:39:14 PM) (Source: Iminent) (EventID: 0) (User: )
Description: Unexpected exception.

System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.NullReferenceException: Der Objektverweis wurde nicht auf eine Objektinstanz festgelegt.
   bei Iminent.Mediator.Server.ApplicationService.<>c__DisplayClassa.<WarmUp>b__9(Composite composite)
   --- Ende der internen Ausnahmestapelüberwachung ---
   bei System.RuntimeMethodHandle.InvokeMethod(Object target, Object[] arguments, Signature sig, Boolean constructor)
   bei System.Reflection.RuntimeMethodInfo.UnsafeInvokeInternal(Object obj, Object[] parameters, Object[] arguments)
   bei System.Delegate.DynamicInvokeImpl(Object[] args)
   bei System.Windows.Threading.ExceptionWrapper.InternalRealCall(Delegate callback, Object args, Int32 numArgs)
   bei MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(Object source, Delegate method, Object args, Int32 numArgs, Delegate catchHandler)

Error: (05/30/2014 01:04:15 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Re-markit155.exe1.155.0.0530db243KERNELBASE.dll6.1.7601.1840953159a86e06d73630000c42d8a401cf7b2651844dc6C:\Program Files (x86)\Re-markit-soft\Re-markit155.exeC:\Windows\syswow64\KERNELBASE.dll8db42bc3-e785-11e3-b952-1c6f6549ce08

Error: (05/29/2014 09:24:43 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Explorer.EXE6.1.7601.17567bdc01cf7b2654df9e89142C:\Windows\Explorer.EXEc652360f-e766-11e3-b952-1c6f6549ce08

Error: (05/29/2014 03:00:37 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Re-markit155.exe1.155.0.0530db243KERNELBASE.dll6.1.7601.1840953159a86e06d73630000c42d89401cf7a63585a967bC:\Program Files (x86)\Re-markit-soft\Re-markit155.exeC:\Windows\syswow64\KERNELBASE.dlla4e53e31-e6cc-11e3-b8fd-1c6f6549ce08

Error: (05/27/2014 09:59:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Re-markit155.exe1.155.0.0530db243KERNELBASE.dll6.1.7601.1840953159a86e06d73630000c42d81c01cf799b0a1f0c71C:\Program Files (x86)\Re-markit-soft\Re-markit155.exeC:\Windows\syswow64\KERNELBASE.dll661f4893-e5d9-11e3-b36f-1c6f6549ce08

Error: (05/26/2014 09:25:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Re-markit155.exe1.155.0.0530db243KERNELBASE.dll6.1.7601.1840953159a86e06d73630000c42d86401cf78e6a8b756c4C:\Program Files (x86)\Re-markit-soft\Re-markit155.exeC:\Windows\syswow64\KERNELBASE.dll7f5aa995-e50b-11e3-a4d9-1c6f6549ce08

Error: (05/25/2014 09:17:55 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst konnte nicht heruntergefahren werden. Aufgetretener Fehler: System.InvalidOperationException: UpdatePendingStatus kann nur während der Verarbeitung von Befehlen zum Starten, Beenden, Anhalten und Fortsetzen aufgerufen werden.
   bei System.ServiceProcess.ServiceBase.RequestAdditionalTime(Int32 milliseconds)
   bei BlueStacks.hyperDroid.Service.Service.OnStop()
   bei BlueStacks.hyperDroid.Service.Service.OnShutdown()
   bei System.ServiceProcess.ServiceBase.DeferredShutdown()

Error: (05/25/2014 09:17:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Re-markit155.exe1.155.0.0530db243KERNELBASE.dll6.1.7601.1840953159a86e06d73630000c42d83c01cf77e7a66b93feC:\Program Files (x86)\Re-markit-soft\Re-markit155.exeC:\Windows\syswow64\KERNELBASE.dll41f967c5-e441-11e3-9d94-1c6f6549ce08


==================== Memory info =========================== 

Percentage of memory in use: 74%
Total physical RAM: 3959.48 MB
Available physical RAM: 995.35 MB
Total Pagefile: 7917.15 MB
Available Pagefile: 3216.21 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:727.71 GB) (Free:467.25 GB) NTFS
Drive d: (Volume) (Fixed) (Total:195.31 GB) (Free:195.22 GB) NTFS
Drive e: (Recovery) (Fixed) (Total:8 GB) (Free:2.57 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 30B6D843)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=728 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=195 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=8 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
__________________

Alt 31.05.2014, 20:24   #4
M-K-D-B
/// TB-Ausbilder
 
WINDOWS 7 kommen ständig PopUps usw... - Standard

WINDOWS 7 kommen ständig PopUps usw...



Hab dir schon geantwortet.
__________________
Grüße aus Bayern
M-K-D-B

______________________________________

Das Trojaner-Board unterstützen

Alt 01.06.2014, 00:39   #5
Jackson11
 
WINDOWS 7 kommen ständig PopUps usw... - Standard

WINDOWS 7 kommen ständig PopUps usw...



Hi,
ComboFix ist immer noch fertig, leider

Code:
ATTFilter
ComboFix 14-05-29.01 -  31.05.2014  23:06:21.2.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.3959.1227 [GMT 2:00]
ausgeführt von:: c:\users\\Desktop\ComboFix.exe
AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AV: Norton Internet Security *Disabled/Updated* {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}
FW: Norton Internet Security *Disabled* {B0F2DB13-C654-2E74-30D4-99C9310F0F2E}
SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Norton Internet Security *Disabled/Updated* {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\CFLog
c:\cflog\EPLog.txt
C:\END
C:\Install.exe
c:\program files (x86)\BrowserCompanion
c:\program files (x86)\BrowserCompanion\blabbers-ch.crx
c:\program files (x86)\BrowserCompanion\blabbers-ff-full.xpi
c:\program files (x86)\BrowserCompanion\jsloader.dll
c:\program files (x86)\BrowserCompanion\logo.ico
c:\program files (x86)\BrowserCompanion\tdataprotocol.dll
c:\program files (x86)\BrowserCompanion\terms.lnk.url
c:\program files (x86)\BrowserCompanion\toolbar.dll
c:\program files (x86)\BrowserCompanion\uninstall.exe
c:\program files (x86)\BrowserCompanion\updatebhoWin32.dll
c:\program files (x86)\BrowserCompanion\updater.ini
c:\program files (x86)\BrowserCompanion\widgetserv.exe
c:\program files (x86)\DealPly
c:\program files (x86)\DealPly\DealPly.crx
c:\program files (x86)\DealPly\DealPly.xpi
c:\program files (x86)\DealPly\DealPlyIE.dll
c:\program files (x86)\DealPly\DealPlyIE64.dll
c:\program files (x86)\DealPly\DealPlyUpdate.exe
c:\program files (x86)\DealPly\DealPlyUpdateRun.exe
c:\program files (x86)\DealPly\DealPlyUpdateVer.exe
c:\program files (x86)\DealPly\icon.ico
c:\program files (x86)\DealPly\uninst.exe
c:\program files (x86)\HQ-Video-Profession-1.3\HQ-Video-profession-1.3-bho.dll
c:\program files (x86)\Incredibar.com
c:\program files (x86)\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll
c:\program files (x86)\Incredibar.com\incredibar\1.5.11.14\incredibarApp.dll
c:\program files (x86)\Incredibar.com\incredibar\1.5.11.14\incredibarEng.dll
c:\program files (x86)\Incredibar.com\incredibar\1.5.11.14\incredibarsrv.exe
c:\program files (x86)\Incredibar.com\incredibar\1.5.11.14\inCRedibartlbr.dll
c:\program files (x86)\Incredibar.com\incredibar\1.5.11.14\uninstall.exe
c:\program files (x86)\PriceGong
c:\program files (x86)\PriceGong\2.6.4\PriceGong.crx
c:\program files (x86)\PriceGong\2.6.4\PriceGongIE.dll
c:\program files (x86)\PriceGong\uninst.exe
c:\program files (x86)\Search Results Toolbar\Datamngr
c:\program files (x86)\Search Results Toolbar\Datamngr\BrowserConnection.dll
c:\program files (x86)\Search Results Toolbar\Datamngr\ChromeExtension\config\skin\css\new-tab.css
c:\program files (x86)\Search Results Toolbar\Datamngr\ChromeExtension\config\skin\images\fav_amazon.png
c:\program files (x86)\Search Results Toolbar\Datamngr\ChromeExtension\config\skin\images\fav_ebay.png
c:\program files (x86)\Search Results Toolbar\Datamngr\ChromeExtension\config\skin\images\fav_facebook.png
c:\program files (x86)\Search Results Toolbar\Datamngr\ChromeExtension\config\skin\images\fav_fantastigames.png
c:\program files (x86)\Search Results Toolbar\Datamngr\ChromeExtension\config\skin\images\fav_ftalk.png
c:\program files (x86)\Search Results Toolbar\Datamngr\ChromeExtension\config\skin\images\fav_youtube.png
c:\program files (x86)\Search Results Toolbar\Datamngr\ChromeExtension\config\skin\images\IDR_WEBSTORE_ICON.png
c:\program files (x86)\Search Results Toolbar\Datamngr\ChromeExtension\config\skin\images\imesh_logo_128.png
c:\program files (x86)\Search Results Toolbar\Datamngr\ChromeExtension\config\skin\new-tab.html
c:\program files (x86)\Search Results Toolbar\Datamngr\ChromeExtension\lib\analytics.js
c:\program files (x86)\Search Results Toolbar\Datamngr\ChromeExtension\lib\constant.js
c:\program files (x86)\Search Results Toolbar\Datamngr\ChromeExtension\lib\default-config.js
c:\program files (x86)\Search Results Toolbar\Datamngr\ChromeExtension\lib\jquery.js
c:\program files (x86)\Search Results Toolbar\Datamngr\ChromeExtension\lib\localStorage.js
c:\program files (x86)\Search Results Toolbar\Datamngr\ChromeExtension\lib\new-tab.js
c:\program files (x86)\Search Results Toolbar\Datamngr\ChromeExtension\lib\preferences.js
c:\program files (x86)\Search Results Toolbar\Datamngr\ChromeExtension\manifest.json
c:\program files (x86)\Search Results Toolbar\Datamngr\ChromeExtension\OurLocalPage.html
c:\program files (x86)\Search Results Toolbar\Datamngr\datamngr.dll
c:\program files (x86)\Search Results Toolbar\Datamngr\datamngrUI.exe
c:\program files (x86)\Search Results Toolbar\Datamngr\DnsBHO.dll
c:\program files (x86)\Search Results Toolbar\Datamngr\FirefoxExtension\chrome.manifest
c:\program files (x86)\Search Results Toolbar\Datamngr\FirefoxExtension\chrome.manifest.alt
c:\program files (x86)\Search Results Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlp.xpt
c:\program files (x86)\Search Results Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF10.dll
c:\program files (x86)\Search Results Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF11.dll
c:\program files (x86)\Search Results Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF12.dll
c:\program files (x86)\Search Results Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF13.dll
c:\program files (x86)\Search Results Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF14.dll
c:\program files (x86)\Search Results Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF15.dll
c:\program files (x86)\Search Results Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF16.dll
c:\program files (x86)\Search Results Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF17.dll
c:\program files (x86)\Search Results Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF3.dll
c:\program files (x86)\Search Results Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF4.dll
c:\program files (x86)\Search Results Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF5.dll
c:\program files (x86)\Search Results Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF6.dll
c:\program files (x86)\Search Results Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF7.dll
c:\program files (x86)\Search Results Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF8.dll
c:\program files (x86)\Search Results Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF9.dll
c:\program files (x86)\Search Results Toolbar\Datamngr\FirefoxExtension\content\DataMngr.js
c:\program files (x86)\Search Results Toolbar\Datamngr\FirefoxExtension\content\DnsBHO.js
c:\program files (x86)\Search Results Toolbar\Datamngr\FirefoxExtension\content\Error404BHO.js
c:\program files (x86)\Search Results Toolbar\Datamngr\FirefoxExtension\content\NewTabBHO.js
c:\program files (x86)\Search Results Toolbar\Datamngr\FirefoxExtension\content\overlay.js
c:\program files (x86)\Search Results Toolbar\Datamngr\FirefoxExtension\content\overlay.xul
c:\program files (x86)\Search Results Toolbar\Datamngr\FirefoxExtension\content\RelatedSearch.js
c:\program files (x86)\Search Results Toolbar\Datamngr\FirefoxExtension\content\RequestPreserver.js
c:\program files (x86)\Search Results Toolbar\Datamngr\FirefoxExtension\content\SearchBHO.js
c:\program files (x86)\Search Results Toolbar\Datamngr\FirefoxExtension\content\SettingManager.js
c:\program files (x86)\Search Results Toolbar\Datamngr\FirefoxExtension\content\Settings.xml
c:\program files (x86)\Search Results Toolbar\Datamngr\FirefoxExtension\content\Settings.xml.alt
c:\program files (x86)\Search Results Toolbar\Datamngr\FirefoxExtension\install.rdf
c:\program files (x86)\Search Results Toolbar\Datamngr\IEBHO.dll
c:\program files (x86)\Search Results Toolbar\Datamngr\installhelper.dll
c:\program files (x86)\Search Results Toolbar\Datamngr\x64\BrowserConnection.dll
c:\program files (x86)\Search Results Toolbar\Datamngr\x64\datamngr.dll
c:\program files (x86)\Search Results Toolbar\Datamngr\x64\DnsBHO.dll
c:\program files (x86)\Search Results Toolbar\Datamngr\x64\IEBHO.dll
c:\program files (x86)\Uniblue\SpeedUpMyPC
c:\program files (x86)\Uniblue\SpeedUpMyPC\cwebpage.dll
c:\program files (x86)\Uniblue\SpeedUpMyPC\InstallerExtensions.dll
c:\program files (x86)\Uniblue\SpeedUpMyPC\intermediate_views.dat
c:\program files (x86)\Uniblue\SpeedUpMyPC\latest_scan_results.xsl
c:\program files (x86)\Uniblue\SpeedUpMyPC\Launcher.exe
c:\program files (x86)\Uniblue\SpeedUpMyPC\library.dat
c:\program files (x86)\Uniblue\SpeedUpMyPC\locale\br\br.dll
c:\program files (x86)\Uniblue\SpeedUpMyPC\locale\br\LC_MESSAGES\messages.mo
c:\program files (x86)\Uniblue\SpeedUpMyPC\locale\de\de.dll
c:\program files (x86)\Uniblue\SpeedUpMyPC\locale\de\LC_MESSAGES\messages.mo
c:\program files (x86)\Uniblue\SpeedUpMyPC\locale\dk\dk.dll
c:\program files (x86)\Uniblue\SpeedUpMyPC\locale\dk\LC_MESSAGES\messages.mo
c:\program files (x86)\Uniblue\SpeedUpMyPC\locale\en\en.dll
c:\program files (x86)\Uniblue\SpeedUpMyPC\locale\en\LC_MESSAGES\messages.mo
c:\program files (x86)\Uniblue\SpeedUpMyPC\locale\es\es.dll
c:\program files (x86)\Uniblue\SpeedUpMyPC\locale\es\LC_MESSAGES\messages.mo
c:\program files (x86)\Uniblue\SpeedUpMyPC\locale\fi\fi.dll
c:\program files (x86)\Uniblue\SpeedUpMyPC\locale\fi\LC_MESSAGES\messages.mo
c:\program files (x86)\Uniblue\SpeedUpMyPC\locale\fr\fr.dll
c:\program files (x86)\Uniblue\SpeedUpMyPC\locale\fr\LC_MESSAGES\messages.mo
c:\program files (x86)\Uniblue\SpeedUpMyPC\locale\it\it.dll
c:\program files (x86)\Uniblue\SpeedUpMyPC\locale\it\LC_MESSAGES\messages.mo
c:\program files (x86)\Uniblue\SpeedUpMyPC\locale\jp\jp.dll
c:\program files (x86)\Uniblue\SpeedUpMyPC\locale\jp\LC_MESSAGES\messages.mo
c:\program files (x86)\Uniblue\SpeedUpMyPC\locale\nl\LC_MESSAGES\messages.mo
c:\program files (x86)\Uniblue\SpeedUpMyPC\locale\nl\nl.dll
c:\program files (x86)\Uniblue\SpeedUpMyPC\locale\no\LC_MESSAGES\messages.mo
c:\program files (x86)\Uniblue\SpeedUpMyPC\locale\no\no.dll
c:\program files (x86)\Uniblue\SpeedUpMyPC\locale\ru\LC_MESSAGES\messages.mo
c:\program files (x86)\Uniblue\SpeedUpMyPC\locale\ru\ru.dll
c:\program files (x86)\Uniblue\SpeedUpMyPC\locale\se\LC_MESSAGES\messages.mo
c:\program files (x86)\Uniblue\SpeedUpMyPC\locale\se\se.dll
c:\program files (x86)\Uniblue\SpeedUpMyPC\Microsoft.VC90.CRT.manifest
c:\program files (x86)\Uniblue\SpeedUpMyPC\msvcp90.dll
c:\program files (x86)\Uniblue\SpeedUpMyPC\msvcr90.dll
c:\program files (x86)\Uniblue\SpeedUpMyPC\repair_transform.xsl
c:\program files (x86)\Uniblue\SpeedUpMyPC\sp_move_serial.exe
c:\program files (x86)\Uniblue\SpeedUpMyPC\spmonitor.exe
c:\program files (x86)\Uniblue\SpeedUpMyPC\spnotifier.exe
c:\program files (x86)\Uniblue\SpeedUpMyPC\sump.exe
c:\program files (x86)\Uniblue\SpeedUpMyPC\Third Party Terms\comtypes.txt
c:\program files (x86)\Uniblue\SpeedUpMyPC\Third Party Terms\cwebpage.dll.html
c:\program files (x86)\Uniblue\SpeedUpMyPC\Third Party Terms\decorator.py.txt
c:\program files (x86)\Uniblue\SpeedUpMyPC\Third Party Terms\ordereddict.py.txt
c:\program files (x86)\Uniblue\SpeedUpMyPC\Third Party Terms\py2exe.txt
c:\program files (x86)\Uniblue\SpeedUpMyPC\Third Party Terms\python-changes.txt
c:\program files (x86)\Uniblue\SpeedUpMyPC\Third Party Terms\python.txt
c:\program files (x86)\Uniblue\SpeedUpMyPC\Third Party Terms\simplejson.txt
c:\program files (x86)\Uniblue\SpeedUpMyPC\Third Party Terms\wmi.txt
c:\program files (x86)\Uniblue\SpeedUpMyPC\unins000.dat
c:\program files (x86)\Uniblue\SpeedUpMyPC\unins000.exe
c:\program files (x86)\Uniblue\SpeedUpMyPC\unins000.msg
c:\program files (x86)\Uniblue\SpeedUpMyPC\views.dat
c:\program files (x86)\Windows Live\Messenger\msacm32.dll
c:\program files\Web Assistant\ExTEnsion32.dll
c:\programdata\0tbpw.pad
c:\users\Elvira\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data
c:\users\Elvira\AppData\Local\Google\Chrome\User Data\Default\bProtectorPreferences
c:\users\\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data
c:\users\\AppData\Local\Google\Chrome\User Data\Default\bProtectorPreferences
c:\users\\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_eooncjejnppfjjklapaamhcdmjbilmde_0.localstorage
c:\users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gcjbopemebdnolilndkpjfmhakccapkh_0.localstorage-journal
c:\users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gcjbopemebdnolilndkpjfmhakccapkh_0.localstorage
c:\users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_lndipknmjijnalnkamonmljeaojdbpna_0.localstorage-journal
c:\users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_lndipknmjijnalnkamonmljeaojdbpna_0.localstorage
c:\users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\preferences
c:\users\Martina\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data
c:\users\Martina\AppData\Local\Google\Chrome\User Data\Default\bProtectorPreferences
c:\windows\SysWow64\ChilkatMail_v7_9.dll
c:\windows\Tasks\SpeedUpMyPC.job
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-04-28 bis 2014-05-31  ))))))))))))))))))))))))))))))
.
.
2014-05-31 23:14 . 2014-05-31 23:14	--------	d-----w-	c:\users\Jürgen\AppData\Local\temp
2014-05-31 23:13 . 2014-05-31 23:13	--------	d-----w-	c:\users\Elvira\AppData\Local\temp
2014-05-31 23:13 . 2014-05-31 23:13	--------	d-----w-	c:\users\Martina\AppData\Local\temp
2014-05-31 23:13 . 2014-05-31 23:13	--------	d-----w-	c:\users\Default\AppData\Local\temp
2014-05-31 18:37 . 2014-05-31 18:40	--------	d-----w-	C:\FRST
2014-05-31 05:37 . 2014-05-31 08:29	75888	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{38292580-EECE-42BE-8B81-DB3E92A44A32}\offreg.dll
2014-05-30 10:50 . 2014-04-30 23:20	10702536	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{38292580-EECE-42BE-8B81-DB3E92A44A32}\mpengine.dll
2014-05-29 13:46 . 2014-05-29 13:46	--------	d-----w-	c:\programdata\PopCap Games
2014-05-29 13:46 . 2014-05-29 13:46	--------	d-----w-	c:\programdata\EA Core
2014-05-29 13:45 . 2014-05-30 11:02	--------	d-----w-	c:\programdata\EA Logs
2014-05-25 00:51 . 2014-05-25 00:51	0	----a-w-	c:\windows\SysWow64\sho37D5.tmp
2014-05-17 22:25 . 2014-05-17 22:25	0	----a-w-	c:\windows\SysWow64\shoE10C.tmp
2014-05-16 22:05 . 2014-05-16 22:05	0	----a-w-	c:\windows\SysWow64\shoE14A.tmp
2014-05-14 20:03 . 2014-05-06 00:21	2382848	----a-w-	c:\windows\system32\mshtml.tlb
2014-05-14 20:03 . 2014-05-05 23:14	2382848	----a-w-	c:\windows\SysWow64\mshtml.tlb
2014-05-14 20:03 . 2014-05-06 00:46	17847808	----a-w-	c:\windows\system32\mshtml.dll
2014-05-14 20:03 . 2014-05-06 00:21	96768	----a-w-	c:\windows\system32\mshtmled.dll
2014-05-02 01:23 . 2014-05-02 01:23	0	----a-w-	c:\windows\SysWow64\shoF15F.tmp
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-05-14 20:00 . 2010-10-01 08:17	93223848	----a-w-	c:\windows\system32\MRT.exe
2014-04-30 15:55 . 2014-04-30 15:55	0	----a-w-	c:\windows\SysWow64\sho6040.tmp
2014-04-29 08:19 . 2013-08-15 17:44	130584	----a-w-	c:\windows\system32\drivers\avipbb.sys
2014-04-29 08:19 . 2013-08-15 17:44	112080	----a-w-	c:\windows\system32\drivers\avgntflt.sys
2014-04-26 01:23 . 2014-04-26 01:23	0	----a-w-	c:\windows\SysWow64\sho4F22.tmp
2014-04-24 22:09 . 2014-04-24 22:09	0	----a-w-	c:\windows\SysWow64\sho6F42.tmp
2014-04-24 00:10 . 2014-04-24 00:10	0	----a-w-	c:\windows\SysWow64\shoB455.tmp
2014-04-21 16:34 . 2014-04-21 16:34	0	----a-w-	c:\windows\SysWow64\sho635D.tmp
2014-04-20 01:14 . 2014-04-20 01:14	0	----a-w-	c:\windows\SysWow64\sho3307.tmp
2014-04-14 18:13 . 2014-04-24 18:29	96168	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-04-11 05:50 . 2012-08-21 04:07	70832	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-04-11 05:50 . 2012-08-21 04:07	692400	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2014-04-07 14:57 . 2012-09-03 19:48	2276144	----a-w-	c:\windows\system32\dmwu.exe
2014-04-07 14:55 . 2012-09-03 19:48	33792	----a-w-	c:\windows\system32\ImHttpComm.dll
2014-04-06 10:24 . 2012-09-03 19:48	829264	----a-w-	c:\windows\system32\msvcr100.dll
2014-04-06 10:24 . 2012-09-03 19:48	608080	----a-w-	c:\windows\system32\msvcp100.dll
2014-04-04 10:27 . 2014-04-04 10:27	0	----a-w-	c:\windows\SysWow64\shoA7B8.tmp
2014-04-02 23:44 . 2014-04-02 23:44	0	----a-w-	c:\windows\SysWow64\sho2158.tmp
2014-04-01 22:33 . 2014-04-01 22:33	0	----a-w-	c:\windows\SysWow64\shoD851.tmp
2014-03-31 19:20 . 2014-03-31 19:20	0	----a-w-	c:\windows\SysWow64\shoBA6F.tmp
2014-03-31 07:35 . 2010-10-01 08:20	270496	------w-	c:\windows\system32\MpSigStub.exe
2014-03-30 11:46 . 2014-03-30 11:46	0	----a-w-	c:\windows\SysWow64\sho6CD9.tmp
2014-03-28 23:36 . 2014-03-28 23:36	0	----a-w-	c:\windows\SysWow64\shoEE41.tmp
2014-03-28 00:00 . 2014-03-28 00:00	0	----a-w-	c:\windows\SysWow64\shoEFA7.tmp
2014-03-21 18:55 . 2014-03-21 18:55	0	----a-w-	c:\windows\SysWow64\sho2764.tmp
2014-03-18 23:57 . 2014-03-18 23:57	0	----a-w-	c:\windows\SysWow64\shoCDAC.tmp
2014-03-18 19:59 . 2014-03-18 19:59	0	----a-w-	c:\windows\SysWow64\shoEC1B.tmp
2014-03-18 11:23 . 2014-03-18 11:23	0	----a-w-	c:\windows\SysWow64\sho6164.tmp
2014-03-18 08:19 . 2014-03-18 08:19	0	----a-w-	c:\windows\SysWow64\sho272.tmp
2014-03-17 11:21 . 2014-03-17 11:21	0	----a-w-	c:\windows\SysWow64\shoDBE2.tmp
2014-03-17 01:21 . 2014-03-17 01:21	0	----a-w-	c:\windows\SysWow64\sho28E.tmp
2014-03-13 23:57 . 2014-03-13 23:57	0	----a-w-	c:\windows\SysWow64\shoC046.tmp
2014-03-08 04:06 . 2014-04-10 13:02	10926592	----a-w-	c:\windows\system32\ieframe.dll
2014-03-08 03:49 . 2014-04-10 13:02	2334720	----a-w-	c:\windows\system32\jscript9.dll
2014-03-08 03:41 . 2014-04-10 13:02	1347072	----a-w-	c:\windows\system32\urlmon.dll
2014-03-08 03:40 . 2014-04-10 13:02	1392128	----a-w-	c:\windows\system32\wininet.dll
2014-03-08 03:39 . 2014-04-10 13:02	1494528	----a-w-	c:\windows\system32\inetcpl.cpl
2014-03-08 03:38 . 2014-04-10 13:02	237056	----a-w-	c:\windows\system32\url.dll
2014-03-08 03:37 . 2014-04-10 13:02	85504	----a-w-	c:\windows\system32\jsproxy.dll
2014-03-08 03:34 . 2014-04-10 13:02	173056	----a-w-	c:\windows\system32\ieUnatt.exe
2014-03-08 03:34 . 2014-04-10 13:02	816640	----a-w-	c:\windows\system32\jscript.dll
2014-03-08 03:33 . 2014-04-10 13:02	599040	----a-w-	c:\windows\system32\vbscript.dll
2014-03-08 03:32 . 2014-04-10 13:02	729088	----a-w-	c:\windows\system32\msfeeds.dll
2014-03-08 03:32 . 2014-04-10 13:02	2147840	----a-w-	c:\windows\system32\iertutil.dll
2014-03-08 03:24 . 2014-04-10 13:02	248320	----a-w-	c:\windows\system32\ieui.dll
2014-03-07 23:12 . 2014-04-10 13:02	1806848	----a-w-	c:\windows\SysWow64\jscript9.dll
2014-03-07 23:02 . 2014-04-10 13:02	1427968	----a-w-	c:\windows\SysWow64\inetcpl.cpl
2014-03-07 23:02 . 2014-04-10 13:02	1129472	----a-w-	c:\windows\SysWow64\wininet.dll
2014-03-07 22:57 . 2014-04-10 13:02	142848	----a-w-	c:\windows\SysWow64\ieUnatt.exe
2014-03-07 22:56 . 2014-04-10 13:02	421376	----a-w-	c:\windows\SysWow64\vbscript.dll
2014-03-06 14:03 . 2014-03-06 14:03	0	----a-w-	c:\windows\SysWow64\shoCA96.tmp
2014-03-06 02:32 . 2014-03-06 02:32	0	----a-w-	c:\windows\SysWow64\shoE43C.tmp
2014-03-05 02:31 . 2014-03-05 02:31	0	----a-w-	c:\windows\SysWow64\shoA355.tmp
2014-03-04 09:44 . 2014-04-10 12:33	362496	----a-w-	c:\windows\system32\wow64win.dll
2014-03-04 09:44 . 2014-04-10 12:33	243712	----a-w-	c:\windows\system32\wow64.dll
2014-03-04 09:44 . 2014-04-10 12:33	13312	----a-w-	c:\windows\system32\wow64cpu.dll
2014-03-04 09:44 . 2014-04-10 12:33	16384	----a-w-	c:\windows\system32\ntvdm64.dll
2014-03-04 09:44 . 2014-04-10 12:33	1163264	----a-w-	c:\windows\system32\kernel32.dll
2014-03-04 09:17 . 2014-04-10 12:33	14336	----a-w-	c:\windows\SysWow64\ntvdm64.dll
2014-03-04 09:17 . 2014-04-10 12:33	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2014-03-04 09:16 . 2014-04-10 12:33	25600	----a-w-	c:\windows\SysWow64\setup16.exe
2014-03-04 09:16 . 2014-04-10 12:33	5120	----a-w-	c:\windows\SysWow64\wow32.dll
2014-03-04 08:09 . 2014-04-10 12:33	7680	----a-w-	c:\windows\SysWow64\instnm.exe
2014-03-04 08:09 . 2014-04-10 12:33	2048	----a-w-	c:\windows\SysWow64\user.exe
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}]
2011-05-09 09:49	176936	----a-w-	c:\program files (x86)\DVDVideoSoftTB_DE\prxtbDVDV.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{0cc09160-108c-4759-bab1-5c12c216e005}]
2011-05-09 09:49	176936	----a-w-	c:\program files (x86)\appbario8\prxtbappb.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}]
2014-04-11 02:07	513648	----a-w-	c:\program files (x86)\SupTab\SupTab.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}]
2013-01-23 12:24	247704	----a-w-	c:\program files (x86)\Delta\delta\1.8.10.0\bh\delta.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}]
2013-10-22 19:18	277560	----a-w-	c:\program files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}"= "c:\program files (x86)\DVDVideoSoftTB_DE\prxtbDVDV.dll" [2011-05-09 176936]
"{0cc09160-108c-4759-bab1-5c12c216e005}"= "c:\program files (x86)\appbario8\prxtbappb.dll" [2011-05-09 176936]
"{82E1477C-B154-48D3-9891-33D83C26BCD3}"= "c:\program files (x86)\Delta\delta\1.8.10.0\deltaTlbr.dll" [2013-01-23 321944]
.
[HKEY_CLASSES_ROOT\clsid\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}]
.
[HKEY_CLASSES_ROOT\clsid\{0cc09160-108c-4759-bab1-5c12c216e005}]
.
[HKEY_CLASSES_ROOT\clsid\{82e1477c-b154-48d3-9891-33d83c26bcd3}]
[HKEY_CLASSES_ROOT\delta.deltadskBnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}]
[HKEY_CLASSES_ROOT\delta.deltadskBnd]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LightShot"="c:\users\\AppData\Local\Skillbrains\lightshot\LightShot.exe" [2012-02-02 195072]
"EADM"="c:\program files (x86)\Origin\Origin.exe" [2014-04-25 3588952]
"Pando Media Booster"="c:\program files (x86)\Pando Networks\Media Booster\PMB.exe" [2013-08-28 4287536]
"NextLive"="c:\users\\AppData\Roaming\newnext.me\nengine.dll" [2013-11-14 1283584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-03-03 284696]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-09-30 98304]
"starter4g"="c:\windows\starter4g.exe" [2011-03-30 160424]
"Iminent"="c:\program files (x86)\Iminent\Iminent.exe" [2013-01-25 1074736]
"IminentMessenger"="c:\program files (x86)\Iminent\Iminent.Messengers.exe" [2013-01-25 884784]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2014-05-27 737872]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"mobilegeni daemon"="c:\program files (x86)\Mobogenie\DaemonProcess.exe" [2014-02-28 775872]
"BlueStacks Agent"="c:\program files (x86)\BlueStacks\HD-Agent.exe" [2013-06-19 601928]
.
c:\users\\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.4.1.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2012-8-13 1199104]
tbhcn.lnk - c:\users\\AppData\Roaming\BrowserCompanion\tbhcn.exe -interval=10 -IEhome=0 -IEsearch=0 -FFhome=0 -FFsearch=0 -CHhome=0 -CHsearch=0 -pubId=ginyas_377 -affId=g377_sfexp_de [2012-7-2 695448]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
IML.lnk - c:\windows\System32\iml.vbs [2010-5-21 4472]
IML64.lnk - c:\windows\SysWOW64\iml.vbs [2010-5-21 4472]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
.
R2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.exe;c:\program files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 dealplylive;DealPly Live-Dienst (dealplylive);c:\program files (x86)\DealPlyLive\Update\DealPlyLive.exe;c:\program files (x86)\DealPlyLive\Update\DealPlyLive.exe [x]
R2 IePluginService;IePlugin Service;c:\programdata\IePluginService\PluginService.exe;c:\programdata\IePluginService\PluginService.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 Web Assistant;Web Assistant;c:\program files\Web Assistant\ExtensionUpdaterService.exe;c:\program files\Web Assistant\ExtensionUpdaterService.exe [x]
R2 Wpm;Wpm Service;c:\programdata\WPM\wprotectmanager.exe;c:\programdata\WPM\wprotectmanager.exe [x]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
R3 cmnsusbser;Mobile Connector USB Device for Legacy Serial Communication LCT2053s;c:\windows\system32\DRIVERS\cmnsusbser.sys;c:\windows\SYSNATIVE\DRIVERS\cmnsusbser.sys [x]
R3 dealplylivem;DealPly Live-Dienst (dealplylivem);c:\program files (x86)\DealPlyLive\Update\DealPlyLive.exe;c:\program files (x86)\DealPlyLive\Update\DealPlyLive.exe [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 netr7364;RT73 USB-Drahtlos-LAN-Kartentreiber für Vista;c:\windows\system32\DRIVERS\netr7364.sys;c:\windows\SYSNATIVE\DRIVERS\netr7364.sys [x]
R3 RTL8187B;Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\rtl8187B.sys;c:\windows\SYSNATIVE\DRIVERS\rtl8187B.sys [x]
R3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 X6va009;X6va009;c:\windows\SysWOW64\Drivers\X6va009;c:\windows\SysWOW64\Drivers\X6va009 [x]
R3 X6va010;X6va010;c:\windows\SysWOW64\Drivers\X6va010;c:\windows\SysWOW64\Drivers\X6va010 [x]
R3 X6va011;X6va011;c:\windows\SysWOW64\Drivers\X6va011;c:\windows\SysWOW64\Drivers\X6va011 [x]
R3 X6va014;X6va014;c:\windows\SysWOW64\Drivers\X6va014;c:\windows\SysWOW64\Drivers\X6va014 [x]
R3 X6va015;X6va015;c:\windows\SysWOW64\Drivers\X6va015;c:\windows\SysWOW64\Drivers\X6va015 [x]
R3 X6va016;X6va016;c:\windows\SysWOW64\Drivers\X6va016;c:\windows\SysWOW64\Drivers\X6va016 [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 BstHdAndroidSvc;BlueStacks Android Service;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android [x]
S2 BstHdDrv;BlueStacks Hypervisor;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [x]
S2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 IBUpdaterService;IBUpdaterService;c:\windows\system32\dmwu.exe;c:\windows\SYSNATIVE\dmwu.exe [x]
S2 lxbk_device;lxbk_device;c:\windows\system32\lxbkcoms.exe;c:\windows\SYSNATIVE\lxbkcoms.exe [x]
S2 NIS;Norton Internet Security;c:\program files (x86)\Norton Internet Security\Engine\18.0.0.128\ccSvcHst.exe;c:\program files (x86)\Norton Internet Security\Engine\18.0.0.128\ccSvcHst.exe [x]
S2 Re-markit;Re-markit;c:\program files (x86)\Re-markit-soft\Re-markit155.exe;c:\program files (x86)\Re-markit-soft\Re-markit155.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S2 SProtection;SProtection;c:\program files (x86)\Common Files\Umbrella\umbrella.exe;c:\program files (x86)\Common Files\Umbrella\umbrella.exe [x]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe;c:\program files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 WajamUpdaterV3;WajamUpdaterV3;c:\program files (x86)\Wajam\Updater\WajamUpdaterV3.exe;c:\program files (x86)\Wajam\Updater\WajamUpdaterV3.exe [x]
S2 winzipersvc;WinZiper service;c:\program files (x86)\WinZipper\winzipersvc.exe;c:\program files (x86)\WinZipper\winzipersvc.exe [x]
S2 WTGService;WTGService;c:\program files (x86)\XSManager\WTGService.exe;c:\program files (x86)\XSManager\WTGService.exe [x]
S2 XS Stick Service;XS Stick Service;c:\windows\service4g.exe;c:\windows\service4g.exe [x]
S3 Apowersoft_AudioDevice;Apowersoft_AudioDevice;c:\windows\system32\drivers\Apowersoft_AudioDevice.sys;c:\windows\SYSNATIVE\drivers\Apowersoft_AudioDevice.sys [x]
S3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe;c:\program files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 RTL8192cu;Surf Wireless Micro USB Adapter;c:\windows\system32\DRIVERS\RTL8192cu.sys;c:\windows\SYSNATIVE\DRIVERS\RTL8192cu.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys;c:\program files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2014-04-11 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-15 05:50]
.
2013-10-28 c:\windows\Tasks\DealPlyLiveUpdateTaskMachineCore.job
- c:\program files (x86)\DealPlyLive\Update\DealPlyLive.exe [2013-10-28 14:08]
.
2014-02-28 c:\windows\Tasks\Feven Pro 1.2-chromeinstaller.job
- c:\program files (x86)\Feven Pro 1.2\Feven Pro 1.2-chromeinstaller.exe [2014-02-28 14:46]
.
2014-05-11 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1000Core1cf6cdd52a1ae5.job
- c:\users\\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-21 08:34]
.
2013-09-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1000UA.job
- c:\users\\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-21 08:34]
.
2014-05-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1001Core1cf71ac260e523e.job
- c:\users\Elvira\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-21 13:16]
.
2013-09-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1001UA.job
- c:\users\Elvira\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-21 13:16]
.
2014-05-11 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1002Core1cf6cf59b1b4d7c.job
- c:\users\Martina\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-21 13:25]
.
2013-09-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1002UA.job
- c:\users\Martina\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-21 13:25]
.
2014-02-28 c:\windows\Tasks\HQ-Video-Profession-1.3-chromeinstaller.job
- c:\program files (x86)\HQ-Video-Profession-1.3\HQ-Video-Profession-1.3-chromeinstaller.exe [2014-02-28 14:40]
.
2014-02-28 c:\windows\Tasks\HQ-Video-Profession-1.3-codedownloader.job
- c:\program files (x86)\HQ-Video-Profession-1.3\HQ-Video-Profession-1.3-codedownloader.exe [2014-02-28 14:40]
.
2014-02-28 c:\windows\Tasks\HQ-Video-Profession-1.3-enabler.job
- c:\program files (x86)\HQ-Video-Profession-1.3\HQ-Video-Profession-1.3-enabler.exe [2014-02-28 14:41]
.
2014-02-28 c:\windows\Tasks\HQ-Video-Profession-1.3-firefoxinstaller.job
- c:\program files (x86)\HQ-Video-Profession-1.3\HQ-Video-Profession-1.3-firefoxinstaller.exe [2014-02-28 14:40]
.
2014-02-28 c:\windows\Tasks\HQ-Video-Profession-1.3-updater.job
- c:\program files (x86)\HQ-Video-Profession-1.3\HQ-Video-Profession-1.3-updater.exe [2014-02-28 14:41]
.
2014-02-28 c:\windows\Tasks\Re-markit Update.job
- c:\program files (x86)\Re-markit-soft\ReMar.exe [2014-02-28 14:37]
.
2014-02-28 c:\windows\Tasks\Re-markit_wd.job
- c:\program files (x86)\Re-markit-soft\Re-markit_wd.exe [2014-02-28 14:37]
.
2013-09-15 c:\windows\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013.job
- c:\program files (x86)\TuneUp Utilities 2013\OneClick.exe [2012-09-19 10:27]
.
2013-09-06 c:\windows\Tasks\update-S-1-5-21-2465613748-4109621216-2680054910-1000.job
- c:\program files (x86)\Skillbrains\Updater\Updater.exe [2012-07-22 22:26]
.
2013-09-06 c:\windows\Tasks\update-S-1-5-21-2465613748-4109621216-2680054910-1003.job
- c:\program files (x86)\Skillbrains\Updater\Updater.exe [2012-07-22 22:26]
.
2013-09-06 c:\windows\Tasks\update-sys.job
- c:\program files (x86)\Skillbrains\Updater\Updater.exe [2012-07-22 22:26]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{11111111-1111-1111-1111-110511161182}]
2014-02-28 14:47	673792	----a-w-	c:\program files (x86)\Feven Pro 1.2\Feven Pro 1.2-bho64.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}]
2013-10-22 19:18	336952	----a-w-	c:\program files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-07-23 161304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-07-23 386584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-07-23 415256]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-09-03 11464296]
"lxbkbmgr.exe"="c:\program files (x86)\Lexmark X1100 Series\lxbkbmgr.exe" [2008-02-28 74408]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
mDefault_Search_URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1392503296&from=smt&uid=SAMSUNGXHD103SI_S1VSJD1ZB14888&q={searchTerms}
mDefault_Page_URL = about:blank
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://www.awesomehp.com/web/?type=ds&ts=1392503296&from=smt&uid=SAMSUNGXHD103SI_S1VSJD1ZB14888&q={searchTerms}
uInternet Settings,ProxyServer = http=127.0.0.1:13828
uSearchAssistant = hxxp://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=0303b1af-65fc-46f7-982c-da10521eeb0f&searchtype=ds&q={searchTerms}&installDate=21/04/2013
IE: Free YouTube Download - c:\users\\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm
IE: Free YouTube to MP3 Converter - c:\program files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm
IE: {{A69A551A-1AAE-4B67-8C2E-52F8B8A19504} - {A69A551A-1AAE-4B67-8C2E-52F8B8A19504} - c:\program files (x86)\SpecialSavings\SpecialSavingsSinged.dll
IE: {{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - c:\program files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
TCP: DhcpNameServer = 192.168.2.1
Handler: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - 
Handler: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - 
Handler: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - 
FF - ProfilePath - c:\users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3227982&SearchSource=3&q={searchTerms}
FF - user.js: extensions.incredibar_i.newTab - false
FF - user.js: extensions.incredibar_i.tlbrSrchUrl - hxxp://mystart.Incredibar.com/?a=6R8BbEiZzb&loc=IB_TB&i=26&search=
FF - user.js: extensions.incredibar_i.id - 88084d330000000000001c6f6549ce08
FF - user.js: extensions.incredibar_i.instlDay - 15557
FF - user.js: extensions.incredibar_i.vrsn - 1.5.11.14
FF - user.js: extensions.incredibar_i.vrsni - 1.5.11.14
FF - user.js: extensions.incredibar_i.vrsnTs - 1.5.11.1421:47
FF - user.js: extensions.incredibar_i.prtnrId - Incredibar
FF - user.js: extensions.incredibar_i.prdct - incredibar
FF - user.js: extensions.incredibar_i.aflt - orgnl
FF - user.js: extensions.incredibar_i.smplGrp - none
FF - user.js: extensions.incredibar_i.tlbrId - base
FF - user.js: extensions.incredibar_i.instlRef - 
FF - user.js: extensions.incredibar_i.dfltLng - 
FF - user.js: extensions.incredibar_i.excTlbr - false
FF - user.js: extensions.incredibar_i.ms_url_id - 
FF - user.js: extensions.incredibar_i.upn2 - 6R8BbEiZzb
FF - user.js: extensions.incredibar_i.upn2n - 92824830072188233
FF - user.js: extensions.incredibar_i.productid - 26
FF - user.js: extensions.incredibar_i.installerproductid - 26
FF - user.js: extensions.incredibar_i.did - 10657
FF - user.js: extensions.incredibar_i.ppd - 
FF - user.js: extensions.delta.tlbrSrchUrl - 
FF - user.js: extensions.delta.id - 88084d330000000000001c6f6549ce08
FF - user.js: extensions.delta.appId - {C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
FF - user.js: extensions.delta.instlDay - 15748
FF - user.js: extensions.delta.vrsn - 1.8.10.0
FF - user.js: extensions.delta.vrsni - 1.8.10.0
FF - user.js: extensions.delta.vrsnTs - 1.8.10.020:37
FF - user.js: extensions.delta.prtnrId - delta
FF - user.js: extensions.delta.prdct - delta
FF - user.js: extensions.delta.aflt - babsst
FF - user.js: extensions.delta.smplGrp - none
FF - user.js: extensions.delta.tlbrId - base
FF - user.js: extensions.delta.instlRef - sst
FF - user.js: extensions.delta.dfltLng - en
FF - user.js: extensions.delta.excTlbr - false
FF - user.js: extensions.delta.admin - false
FF - user.js: extensions.delta.autoRvrt - false
FF - user.js: extensions.delta.rvrt - false
FF - user.js: extensions.delta.newTab - false
FF - user.js: extensions.autoDisableScopes - 0
FF - user.js: extensions.shownSelectionUI - true
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
BHO-{00cbb66b-1d3b-46d3-9577-323a336acb50} - c:\program files (x86)\BrowserCompanion\jsloader.dll
BHO-{11111111-1111-1111-1111-110511151178} - c:\program files (x86)\HQ-Video-Profession-1.3\HQ-Video-Profession-1.3-bho.dll
BHO-{1631550F-191D-4826-B069-D9439253D926} - c:\program files (x86)\PriceGong\2.6.4\PriceGongIE.dll
BHO-{336D0C35-8A85-403a-B9D2-65C292C39087} - c:\program files\Web Assistant\Extension32.dll
BHO-{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} - c:\program files (x86)\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll
BHO-{9cf699ca-2174-4ed8-bec1-ba82095edce0} - c:\program files (x86)\DealPly\DealPlyIE.dll
BHO-{C1ED9DA0-AFD0-4b90-AC6A-D3874F591014} - c:\progra~2\SEARCH~1\Datamngr\BROWSE~1.DLL
BHO-{f34c9277-6577-4dff-b2d7-7d58092f272f} - c:\progra~2\SEARCH~1\Datamngr\SRTOOL~1\searchresultsDx.dll
Toolbar-Locked - (no file)
Toolbar-{F9639E4A-801B-4843-AEE3-03D9DA199E77} - c:\program files (x86)\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll
Toolbar-{f34c9277-6577-4dff-b2d7-7d58092f272f} - c:\progra~2\SEARCH~1\Datamngr\SRTOOL~1\searchresultsDx.dll
Toolbar-10 - (no file)
Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
Toolbar-Locked - (no file)
Toolbar-10 - (no file)
WebBrowser-{0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF} - (no file)
WebBrowser-{09152F0B-739C-4DEC-A245-1AA8A37594F1} - (no file)
WebBrowser-{0CC09160-108C-4759-BAB1-5C12C216E005} - (no file)
AddRemove-BrowserCompanion - c:\program files (x86)\BrowserCompanion\uninstall.exe
AddRemove-DealPly - c:\program files (x86)\DealPly\uninst.exe
AddRemove-Free Audio CD to MP3 Converter_is1 - c:\program files (x86)\Common Files\DVDVideoSoft\Uninstall.exe
AddRemove-IMLock - c:\windows\System32\tnblf.exe
AddRemove-incredibar - c:\program files (x86)\Incredibar.com\incredibar\1.5.11.14\uninstall.exe
AddRemove-PriceGong - c:\program files (x86)\PriceGong\uninst.exe
AddRemove-{E55B3271-7CA8-4D0C-AE06-69A24856E996}_is1 - c:\program files (x86)\Uniblue\SpeedUpMyPC\unins000.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet004\services\NIS]
"ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\18.0.0.128\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files (x86)\Norton Internet Security\Engine\18.0.0.128\diMaster.dll\" /prefetch:1"
.
[HKEY_LOCAL_MACHINE\system\ControlSet004\services\X6va009]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va009"
.
[HKEY_LOCAL_MACHINE\system\ControlSet004\services\X6va010]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va010"
.
[HKEY_LOCAL_MACHINE\system\ControlSet004\services\X6va011]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va011"
.
[HKEY_LOCAL_MACHINE\system\ControlSet004\services\X6va014]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va014"
.
[HKEY_LOCAL_MACHINE\system\ControlSet004\services\X6va015]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va015"
.
[HKEY_LOCAL_MACHINE\system\ControlSet004\services\X6va016]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va016"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\BlueStacks]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\system\ControlSet004\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet004\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet004\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet004\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2014-06-01  01:19:31
ComboFix-quarantined-files.txt  2014-05-31 23:19
.
Vor Suchlauf: 18 Verzeichnis(se), 515.986.145.280 Bytes frei
Nach Suchlauf: 21 Verzeichnis(se), 528.170.180.608 Bytes frei
.
- - End Of File - - C3728E84C537515BF5213A78AF73160C
         


Alt 01.06.2014, 11:06   #6
M-K-D-B
/// TB-Ausbilder
 
WINDOWS 7 kommen ständig PopUps usw... - Standard

WINDOWS 7 kommen ständig PopUps usw...



Gut gemacht.

Hier noch kurz ein wichtiger Hinweis zu deinen AV-Programmen:

Mehrere Anti-Virus-Programme

Code:
ATTFilter
Norton
Avira
         
Mir ist aufgefallen, dass Du mehr als ein Anti-Virus-Programm mit Hintergrundwächter laufen hast. Das ist gefährlich, da sich die Programme in die Quere kommen können und dadurch Viren erst recht auf dem Rechner landen können. Ausserdem bremst es auch das System aus. Entscheide Dich für eine Variante und deinstalliere die andere über Systemsteuerung => Software.
Berichte, für welches Anti-Virus-Programm Du Dich entschieden hast.

Zitat:
Speedy hat letztens eine einleuchtende Erklärung dazu geliefert: "Man stelle sich einen Torwart vor, der das Tor hüten soll (Anti-Virus-Programm), der Ball kommt angeflogen (Virus), der Torhüter konzentriert sich auf den Ball und fängt ihn. Jetzt stelle Dir zwei Torhüter im Tor vor ...., die knallen aneinander und der Ball kann ungehindert ins Tor wandern."


Und so geht es weiter:



Schritt 1
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).





Schritt 2

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.






Schritt 3
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.







Schritt 4
Bitte deaktiviere dein Anti-Viren-Programm, da es das Ergebnis beeinflussen oder ggf. die Bereinigung stören kann.
Bitte lade dir zoek.exe von hier: http://hijackthis.nl/smeenk/ und speichere die Datei auf deinem Desktop.
  • Starte Zoek.exe mit einem Doppelklick.
  • Achtung: Das folgende Skript wurde nur für diesen speziellen Fall geschrieben und könnte andere Computer beschädigen.
  • Kopiere den Text der folgenden Box in das Skriptfenster von zoek:
    Code:
    ATTFilter
    iedefaults;
    resetIEproxy;
    FFdefaults;
    CHRdefaults;
    emptyclsid;
    autoclean;
             
  • Nun klicke auf "Run script" und sei geduldig bis das Skript durchgelaufen ist.
  • Wenn das Tool fertig ist, wird sich Notepad mit der Logdatei öffnen (ggf. erst nach einem Neustart). Das Log befindet sich aber auch noch unter c:\ .
  • Bitte poste mir das ZOEK-Log (möglichst in CODE-Tags - #-Symbol im Antwortfenster klicken).





Schritt 5
  • Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Scan.
  • FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.






Bitte poste mit deiner nächsten Antwort
  • die Logdatei von AdwCleaner,
  • die Logdatei von JRT,
  • die Logdatei von MBAM,
  • die Logdatei von Zoek,
  • die beiden neuen Logdateien von FRST.
__________________
--> WINDOWS 7 kommen ständig PopUps usw...

Alt 02.06.2014, 01:25   #7
Jackson11
 
WINDOWS 7 kommen ständig PopUps usw... - Standard

WINDOWS 7 kommen ständig PopUps usw...



Hi,
habe mich für AntiVir entschieden und Norton deinstalliert.
Kann die Logs nicht senden, da sie zu gross sind, leider

JRT:

Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by  on 01.06.2014 at 21:57:23,48
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\wnlt
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2465613748-4109621216-2680054910-1000\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2465613748-4109621216-2680054910-1000\Software\wajam
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2465613748-4109621216-2680054910-1000\Software\web assistant
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\dealplylive
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim
Successfully deleted: [Registry Key] HKEY_USERS\.DEFAULT\Software\bProtector
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011501160}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011501160}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\apnstub_RASDLG
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{2233C3F4-E3B3-4C3F-BFEE-D89A63D6FEE4}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{27433C8B-14CF-4B32-8783-43F982AF9813}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{8BA3C05B-6624-4F7B-8CEC-7B1D1EBA0142}



~~~ Files

Successfully deleted: [File] "C:\Users\\appdata\local\google\chrome\user data\default\local storage\http_start.iminent.com_0.localstorage"
Successfully deleted: [File] "C:\Users\\appdata\local\google\chrome\user data\default\local storage\http_start.iminent.com_0.localstorage-journal"
Successfully deleted: [File] "C:\Users\\appdata\locallow\SkwConfig.bin"
Successfully deleted: [File] "C:\Users\\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\speedupmypc.lnk"
Successfully deleted: [File] C:\Windows\syswow64\sho1884.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho1E37.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho2158.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho272.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho2764.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho28E.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho3307.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho37D5.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho4BFC.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho4F22.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho5E4E.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho6040.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho6164.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho635D.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho6CD9.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho6F42.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho70E7.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho75BE.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho8A22.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho93F.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoA355.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoA3B.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoA7B8.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoB455.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoBA6F.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoBB49.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoC046.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoC863.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoCA96.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoCDAC.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoD12E.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoD851.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoDBE2.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoE10C.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoE14A.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoE226.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoE43C.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoEC1B.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoEE41.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoEFA7.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoF15F.tmp



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\apn"
Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"
Successfully deleted: [Folder] "C:\Program Files (x86)\wiseconvert"



~~~ FireFox

Successfully deleted: [File] C:\user.js
Emptied folder: C:\Users\\AppData\Roaming\mozilla\firefox\profiles\3elvxd57.default\minidumps [161 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 01.06.2014 at 22:07:59,82
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
mbam:

Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 01.06.2014
Suchlauf-Zeit: 22:37:16
Logdatei: mbam.txt
Administrator: Ja

Version: 2.00.2.1012
Malware Datenbank: v2014.03.04.09
Rootkit Datenbank: v2014.05.21.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Self-protection: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: 

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 326634
Verstrichene Zeit: 17 Min, 19 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 0
(No malicious items detected)

Registrierungswerte: 0
(No malicious items detected)

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 0
(No malicious items detected)

Dateien: 0
(No malicious items detected)

Physische Sektoren: 0
(No malicious items detected)


(end)
         
ZOEK:

Code:
ATTFilter
Zoek.exe v5.0.0.0 Updated 22-05-2014
Tool run by  on 01.06.2014 at 22:59:26,92.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\\Desktop\zoek.exe [Scan all users] [Script inserted] 

==== System Restore Info ======================

01.06.2014 23:02:05 Zoek.exe System Restore Point Created Succesfully.

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1002-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00CBB66B-1D3B-46D3-9577-323A336ACB50} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00CBB66B-1D3B-46D3-9577-323A336ACB50} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1002-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00CBB66B-1D3B-46D3-9577-323A336ACB50} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00CBB66B-1D3B-46D3-9577-323A336ACB50} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00CBB66B-1D3B-46D3-9577-323A336ACB50} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00CBB66B-1D3B-46D3-9577-323A336ACB50} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{00CBB66B-1D3B-46D3-9577-323A336ACB50} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{00CBB66B-1D3B-46D3-9577-323A336ACB50} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{00CBB66B-1D3B-46D3-9577-323A336ACB50} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{00CBB66B-1D3B-46D3-9577-323A336ACB50} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1631550F-191D-4826-B069-D9439253D926} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1631550F-191D-4826-B069-D9439253D926} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1002-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1631550F-191D-4826-B069-D9439253D926} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1631550F-191D-4826-B069-D9439253D926} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1631550F-191D-4826-B069-D9439253D926} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1631550F-191D-4826-B069-D9439253D926} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1631550F-191D-4826-B069-D9439253D926} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1631550F-191D-4826-B069-D9439253D926} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1631550F-191D-4826-B069-D9439253D926} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1631550F-191D-4826-B069-D9439253D926} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{74F475FA-6C75-43BD-AAB9-ECDA6184F600} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{74F475FA-6C75-43BD-AAB9-ECDA6184F600} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1002-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{74F475FA-6C75-43BD-AAB9-ECDA6184F600} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{74F475FA-6C75-43BD-AAB9-ECDA6184F600} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{74F475FA-6C75-43BD-AAB9-ECDA6184F600} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{74F475FA-6C75-43BD-AAB9-ECDA6184F600} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{74F475FA-6C75-43BD-AAB9-ECDA6184F600} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{74F475FA-6C75-43BD-AAB9-ECDA6184F600} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{74F475FA-6C75-43BD-AAB9-ECDA6184F600} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{74F475FA-6C75-43BD-AAB9-ECDA6184F600} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{963B125B-8B21-49A2-A3A8-E37092276531} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{963B125B-8B21-49A2-A3A8-E37092276531} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1002-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{963B125B-8B21-49A2-A3A8-E37092276531} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{963B125B-8B21-49A2-A3A8-E37092276531} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{963B125B-8B21-49A2-A3A8-E37092276531} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{963B125B-8B21-49A2-A3A8-E37092276531} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{963B125B-8B21-49A2-A3A8-E37092276531} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{963B125B-8B21-49A2-A3A8-E37092276531} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{963B125B-8B21-49A2-A3A8-E37092276531} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{963B125B-8B21-49A2-A3A8-E37092276531} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1ED9DA0-AFD0-4B90-AC6A-D3874F591014} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1ED9DA0-AFD0-4B90-AC6A-D3874F591014} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1002-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1ED9DA0-AFD0-4B90-AC6A-D3874F591014} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1ED9DA0-AFD0-4B90-AC6A-D3874F591014} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1ED9DA0-AFD0-4B90-AC6A-D3874F591014} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1ED9DA0-AFD0-4B90-AC6A-D3874F591014} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1ED9DA0-AFD0-4B90-AC6A-D3874F591014} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1ED9DA0-AFD0-4B90-AC6A-D3874F591014} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1ED9DA0-AFD0-4B90-AC6A-D3874F591014} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1ED9DA0-AFD0-4B90-AC6A-D3874F591014} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F34C9277-6577-4DFF-B2D7-7D58092F272F} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F34C9277-6577-4DFF-B2D7-7D58092F272F} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1002-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F34C9277-6577-4DFF-B2D7-7D58092F272F} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F34C9277-6577-4DFF-B2D7-7D58092F272F} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F34C9277-6577-4DFF-B2D7-7D58092F272F} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F34C9277-6577-4DFF-B2D7-7D58092F272F} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F34C9277-6577-4DFF-B2D7-7D58092F272F} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F34C9277-6577-4DFF-B2D7-7D58092F272F} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F34C9277-6577-4DFF-B2D7-7D58092F272F} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F34C9277-6577-4DFF-B2D7-7D58092F272F} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1002-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9cf699ca-2174-4ed8-bec1-ba82095edce0} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9cf699ca-2174-4ed8-bec1-ba82095edce0} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9cf699ca-2174-4ed8-bec1-ba82095edce0} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9cf699ca-2174-4ed8-bec1-ba82095edce0} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9cf699ca-2174-4ed8-bec1-ba82095edce0} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9cf699ca-2174-4ed8-bec1-ba82095edce0} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9cf699ca-2174-4ed8-bec1-ba82095edce0} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9cf699ca-2174-4ed8-bec1-ba82095edce0} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110511151178} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110511151178} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110511151178} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110511151178} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110511151178} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110511151178} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110511151178} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110511151178} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{09152F0B-739C-4DEC-A245-1AA8A37594F1} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{09152F0B-739C-4DEC-A245-1AA8A37594F1} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\Approved Extensions\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Approved Extensions\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1002-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\Approved Extensions\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Approved Extensions\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\Approved Extensions\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Approved Extensions\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\Approved Extensions\{00CBB66B-1D3B-46D3-9577-323A336ACB50} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Approved Extensions\{00CBB66B-1D3B-46D3-9577-323A336ACB50} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1002-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\Approved Extensions\{00CBB66B-1D3B-46D3-9577-323A336ACB50} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Approved Extensions\{00CBB66B-1D3B-46D3-9577-323A336ACB50} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\Approved Extensions\{1631550F-191D-4826-B069-D9439253D926} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Approved Extensions\{1631550F-191D-4826-B069-D9439253D926} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1002-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\Approved Extensions\{1631550F-191D-4826-B069-D9439253D926} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Approved Extensions\{1631550F-191D-4826-B069-D9439253D926} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\Approved Extensions\{74F475FA-6C75-43BD-AAB9-ECDA6184F600} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Approved Extensions\{74F475FA-6C75-43BD-AAB9-ECDA6184F600} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1002-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\Approved Extensions\{74F475FA-6C75-43BD-AAB9-ECDA6184F600} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Approved Extensions\{74F475FA-6C75-43BD-AAB9-ECDA6184F600} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\Approved Extensions\{963B125B-8B21-49A2-A3A8-E37092276531} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Approved Extensions\{963B125B-8B21-49A2-A3A8-E37092276531} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1002-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\Approved Extensions\{963B125B-8B21-49A2-A3A8-E37092276531} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Approved Extensions\{963B125B-8B21-49A2-A3A8-E37092276531} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\Approved Extensions\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Approved Extensions\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\Approved Extensions\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Approved Extensions\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{09152F0B-739C-4DEC-A245-1AA8A37594F1} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{09152F0B-739C-4DEC-A245-1AA8A37594F1} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{09152F0B-739C-4DEC-A245-1AA8A37594F1} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{09152F0B-739C-4DEC-A245-1AA8A37594F1} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1002-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{09152F0B-739C-4DEC-A245-1AA8A37594F1} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{09152F0B-739C-4DEC-A245-1AA8A37594F1} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1000\Software\Mozilla\Firefox\Extensions\{95818252-7aac-4b4b-b6db-2fedbc9902a4} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Mozilla\Firefox\Extensions\{95818252-7aac-4b4b-b6db-2fedbc9902a4} deleted successfully

==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\Elvira\AppData\Roaming\Mozilla\Firefox\Profiles\2aglban5.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.search.selectedEngine", "Google");

Added to C:\Users\Elvira\AppData\Roaming\Mozilla\Firefox\Profiles\2aglban5.default\prefs.js:
user_pref("browser.startup.homepage", "hxxp://www.google.com");
user_pref("browser.search.defaulturl", "hxxp://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "hxxp://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "hxxp://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

Deleted from C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\prefs.js:
user_pref("browser.search.suggest.enabled", false);
user_pref("browser.search.useDBForOrder", true);

Added to C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\prefs.js:

Deleted from C:\Users\JRGEN~1\AppData\Roaming\Mozilla\Firefox\Profiles\kkmo767h.default\prefs.js:

Added to C:\Users\JRGEN~1\AppData\Roaming\Mozilla\Firefox\Profiles\kkmo767h.default\prefs.js:
user_pref("browser.startup.homepage", "hxxp://www.google.com");
user_pref("browser.search.defaulturl", "hxxp://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "hxxp://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "hxxp://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

Deleted from C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\mzwqgr73.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.search.selectedEngine", "Google");

Added to C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\mzwqgr73.default\prefs.js:
user_pref("browser.startup.homepage", "hxxp://www.google.com");
user_pref("browser.search.defaulturl", "hxxp://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "hxxp://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "hxxp://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

ProfilePath: C:\Users\Elvira\AppData\Roaming\Mozilla\Firefox\Profiles\2aglban5.default

user.js not found
---- Lines iminent modified from prefs.js ----

user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}\":{\"descriptor\":\"C:\\\\
---- Lines {336D0C35-8A85-403a-B9D2-65C292C39087} removed from prefs.js ----
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.extensionFirstRun", false);
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.lastExtensionVersion", "2.0.0.478");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_installer_name", "sg_6R8BbEiZzb_active_MB149_MB150_UA-25323614-11_2012-08-05-21-47-15");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_product_name", "Web Assistant");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_product_version", "2.0.0.478");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_temp_installer_name", "sg_6R8BbEiZzb_active_MB149_MB150_UA-25323614-11_2012-08-05-21-47-1
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_toolbarID", "61d26e2cc2bf43fcadaa8f9913cd3125");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_gtQueryParam", "UA-25323614-11");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_redirectQueryParam1", "MB149");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_redirectQueryParam2", "MB150");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_status", "active");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_upn2", "6R8BbEiZzb");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.setdefaultsearch_2.0.0.478", false);
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.setdnscatch_2.0.0.413", false);
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.setdnscatch_2.0.0.478", false);
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.sethomepage_2.0.0.478", false);
---- Lines {F34C9277-6577-4DFF-B2D7-7D58092F272F} modified from prefs.js ----

user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}\":{\"descriptor\":\"C:\\\\
---- FireFox user.js and prefs.js backups ---- 

prefs__2322_.backup

ProfilePath: C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default

user.js not found
---- FireFox user.js and prefs.js backups ---- 

prefs__2322_.backup

ProfilePath: C:\Users\JRGEN~1\AppData\Roaming\Mozilla\Firefox\Profiles\kkmo767h.default

user.js not found
---- Lines iminent modified from prefs.js ----

user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}\":{\"descriptor\":\"C:\\\\
---- Lines {336D0C35-8A85-403a-B9D2-65C292C39087} removed from prefs.js ----
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.extensionFirstRun", false);
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.lastExtensionVersion", "2.0.0.478");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_installer_name", "sg_6R8BbEiZzb_active_MB149_MB150_UA-25323614-11_2012-08-05-21-47-15");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_product_name", "Web Assistant");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_product_version", "2.0.0.478");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_temp_installer_name", "sg_6R8BbEiZzb_active_MB149_MB150_UA-25323614-11_2012-08-05-21-47-1
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_toolbarID", "61d26e2cc2bf43fcadaa8f9913cd3125");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_dailyPing", "true|||1349294965735");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_debugMode", "not set");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_gtQueryParam", "UA-25323614-11");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_installedPing", "true|||8641349208565735");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_lastUpdate", "1349208564739|||8641349208564740");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_redirectQueryParam1", "MB149");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_redirectQueryParam2", "MB150");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_status", "active");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_toolbar_query", "not set");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_upn2", "6R8BbEiZzb");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.setdefaultsearch_2.0.0.458", false);
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.setdefaultsearch_2.0.0.478", false);
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.setdnscatch_2.0.0.413", false);
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.setdnscatch_2.0.0.458", false);
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.setdnscatch_2.0.0.478", false);
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.sethomepage_2.0.0.458", false);
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.sethomepage_2.0.0.478", false);
---- Lines {F34C9277-6577-4DFF-B2D7-7D58092F272F} modified from prefs.js ----

user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}\":{\"descriptor\":\"C:\\\\
---- FireFox user.js and prefs.js backups ---- 

prefs__2322_.backup

ProfilePath: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\mzwqgr73.default

user.js not found
---- Lines iminent modified from prefs.js ----

user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}\":{\"descriptor\":\"C:\\\\
---- Lines {336D0C35-8A85-403a-B9D2-65C292C39087} removed from prefs.js ----
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.extensionFirstRun", false);
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.lastExtensionVersion", "2.0.0.478");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_installer_name", "sg_6R8BbEiZzb_active_MB149_MB150_UA-25323614-11_2012-08-05-21-47-15");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_product_name", "Web Assistant");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_product_version", "2.0.0.478");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_temp_installer_name", "sg_6R8BbEiZzb_active_MB149_MB150_UA-25323614-11_2012-08-05-21-47-1
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_toolbarID", "61d26e2cc2bf43fcadaa8f9913cd3125");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_dailyPing", "true|||1356805844575");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_debugMode", "not set");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_dialogVersion", "not set");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_gtQueryParam", "UA-25323614-11");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_inactive_by_user", "not set");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_installedPing", "true|||8641344928652541");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_lastUpdate", "1356719444546|||8641356719444546");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_redirectQueryParam1", "MB149");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_redirectQueryParam2", "MB150");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_showDialog", "not set");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_showtoaster", "not set");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_status", "active");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_toasterID", "8|||8641356743139572");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_toolbar_query", "not set");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_upn2", "6R8BbEiZzb");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.setdefaultsearch_2.0.0.458", false);
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.setdefaultsearch_2.0.0.478", false);
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.setdnscatch_2.0.0.413", false);
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.setdnscatch_2.0.0.458", false);
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.setdnscatch_2.0.0.478", false);
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.sethomepage_2.0.0.458", false);
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.sethomepage_2.0.0.478", false);
---- Lines {F34C9277-6577-4DFF-B2D7-7D58092F272F} modified from prefs.js ----

user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}\":{\"descriptor\":\"C:\\\\
---- FireFox user.js and prefs.js backups ---- 

prefs__2322_.backup

==== Deleting Files \ Folders ======================

C:\Users\Elvira\AppData\Roaming\Mozilla\Firefox\Profiles\2aglban5.default\extensions\webbooster@iminent.com.xpi not found
C:\Users\Elvira\AppData\Roaming\Mozilla\Firefox\Profiles\2aglban5.default\extensions\{f34c9277-6577-4dff-b2d7-7d58092f272f} not found
C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\extensions\specialsavings@superfish.com not found
C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\extensions\bbrs_002@blabbers.com not found
C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\kkmo767h.default\extensions\webbooster@iminent.com.xpi not found
C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\kkmo767h.default\extensions\{f34c9277-6577-4dff-b2d7-7d58092f272f} not found
C:\Users\\.android deleted
C:\PROGRA~2\Mozilla Firefox\defaults\preferences\autoconfig.js deleted
C:\PROGRA~2\Uninstall Information\ib_uninst_342 deleted
C:\PROGRA~2\Uninstall Information\ib_uninst_343 deleted
C:\PROGRA~2\Uninstall Information\ib_uninst_383 deleted
C:\PROGRA~2\Uninstall Information\ib_uninst_514 deleted
C:\PROGRA~2\Uninstall Information\ib_uninst_569 deleted
C:\PROGRA~2\COMMON~1\DVDVideoSoft\bin deleted
C:\found.000 deleted
C:\Users\\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\iLivid.lnk deleted
C:\PROGRA~3\winiml.dat deleted
C:\Users\Elvira\AppData\Local\avgchrome deleted
C:\Users\\AppData\Local\CRE deleted
C:\Users\\AppData\Local\avgchrome deleted
C:\Users\\AppData\Local\cache deleted
C:\Users\Martina\AppData\Local\avgchrome deleted
C:\Users\JRGEN~1\AppData\Local\avgchrome deleted
C:\windows\SysNative\Tasks\PC Performer Manager deleted
C:\Windows\Installer\{118D6CE9-5F18-42F9-958A-14676A629FDE} deleted
C:\Users\\Downloads\iLividSetup (1).exe deleted
C:\Users\\Downloads\iLividSetup.exe deleted
C:\Users\\Downloads\FreeYouTubeToMP3Converter.exe deleted
C:\Users\Elvira\AppData\LocalLow\iNTERNET_TURBO deleted
C:\Users\Martina\AppData\LocalLow\iNTERNET_TURBO deleted
C:\Users\JRGEN~1\AppData\LocalLow\iNTERNET_TURBO deleted
C:\Windows\Syswow64\InstallUtil.InstallLog deleted
C:\Windows\SysWow64\searchplugins deleted
C:\Windows\SysWow64\Extensions deleted
C:\Users\JRGEN~1\AppData\Roaming\Mozilla\Firefox\Profiles\kkmo767h.default\foxydeal.sqlite deleted
"C:\Windows\Installer\2b47922.msi" deleted
"C:\Users\\AppData\Roaming\Mozilla\Extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}" deleted

==== Firefox Extensions ======================

ProfilePath: C:\Users\Elvira\AppData\Roaming\Mozilla\Firefox\Profiles\2aglban5.default
- Undetermined - C:\Program Files\Web Assistant\Firefox
- DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff

ProfilePath: C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default
- Search Assistant - %ProfilePath%\extensions\{B3834E60-12A8-11E0-A289-939FDFD72085}
- ep - %ProfilePath%\extensions\jid1-0xtMKhXFEs4jIg@jetpack.xpi

ProfilePath: C:\Users\JRGEN~1\AppData\Roaming\Mozilla\Firefox\Profiles\kkmo767h.default
- Undetermined - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\kkmo767h.default\extensions\{f34c9277-6577-4dff-b2d7-7d58092f272f}
- Undetermined - C:\Program Files\Web Assistant\Firefox
- DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
- Undetermined - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\kkmo767h.default\extensions\{2541D29A-DB9E-4c1e-949A-31EFB4AEF4E7}
- Undetermined - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\kkmo767h.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com
- Undetermined - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\kkmo767h.default\extensions\e49d3f99-7c89-4eb4-99f3-ff903e2189b2@5288754a-7a48-41a0-a10f-e98c9ac12040.com
- ProxTube - Gesperrte YouTube Videos entsperren - %ProfilePath%\extensions\{2541D29A-DB9E-4c1e-949A-31EFB4AEF4E7}

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================


==== Chrome Look ======================

Search Assistant - \AppData\Local\Google\Chrome\User Data\Default\Extensions\jfelndikbdcohbdimnhdhhokfljdidgn
MapsGalaxy - JRGEN~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmpoonbkphmkpjmcbgpeoondejnaaic

==== Chrome Fix ======================

C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_bday.conduitapps.com_0.localstorage deleted successfully
C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_bday.conduitapps.com_0.localstorage-journal deleted successfully
C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_hp.search.conduit.com_0.localstorage deleted successfully
C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_hp.search.conduit.com_0.localstorage-journal deleted successfully
C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_youtube.conduitapps.com_0.localstorage deleted successfully
C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_youtube.conduitapps.com_0.localstorage-journal deleted successfully
C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_youtubetop.conduitapps.com_0.localstorage deleted successfully
C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_youtubetop.conduitapps.com_0.localstorage-journal deleted successfully
C:\Users\JRGEN~1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_bday.conduitapps.com_0.localstorage deleted successfully
C:\Users\JRGEN~1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_bday.conduitapps.com_0.localstorage-journal deleted successfully
C:\Users\JRGEN~1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_client.conduit-storage.com_0.localstorage deleted successfully
C:\Users\JRGEN~1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_client.conduit-storage.com_0.localstorage-journal deleted successfully
C:\Users\Elvira\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.incredibar.com_0.localstorage deleted successfully
C:\Users\Elvira\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.incredibar.com_0.localstorage-journal deleted successfully
C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_mystart.incredibar.com_0.localstorage deleted successfully
C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_mystart.incredibar.com_0.localstorage-journal deleted successfully
C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.incredibar.com_0.localstorage deleted successfully
C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.incredibar.com_0.localstorage-journal deleted successfully
C:\Users\JRGEN~1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_mystart.incredibar.com_0.localstorage deleted successfully
C:\Users\JRGEN~1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_mystart.incredibar.com_0.localstorage-journal deleted successfully
C:\Users\JRGEN~1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.incredibar.com_0.localstorage deleted successfully
C:\Users\JRGEN~1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.incredibar.com_0.localstorage-journal deleted successfully
C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_dvdvideosofttbde.ourtoolbar.com_0.localstorage deleted successfully
C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_dvdvideosofttbde.ourtoolbar.com_0.localstorage-journal deleted successfully
C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_internetturbo.ourtoolbar.com_0.localstorage deleted successfully
C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_internetturbo.ourtoolbar.com_0.localstorage-journal deleted successfully
C:\Users\JRGEN~1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_dvdvideosofttbde.ourtoolbar.com_0.localstorage deleted successfully
C:\Users\JRGEN~1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_dvdvideosofttbde.ourtoolbar.com_0.localstorage-journal deleted successfully
C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_adserver.iminent.com_0.localstorage deleted successfully
C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_adserver.iminent.com_0.localstorage-journal deleted successfully
C:\Users\JRGEN~1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.pricepeep.net_0.localstorage deleted successfully
C:\Users\JRGEN~1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.pricepeep.net_0.localstorage-journal deleted successfully
C:\Users\JRGEN~1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_minecraft-server.softonic.de_0.localstorage deleted successfully
C:\Users\JRGEN~1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_minecraft-server.softonic.de_0.localstorage-journal deleted successfully
C:\Users\JRGEN~1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_minecraft.softonic.de_0.localstorage deleted successfully
C:\Users\JRGEN~1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_minecraft.softonic.de_0.localstorage-journal deleted successfully
C:\Users\Elvira\AppData\Local\Google\Chrome\User Data\Default\Extensions\bodddioamolcibagionmmobehnbhiakf deleted successfully
C:\Users\Elvira\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bodddioamolcibagionmmobehnbhiakf_0.localstorage deleted successfully
C:\Users\Elvira\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bodddioamolcibagionmmobehnbhiakf_0.localstorage-journal deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Use Search Asst"="yes"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="hxxp://www.google.com"
"Search Page"="hxxp://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="hxxp://www.google.com"
"Search Page"="hxxp://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]
"Default"="hxxp://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl]
"Default"="hxxp://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"Default"="hxxp://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\y]
@="hxxp://yandex.ru/yandsearch?win=29&clid=1855511&text=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="hxxp://www.google.com"
"SearchAssistant"="hxxp://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="hxxp://go.microsoft.com/fwlink/?LinkId=69157"
"Use Search Asst"="no"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="hxxp://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="hxxp://go.microsoft.com/fwlink/?LinkId=54896"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="hxxp://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="hxxp://go.microsoft.com/fwlink/?LinkId=54896"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="hxxp://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="hxxp://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="hxxp://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="hxxp://go.microsoft.com/fwlink/?LinkId=54896"
"SearchAssistant"="hxxp://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
{CE8D1C5D-05D9-4A78-BF26-DDBB1E0B1560} ??????  Url="hxxp://yandex.ru/yandsearch?win=29&clid=1855508&text={searchTerms}"

==== Reset Google Chrome ======================

C:\Users\Elvira\AppData\Local\Google\Chrome\User Data\Default\preferences was reset successfully
C:\Users\\AppData\Local\Bromium\User Data\Default\Preferences was reset successfully
C:\Users\\AppData\Local\Chromium\User Data\Default\Preferences was reset successfully
C:\Users\\AppData\Local\Comodo\Dragon\User Data\Default\Preferences was reset successfully
C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\\AppData\Local\Nichrome\User Data\Default\Preferences was reset successfully
C:\Users\\AppData\Local\Xpom\User Data\Default\Preferences was reset successfully
C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\preferences was reset successfully
C:\Users\Elvira\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\\AppData\Local\Chromium\User Data\Default\Web Data was reset successfully
C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\\AppData\Local\Nichrome\User Data\Default\Web Data was reset successfully
C:\Users\\AppData\Local\Xpom\User Data\Default\Web Data was reset successfully
C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\JRGEN~1\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Reset IE Proxy ======================

Value(s) before fix:
"ProxyEnable"=dword:00000000

Value(s) after fix:
"ProxyEnable"=dword:00000000

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9EC6D81181F59F2459A84176A626F9ED deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\f4dc7792-3f3d-43d0-ad79-cb3520fae36c deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Elvira\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Martina\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\JRGEN~1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\JRGEN~1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Users\Elvira\AppData\Local\Mozilla\Firefox\Profiles\2aglban5.default\Cache emptied successfully
C:\Users\\AppData\Local\Mozilla\Firefox\Profiles\3elvxd57.default\Cache emptied successfully
C:\Users\Martina\AppData\Local\Mozilla\Firefox\Profiles\mzwqgr73.default\Cache emptied successfully
C:\Users\JRGEN~1\AppData\Local\Mozilla\Firefox\Profiles\kkmo767h.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Elvira\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\JRGEN~1\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=679 folders=139 86254201 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\temp emptied successfully
C:\Users\Default User\AppData\Local\temp emptied successfully
C:\Users\Elvira\AppData\Local\temp emptied successfully
C:\Users\\AppData\Local\Temp will be emptied at reboot
C:\Users\Martina\AppData\Local\temp emptied successfully
C:\Users\Public\AppData\Local\temp emptied successfully
C:\Users\JRGEN~1\AppData\Local\temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found

==== EOF on 01.06.2014 at 23:37:45,80 ======================
         
FRST :

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-06-2014 01
Ran by  (administrator) on -PC on 02-06-2014 00:02:02
Running from C:\Users\\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.EXE
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
( ) C:\Windows\System32\lxbkcoms.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() C:\Program Files (x86)\XSManager\WTGService.exe
(4G Systems GmbH & Co. KG) C:\Windows\service4g.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Service.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-Network.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Lexmark International, Inc.) C:\Program Files (x86)\Lexmark X1100 Series\LXBKbmgr.exe
(Lexmark International, Inc.) C:\Program Files (x86)\Lexmark X1100 Series\LXBKbmon.exe
() C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
(Microsoft Corporation) C:\Windows\System32\wscript.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(4G Systems GmbH & Co. KG) C:\Windows\starter4g.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Comvigo, Inc.) C:\Windows\SysWOW64\qimlsrv.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Comvigo, Inc.) C:\Windows\SysWOW64\dsrviml.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Users\\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
(Google Inc.) C:\Users\\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\\AppData\Local\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11464296 2010-09-03] (Realtek Semiconductor)
HKLM\...\Run: [lxbkbmgr.exe] => C:\Program Files (x86)\Lexmark X1100 Series\lxbkbmgr.exe [74408 2008-02-28] (Lexmark International, Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-03] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-09-30] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [starter4g] => C:\Windows\starter4g.exe [160424 2011-03-30] (4G Systems GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [737872 2014-05-27] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [601928 2013-06-19] (BlueStack Systems, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2465613748-4109621216-2680054910-1000\...\Run: [LightShot] => C:\Users\\AppData\Local\Skillbrains\lightshot\LightShot.exe Flags: uninsdeletevalue
HKU\S-1-5-21-2465613748-4109621216-2680054910-1000\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3588952 2014-04-25] (Electronic Arts)
HKU\S-1-5-21-2465613748-4109621216-2680054910-1000\...\Run: [Pando Media Booster] => C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [4287536 2013-08-29] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\IML.lnk
ShortcutTarget: IML.lnk -> C:\Windows\System32\iml.vbs ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\IML64.lnk
ShortcutTarget: IML64.lnk -> C:\Windows\SysWOW64\iml.vbs ()
Startup: C:\Users\Elvira\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Users\\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Users\Jürgen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Game Alarm.lnk
ShortcutTarget: Game Alarm.lnk -> C:\Games\Game Alarm\gamealarm.exe (Europe Support Ltd. N.V.)
Startup: C:\Users\Jürgen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.hyrican.de
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
SearchScopes: HKCU - Plasmoo URL = hxxp://plasmoo.com/index.htm?SearchMashine=true&q={searchTerms}
SearchScopes: HKCU - yandex.ru-230807 URL = 
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
SearchScopes: HKCU - {CE8D1C5D-05D9-4A78-BF26-DDBB1E0B1560} URL = hxxp://yandex.ru/yandsearch?win=29&clid=1855508&text={searchTerms}
BHO: Bing Bar Helper - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Bing Bar Helper - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_182.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @videolan.org/vlc,version=2.0.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.0.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\searchplugins\%Protector Process Name%.xml
FF SearchPlugin: C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\searchplugins\yandex.ru-230807.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Search Assistant - C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\Extensions\{B3834E60-12A8-11E0-A289-939FDFD72085} [2012-09-18]
FF Extension: ep - C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\Extensions\jid1-0xtMKhXFEs4jIg@jetpack.xpi [2014-02-24]

Chrome: 
=======
CHR Extension: (Google Docs) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-01]
CHR Extension: (Google Drive) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-01]
CHR Extension: (YouTube) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-07-21]
CHR Extension: (Google-Suche) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-07-21]
CHR Extension: (Google Wallet) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (Google Mail) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-07-21]

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-05-27] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-05-27] (Avira Operations GmbH & Co. KG)
R2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [393032 2013-06-19] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384840 2013-06-19] (BlueStack Systems, Inc.)
R2 lxbk_device; C:\Windows\system32\lxbkcoms.exe [565928 2008-02-19] ( )
R2 lxbk_device; C:\Windows\SysWOW64\lxbkcoms.exe [537256 2008-02-19] ( )
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2365792 2012-09-19] (TuneUp Software)
R2 WTGService; C:\Program Files (x86)\XSManager\WTGService.exe [327392 2012-04-05] ()
R2 XS Stick Service; C:\Windows\service4g.exe [145064 2011-03-30] (4G Systems GmbH & Co. KG)

==================== Drivers (Whitelisted) ====================

R3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [31920 2013-06-02] (Wondershare)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [112080 2014-04-29] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-04-29] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-19] (Avira Operations GmbH & Co. KG)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [70984 2013-06-19] (BlueStack Systems)
S3 cmnsusbser; C:\Windows\System32\DRIVERS\cmnsusbser.sys [117888 2012-10-05] (Mobile Connector)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-06-01] (Malwarebytes Corporation)
S3 RTL8187B; C:\Windows\System32\DRIVERS\rtl8187B.sys [450048 2010-03-31] (Realtek Semiconductor Corporation                           )
R3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [762472 2011-10-31] (Realtek Semiconductor Corporation                           )
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [11880 2012-09-19] (TuneUp Software)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 X6va009; \??\C:\Windows\SysWOW64\Drivers\X6va009 [X]
S3 X6va010; \??\C:\Windows\SysWOW64\Drivers\X6va010 [X]
S3 X6va011; \??\C:\Windows\SysWOW64\Drivers\X6va011 [X]
S3 X6va014; \??\C:\Windows\SysWOW64\Drivers\X6va014 [X]
S3 X6va015; \??\C:\Windows\SysWOW64\Drivers\X6va015 [X]
S3 X6va016; \??\C:\Windows\SysWOW64\Drivers\X6va016 [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-02 00:02 - 2014-06-02 00:02 - 00017636 _____ () C:\Users\\Downloads\FRST.txt
2014-06-01 23:59 - 2014-06-02 00:01 - 02067456 _____ (Farbar) C:\Users\\Downloads\FRST64.exe
2014-06-01 23:55 - 2014-05-31 20:36 - 02066944 _____ (Farbar) C:\Users\\Desktop\FRST64.exe
2014-06-01 23:39 - 2014-06-01 23:39 - 00065175 _____ () C:\Users\\Desktop\zoek-results.txt
2014-06-01 23:35 - 2014-06-02 00:02 - 00000000 ____D () C:\Users\\AppData\Local\Temp
2014-06-01 23:35 - 2014-06-01 23:35 - 00000000 ____D () C:\Users\Public\AppData\Local\temp
2014-06-01 23:35 - 2014-06-01 23:35 - 00000000 ____D () C:\Users\Martina\AppData\Local\temp
2014-06-01 23:35 - 2014-06-01 23:35 - 00000000 ____D () C:\Users\Jürgen\AppData\Local\temp
2014-06-01 23:35 - 2014-06-01 23:35 - 00000000 ____D () C:\Users\Elvira\AppData\Local\temp
2014-06-01 23:35 - 2014-06-01 23:35 - 00000000 ____D () C:\Users\Default\AppData\Local\temp
2014-06-01 23:35 - 2014-06-01 23:35 - 00000000 ____D () C:\Users\Default User\AppData\Local\temp
2014-06-01 23:35 - 2014-06-01 22:59 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-06-01 23:01 - 2014-06-01 23:37 - 00065553 _____ () C:\zoek-results.log
2014-06-01 22:58 - 2014-06-01 23:30 - 00000000 ____D () C:\zoek_backup
2014-06-01 22:55 - 2014-06-01 22:56 - 00001154 _____ () C:\Users\\Desktop\mbam.txt
2014-06-01 22:10 - 2014-06-01 22:35 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-01 22:10 - 2014-06-01 22:10 - 00001113 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-06-01 22:10 - 2014-06-01 22:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-06-01 22:10 - 2014-06-01 22:10 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-01 22:10 - 2014-06-01 22:10 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-06-01 22:10 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-06-01 22:10 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-06-01 22:10 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-06-01 22:08 - 2014-06-01 22:08 - 00005727 _____ () C:\Users\\Desktop\JRT.txt
2014-06-01 21:57 - 2014-06-01 21:57 - 00000000 ____D () C:\Windows\ERUNT
2014-06-01 21:53 - 2014-06-01 21:53 - 00124182 _____ () C:\Users\\Desktop\AdwCleaner[S0].txt
2014-06-01 21:36 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-06-01 21:33 - 2014-06-01 21:41 - 00000000 ____D () C:\AdwCleaner
2014-06-01 21:32 - 2014-06-01 21:31 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\\Desktop\mbam-setup-2.0.2.1012.exe
2014-06-01 21:31 - 2014-06-01 21:31 - 01285120 _____ () C:\Users\\Desktop\zoek.exe
2014-06-01 21:31 - 2014-06-01 21:28 - 01016261 _____ (Thisisu) C:\Users\\Desktop\JRT.exe
2014-06-01 21:30 - 2014-06-01 21:28 - 01327971 _____ () C:\Users\\Desktop\adwcleaner_3.211.exe
2014-06-01 21:29 - 2014-06-01 21:31 - 01285120 _____ () C:\Users\\Downloads\zoek.exe
2014-06-01 21:28 - 2014-06-01 21:31 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\\Downloads\mbam-setup-2.0.2.1012.exe
2014-06-01 21:28 - 2014-06-01 21:28 - 01327971 _____ () C:\Users\\Downloads\adwcleaner_3.211.exe
2014-06-01 21:28 - 2014-06-01 21:28 - 01016261 _____ (Thisisu) C:\Users\\Downloads\JRT.exe
2014-06-01 01:19 - 2014-06-01 01:19 - 00051290 _____ () C:\ComboFix.txt
2014-05-31 21:17 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-05-31 21:17 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-05-31 21:17 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-05-31 21:17 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-05-31 21:17 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-05-31 21:17 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-05-31 21:17 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-05-31 21:17 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-05-31 21:15 - 2014-06-01 01:19 - 00000000 ____D () C:\Qoobox
2014-05-31 21:14 - 2014-06-01 01:16 - 00000000 ____D () C:\Windows\erdnt
2014-05-31 21:12 - 2014-05-31 21:08 - 05203398 ____R (Swearware) C:\Users\\Desktop\ComboFix.exe
2014-05-31 21:07 - 2014-05-31 21:08 - 05203398 _____ (Swearware) C:\Users\\Downloads\ComboFix.exe
2014-05-31 20:38 - 2014-05-31 21:02 - 00044395 _____ () C:\Users\\Desktop\Addition.txt
2014-05-31 20:37 - 2014-06-02 00:02 - 00000000 ____D () C:\FRST
2014-05-31 20:37 - 2014-05-31 20:56 - 00062979 _____ () C:\Users\\Desktop\FRST.txt
2014-05-31 20:10 - 2014-05-31 20:11 - 00250250 _____ () C:\Users\\Downloads\140520063508.jpeg
2014-05-31 16:02 - 2014-05-31 16:02 - 00052891 _____ () C:\Users\Jürgen\Downloads\7B1.tmp
2014-05-29 15:46 - 2014-05-29 15:46 - 00000000 ____D () C:\ProgramData\PopCap Games
2014-05-29 15:46 - 2014-05-29 15:46 - 00000000 ____D () C:\ProgramData\EA Core
2014-05-29 15:43 - 2014-05-29 15:43 - 00001286 _____ () C:\Users\Public\Desktop\Pflanzen gegen Zombies.lnk
2014-05-29 15:43 - 2014-05-29 15:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pflanzen gegen Zombies
2014-05-17 10:44 - 2014-05-17 10:44 - 00001072 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1001Core1cf71ac260e523e.job
2014-05-14 22:03 - 2014-05-06 02:46 - 17847808 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-14 22:03 - 2014-05-06 02:21 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-14 22:03 - 2014-05-06 02:21 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-14 22:03 - 2014-05-06 01:32 - 12347392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-14 22:03 - 2014-05-06 01:14 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-14 22:03 - 2014-05-06 01:14 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-14 14:00 - 2014-05-09 08:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-14 14:00 - 2014-05-09 08:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-14 14:00 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-14 14:00 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-14 14:00 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-14 14:00 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-14 14:00 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-14 14:00 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-14 14:00 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-14 14:00 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-05-14 14:00 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-14 14:00 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-14 14:00 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-14 14:00 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-14 14:00 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-14 14:00 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-14 14:00 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-14 14:00 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-14 14:00 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-14 14:00 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-14 14:00 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-14 14:00 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-14 14:00 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-14 14:00 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-14 14:00 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-14 14:00 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-14 14:00 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-14 14:00 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-14 14:00 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-14 14:00 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-14 14:00 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-14 14:00 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-14 14:00 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-14 14:00 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-14 14:00 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-14 14:00 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-14 14:00 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-14 14:00 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-05-14 14:00 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-05-14 14:00 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-05-14 14:00 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-05-14 14:00 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-14 14:00 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-05-14 14:00 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-14 14:00 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-12 19:41 - 2014-05-12 19:41 - 00994160 _____ () C:\Users\Jürgen\Downloads\setup (17).exe
2014-05-11 17:57 - 2014-05-11 17:58 - 00994160 _____ () C:\Users\Jürgen\Downloads\setup (16).exe
2014-05-11 10:47 - 2014-05-11 10:47 - 00001076 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1002Core1cf6cf59b1b4d7c.job
2014-05-11 07:51 - 2014-05-11 07:51 - 00001076 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1000Core1cf6cdd52a1ae5.job
2014-05-10 19:18 - 2014-05-10 19:19 - 00994160 _____ () C:\Users\Jürgen\Downloads\setup (15).exe

==================== One Month Modified Files and Folders =======

2014-06-02 00:03 - 2013-08-29 02:01 - 00000000 ____D () C:\Users\\AppData\Local\PMB Files
2014-06-02 00:02 - 2014-06-02 00:02 - 00017636 _____ () C:\Users\\Downloads\FRST.txt
2014-06-02 00:02 - 2014-06-01 23:35 - 00000000 ____D () C:\Users\\AppData\Local\Temp
2014-06-02 00:02 - 2014-05-31 20:37 - 00000000 ____D () C:\FRST
2014-06-02 00:01 - 2014-06-01 23:59 - 02067456 _____ (Farbar) C:\Users\\Downloads\FRST64.exe
2014-06-01 23:53 - 2009-07-14 06:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-01 23:53 - 2009-07-14 06:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-01 23:51 - 2012-09-12 01:43 - 00000000 ____D () C:\ProgramData\Origin
2014-06-01 23:49 - 2012-07-21 10:07 - 01192933 _____ () C:\Windows\WindowsUpdate.log
2014-06-01 23:46 - 2012-09-12 01:43 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-06-01 23:44 - 2013-12-10 00:50 - 00000374 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-06-01 23:43 - 2009-07-14 06:51 - 00178433 _____ () C:\Windows\setupact.log
2014-06-01 23:39 - 2014-06-01 23:39 - 00065175 _____ () C:\Users\\Desktop\zoek-results.txt
2014-06-01 23:37 - 2014-06-01 23:01 - 00065553 _____ () C:\zoek-results.log
2014-06-01 23:36 - 2010-10-01 09:36 - 00602110 _____ () C:\Windows\PFRO.log
2014-06-01 23:35 - 2014-06-01 23:35 - 00000000 ____D () C:\Users\Public\AppData\Local\temp
2014-06-01 23:35 - 2014-06-01 23:35 - 00000000 ____D () C:\Users\Martina\AppData\Local\temp
2014-06-01 23:35 - 2014-06-01 23:35 - 00000000 ____D () C:\Users\Jürgen\AppData\Local\temp
2014-06-01 23:35 - 2014-06-01 23:35 - 00000000 ____D () C:\Users\Elvira\AppData\Local\temp
2014-06-01 23:35 - 2014-06-01 23:35 - 00000000 ____D () C:\Users\Default\AppData\Local\temp
2014-06-01 23:35 - 2014-06-01 23:35 - 00000000 ____D () C:\Users\Default User\AppData\Local\temp
2014-06-01 23:30 - 2014-06-01 22:58 - 00000000 ____D () C:\zoek_backup
2014-06-01 23:24 - 2012-07-21 10:25 - 00000000 ____D () C:\Users\
2014-06-01 22:59 - 2014-06-01 23:35 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-06-01 22:56 - 2014-06-01 22:55 - 00001154 _____ () C:\Users\\Desktop\mbam.txt
2014-06-01 22:35 - 2014-06-01 22:10 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-01 22:10 - 2014-06-01 22:10 - 00001113 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-06-01 22:10 - 2014-06-01 22:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-06-01 22:10 - 2014-06-01 22:10 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-01 22:10 - 2014-06-01 22:10 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-06-01 22:08 - 2014-06-01 22:08 - 00005727 _____ () C:\Users\\Desktop\JRT.txt
2014-06-01 21:57 - 2014-06-01 21:57 - 00000000 ____D () C:\Windows\ERUNT
2014-06-01 21:53 - 2014-06-01 21:53 - 00124182 _____ () C:\Users\\Desktop\AdwCleaner[S0].txt
2014-06-01 21:41 - 2014-06-01 21:33 - 00000000 ____D () C:\AdwCleaner
2014-06-01 21:40 - 2012-07-21 15:21 - 00000000 ____D () C:\Users\Martina
2014-06-01 21:40 - 2012-07-21 15:12 - 00000000 ____D () C:\Users\Elvira
2014-06-01 21:40 - 2012-07-21 14:35 - 00000000 ____D () C:\Users\Jürgen
2014-06-01 21:40 - 2012-07-21 10:25 - 00000000 ___RD () C:\Users\\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-06-01 21:31 - 2014-06-01 21:32 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\\Desktop\mbam-setup-2.0.2.1012.exe
2014-06-01 21:31 - 2014-06-01 21:31 - 01285120 _____ () C:\Users\\Desktop\zoek.exe
2014-06-01 21:31 - 2014-06-01 21:29 - 01285120 _____ () C:\Users\\Downloads\zoek.exe
2014-06-01 21:31 - 2014-06-01 21:28 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\\Downloads\mbam-setup-2.0.2.1012.exe
2014-06-01 21:28 - 2014-06-01 21:31 - 01016261 _____ (Thisisu) C:\Users\\Desktop\JRT.exe
2014-06-01 21:28 - 2014-06-01 21:30 - 01327971 _____ () C:\Users\\Desktop\adwcleaner_3.211.exe
2014-06-01 21:28 - 2014-06-01 21:28 - 01327971 _____ () C:\Users\\Downloads\adwcleaner_3.211.exe
2014-06-01 21:28 - 2014-06-01 21:28 - 01016261 _____ (Thisisu) C:\Users\\Downloads\JRT.exe
2014-06-01 21:19 - 2010-10-01 08:53 - 00000000 ____D () C:\ProgramData\Norton
2014-06-01 08:29 - 2009-07-14 19:58 - 00699884 _____ () C:\Windows\system32\perfh007.dat
2014-06-01 08:29 - 2009-07-14 19:58 - 00149766 _____ () C:\Windows\system32\perfc007.dat
2014-06-01 08:29 - 2009-07-14 07:13 - 01622236 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-01 08:25 - 2014-03-06 18:07 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-06-01 02:21 - 2013-12-04 02:02 - 02240860 _____ () C:\Windows\IE11_main.log
2014-06-01 01:19 - 2014-06-01 01:19 - 00051290 _____ () C:\ComboFix.txt
2014-06-01 01:19 - 2014-05-31 21:15 - 00000000 ____D () C:\Qoobox
2014-06-01 01:19 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-06-01 01:16 - 2014-05-31 21:14 - 00000000 ____D () C:\Windows\erdnt
2014-06-01 01:15 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-05-31 21:08 - 2014-05-31 21:12 - 05203398 ____R (Swearware) C:\Users\\Desktop\ComboFix.exe
2014-05-31 21:08 - 2014-05-31 21:07 - 05203398 _____ (Swearware) C:\Users\\Downloads\ComboFix.exe
2014-05-31 21:02 - 2014-05-31 20:38 - 00044395 _____ () C:\Users\\Desktop\Addition.txt
2014-05-31 20:56 - 2014-05-31 20:37 - 00062979 _____ () C:\Users\\Desktop\FRST.txt
2014-05-31 20:36 - 2014-06-01 23:55 - 02066944 _____ (Farbar) C:\Users\\Desktop\FRST64.exe
2014-05-31 20:11 - 2014-05-31 20:10 - 00250250 _____ () C:\Users\\Downloads\140520063508.jpeg
2014-05-31 19:54 - 2014-01-21 14:44 - 00000000 ____D () C:\Users\Jürgen\Documents\FIFA 14
2014-05-31 16:02 - 2014-05-31 16:02 - 00052891 _____ () C:\Users\Jürgen\Downloads\7B1.tmp
2014-05-30 08:22 - 2012-07-21 15:20 - 00002375 _____ () C:\Users\Elvira\Desktop\Google Chrome.lnk
2014-05-29 15:46 - 2014-05-29 15:46 - 00000000 ____D () C:\ProgramData\PopCap Games
2014-05-29 15:46 - 2014-05-29 15:46 - 00000000 ____D () C:\ProgramData\EA Core
2014-05-29 15:43 - 2014-05-29 15:43 - 00001286 _____ () C:\Users\Public\Desktop\Pflanzen gegen Zombies.lnk
2014-05-29 15:43 - 2014-05-29 15:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pflanzen gegen Zombies
2014-05-29 15:43 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-05-29 15:41 - 2010-10-01 08:19 - 00116460 _____ () C:\Windows\DirectX.log
2014-05-29 15:38 - 2012-09-12 01:55 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-05-29 15:05 - 2012-09-12 01:55 - 00000000 ____D () C:\Users\Jürgen\AppData\Roaming\Origin
2014-05-28 15:35 - 2012-08-14 02:38 - 00000000 ____D () C:\Users\Jürgen\AppData\Roaming\.minecraft
2014-05-28 08:14 - 2012-07-21 10:38 - 00002380 _____ () C:\Users\\Desktop\Google Chrome.lnk
2014-05-26 15:56 - 2014-01-08 17:58 - 00000000 ____D () C:\Users\Jürgen\Tracing
2014-05-23 19:34 - 2012-07-21 14:48 - 00002375 _____ () C:\Users\Jürgen\Desktop\Google Chrome.lnk
2014-05-21 10:29 - 2012-07-21 10:25 - 00000000 ___RD () C:\Users\\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-17 19:31 - 2012-07-21 15:21 - 00000000 ___RD () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-17 19:31 - 2012-07-21 15:21 - 00000000 ___RD () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-17 10:44 - 2014-05-17 10:44 - 00001072 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1001Core1cf71ac260e523e.job
2014-05-15 16:07 - 2012-07-21 15:12 - 00000000 ___RD () C:\Users\Elvira\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-15 16:07 - 2012-07-21 15:12 - 00000000 ___RD () C:\Users\Elvira\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-15 16:05 - 2012-07-21 14:35 - 00000000 ___RD () C:\Users\Jürgen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-15 16:05 - 2012-07-21 14:35 - 00000000 ___RD () C:\Users\Jürgen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-15 16:01 - 2014-04-30 17:52 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-14 22:00 - 2013-07-13 07:57 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-14 22:00 - 2010-10-01 10:17 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-12 19:41 - 2014-05-12 19:41 - 00994160 _____ () C:\Users\Jürgen\Downloads\setup (17).exe
2014-05-12 07:26 - 2014-06-01 22:10 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-12 07:26 - 2014-06-01 22:10 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-12 07:25 - 2014-06-01 22:10 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-11 17:58 - 2014-05-11 17:57 - 00994160 _____ () C:\Users\Jürgen\Downloads\setup (16).exe
2014-05-11 10:47 - 2014-05-11 10:47 - 00001076 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1002Core1cf6cf59b1b4d7c.job
2014-05-11 07:51 - 2014-05-11 07:51 - 00001076 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1000Core1cf6cdd52a1ae5.job
2014-05-10 19:19 - 2014-05-10 19:18 - 00994160 _____ () C:\Users\Jürgen\Downloads\setup (15).exe
2014-05-09 08:14 - 2014-05-14 14:00 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-09 08:11 - 2014-05-14 14:00 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-06 20:44 - 2012-07-21 15:29 - 00002380 _____ () C:\Users\Martina\Desktop\Google Chrome.lnk
2014-05-06 02:46 - 2014-05-14 22:03 - 17847808 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 02:21 - 2014-05-14 22:03 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-06 02:21 - 2014-05-14 22:03 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-06 01:32 - 2014-05-14 22:03 - 12347392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-06 01:14 - 2014-05-14 22:03 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-06 01:14 - 2014-05-14 22:03 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-04 13:46 - 2012-08-24 17:14 - 00528384 ____H () C:\Users\Jürgen\Downloads\photothumb.db
2014-05-04 13:45 - 2013-10-17 18:56 - 00000000 ____D () C:\Users\Jürgen\Downloads\Karikatur2

Some content of TEMP:
====================
C:\Users\\AppData\Local\Temp\avgnt.exe
C:\Users\\AppData\Local\Temp\rtdrvmon.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-09-01 11:24

==================== End Of Log ============================
         
--- --- ---

--- --- ---

Alt 02.06.2014, 01:26   #8
Jackson11
 
WINDOWS 7 kommen ständig PopUps usw... - Standard

WINDOWS 7 kommen ständig PopUps usw...



Additition:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-05-2014
Ran by  at 2014-05-31 20:38:47
Running from C:\Users\\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Norton Internet Security (Disabled - Up to date) {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}
AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Internet Security (Disabled - Up to date) {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}
FW: Norton Internet Security (Disabled) {B0F2DB13-C654-2E74-30D4-99C9310F0F2E}

==================== Installed Programs ======================

Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.7.700.224 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.182 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.2.122 - Adobe Systems, Inc.)
Alcatraz (HKLM-x32\...\Alcatraz/DE-German_is1) (Version:  - City Interactive)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - ATI Technologies Inc.) Hidden
Apowersoft kostenloser Bildschirmrekorder V1.2.4 (HKLM-x32\...\{4EFA42DB-E4EC-4537-9DF3-5158D08A9785}_is1) (Version: 1.2.4 - Apowersoft)
appbario8 Toolbar (HKLM-x32\...\appbario8 Toolbar) (Version: 6.9.0.16 - appbario8)
Arma 3 (HKLM-x32\...\Steam App 107410) (Version:  - Bohemia Interactive)
Arma 3 Tools (HKLM-x32\...\Steam App 233800) (Version:  - Bohemia Interactive)
ATI Catalyst Install Manager (HKLM\...\{8DF9D3DF-6D03-A04F-217F-F2577D973DBE}) (Version: 3.0.795.0 - ATI Technologies, Inc.)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.4.642 - Avira)
Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.7.14.901 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{9D84E30F-6757-4A56-BCB5-51ADE3AE8631}) (Version: 0.7.14.901 - BlueStack Systems, Inc.)
BrowserCompanion (HKLM-x32\...\BrowserCompanion) (Version:  - ) <==== ATTENTION
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2010.0930.2237.38732 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.0930.2237.38732 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2010.0930.2237.38732 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2010.0930.2237.38732 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Czech (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Danish (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Dutch (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help English (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Finnish (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help French (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help German (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Greek (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Italian (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Japanese (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Korean (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Polish (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Russian (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Spanish (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Swedish (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Thai (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Turkish (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
ccc-core-static (x32 Version: 2010.0930.2237.38732 - Ihr Firmenname) Hidden
ccc-utility64 (Version: 2010.0930.2237.38732 - ATI) Hidden
Cross Fire En (HKLM-x32\...\Cross Fire_is1) (Version:  - Z8Games.com)
Crossfire Europe (HKLM-x32\...\Crossfire Europe) (Version: 1181 - SG INTERACTIVE)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dealply (HKCU\...\Dealply) (Version:  - ) <==== ATTENTION
DealPly (remove only) (HKLM-x32\...\DealPly) (Version: 4.8.7.3 - DealPly Technologies Ltd.) <==== ATTENTION
Delta Chrome Toolbar (HKLM-x32\...\{177586E7-E42E-4F38-83D1-D15B4AF5B714}) (Version: 1.0.0.0 - DeltaInstaller) <==== ATTENTION
Delta toolbar   (HKLM-x32\...\delta) (Version: 1.8.10.0 - Delta) <==== ATTENTION
DVDVideoSoftTB DE Toolbar (HKLM-x32\...\DVDVideoSoftTB_DE Toolbar) (Version: 6.9.0.16 - DVDVideoSoftTB DE)
Feven Pro 1.2 (HKLM-x32\...\Feven Pro 1.2) (Version: 1.34.2.13 - Feven) <==== ATTENTION
FIFA 13 (HKLM-x32\...\{A29E18C2-7AB1-4b6b-848C-5D5E2C85F0C0}) (Version: 1.2.0.0 - Electronic Arts)
FIFA 14 (HKLM-x32\...\{AA7A2800-1E75-4240-855B-03AFF8E5171E}) (Version: 1.0.0.7 - Electronic Arts)
Free Audio CD to MP3 Converter version 1.3.12.1228 (HKLM-x32\...\Free Audio CD to MP3 Converter_is1) (Version: 1.3.12.1228 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.14.1022 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.14.1022 - DVDVideoSoft Ltd.)
GIMP 2.8.6 (HKLM\...\GIMP-2_is1) (Version: 2.8.6 - The GIMP Team)
Google Chrome (HKCU\...\Google Chrome) (Version: 35.0.1916.114 - Google Inc.)
Google Update Helper (x32 Version: 1.3.23.0 - DealPly Technologies Ltd) Hidden <==== ATTENTION
Hama Black Force Pad (HKLM-x32\...\{4999B2F1-3E74-409A-B8B5-E94448AA9EA6}) (Version: 2007.01.01 - )
HQ-Video-Profession-1.3 (HKLM-x32\...\HQ-Video-Profession-1.3) (Version: 1.34.2.13 - HQ-Video) <==== ATTENTION
HydraVision (x32 Version: 4.2.180.0 - ATI Technologies Inc.) Hidden
IB Updater Service (HKLM-x32\...\WNLT) (Version: 5.0.8.6 - ) <==== ATTENTION
IePluginService12.27.0.3326 (HKLM-x32\...\IePlugins) (Version: 12.27.0.3326 - Cherished Technololgy LIMITED) <==== ATTENTION
iLivid (HKLM-x32\...\iLivid) (Version: 4.0.0.2208 - Bandoo Media Inc) <==== ATTENTION
IM Lock (HKLM-x32\...\IMLock) (Version:  - Comvigo, Inc.)
Iminent (HKLM-x32\...\IMBoosterARP) (Version: 6.4.56.0 - Iminent) <==== ATTENTION
Iminent (x32 Version: 6.4.56.0 - Iminent) Hidden <==== ATTENTION
Incredibar Toolbar  on IE (HKLM-x32\...\incredibar) (Version:  - ) <==== ATTENTION
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)
ISY N150 Micro WLAN USB-Adapter (HKLM-x32\...\{B20F9D1C-A0A5-4cd8-8306-DA03872311B1}) (Version: 1.00.0155 - ISY)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Lexmark X1100 Series (HKLM\...\Lexmark X1100 Series) (Version:  - Lexmark International, Inc.)
lightshot-4.4.2.0 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 4.4.2.0 - Skillbrains)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mobogenie (HKLM-x32\...\Mobogenie) (Version:  - Mobogenie.com) <==== ATTENTION
Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
Need For Speed™ World (HKLM-x32\...\{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1) (Version: 1.0.0.993 - Electronic Arts)
Norton Internet Security (HKLM-x32\...\NIS) (Version: 18.0.0.128 - Symantec Corporation)
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.0.2.2065 - Electronic Arts, Inc.)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.9 - Pando Networks Inc.)
Pflanzen gegen Zombies™ (HKLM-x32\...\{5E6536C2-E79A-49CF-83EA-817AD81F9FC8}) (Version: 1.2.0.1093 - Electronic Arts, Inc.)
PhotoScape (HKLM-x32\...\PhotoScape) (Version:  - )
PriceGong 2.6.4 (HKLM-x32\...\PriceGong) (Version: 2.6.4 - PriceGong) <==== ATTENTION
Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6121 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6194 - Realtek Semiconductor Corp.)
Re-markit (HKLM-x32\...\f4dc7792-3f3d-43d0-ad79-cb3520fae36c) (Version:  - Re-markit Software) <==== ATTENTION
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Sniper - Art of Victory (HKLM-x32\...\sniper_de_is1) (Version:  - City Interactive)
SpecialSavings (HKLM-x32\...\SpecialSavings) (Version:  - ) <==== ATTENTION
SpeedUpMyPC (HKLM-x32\...\{E55B3271-7CA8-4D0C-AE06-69A24856E996}_is1) (Version: 5.3.4.4 - Uniblue Systems Ltd) <==== ATTENTION
Spelling Dictionaries Support For Adobe Reader 9 (HKLM-x32\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
SupTab (HKLM-x32\...\SupTab) (Version: 1.1.1.0 - ) <==== ATTENTION
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.8.1 - TeamSpeak Systems GmbH)
TuneUp Utilities 2013 (HKLM-x32\...\TuneUp Utilities 2013) (Version: 13.0.2020.4 - TuneUp Software)
TuneUp Utilities 2013 (x32 Version: 13.0.2020.4 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (x32 Version: 13.0.2020.4 - TuneUp Software) Hidden
Video Downloader (HKLM-x32\...\Video Downloader) (Version: 1.14 - hxxp://www.vgrabber.com)
VLC media player 2.0.3 (HKLM-x32\...\VLC media player) (Version: 2.0.3 - VideoLAN)
VO Package (HKLM-x32\...\VOPackage) (Version: 1.0.0.0 - ) <==== ATTENTION
Wajam (HKLM-x32\...\Wajam) (Version: 2.11 - Wajam) <==== ATTENTION
Web Assistant 2.0.0.573 (HKLM\...\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1) (Version: 2.0.0.573 - IncrediBar) <==== ATTENTION
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger Companion Core (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WinZipper (HKLM-x32\...\WinZipper) (Version: 1.5.29 - Taiwan Shui Mu Chih Ching Technology Limited.) <==== ATTENTION
WiseConvert (HKLM-x32\...\WiseConvert) (Version: 1.0 - WiseConvert)
WMV9/VC-1 Video Playback (Version: 1.00.0000 - ATI Technologies Inc.) Hidden
World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812}_is1) (Version:  - Wargaming.net)
XSManager (HKLM-x32\...\XSManager) (Version: 3.2 - XSManager)

==================== Restore Points  =========================

23-05-2014 17:38:13 Windows Update
23-05-2014 23:00:11 Windows Update
24-05-2014 16:20:14 Windows Update
24-05-2014 18:08:19 Windows Update
25-05-2014 00:48:34 Windows Update
25-05-2014 19:14:34 Windows Update
26-05-2014 19:21:38 Windows Update
27-05-2014 19:56:06 Windows Update
28-05-2014 10:10:08 Windows Update
29-05-2014 00:56:57 Windows Update
29-05-2014 13:36:46 DirectX wurde installiert
29-05-2014 23:00:34 Windows Update
30-05-2014 06:27:09 Windows Update
31-05-2014 01:00:50 Windows Update
31-05-2014 05:58:19 Windows Update

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {00CDF369-5C82-4B09-A8B8-22E0110976DE} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1001Core => C:\Users\Elvira\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-21] (Google Inc.)
Task: {162D19D2-88E6-425F-ACF9-085709C10976} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1003Core => C:\Users\Jürgen\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-21] (Google Inc.)
Task: {180C32E6-A575-49A3-AA4D-7E9EDC44A1AA} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2013\OneClick.exe [2012-09-19] (TuneUp Software)
Task: {1FD7E7FA-4C1B-46AA-B808-A6B47969B523} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1000UA => C:\Users\\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-21] (Google Inc.)
Task: {25715EC7-88B9-4811-B0FD-540AC855053B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1002UA => C:\Users\Martina\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-21] (Google Inc.)
Task: {2D13B59E-4C34-49F2-81B8-8A7F2D96CC2F} - System32\Tasks\PC Performer Manager => Sc.exe start PC Performer Manager
Task: {620FBD68-8B3D-47C5-BEE1-EA19B1705EC4} - System32\Tasks\Games\UpdateCheck_S-1-5-21-2465613748-4109621216-2680054910-1001
Task: {62745FA6-88B4-4F26-B2F4-09469D925348} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {635AC757-77D2-41EE-A578-F6A8974BF31D} - System32\Tasks\AdobeFlashPlayerUpdate => C:\Windows\SysWOW64\FlashPlayerUpdateService.exe
Task: {6875CA21-089D-4DC0-A439-FE49B1E33DB4} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: {6E350C8D-3672-4719-8CF1-5A8B8CA44909} - System32\Tasks\update-S-1-5-21-2465613748-4109621216-2680054910-1003 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2013-02-23] ()
Task: {77E350C2-2250-4BEE-B575-EF12CA6A03F8} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2013-02-23] ()
Task: {820F5D76-F745-4811-BE70-3E99A14E89D9} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1002Core => C:\Users\Martina\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-21] (Google Inc.)
Task: {9C4EF4AE-24AC-494E-BB1E-389E59772369} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-11] (Adobe Systems Incorporated)
Task: {A66165D0-A739-46B9-AA91-33C0AE65F710} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1003UA => C:\Users\Jürgen\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-21] (Google Inc.)
Task: {ABD96266-25AF-494C-B2F5-17C5D8F015E2} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1001UA => C:\Users\Elvira\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-21] (Google Inc.)
Task: {B3ACA1F2-AC10-4A74-A012-61E186CB35DD} - System32\Tasks\update-S-1-5-21-2465613748-4109621216-2680054910-1000 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2013-02-23] ()
Task: {BEE6EDB5-D13A-4C37-B3C9-40075E803219} - System32\Tasks\AdobeFlashPlayerUpdate 2 => C:\Windows\SysWOW64\FlashPlayerUpdateService.exe
Task: {D1301EC2-67C9-4E08-9A87-56DB18075640} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1000Core => C:\Users\\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-21] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineCore.job => C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe <==== ATTENTION
Task: C:\Windows\Tasks\Feven Pro 1.2-chromeinstaller.job => C:\Program Files (x86)\Feven Pro 1.2\Feven Pro 1.2-chromeinstaller.exe <==== ATTENTION
Task: C:\Windows\Tasks\Feven Pro 1.2-codedownloader.job => C:\Program Files (x86)\Feven Pro 1.2\Feven Pro 1.2-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\Feven Pro 1.2-enabler.job => C:\Program Files (x86)\Feven Pro 1.2\Feven Pro 1.2-enabler.exe <==== ATTENTION
Task: C:\Windows\Tasks\Feven Pro 1.2-firefoxinstaller.job => C:\Program Files (x86)\Feven Pro 1.2\Feven Pro 1.2-firefoxinstaller.exe <==== ATTENTION
Task: C:\Windows\Tasks\Feven Pro 1.2-updater.job => C:\Program Files (x86)\Feven Pro 1.2\Feven Pro 1.2-updater.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1000Core1cf6cdd52a1ae5.job => C:\Users\\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1000UA.job => C:\Users\\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1001Core1cf71ac260e523e.job => C:\Users\Elvira\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1001UA.job => C:\Users\Elvira\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1002Core1cf6cf59b1b4d7c.job => C:\Users\Martina\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1002UA.job => C:\Users\Martina\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1003Core1cf6b76210b5906.job => C:\Users\Jürgen\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1003UA.job => C:\Users\Jürgen\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HQ-Video-Profession-1.3-chromeinstaller.job => C:\Program Files (x86)\HQ-Video-Profession-1.3\HQ-Video-Profession-1.3-chromeinstaller.exe <==== ATTENTION
Task: C:\Windows\Tasks\HQ-Video-Profession-1.3-codedownloader.job => C:\Program Files (x86)\HQ-Video-Profession-1.3\HQ-Video-Profession-1.3-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\HQ-Video-Profession-1.3-enabler.job => C:\Program Files (x86)\HQ-Video-Profession-1.3\HQ-Video-Profession-1.3-enabler.exe <==== ATTENTION
Task: C:\Windows\Tasks\HQ-Video-Profession-1.3-firefoxinstaller.job => C:\Program Files (x86)\HQ-Video-Profession-1.3\HQ-Video-Profession-1.3-firefoxinstaller.exe <==== ATTENTION
Task: C:\Windows\Tasks\HQ-Video-Profession-1.3-updater.job => C:\Program Files (x86)\HQ-Video-Profession-1.3\HQ-Video-Profession-1.3-updater.exe <==== ATTENTION
Task: C:\Windows\Tasks\PCHelpers1st.job => C:\Program Files (x86)\Optimizer Elite Max\Optimizer Elite Max.exe <==== ATTENTION
Task: C:\Windows\Tasks\PCHelpers_period.job => C:\Program Files (x86)\Optimizer Elite Max\Optimizer Elite Max.exe <==== ATTENTION
Task: C:\Windows\Tasks\Re-markit Update.job => C:\Program Files (x86)\Re-markit-soft\ReMar.exe <==== ATTENTION
Task: C:\Windows\Tasks\Re-markit_wd.job => C:\Program Files (x86)\Re-markit-soft\Re-markit_wd.exe <==== ATTENTION
Task: C:\Windows\Tasks\SpeedUpMyPC.job => C:\Program Files (x86)\Uniblue\SpeedUpMyPC\sump.exe <==== ATTENTION
Task: C:\Windows\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013.job => C:\Program Files (x86)\TuneUp Utilities 2013\OneClick.exe
Task: C:\Windows\Tasks\update-S-1-5-21-2465613748-4109621216-2680054910-1000.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\Windows\Tasks\update-S-1-5-21-2465613748-4109621216-2680054910-1003.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\Windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe

==================== Loaded Modules (whitelisted) =============

2012-09-03 21:48 - 2014-04-07 16:57 - 02276144 _____ () C:\Windows\system32\dmwu.exe
2014-02-28 16:37 - 2014-02-28 16:37 - 00194560 _____ () C:\Program Files (x86)\Re-markit-soft\Re-markit155.exe
2012-08-05 21:47 - 2013-01-29 15:28 - 00188760 _____ () C:\Program Files\Web Assistant\ExtensionUpdaterService.exe
2012-10-05 10:38 - 2012-04-05 17:35 - 00327392 ____N () C:\Program Files (x86)\XSManager\WTGService.exe
2014-04-07 16:57 - 2014-04-07 16:57 - 01100592 _____ () C:\Windows\SysWOW64\jmdp\stij.exe
2014-04-07 16:57 - 2014-04-07 16:57 - 01303856 _____ () C:\Windows\System32\ljkb\stij.exe
2014-04-07 16:57 - 2014-04-07 16:57 - 01571120 _____ () C:\Windows\System32\ljkb\lmrn.dll
2013-08-29 01:39 - 2013-08-29 01:40 - 04287536 _____ () C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
2013-11-27 21:58 - 2014-02-28 15:16 - 00775872 _____ () C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
2012-07-02 11:16 - 2012-07-02 11:16 - 00695448 _____ () C:\Users\\AppData\Roaming\BrowserCompanion\tbhcn.exe
2010-08-04 15:58 - 2010-08-04 15:58 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2010-09-30 22:36 - 2010-09-30 22:36 - 00270336 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2014-02-27 08:04 - 2014-02-27 08:04 - 00612496 _____ () C:\Program Files (x86)\WinZipper\sqlite3.dll
2014-02-14 11:30 - 2014-02-14 11:30 - 00170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\bfd5296be62268bc7a31a424f0d1ad5f\IsdiInterop.ni.dll
2010-10-01 09:40 - 2010-03-03 20:08 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2014-04-07 16:57 - 2014-04-07 16:57 - 01266992 _____ () C:\Windows\SysWOW64\jmdp\lmrn.dll
2014-02-28 15:17 - 2014-02-28 15:16 - 00061440 _____ () C:\Program Files (x86)\Mobogenie\Device.dll
2014-02-28 15:17 - 2014-02-28 15:16 - 00471040 _____ () C:\Program Files (x86)\Mobogenie\DCR.dll
2012-08-10 16:51 - 2012-08-10 16:51 - 00985088 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
2014-05-28 08:14 - 2014-05-14 01:40 - 00716616 _____ () C:\Users\\AppData\Local\Google\Chrome\Application\35.0.1916.114\libglesv2.dll
2014-05-28 08:14 - 2014-05-14 01:40 - 00126280 _____ () C:\Users\\AppData\Local\Google\Chrome\Application\35.0.1916.114\libegl.dll
2014-05-28 08:14 - 2014-05-14 01:40 - 04217672 _____ () C:\Users\\AppData\Local\Google\Chrome\Application\35.0.1916.114\pdf.dll
2014-05-28 08:14 - 2014-05-14 01:40 - 00414536 _____ () C:\Users\\AppData\Local\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll
2014-05-28 08:14 - 2014-05-14 01:40 - 01732424 _____ () C:\Users\\AppData\Local\Google\Chrome\Application\35.0.1916.114\ffmpegsumo.dll
2014-05-28 08:14 - 2014-05-14 01:40 - 13695816 _____ () C:\Users\\AppData\Local\Google\Chrome\Application\35.0.1916.114\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\\Downloads\Bestaetigung_Rechnung_zu_Ihrer_byebye_Reise_21200789.eml:OECustomProperty
AlternateDataStreams: C:\Users\\Downloads\nachricht (1).eml:OECustomProperty
AlternateDataStreams: C:\Users\\Downloads\nachricht.eml:OECustomProperty

==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/31/2014 08:01:20 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst konnte nicht heruntergefahren werden. Aufgetretener Fehler: System.InvalidOperationException: UpdatePendingStatus kann nur während der Verarbeitung von Befehlen zum Starten, Beenden, Anhalten und Fortsetzen aufgerufen werden.
   bei System.ServiceProcess.ServiceBase.RequestAdditionalTime(Int32 milliseconds)
   bei BlueStacks.hyperDroid.Service.Service.CleanupHelperProcess(Process proc, String name)
   bei BlueStacks.hyperDroid.Service.Service.OnStop()
   bei BlueStacks.hyperDroid.Service.Service.OnShutdown()
   bei System.ServiceProcess.ServiceBase.DeferredShutdown()

Error: (05/31/2014 08:01:11 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Re-markit155.exe, Version: 1.155.0.0, Zeitstempel: 0x530db243
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18409, Zeitstempel: 0x53159a86
Ausnahmecode: 0xe06d7363
Fehleroffset: 0x0000c42d
ID des fehlerhaften Prozesses: 0xf28
Startzeit der fehlerhaften Anwendung: 0xRe-markit155.exe0
Pfad der fehlerhaften Anwendung: Re-markit155.exe1
Pfad des fehlerhaften Moduls: Re-markit155.exe2
Berichtskennung: Re-markit155.exe3

Error: (05/30/2014 00:39:14 PM) (Source: Iminent) (EventID: 0) (User: )
Description: Unexpected exception.

System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.NullReferenceException: Der Objektverweis wurde nicht auf eine Objektinstanz festgelegt.
   bei Iminent.Mediator.Server.ApplicationService.<>c__DisplayClassa.<WarmUp>b__9(Composite composite)
   --- Ende der internen Ausnahmestapelüberwachung ---
   bei System.RuntimeMethodHandle.InvokeMethod(Object target, Object[] arguments, Signature sig, Boolean constructor)
   bei System.Reflection.RuntimeMethodInfo.UnsafeInvokeInternal(Object obj, Object[] parameters, Object[] arguments)
   bei System.Delegate.DynamicInvokeImpl(Object[] args)
   bei System.Windows.Threading.ExceptionWrapper.InternalRealCall(Delegate callback, Object args, Int32 numArgs)
   bei MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(Object source, Delegate method, Object args, Int32 numArgs, Delegate catchHandler)

Error: (05/30/2014 01:04:15 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Re-markit155.exe, Version: 1.155.0.0, Zeitstempel: 0x530db243
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18409, Zeitstempel: 0x53159a86
Ausnahmecode: 0xe06d7363
Fehleroffset: 0x0000c42d
ID des fehlerhaften Prozesses: 0x8a4
Startzeit der fehlerhaften Anwendung: 0xRe-markit155.exe0
Pfad der fehlerhaften Anwendung: Re-markit155.exe1
Pfad des fehlerhaften Moduls: Re-markit155.exe2
Berichtskennung: Re-markit155.exe3

Error: (05/29/2014 09:24:43 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Explorer.EXE, Version 6.1.7601.17567 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: bdc

Startzeit: 01cf7b2654df9e89

Endzeit: 142

Anwendungspfad: C:\Windows\Explorer.EXE

Berichts-ID: c652360f-e766-11e3-b952-1c6f6549ce08

Error: (05/29/2014 03:00:37 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Re-markit155.exe, Version: 1.155.0.0, Zeitstempel: 0x530db243
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18409, Zeitstempel: 0x53159a86
Ausnahmecode: 0xe06d7363
Fehleroffset: 0x0000c42d
ID des fehlerhaften Prozesses: 0x894
Startzeit der fehlerhaften Anwendung: 0xRe-markit155.exe0
Pfad der fehlerhaften Anwendung: Re-markit155.exe1
Pfad des fehlerhaften Moduls: Re-markit155.exe2
Berichtskennung: Re-markit155.exe3

Error: (05/27/2014 09:59:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Re-markit155.exe, Version: 1.155.0.0, Zeitstempel: 0x530db243
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18409, Zeitstempel: 0x53159a86
Ausnahmecode: 0xe06d7363
Fehleroffset: 0x0000c42d
ID des fehlerhaften Prozesses: 0x81c
Startzeit der fehlerhaften Anwendung: 0xRe-markit155.exe0
Pfad der fehlerhaften Anwendung: Re-markit155.exe1
Pfad des fehlerhaften Moduls: Re-markit155.exe2
Berichtskennung: Re-markit155.exe3

Error: (05/26/2014 09:25:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Re-markit155.exe, Version: 1.155.0.0, Zeitstempel: 0x530db243
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18409, Zeitstempel: 0x53159a86
Ausnahmecode: 0xe06d7363
Fehleroffset: 0x0000c42d
ID des fehlerhaften Prozesses: 0x864
Startzeit der fehlerhaften Anwendung: 0xRe-markit155.exe0
Pfad der fehlerhaften Anwendung: Re-markit155.exe1
Pfad des fehlerhaften Moduls: Re-markit155.exe2
Berichtskennung: Re-markit155.exe3

Error: (05/25/2014 09:17:55 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst konnte nicht heruntergefahren werden. Aufgetretener Fehler: System.InvalidOperationException: UpdatePendingStatus kann nur während der Verarbeitung von Befehlen zum Starten, Beenden, Anhalten und Fortsetzen aufgerufen werden.
   bei System.ServiceProcess.ServiceBase.RequestAdditionalTime(Int32 milliseconds)
   bei BlueStacks.hyperDroid.Service.Service.OnStop()
   bei BlueStacks.hyperDroid.Service.Service.OnShutdown()
   bei System.ServiceProcess.ServiceBase.DeferredShutdown()

Error: (05/25/2014 09:17:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Re-markit155.exe, Version: 1.155.0.0, Zeitstempel: 0x530db243
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18409, Zeitstempel: 0x53159a86
Ausnahmecode: 0xe06d7363
Fehleroffset: 0x0000c42d
ID des fehlerhaften Prozesses: 0x83c
Startzeit der fehlerhaften Anwendung: 0xRe-markit155.exe0
Pfad der fehlerhaften Anwendung: Re-markit155.exe1
Pfad des fehlerhaften Moduls: Re-markit155.exe2
Berichtskennung: Re-markit155.exe3


System errors:
=============
Error: (05/31/2014 06:55:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (05/31/2014 06:55:43 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.

Error: (05/31/2014 01:37:41 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F48FC5B2-094A-44C7-B48C-289738C9582D}

Error: (05/31/2014 08:01:13 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Re-markit" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/31/2014 08:01:05 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Internet Explorer 11 für Windows 7 für x64-basierte Systeme

Error: (05/31/2014 07:27:08 AM) (Source: Server) (EventID: 2505) (User: )
Description: Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht \Device\NetBT_Tcpip_{2A1A7AD7-DF00-40FC-9333-1E858D256B18} vom Serverdienst nicht gebunden werden. Der Serverdienst konnte nicht gestartet werden.

Error: (05/31/2014 03:03:40 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Internet Explorer 11 für Windows 7 für x64-basierte Systeme

Error: (05/31/2014 03:00:29 AM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0

Error: (05/30/2014 00:52:11 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F48FC5B2-094A-44C7-B48C-289738C9582D}

Error: (05/30/2014 00:38:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Norton Internet Security" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053


Microsoft Office Sessions:
=========================
Error: (05/31/2014 08:01:20 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst konnte nicht heruntergefahren werden. Aufgetretener Fehler: System.InvalidOperationException: UpdatePendingStatus kann nur während der Verarbeitung von Befehlen zum Starten, Beenden, Anhalten und Fortsetzen aufgerufen werden.
   bei System.ServiceProcess.ServiceBase.RequestAdditionalTime(Int32 milliseconds)
   bei BlueStacks.hyperDroid.Service.Service.CleanupHelperProcess(Process proc, String name)
   bei BlueStacks.hyperDroid.Service.Service.OnStop()
   bei BlueStacks.hyperDroid.Service.Service.OnShutdown()
   bei System.ServiceProcess.ServiceBase.DeferredShutdown()

Error: (05/31/2014 08:01:11 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Re-markit155.exe1.155.0.0530db243KERNELBASE.dll6.1.7601.1840953159a86e06d73630000c42df2801cf7bf37a4253e5C:\Program Files (x86)\Re-markit-soft\Re-markit155.exeC:\Windows\syswow64\KERNELBASE.dllf6f536a7-e888-11e3-9d00-1c6f6549ce08

Error: (05/30/2014 00:39:14 PM) (Source: Iminent) (EventID: 0) (User: )
Description: Unexpected exception.

System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.NullReferenceException: Der Objektverweis wurde nicht auf eine Objektinstanz festgelegt.
   bei Iminent.Mediator.Server.ApplicationService.<>c__DisplayClassa.<WarmUp>b__9(Composite composite)
   --- Ende der internen Ausnahmestapelüberwachung ---
   bei System.RuntimeMethodHandle.InvokeMethod(Object target, Object[] arguments, Signature sig, Boolean constructor)
   bei System.Reflection.RuntimeMethodInfo.UnsafeInvokeInternal(Object obj, Object[] parameters, Object[] arguments)
   bei System.Delegate.DynamicInvokeImpl(Object[] args)
   bei System.Windows.Threading.ExceptionWrapper.InternalRealCall(Delegate callback, Object args, Int32 numArgs)
   bei MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(Object source, Delegate method, Object args, Int32 numArgs, Delegate catchHandler)

Error: (05/30/2014 01:04:15 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Re-markit155.exe1.155.0.0530db243KERNELBASE.dll6.1.7601.1840953159a86e06d73630000c42d8a401cf7b2651844dc6C:\Program Files (x86)\Re-markit-soft\Re-markit155.exeC:\Windows\syswow64\KERNELBASE.dll8db42bc3-e785-11e3-b952-1c6f6549ce08

Error: (05/29/2014 09:24:43 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Explorer.EXE6.1.7601.17567bdc01cf7b2654df9e89142C:\Windows\Explorer.EXEc652360f-e766-11e3-b952-1c6f6549ce08

Error: (05/29/2014 03:00:37 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Re-markit155.exe1.155.0.0530db243KERNELBASE.dll6.1.7601.1840953159a86e06d73630000c42d89401cf7a63585a967bC:\Program Files (x86)\Re-markit-soft\Re-markit155.exeC:\Windows\syswow64\KERNELBASE.dlla4e53e31-e6cc-11e3-b8fd-1c6f6549ce08

Error: (05/27/2014 09:59:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Re-markit155.exe1.155.0.0530db243KERNELBASE.dll6.1.7601.1840953159a86e06d73630000c42d81c01cf799b0a1f0c71C:\Program Files (x86)\Re-markit-soft\Re-markit155.exeC:\Windows\syswow64\KERNELBASE.dll661f4893-e5d9-11e3-b36f-1c6f6549ce08

Error: (05/26/2014 09:25:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Re-markit155.exe1.155.0.0530db243KERNELBASE.dll6.1.7601.1840953159a86e06d73630000c42d86401cf78e6a8b756c4C:\Program Files (x86)\Re-markit-soft\Re-markit155.exeC:\Windows\syswow64\KERNELBASE.dll7f5aa995-e50b-11e3-a4d9-1c6f6549ce08

Error: (05/25/2014 09:17:55 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst konnte nicht heruntergefahren werden. Aufgetretener Fehler: System.InvalidOperationException: UpdatePendingStatus kann nur während der Verarbeitung von Befehlen zum Starten, Beenden, Anhalten und Fortsetzen aufgerufen werden.
   bei System.ServiceProcess.ServiceBase.RequestAdditionalTime(Int32 milliseconds)
   bei BlueStacks.hyperDroid.Service.Service.OnStop()
   bei BlueStacks.hyperDroid.Service.Service.OnShutdown()
   bei System.ServiceProcess.ServiceBase.DeferredShutdown()

Error: (05/25/2014 09:17:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Re-markit155.exe1.155.0.0530db243KERNELBASE.dll6.1.7601.1840953159a86e06d73630000c42d83c01cf77e7a66b93feC:\Program Files (x86)\Re-markit-soft\Re-markit155.exeC:\Windows\syswow64\KERNELBASE.dll41f967c5-e441-11e3-9d94-1c6f6549ce08


==================== Memory info =========================== 

Percentage of memory in use: 74%
Total physical RAM: 3959.48 MB
Available physical RAM: 995.35 MB
Total Pagefile: 7917.15 MB
Available Pagefile: 3216.21 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:727.71 GB) (Free:467.25 GB) NTFS
Drive d: (Volume) (Fixed) (Total:195.31 GB) (Free:195.22 GB) NTFS
Drive e: (Recovery) (Fixed) (Total:8 GB) (Free:2.57 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 30B6D843)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=728 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=195 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=8 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         

Alt 02.06.2014, 14:40   #9
M-K-D-B
/// TB-Ausbilder
 
WINDOWS 7 kommen ständig PopUps usw... - Standard

WINDOWS 7 kommen ständig PopUps usw...



Logdatei von AdwCleaner fehlt noch, bitte nachreichen.
__________________
Grüße aus Bayern
M-K-D-B

______________________________________

Das Trojaner-Board unterstützen

Alt 02.06.2014, 22:23   #10
Jackson11
 
WINDOWS 7 kommen ständig PopUps usw... - Standard

WINDOWS 7 kommen ständig PopUps usw...



[CODE]# AdwCleaner v3.211 - Bericht erstellt am 01/06/2014 um 21:36:52
# Aktualisiert 26/05/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : - -PC
# Gestartet von : C:\Users\\Desktop\adwcleaner_3.211.exe
# Option : Löschen

***** [ Dienste ] *****

[#] Dienst Gelöscht : dealplylive
[#] Dienst Gelöscht : dealplylivem
[#] Dienst Gelöscht : IBUpdaterService
Dienst Gelöscht : IePluginService
Dienst Gelöscht : Re-markit
Dienst Gelöscht : SProtection
Dienst Gelöscht : WajamUpdaterV3
Dienst Gelöscht : Web Assistant
Dienst Gelöscht : winzipersvc
Dienst Gelöscht : Wpm

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\Ask
Ordner Gelöscht : C:\ProgramData\Babylon
[!] Ordner Gelöscht : C:\ProgramData\DealPlyLive
Ordner Gelöscht : C:\ProgramData\IBUpdaterService
Ordner Gelöscht : C:\ProgramData\IePluginService
Ordner Gelöscht : C:\ProgramData\Iminent
Ordner Gelöscht : C:\ProgramData\Tarma Installer
Ordner Gelöscht : C:\ProgramData\WPM
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Iminent
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PriceGong
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZipper
Ordner Gelöscht : C:\Program Files (x86)\appbario8
Ordner Gelöscht : C:\Program Files (x86)\Conduit
[!] Ordner Gelöscht : C:\Program Files (x86)\DealPlyLive
Ordner Gelöscht : C:\Program Files (x86)\Delta
Ordner Gelöscht : C:\Program Files (x86)\Feven Pro 1.2
Ordner Gelöscht : C:\Program Files (x86)\Iminent
Ordner Gelöscht : C:\Program Files (x86)\Mobogenie
Ordner Gelöscht : C:\Program Files (x86)\Optimizer Pro
Ordner Gelöscht : C:\Program Files (x86)\Perion
Ordner Gelöscht : C:\Program Files (x86)\Re-markit-soft
Ordner Gelöscht : C:\Program Files (x86)\Search Results Toolbar
Ordner Gelöscht : C:\Program Files (x86)\Skillbrains
Ordner Gelöscht : C:\Program Files (x86)\SpecialSavings
Ordner Gelöscht : C:\Program Files (x86)\SupTab
Ordner Gelöscht : C:\Program Files (x86)\Uniblue
Ordner Gelöscht : C:\Program Files (x86)\vGrabber-software
Ordner Gelöscht : C:\Program Files (x86)\Wajam
Ordner Gelöscht : C:\Program Files (x86)\WinZipper
Ordner Gelöscht : C:\Program Files (x86)\HQ-Video-Profession-1.3
Ordner Gelöscht : C:\Program Files (x86)\DVDVideoSoftTB_DE
Ordner Gelöscht : C:\Program Files (x86)\Common Files\Plasmoo
Ordner Gelöscht : C:\Program Files (x86)\Common Files\Umbrella
Ordner Gelöscht : C:\Windows\SysWOW64\ARFC
Ordner Gelöscht : C:\Windows\SysWOW64\jmdp
Ordner Gelöscht : C:\Windows\SysWOW64\SearchProtect
Ordner Gelöscht : C:\Windows\SysWOW64\WNLT
Ordner Gelöscht : C:\Program Files\Web Assistant
Ordner Gelöscht : C:\Windows\System32\ARFC
Ordner Gelöscht : C:\Windows\System32\ljkb
Ordner Gelöscht : C:\Users\Elvira\AppData\LocalLow\appbario8
Ordner Gelöscht : C:\Users\Elvira\AppData\LocalLow\bbrs_002.tb
Ordner Gelöscht : C:\Users\Elvira\AppData\LocalLow\Conduit
Ordner Gelöscht : C:\Users\Elvira\AppData\LocalLow\incredibar.com
Ordner Gelöscht : C:\Users\Elvira\AppData\LocalLow\PriceGong
Ordner Gelöscht : C:\Users\Elvira\AppData\LocalLow\DVDVideoSoftTB_DE
Ordner Gelöscht : C:\Users\Elvira\AppData\Roaming\Iminent
Ordner Gelöscht : C:\Users\\AppData\Local\Conduit
Ordner Gelöscht : C:\Users\\AppData\Local\DealPlyLive
Ordner Gelöscht : C:\Users\\AppData\Local\genienext
Ordner Gelöscht : C:\Users\\AppData\Local\iLivid
Ordner Gelöscht : C:\Users\\AppData\Local\Mobogenie
Ordner Gelöscht : C:\Users\\AppData\Local\Skillbrains
Ordner Gelöscht : C:\Users\\AppData\Local\Wajam
Ordner Gelöscht : C:\Users\\AppData\Local\Yandex
Ordner Gelöscht : C:\Users\\AppData\LocalLow\appbario8
Ordner Gelöscht : C:\Users\\AppData\LocalLow\bbrs_002.tb
Ordner Gelöscht : C:\Users\\AppData\LocalLow\Conduit
Ordner Gelöscht : C:\Users\\AppData\LocalLow\DataMngr
Ordner Gelöscht : C:\Users\\AppData\LocalLow\Delta
Ordner Gelöscht : C:\Users\\AppData\LocalLow\incredibar.com
Ordner Gelöscht : C:\Users\\AppData\LocalLow\PriceGong
Ordner Gelöscht : C:\Users\\AppData\LocalLow\DVDVideoSoftTB_DE
Ordner Gelöscht : C:\Users\\AppData\Roaming\awesomehp
Ordner Gelöscht : C:\Users\\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\\AppData\Roaming\BrowserCompanion
Ordner Gelöscht : C:\Users\\AppData\Roaming\DealPly
Ordner Gelöscht : C:\Users\\AppData\Roaming\Delta
Ordner Gelöscht : C:\Users\\AppData\Roaming\dvdvideosoftiehelpers
Ordner Gelöscht : C:\Users\\AppData\Roaming\Iminent
Ordner Gelöscht : C:\Users\\AppData\Roaming\newnext.me
Ordner Gelöscht : C:\Users\\AppData\Roaming\OpenCandy
Ordner Gelöscht : C:\Users\\AppData\Roaming\SupTab
Ordner Gelöscht : C:\Users\\AppData\Roaming\Uniblue
Ordner Gelöscht : C:\Users\\AppData\Roaming\VOPackage
Ordner Gelöscht : C:\Users\\AppData\Roaming\WinZipper
Ordner Gelöscht : C:\Users\\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly
Ordner Gelöscht : C:\Users\\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie
Ordner Gelöscht : C:\Users\\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpecialSavings
Ordner Gelöscht : C:\Users\\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Video downloader
Ordner Gelöscht : C:\Users\\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam
Ordner Gelöscht : C:\Users\\Documents\Mobogenie
Ordner Gelöscht : C:\Users\\Documents\Optimizer Pro
Ordner Gelöscht : C:\Users\Jürgen\AppData\Local\Skillbrains
Ordner Gelöscht : C:\Users\Jürgen\AppData\LocalLow\appbario8
Ordner Gelöscht : C:\Users\Jürgen\AppData\LocalLow\bbrs_002.tb
Ordner Gelöscht : C:\Users\Jürgen\AppData\LocalLow\Conduit
Ordner Gelöscht : C:\Users\Jürgen\AppData\LocalLow\Delta
Ordner Gelöscht : C:\Users\Jürgen\AppData\LocalLow\DVDVideoSoftTB_DE
Ordner Gelöscht : C:\Users\Jürgen\AppData\Roaming\Iminent
Ordner Gelöscht : C:\Users\Martina\AppData\LocalLow\appbario8
Ordner Gelöscht : C:\Users\Martina\AppData\LocalLow\bbrs_002.tb
Ordner Gelöscht : C:\Users\Martina\AppData\LocalLow\Conduit
Ordner Gelöscht : C:\Users\Martina\AppData\LocalLow\incredibar.com
Ordner Gelöscht : C:\Users\Martina\AppData\LocalLow\PriceGong
Ordner Gelöscht : C:\Users\Martina\AppData\LocalLow\DVDVideoSoftTB_DE
Ordner Gelöscht : C:\Users\Martina\AppData\Roaming\Iminent
Ordner Gelöscht : C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\ConduitCommon
Ordner Gelöscht : C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\Smartbar
Ordner Gelöscht : C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\ValueApps
Ordner Gelöscht : C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\CT2625848
Ordner Gelöscht : C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\CT3197087
Ordner Gelöscht : C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\CT3227982
Ordner Gelöscht : C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\Extensions\{8A9386B4-E958-4C4C-ADF4-8F26DB3E4829}
Ordner Gelöscht : C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\Extensions\{e53a26f5-7199-4a5b-86f5-d2e86854b979}
Ordner Gelöscht : C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\Extensions\bbrs_002@blabbers.com
Ordner Gelöscht : C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\Extensions\engine@plasmoo.com
Ordner Gelöscht : C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\Extensions\ffxtlbr@delta.com
Ordner Gelöscht : C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\Extensions\ffxtlbr@incredibar.com
Ordner Gelöscht : C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\Extensions\specialsavings@superfish.com
Ordner Gelöscht : C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\kkmo767h.default\Extensions\e49d3f99-7c89-4eb4-99f3-ff903e2189b2@5288754a-7a48-41a0-a10f-e98c9ac12040.com
Ordner Gelöscht : C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\kkmo767h.default\Extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com
Ordner Gelöscht : C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\Extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}
Ordner Gelöscht : C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\Extensions\{09152f0b-739c-4dec-a245-1aa8a37594f1}
Ordner Gelöscht : C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\Extensions\{0cc09160-108c-4759-bab1-5c12c216e005}
Ordner Gelöscht : C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhphemoobgnikcoofkgackkaimpfmenm
Ordner Gelöscht : C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhphemoobgnikcoofkgackkaimpfmenm
Ordner Gelöscht : C:\Users\Elvira\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok
Ordner Gelöscht : C:\Users\Elvira\AppData\Local\Google\Chrome\User Data\Default\Extensions\bodddioamolcibagionmmobehnbhiakf
Ordner Gelöscht : C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcpfhaghaadpjpgocojgnlhjcieeooel
Ordner Gelöscht : C:\Users\Elvira\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Ordner Gelöscht : C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Ordner Gelöscht : C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejnmnhkgiphcaeefbaooconkceehicfi
Ordner Gelöscht : C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
Ordner Gelöscht : C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
Ordner Gelöscht : C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
Ordner Gelöscht : C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl
Ordner Gelöscht : C:\Users\Elvira\AppData\Local\Google\Chrome\User Data\Default\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg
Ordner Gelöscht : C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg
Ordner Gelöscht : C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg
Ordner Gelöscht : C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
Ordner Gelöscht : C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
Ordner Gelöscht : C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\lndipknmjijnalnkamonmljeaojdbpna
Ordner Gelöscht : C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp
Ordner Gelöscht : C:\Users\Elvira\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Ordner Gelöscht : C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Ordner Gelöscht : C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Ordner Gelöscht : C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Ordner Gelöscht : C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogfjmhfnldnajmfaofeiaepghjenbgjo
Ordner Gelöscht : C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogfjmhfnldnajmfaofeiaepghjenbgjo
Ordner Gelöscht : C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogfjmhfnldnajmfaofeiaepghjenbgjo
Ordner Gelöscht : C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcjbopemebdnolilndkpjfmhakccapkh
[!] Ordner Gelöscht : C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\lndipknmjijnalnkamonmljeaojdbpna
Ordner Gelöscht : C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\bblnhhgpgomleanhbppdnkpofhjijgdp
Ordner Gelöscht : C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bblnhhgpgomleanhbppdnkpofhjijgdp
Ordner Gelöscht : C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\caloheeledhajihipjihanmihhegodlc
Ordner Gelöscht : C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\caloheeledhajihipjihanmihhegodlc
[!] Ordner Gelöscht : C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\bblnhhgpgomleanhbppdnkpofhjijgdp
[!] Ordner Gelöscht : C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bblnhhgpgomleanhbppdnkpofhjijgdp
[!] Ordner Gelöscht : C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\bblnhhgpgomleanhbppdnkpofhjijgdp
[!] Ordner Gelöscht : C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bblnhhgpgomleanhbppdnkpofhjijgdp
[!] Ordner Gelöscht : C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\bblnhhgpgomleanhbppdnkpofhjijgdp
[!] Ordner Gelöscht : C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bblnhhgpgomleanhbppdnkpofhjijgdp
[!] Ordner Gelöscht : C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\bblnhhgpgomleanhbppdnkpofhjijgdp
[!] Ordner Gelöscht : C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bblnhhgpgomleanhbppdnkpofhjijgdp
[!] Ordner Gelöscht : C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhphemoobgnikcoofkgackkaimpfmenm
[!] Ordner Gelöscht : C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhphemoobgnikcoofkgackkaimpfmenm
[!] Ordner Gelöscht : C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhphemoobgnikcoofkgackkaimpfmenm
[!] Ordner Gelöscht : C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhphemoobgnikcoofkgackkaimpfmenm
[!] Ordner Gelöscht : C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhphemoobgnikcoofkgackkaimpfmenm
[!] Ordner Gelöscht : C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhphemoobgnikcoofkgackkaimpfmenm
[!] Ordner Gelöscht : C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhphemoobgnikcoofkgackkaimpfmenm
[!] Ordner Gelöscht : C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhphemoobgnikcoofkgackkaimpfmenm
[!] Ordner Gelöscht : C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\caloheeledhajihipjihanmihhegodlc
[!] Ordner Gelöscht : C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\caloheeledhajihipjihanmihhegodlc
[!] Ordner Gelöscht : C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\caloheeledhajihipjihanmihhegodlc
[!] Ordner Gelöscht : C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\caloheeledhajihipjihanmihhegodlc
[!] Ordner Gelöscht : C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\caloheeledhajihipjihanmihhegodlc
[!] Ordner Gelöscht : C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\caloheeledhajihipjihanmihhegodlc
[!] Ordner Gelöscht : C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\caloheeledhajihipjihanmihhegodlc
[!] Ordner Gelöscht : C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\caloheeledhajihipjihanmihhegodlc
[!] Ordner Gelöscht : C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhphemoobgnikcoofkgackkaimpfmenm
[!] Ordner Gelöscht : C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhphemoobgnikcoofkgackkaimpfmenm
Datei Gelöscht : C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\Extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\Extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}
Datei Gelöscht : C:\Users\Elvira\AppData\Roaming\Mozilla\Firefox\Profiles\2aglban5.default\Extensions\webbooster@iminent.com.xpi
Datei Gelöscht : C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\kkmo767h.default\Extensions\webbooster@iminent.com.xpi
Datei Gelöscht : C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\mzwqgr73.default\Extensions\webbooster@iminent.com.xpi
Datei Gelöscht : C:\Users\Public\Desktop\Get The Best Facebook Chat Messenger.lnk
Datei Gelöscht : C:\Users\Public\Desktop\speedupmypc.lnk
Datei Gelöscht : C:\Windows\System32\dmwu.exe
Datei Gelöscht : C:\Windows\System32\ImhxxpComm.dll
Datei Gelöscht : C:\Users\Elvira\daemonprocess.txt
Datei Gelöscht : C:\Users\Elvira\AppData\LocalLow\SkwConfig.bin
Datei Gelöscht : C:\Users\\daemonprocess.txt
Datei Gelöscht : C:\Users\\AppData\LocalLow\SkwConfig.bin
Datei Gelöscht : C:\Users\\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iLivid.lnk
Datei Gelöscht : C:\Users\\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tbhcn.lnk
Datei Gelöscht : C:\Users\\Desktop\Configure VO Package.lnk
Datei Gelöscht : C:\Users\\Desktop\iLivid.lnk
Datei Gelöscht : C:\Users\\Desktop\Mobogenie.lnk
Datei Gelöscht : C:\Users\\Desktop\Play Free Games.lnk
Datei Gelöscht : C:\Users\Jürgen\daemonprocess.txt
Datei Gelöscht : C:\Users\Jürgen\AppData\LocalLow\SkwConfig.bin
Datei Gelöscht : C:\Users\Martina\daemonprocess.txt
Datei Gelöscht : C:\Users\Martina\AppData\LocalLow\SkwConfig.bin
Datei Gelöscht : C:\Users\Elvira\AppData\Roaming\Mozilla\Firefox\Profiles\2aglban5.default\bprotector_extensions.sqlite
Datei Gelöscht : C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\bprotector_extensions.sqlite
Datei Gelöscht : C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\kkmo767h.default\bprotector_extensions.sqlite
Datei Gelöscht : C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\mzwqgr73.default\bprotector_extensions.sqlite
Datei Gelöscht : C:\Users\Elvira\AppData\Roaming\Mozilla\Firefox\Profiles\2aglban5.default\bprotector_prefs.js
Datei Gelöscht : C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\bprotector_prefs.js
Datei Gelöscht : C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\kkmo767h.default\bprotector_prefs.js
Datei Gelöscht : C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\mzwqgr73.default\bprotector_prefs.js
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\defaults\pref\all-iminent.js
Datei Gelöscht : C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\invalidprefs.js
Datei Gelöscht : C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\searchplugins\Babylon.xml
Datei Gelöscht : C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\searchplugins\bProtect.xml
Datei Gelöscht : C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\searchplugins\Conduit.xml
Datei Gelöscht : C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\searchplugins\conduit-search.xml
Datei Gelöscht : C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\kkmo767h.default\searchplugins\conduit-search.xml
Datei Gelöscht : C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\searchplugins\delta.xml
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\delta-homes.xml
Datei Gelöscht : C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\searchplugins\dvdvideosofttb-de-customized-web-search.xml
Datei Gelöscht : C:\Users\Elvira\AppData\Roaming\Mozilla\Firefox\Profiles\2aglban5.default\searchplugins\MyStart Search.xml
Datei Gelöscht : C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\searchplugins\MyStart Search.xml
Datei Gelöscht : C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\kkmo767h.default\searchplugins\MyStart Search.xml
Datei Gelöscht : C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\mzwqgr73.default\searchplugins\MyStart Search.xml
Datei Gelöscht : C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\searchplugins\Plusnetwork.xml
Datei Gelöscht : C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\searchplugins\Search_Results.xml
Datei Gelöscht : C:\Users\Elvira\AppData\Roaming\Mozilla\Firefox\Profiles\2aglban5.default\searchplugins\Web Search.xml
Datei Gelöscht : C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\searchplugins\Web Search.xml
Datei Gelöscht : C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\kkmo767h.default\searchplugins\Web Search.xml
Datei Gelöscht : C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\mzwqgr73.default\searchplugins\Web Search.xml
Datei Gelöscht : C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\user.js
Datei Gelöscht : C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data
Datei Gelöscht : C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences
Datei Gelöscht : C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\ep.crx
Datei Gelöscht : C:\Users\Elvira\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage
Datei Gelöscht : C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage
Datei Gelöscht : C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage
Datei Gelöscht : C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage
Datei Gelöscht : C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage-journal
Datei Gelöscht : C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_apps.conduit.com_0.localstorage
Datei Gelöscht : C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_apps.conduit.com_0.localstorage
Datei Gelöscht : C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_apps.conduit.com_0.localstorage-journal
Datei Gelöscht : C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_apps.conduit.com_0.localstorage-journal
Datei Gelöscht : C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_facebook.conduitapps.com_0.localstorage
Datei Gelöscht : C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_facebook.conduitapps.com_0.localstorage
Datei Gelöscht : C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_facebook.conduitapps.com_0.localstorage-journal
Datei Gelöscht : C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_facebook.conduitapps.com_0.localstorage-journal
Datei Gelöscht : C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_fbtemplate.conduitapps.com_0.localstorage
Datei Gelöscht : C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_fbtemplate.conduitapps.com_0.localstorage-journal
Datei Gelöscht : C:\Users\\AppData\Local\Google\Chrome\user data\default\local storage\hxxp_pricegong.conduitapps.com_0.localstorage
Datei Gelöscht : C:\Users\Jürgen\AppData\Local\Google\Chrome\user data\default\local storage\hxxp_pricegong.conduitapps.com_0.localstorage
Datei Gelöscht : C:\Users\\AppData\Local\Google\Chrome\user data\default\local storage\hxxp_pricegong.conduitapps.com_0.localstorage-journal
Datei Gelöscht : C:\Users\Jürgen\AppData\Local\Google\Chrome\user data\default\local storage\hxxp_pricegong.conduitapps.com_0.localstorage-journal
Datei Gelöscht : C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_sb.scorecardresearch.com_0.localstorage
Datei Gelöscht : C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_sb.scorecardresearch.com_0.localstorage-journal
Datei Gelöscht : C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.conduit.com_0.localstorage
Datei Gelöscht : C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.conduit.com_0.localstorage-journal
Datei Gelöscht : C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.iminent.com_0.localstorage
Datei Gelöscht : C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.iminent.com_0.localstorage-journal
Datei Gelöscht : C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_storage.conduit.com_0.localstorage
Datei Gelöscht : C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_storage.conduit.com_0.localstorage
Datei Gelöscht : C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_storage.conduit.com_0.localstorage-journal
Datei Gelöscht : C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_storage.conduit.com_0.localstorage-journal
Datei Gelöscht : C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.delta-search.com_0.localstorage
Datei Gelöscht : C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.delta-search.com_0.localstorage-journal
Datei Gelöscht : C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.softonic.de_0.localstorage
Datei Gelöscht : C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.softonic.de_0.localstorage-journal
Datei Gelöscht : C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_sb.scorecardresearch.com_0.localstorage
Datei Gelöscht : C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_sb.scorecardresearch.com_0.localstorage-journal
Datei Gelöscht : C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineCore.job
Datei Gelöscht : C:\Windows\Tasks\Re-markit Update.job
Datei Gelöscht : C:\Windows\Tasks\Re-markit_wd.job
Datei Gelöscht : C:\Windows\Tasks\update-sys.job
Datei Gelöscht : C:\Windows\System32\Tasks\update-sys
Datei Gelöscht : C:\Windows\Tasks\Feven Pro 1.2-chromeinstaller.job
Datei Gelöscht : C:\Windows\Tasks\HQ-Video-Profession-1.3-chromeinstaller.job
Datei Gelöscht : C:\Windows\Tasks\HQ-Video-Profession-1.3-codedownloader.job
Datei Gelöscht : C:\Windows\Tasks\HQ-Video-Profession-1.3-enabler.job
Datei Gelöscht : C:\Windows\Tasks\HQ-Video-Profession-1.3-firefoxinstaller.job
Datei Gelöscht : C:\Windows\Tasks\HQ-Video-Profession-1.3-updater.job

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}]
Wert Gelöscht : [x64] HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}]
Wert Gelöscht : HKCU\Software\Mozilla\Firefox\Extensions [{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}]
Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{ACAA314B-EEBA-48E4-AD47-84E31C44796C}]
Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{FE1DEEEA-DB6D-44B8-83F0-34FC0F9D1052}]
Wert Gelöscht : [x64] HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{FE1DEEEA-DB6D-44B8-83F0-34FC0F9D1052}]
Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [lightningnewtab@gmail.com]
Wert Gelöscht : HKCU\Software\Mozilla\Firefox\Extensions [specialsavings@superfish.com]
Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [webbooster@iminent.com]
Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\bhphemoobgnikcoofkgackkaimpfmenm
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\bhphemoobgnikcoofkgackkaimpfmenm
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\bodddioamolcibagionmmobehnbhiakf
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\fgfdfcbeamjnjdejakdidpniblllnbpg
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\ogfjmhfnldnajmfaofeiaepghjenbgjo
Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\bblnhhgpgomleanhbppdnkpofhjijgdp
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\bblnhhgpgomleanhbppdnkpofhjijgdp
Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\caloheeledhajihipjihanmihhegodlc
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\caloheeledhajihipjihanmihhegodlc
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [NextLive]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\BrowserConnection.dll
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\dealplylive.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\Extension.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\Iminent.WebBooster.InternetExplorer.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\priam_bho.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\PriceGongIE.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\tdataprotocol.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\updatebho.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\wit4ie.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Applications\ilividsetup.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\dealplyliveupdate.coreclass
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoreClass.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.OnDemandCOMClassSvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\dealplyliveupdate.ondemandcomclasssvc.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.Update3COMClassService
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.Update3COMClassService.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\dealplyliveupdate.update3websvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\dealplyliveupdate.update3websvc.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\delta.deltaappCore
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\delta.deltaappCore.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\driverscanner
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\escort.escortIEPane
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\esrv.IncredibarESrvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\esrv.IncredibarESrvc.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\I
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iLividIEHelper.DNSGuard
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iLividIEHelper.DNSGuard.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.DownloadArgs
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.LinkToPromoteArgs
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.RawDataArgs
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.TinyUrlArgs
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.ViralLinkArgs
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ClientCallback
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ContractBase
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.AddToUserContentCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.CheckLoginStatusCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.CleanCacheCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GameOverCallback
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetCreditCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetInstallationContextCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetLoginStatusCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetLoginStatusResult
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetVariableCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetVariableResult
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.InstallationContextResult
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoadContentCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoadContentCommandResult
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoginCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoginStatusChangedCallback
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LogoutCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.MergeIdentityCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.MyAccountCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.PlayContentCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.PostContentCallback
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.RecycleViewsCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.SetVariableCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.ShowBrowserWindowCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.ShowControlCenterCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.ShowPluginWindowCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.TestContentCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.UserContentChangedCallback
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.VariableChangedCallback
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.WarmUpCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.WelcomeCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ServerCommand
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ServerResult
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.LightContent
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.LightUri
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.MediatorServiceProxy
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IminentWebBooster.BrowserHelperObject
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IminentWebBooster.BrowserHelperObject.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IminentWebBooster.ScriptExtender
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IminentWebBooster.ScriptExtender.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IncredibarApp.appCore
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IncredibarApp.appCore.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\base64
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\chrome
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\prox
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\speedupmypc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\updatebho.TimerBHO
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\updatebho.TimerBHO.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\wajam.WajamBHO
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\wajam.WajamBHO.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\wajam.WajamDownloader
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\wajam.WajamDownloader.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\biclient_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\biclient_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\iLivid_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\iLivid_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\iLividMediaBar_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\iLividMediaBar_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetup_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetup_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1 (1)_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1 (1)_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\LatestDLMgr_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\LatestDLMgr_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Mobogenie_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Mobogenie_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\optimizerpro_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\optimizerpro_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\optprostart_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\optprostart_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Savings Sidekick_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Savings Sidekick_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SupTab_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SupTab_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\wajam_download_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\wajam_download_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\wpm_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\wpm_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Mobogenie.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Iminent]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [IminentMessenger]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater
Schlüssel Gelöscht : HKCU\Software\53eded1b068ef42
Schlüssel Gelöscht : HKLM\SOFTWARE\53eded1b068ef42
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2625848
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT3197087
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT3227982
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_minecraft (1)_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_minecraft (1)_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_minecraft_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_minecraft_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{01994268-3C10-4044-A1EA-7A9C1B739A11}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{20EDC024-43C5-423E-B7F5-FD93523E0D9F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{373ED12D-B306-43AC-9485-A7C5133DC34C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{80FABB17-63AF-4655-9F07-B6509EE37AF2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{835315FC-1BF6-4CA9-80CD-F6C158D40692}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{CFE8AAFD-A0F3-4329-84E9-6B679EC93EC2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{ED6535E7-F778-48A5-A060-549D30024511}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{F48FC5B2-094A-44C7-B48C-289738C9582D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00CBB66B-1D3B-46D3-9577-323A336ACB50}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{01A602A0-D0B9-445B-8081-719E4177C4A7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02C9C7B0-C7C8-4AAC-A9E4-55295BF60F8F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{0398B101-6DA7-473F-A290-17D2FBC88CC0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{0CC36196-8589-4B80-A771-D659411D7F90}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{143D96F9-EB64-48B3-B192-91C2C41A1F43}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{14F7D91F-F669-45C9-9F42-BACBFDB86EAD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1631550F-191D-4826-B069-D9439253D926}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{187A6488-6E71-4A2A-B118-7BEFBFE58257}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{261DD098-8A3E-43D4-87AA-63324FA897D8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{2D065204-A024-4C39-8A38-EE7078EC7ACF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{30F5476C-677B-4DB0-B397-51F5BFD86840}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3223F2FB-D9B9-45FC-9D66-CD717FFA4EE5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{336D0C35-8A85-403A-B9D2-65C292C39087}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{351798B1-C1D2-45AB-92B4-4D6C2D6AB5AF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3AEA1BEF-6195-46F4-ACA2-0ED14F7EFA1B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3D7F9AC3-BAC3-4E51-81D7-D121D79E550A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4498C5E9-93C6-4142-B6BE-F0C6DC48B77A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{479BF2D6-E362-4A99-B1AB-BC764D7B97AE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{492A108F-51D0-4BD8-899D-AD4AB2893064}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4B6D6E60-FBD2-4E79-BF4B-886BC98F1797}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4FCB4630-2A1C-4AA1-B422-345E8DC8A6DE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5ACE96C0-C70A-4A4D-AF14-2E7B869345E1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5C176BA0-6FC0-4EBD-8ACF-24AC592506B6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5D64294B-1341-4FE7-B6D8-7C36828D4DD5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{60893E02-2E5B-43F9-A93A-BAD60C2DF6EF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6D39931F-451E-4BDD-BAF4-37FB96DBBA5D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{76C684D2-C35D-4284-976A-D862F53ADB81}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{796D822A-C3F9-4A97-BAAB-42FE7628EA63}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{79EF3691-EC1A-4705-A01A-D2E36EC11758}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{80FABB17-63AF-4655-9F07-B6509EE37AF2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{82F41418-8E64-47EB-A7F1-4702A974D289}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{85D920CE-63A7-46DC-8992-41D1D2E07FAD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{86838207-681D-469D-9511-D0DCC6F19F9B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{895ED5E8-ABB4-40C3-A0CA-2571964268E2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{8AAC123A-1959-4A45-BFC5-E2D50783098A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{963B125B-8B21-49A2-A3A8-E37092276531}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{9CF699CA-2174-4ED8-BEC1-BA82095EDCE0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{9FF9AE6F-4553-41A7-B645-B0E88850EABF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A07956CD-81F8-4A03-B524-5D87E690DC83}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A69A551A-1AAE-4B67-8C2E-52F8B8A19504}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{B5E3B26B-6E5C-4865-A63D-58D04B10E245}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{B84D2DC5-42B2-4E5E-BF61-7B48152FF8EF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{B89D5309-0367-4494-A92F-3D4C94F88307}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C01315C7-B4E2-4864-B43D-5FAFC414D179}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C014EBF8-8854-448B-B5A4-557C4090EDCE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C1545464-C77C-4130-A572-1C619E2895FE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C1ED9DA0-AFD0-4B90-AC6A-D3874F591014}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C31191DB-2F64-464C-B97C-6AC81ACB7AAC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C342C7A7-F622-4EF3-8B7F-ABB9FBE73F14}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C4765B07-BC2F-477B-925C-B2BF24887823}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C875C0A1-09E3-48D5-9F8E-BD337796FD14}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CA5D945F-E738-4D0B-A0B5-25AC51C64659}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CD126DA6-FF5B-4181-AC13-54A62240D2FA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CE4DB5A3-58E6-41F1-8761-47238DF4F468}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D2A2595C-4FE4-4315-AA9B-19DBD6271B71}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{DD438708-AAB4-422D-A322-B619589F5680}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E812AE43-7799-4E67-8CF8-4104297A2D16}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E97A663B-81A6-49C5-A6D3-BCB05BA1DE26}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{ED0E67AD-926C-4008-87E5-03CF72AA2A7E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EF7FEC6D-451B-4452-9D26-7E10C6B5DB6E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F0BAAEC7-9AE0-49FF-9C4B-86E774FF397F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F34C9277-6577-4DFF-B2D7-7D58092F272F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F48FC5B2-094A-44C7-B48C-289738C9582D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F7698761-4ABA-45C2-A5BB-D2163922C725}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F92193FD-2243-4401-9ACC-49FF30885898}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F9639E4A-801B-4843-AEE3-03D9DA199E77}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FD21B8A2-910B-45AC-9C10-45E6A8B84984}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{0CC09160-108C-4759-BAB1-5C12C216E005}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{457EF9F0-0A7C-4302-B47B-C207A8DE8598}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110511151178}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220522152278}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220522162282}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{817923CB-4744-4216-B250-CF7EDA8F1767}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9F0C17EB-EF2C-4278-9136-2D547656BC03}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555155578}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555165582}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566156678}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566166682}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{095BFD3C-4602-4FE1-96F1-AEFAFBFD067D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{0C58B7D1-D415-492B-A149-E976156BD3B8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{4599D05A-D545-4069-BB42-5895B4EAE05B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{48C9C8B0-A546-46C1-A81F-47A31E623E9D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{75E8DA27-44AF-40AE-927C-F2EEC99D65B1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{955B782E-CDC8-4CEE-B6F6-AD7D541A8D8A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{A9CAF365-EA35-45DA-BD8B-2EFA09D374AC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{CFE8AAFD-A0F3-4329-84E9-6B679EC93EC2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{E1EF512D-604D-4776-AF11-410704DA1911}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440544164482}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00CBB66B-1D3B-46D3-9577-323A336ACB50}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1631550F-191D-4826-B069-D9439253D926}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403A-B9D2-65C292C39087}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{963B125B-8B21-49A2-A3A8-E37092276531}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9CF699CA-2174-4ED8-BEC1-BA82095EDCE0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1ED9DA0-AFD0-4B90-AC6A-D3874F591014}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F34C9277-6577-4DFF-B2D7-7D58092F272F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0CC09160-108C-4759-BAB1-5C12C216E005}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511151178}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{963B125B-8B21-49A2-A3A8-E37092276531}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0CC09160-108C-4759-BAB1-5C12C216E005}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{963B125B-8B21-49A2-A3A8-E37092276531}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0CC09160-108C-4759-BAB1-5C12C216E005}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{457EF9F0-0A7C-4302-B47B-C207A8DE8598}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{A69A551A-1AAE-4B67-8C2E-52F8B8A19504}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0AF350D9-3916-454B-AC53-0B0B65F41301}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{74C36554-31F0-49DD-8857-ED6A64DF45BE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F34C9277-6577-4DFF-B2D7-7D58092F272F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c8365884-4204-4353-af57-6d42134dc0a9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ca292ec2-fcf4-4d84-ba84-62a8e6663eae}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{004d3b8b-3cdb-4f66-a71c-f6fc1e9cb498}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6a4a589b-1a81-4d4e-af10-72ab28606e40}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5D51B446-DDA0-4DBA-86FD-64B36677FAAE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E31104E1-42D1-442C-AF67-A3E5F95EA5A8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C6972986-7080-469E-8680-ED434E967859}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1BE7E5A9-8C24-4827-A523-08A6FFCB559E}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{4327FABE-3C22-4689-8DBF-D226CF777FE9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4B71-B0A3-3D82E62A6909}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{82E1477C-B154-48D3-9891-33D83C26BCD3}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{F34C9277-6577-4DFF-B2D7-7D58092F272F}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{F9639E4A-801B-4843-AEE3-03D9DA199E77}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{0CC09160-108C-4759-BAB1-5C12C216E005}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{0CC09160-108C-4759-BAB1-5C12C216E005}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{0CC09160-108C-4759-BAB1-5C12C216E005}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{5C176BA0-6FC0-4EBD-8ACF-24AC592506B6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{9FF9AE6F-4553-41A7-B645-B0E88850EABF}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{CE4DB5A3-58E6-41F1-8761-47238DF4F468}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220522152278}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220522162282}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110511161182}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{817923CB-4744-4216-B250-CF7EDA8F1767}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9F0C17EB-EF2C-4278-9136-2D547656BC03}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555155578}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555165582}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566156678}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566166682}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511161182}
Wert Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c8365884-4204-4353-af57-6d42134dc0a9}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ca292ec2-fcf4-4d84-ba84-62a8e6663eae}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{004d3b8b-3cdb-4f66-a71c-f6fc1e9cb498}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6a4a589b-1a81-4d4e-af10-72ab28606e40}
Schlüssel Gelöscht : HKCU\Software\Blabbers
Schlüssel Gelöscht : HKCU\Software\Blabbers
Schlüssel Gelöscht : HKCU\Software\Conduit
[#] Schlüssel Gelöscht : HKCU\Software\DataMngr_Toolbar
Schlüssel Gelöscht : HKCU\Software\DealPly
Schlüssel Gelöscht : HKCU\Software\DealPlyLive
Schlüssel Gelöscht : HKCU\Software\Delta
Schlüssel Gelöscht : HKCU\Software\filescout
Schlüssel Gelöscht : HKCU\Software\ilivid
Schlüssel Gelöscht : HKCU\Software\IM
Schlüssel Gelöscht : HKCU\Software\Iminent
Schlüssel Gelöscht : HKCU\Software\ImInstaller
Schlüssel Gelöscht : HKCU\Software\incredibar.com
Schlüssel Gelöscht : HKCU\Software\SkillBrains
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\Wajam
Schlüssel Gelöscht : HKCU\Software\WNLT
Schlüssel Gelöscht : HKCU\Software\DVDVideoSoftTB_DE
Schlüssel Gelöscht : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Toolbar
Schlüssel Gelöscht : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Schlüssel Gelöscht : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Schlüssel Gelöscht : HKLM\Software\awesomehpSoftware
Schlüssel Gelöscht : HKLM\Software\Babylon
Schlüssel Gelöscht : HKLM\Software\BrowserCompanion
Schlüssel Gelöscht : HKLM\Software\Conduit
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\Software\DealPly
Schlüssel Gelöscht : HKLM\Software\DealPlyLive
Schlüssel Gelöscht : HKLM\Software\Delta
Schlüssel Gelöscht : HKLM\Software\hdcode
Schlüssel Gelöscht : HKLM\Software\IePlugin
Schlüssel Gelöscht : HKLM\Software\iLividSRTB
Schlüssel Gelöscht : HKLM\Software\Iminent
Schlüssel Gelöscht : HKLM\Software\incredibar.com
Schlüssel Gelöscht : HKLM\Software\SkillBrains
Schlüssel Gelöscht : HKLM\Software\SupTab
Schlüssel Gelöscht : HKLM\Software\supWPM
Schlüssel Gelöscht : HKLM\Software\Umbrella
Schlüssel Gelöscht : HKLM\Software\Uniblue
Schlüssel Gelöscht : HKLM\Software\V9
Schlüssel Gelöscht : HKLM\Software\Wajam
Schlüssel Gelöscht : HKLM\Software\Web Assistant
Schlüssel Gelöscht : HKLM\Software\winzipersvc
Schlüssel Gelöscht : HKLM\Software\Wpm
Schlüssel Gelöscht : HKLM\Software\Feven Pro 1.2
Schlüssel Gelöscht : HKLM\Software\HQ-Video-Profession-1.3
Schlüssel Gelöscht : HKLM\Software\appbario8
Schlüssel Gelöscht : HKLM\Software\DVDVideoSoftTB_DE
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\DealPly
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{118D6CE9-5F18-42F9-958A-14676A629FDE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{177586E7-E42E-4F38-83D1-D15B4AF5B714}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E55B3271-7CA8-4D0C-AE06-69A24856E996}_is1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BrowserCompanion
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DealPly
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IePlugins
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ilivid
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\incredibar
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Mobogenie
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PriceGong
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SpecialSavings
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SupTab
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Video downloader
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Wajam
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\winzipper
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WNLT
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Feven Pro 1.2
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\HQ-Video-Profession-1.3
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\appbario8 Toolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DVDVideoSoftTB_DE Toolbar
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Iminent
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Web Assistant
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\WNLT
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Features\9EC6D81181F59F2459A84176A626F9ED
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Products\9EC6D81181F59F2459A84176A626F9ED

***** [ Browser ] *****

-\\ Internet Explorer v9.0.8112.16545

Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default]

-\\ Mozilla Firefox v28.0 (de)

[ Datei : C:\Users\Elvira\AppData\Roaming\Mozilla\Firefox\Profiles\2aglban5.default\prefs.js ]

Zeile gelöscht : user_pref("browser.newtab.url", "hxxp://www.delta-search.com/?affID=119556&babsrc=HP_ss&mntrId=88084d330000000000001c6f6549ce08");
Zeile gelöscht : user_pref("browser.search.order.1", "Delta Search");
Zeile gelöscht : user_pref("extensions.crossrider.bic", "13a60586a8e18ea3b6ca6b22dfcc4382");
Zeile gelöscht : user_pref("extensions.enabledAddons", "%7Bf34c9277-6577-4dff-b2d7-7d58092f272f%7D:1.0.0.12,%7BFE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052%7D:2.0.0.573,webbooster%40iminent.com:6.25.4.2,%7BACAA314B-EEBA-48e4-[...]
Zeile gelöscht : user_pref("{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}.ScriptData_WSG_blackList", "form=CONTLB|babsrc=toolbar|babsrc=tb_ss|invocationType=tb50-ie-aolsoftonic-tbsbox-en-us|invocationType=tb50-ff-aolsoftonic[...]
Zeile gelöscht : user_pref("{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}.ScriptData_WSG_temp_referer", "hxxp://us.yhs4.search.yahoo.com/yhs/search?fr=altavista&itag=ody&q=hxxp://us.yhs4.search.yahoo.com/yhs/search?fr=altavi[...]
Zeile gelöscht : user_pref("{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}.ScriptData_WSG_whiteList", "{\"search.babylon.com\":\"q\",\"search.imesh.net\":\"q\",\"www.search-results.com\":\"q\",\"home.mywebsearch.com\":\"searc[...]
Zeile gelöscht : user_pref("iminent.searchindex", "0");
Zeile gelöscht : user_pref("iminent.newtabredirect", "true");

[ Datei : C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\prefs.js ]

Zeile gelöscht : user_pref("CT2625848.1000082.isPlayDisplay", "true");
Zeile gelöscht : user_pref("CT2625848.1000082.state", "{\"state\":\"stopped\",\"text\":\"Radio 8\",\"description\":\"Radio 8\",\"url\":\"hxxp://stream.radio8.de:8000/live.m3u\"}");
Zeile gelöscht : user_pref("CT2625848.1000234.TWC_TMP_city", "SULZBACH");
Zeile gelöscht : user_pref("CT2625848.1000234.TWC_TMP_country", "DE");
Zeile gelöscht : user_pref("CT2625848.1000234.TWC_country", "GERMANY");
Zeile gelöscht : user_pref("CT2625848.1000234.TWC_locId", "GMTH1656");
Zeile gelöscht : user_pref("CT2625848.1000234.TWC_location", "Sulzbach, Germany");
Zeile gelöscht : user_pref("CT2625848.1000234.TWC_region", "DE");
Zeile gelöscht : user_pref("CT2625848.1000234.TWC_temp_dis", "c");
Zeile gelöscht : user_pref("CT2625848.1000234.TWC_wind_dis", "kmh");
Zeile gelöscht : user_pref("CT2625848.1000234.weatherData", "{\"icon\":\"32.png\",\"temperature\":\"14°C\",\"temperatureClear\":\"14°C\",\"highTemperature\":\"22°C\",\"lowTemperature\":\"11°C\",\"feelsLike\ ":\"14Â[...]
Zeile gelöscht : user_pref("CT2625848.2625848a129894023611240511000000paramsGK1.enc", "eyJ1cGRhdGVSZXFUaW1lIjoxMzY4NTk2ODg3MDMzLCJ1cGRhdGVSZXNwVGltZSI6MTM2ODU5Njg4Nzg2MCwiZGF0YSI6eyJzZXR0aW5ncyI6eyJpY29uIjoiaHR0cDovL3[...]
Zeile gelöscht : user_pref("CT2625848.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Zeile gelöscht : user_pref("CT2625848.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");
Zeile gelöscht : user_pref("CT2625848.FirstTime", "true");
Zeile gelöscht : user_pref("CT2625848.FirstTimeFF3", "true");
Zeile gelöscht : user_pref("CT2625848.PG_ENABLE", "ZmFsc2U=");
Zeile gelöscht : user_pref("CT2625848.PG_ENABLE.enc", "ZmFsc2U=");
Zeile gelöscht : user_pref("CT2625848.RestartDialogFirstTime", "false");
Zeile gelöscht : user_pref("CT2625848.RestartDialogShouldDisplay", "false");
Zeile gelöscht : user_pref("CT2625848.SF_JUST_INSTALLED.enc", "RkFMU0U=");
Zeile gelöscht : user_pref("CT2625848.SF_STATUS.enc", "RU5BQkxFRA==");
Zeile gelöscht : user_pref("CT2625848.SF_USER_ID.enc", "Y2lkXzE1NTIwMTM3NDg1NDUxNTE1NDg=");
Zeile gelöscht : user_pref("CT2625848.UserID", "UN02686192033944701");
Zeile gelöscht : user_pref("CT2625848.addressBarTakeOverEnabledInHidden", "true");
Zeile gelöscht : user_pref("CT2625848.countryCode", "DE");
Zeile gelöscht : user_pref("CT2625848.enableAlerts", "never");
Zeile gelöscht : user_pref("CT2625848.enableFix404ByUser", "TRUE");
Zeile gelöscht : user_pref("CT2625848.firstTimeDialogOpened", "true");
Zeile gelöscht : user_pref("CT2625848.fixPageNotFoundErrorByUser", "TRUE");
Zeile gelöscht : user_pref("CT2625848.fixPageNotFoundErrorInHidden", "true");
Zeile gelöscht : user_pref("CT2625848.fixUrls", true);
Zeile gelöscht : user_pref("CT2625848.fullUserID", "UN02686192033944701.UP.20130626010622");
Zeile gelöscht : user_pref("CT2625848.installType", "Unknown");
Zeile gelöscht : user_pref("CT2625848.isCheckedStartAsHidden", true);
Zeile gelöscht : user_pref("CT2625848.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Zeile gelöscht : user_pref("CT2625848.isFirstTimeToolbarLoading", "false");
Zeile gelöscht : user_pref("CT2625848.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Zeile gelöscht : user_pref("CT2625848.isWelcomPage", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Zeile gelöscht : user_pref("CT2625848.lastNewTabSettings", "{\"isEnabled\":false,\"newTabUrl\":\"hxxp://search.conduit.com/?gd=&ctid=CT2625848&octid=CT2625848&ISID=ISID_ID&SearchSource=15&CUI=UN02686192033944701&Lay=1[...]
Zeile gelöscht : user_pref("CT2625848.lastVersion", "10.29.0.520");
Zeile gelöscht : user_pref("CT2625848.mam_gk_appStateReportTime.enc", "MTM2ODU5Njg5NDQ0Ng==");
Zeile gelöscht : user_pref("CT2625848.mam_gk_appState_CouponBuddy.enc", "b24=");
Zeile gelöscht : user_pref("CT2625848.mam_gk_appState_Easytobook.enc", "b24=");
Zeile gelöscht : user_pref("CT2625848.mam_gk_appState_Easytobook_targeted.enc", "b24=");
Zeile gelöscht : user_pref("CT2625848.mam_gk_appState_PriceGong.enc", "b24=");
Zeile gelöscht : user_pref("CT2625848.mam_gk_appState_WindowShopper.enc", "b24=");
Zeile gelöscht : user_pref("CT2625848.mam_gk_appsData.enc", "eyJhcHBzIjpbeyJpZCI6IlByaWNlR29uZyIsInVybCI6Imh0dHA6Ly9wcmljZWdvbmcuY29uZHVpdGFwcHMuY29tL01BTS92MS9odG1sX2NvbXAuaHRtbCIsIm9wdGlvbnNEaWFsb2ciOnsiZGlzc GxheU5h[...]
Zeile gelöscht : user_pref("CT2625848.mam_gk_appsDefaultEnabled.enc", "bnVsbA==");
Zeile gelöscht : user_pref("CT2625848.mam_gk_configuration.enc", "eyJjb25maWd1cmF0aW9uIjpbeyJpZCI6IkVhc3l0b2Jvb2tfdGFyZ2V0ZWQiLCJjcml0ZXJpYXMiOlt7ImNyaXRlcmlhSWQiOiIxM2RhYWE2YS02NzYwLTQ0NDAtOTJhMy1hYmEwNzliNzI4ZjAiL CJ[...]
Zeile gelöscht : user_pref("CT2625848.mam_gk_currentVersion.enc", "MS40LjQuNg==");
Zeile gelöscht : user_pref("CT2625848.mam_gk_eventsCache.enc", "eyJiMjBmMTFlMS00NWU0LTQ5OWItODE4Yi0zYzQxZjdiNDk1NzgiOnsidG9waWMiOiJzZW5kVXNhZ2UiLCJkYXRhIjp7ImNhdGVnb3J5IjoiV2VsY29tZSIsImFjdGlvbiI6IlZpZXcifSwidW5pc XVlS[...]
Zeile gelöscht : user_pref("CT2625848.mam_gk_first_time.enc", "MQ==");
Zeile gelöscht : user_pref("CT2625848.mam_gk_gadgetOpen.enc", "MA==");
Zeile gelöscht : user_pref("CT2625848.mam_gk_installer_preapproved.enc", "RkFMU0U=");
Zeile gelöscht : user_pref("CT2625848.mam_gk_lastLoginTime.enc", "MTM2ODU5Njg5MDQxNw==");
Zeile gelöscht : user_pref("CT2625848.mam_gk_localization.enc", "eyJnYWRnZXRDb250ZW50UG9saWN5Ijp7IlRleHQiOiJDb250ZW50LVJpY2h0bGluaWUifSwiZ2FkZ2V0RGVzY3JpcHRpb25QcmltYXJ5Ijp7IlRleHQiOiJWYWx1ZSBBcHBzIGJlcmVpY2hlcnQgS Why[...]
Zeile gelöscht : user_pref("CT2625848.mam_gk_pgUnloadedOnce.enc", "dHJ1ZQ==");
Zeile gelöscht : user_pref("CT2625848.mam_gk_settings1.4.4.6.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVydmFsIjoyNDAsInN0YW1wIjoiNjFfLTEiLCJpc1Rlc3QiOmZhbHNlLCJpc1dlbGNvbWVFeHBlcmllbmNlRW5hYmxlZEJ5RGVmY XVsd[...]
Zeile gelöscht : user_pref("CT2625848.mam_gk_showCloseButton.enc", "dHJ1ZQ==");
Zeile gelöscht : user_pref("CT2625848.mam_gk_showWelcomeGadget.enc", "ZmFsc2U=");
Zeile gelöscht : user_pref("CT2625848.mam_gk_userId.enc", "MWVkNmRmMTUtMDZjNi00MTYyLWJmY2ItYTJiNmYyNDM3YjE1");
Zeile gelöscht : user_pref("CT2625848.migrateAppsAndComponents", true);
Zeile gelöscht : user_pref("CT2625848.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"hxxp%3A%2F%2Fwww.xvideos.com%2Fvideo6676%2Fmature_milf_gets_her_ass_and_cunt_fucked\",\"EB_MAIN_FRAM E_TIT[...]
Zeile gelöscht : user_pref("CT2625848.newSettings", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Zeile gelöscht : user_pref("CT2625848.performedDomainChangesMigration", "true");
Zeile gelöscht : user_pref("CT2625848.revertSettingsEnabled", "false");
Zeile gelöscht : user_pref("CT2625848.search.searchAppId", "129181467799155027");
Zeile gelöscht : user_pref("CT2625848.search.searchCount", "0");
Zeile gelöscht : user_pref("CT2625848.searchInNewTabEnabledByUser", "false");
Zeile gelöscht : user_pref("CT2625848.searchInNewTabEnabledInHidden", "true");
Zeile gelöscht : user_pref("CT2625848.searchSuggestEnabledByUser", "false");
Zeile gelöscht : user_pref("CT2625848.searchUserMode", "1");
Zeile gelöscht : user_pref("CT2625848.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Zeile gelöscht : user_pref("CT2625848.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Zeile gelöscht : user_pref("CT2625848.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}");
Zeile gelöscht : user_pref("CT2625848.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT2625848\"}");
Zeile gelöscht : user_pref("CT2625848.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://DVDVideoSoftTBDE.OurToolbar.com//xpi\"}");
Zeile gelöscht : user_pref("CT2625848.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"DVDVideoSoftTB DE \"}");
Zeile gelöscht : user_pref("CT2625848.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
Zeile gelöscht : user_pref("CT2625848.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data\":\"2\"}");
Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_Configuration_lastUpdate", "1397547032802");
Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1368597502372");
Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_appsMetadata_lastUpdate", "1368597386469");
Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1368597500420");
Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_location_lastUpdate", "1372030631554");
Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_login_10.15.2.523_lastUpdate", "1368612152673");
Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_login_10.16.2.509_lastUpdate", "1372062429813");
Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_login_10.16.4.519_lastUpdate", "1374642766214");
Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_login_10.16.70.505_lastUpdate", "1377827620733");
Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_login_10.19.2.505_lastUpdate", "1378794993089");
Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_login_10.20.0.513_lastUpdate", "1379017439258");
Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_login_10.20.1.508_lastUpdate", "1380953341118");
Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_login_10.21.1.507_lastUpdate", "1384424711649");
Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_login_10.22.3.518_lastUpdate", "1385061098037");
Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_login_10.22.5.510_lastUpdate", "1386921011745");
Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_login_10.23.0.822_lastUpdate", "1396509172731");
Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_login_10.29.0.520_lastUpdate", "1397547030728");
Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1368597500457");
Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_searchAPI_lastUpdate", "1397547031844");
Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_serviceMap_lastUpdate", "1397547031567");
Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_toolbarContextMenu_lastUpdate", "1368597500370");
Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_toolbarSettings_lastUpdate", "1397547031585");
Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_translation_lastUpdate", "1397547031493");
Zeile gelöscht : user_pref("CT2625848.settingsINI", true);
Zeile gelöscht : user_pref("CT2625848.showToolbarPermission", "false");
Zeile gelöscht : user_pref("CT2625848.smartbar.CTID", "CT2625848");
Zeile gelöscht : user_pref("CT2625848.smartbar.Uninstall", "0");
Zeile gelöscht : user_pref("CT2625848.smartbar.isHidden", true);
Zeile gelöscht : user_pref("CT2625848.smartbar.toolbarName", "DVDVideoSoftTB DE ");
Zeile gelöscht : user_pref("CT2625848.toolbarBornServerTime", "15-5-2013");
Zeile gelöscht : user_pref("CT2625848.toolbarCurrentServerTime", "15-4-2014");
Zeile gelöscht : user_pref("CT2625848.toolbarLoginClientTime", "Wed May 15 2013 07:48:00 GMT+0200");
Zeile gelöscht : user_pref("CT2625848.url_history0001.enc", "aHR0cDovL3d3dy5peHh4LmNvbS9zZWFyY2gvP3E9RGV1dHNjaCZycz0yJmxpZD0yJnA9Nzo6OmNsaWNraGFuZGxlcjo6OjEzNjg1OTc2NDY5Nzk=");
Zeile gelöscht : user_pref("CT2625848_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1397547008640,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
Zeile gelöscht : user_pref("CommunityToolbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT3227982&SearchSource=13,hxxp://search.conduit.com/?ctid=CT3227982&SearchSource=13,hxxp://search.conduit.com/?ctid=[...]
Zeile gelöscht : user_pref("CommunityToolbar.ConduitSearchList", "appbario8 Customized Web Search,appbario8 Customized Web Search,appbario8 Customized Web Search,appbario8 Customized Web Search");
Zeile gelöscht : user_pref("browser.search.defaultthis.engineName", "appbario8 Customized Web Search");
Zeile gelöscht : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3227982&SearchSource=3&q={searchTerms}");
Zeile gelöscht : user_pref("browser.search.order.1", "Delta Search");
Zeile gelöscht : user_pref("extensions.delta.admin", false);
Zeile gelöscht : user_pref("extensions.delta.aflt", "babsst");
Zeile gelöscht : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Zeile gelöscht : user_pref("extensions.delta.autoRvrt", "false");
Zeile gelöscht : user_pref("extensions.delta.dfltLng", "en");
Zeile gelöscht : user_pref("extensions.delta.excTlbr", false);
Zeile gelöscht : user_pref("extensions.delta.id", "88084d330000000000001c6f6549ce08");
Zeile gelöscht : user_pref("extensions.delta.instlDay", "15748");
Zeile gelöscht : user_pref("extensions.delta.instlRef", "sst");
Zeile gelöscht : user_pref("extensions.delta.newTab", false);
Zeile gelöscht : user_pref("extensions.delta.prdct", "delta");
Zeile gelöscht : user_pref("extensions.delta.prtnrId", "delta");
Zeile gelöscht : user_pref("extensions.delta.rvrt", "false");
Zeile gelöscht : user_pref("extensions.delta.smplGrp", "none");
Zeile gelöscht : user_pref("extensions.delta.tlbrId", "base");
Zeile gelöscht : user_pref("extensions.delta.tlbrSrchUrl", "");
Zeile gelöscht : user_pref("extensions.delta.vrsn", "1.8.10.0");
Zeile gelöscht : user_pref("extensions.delta.vrsnTs", "1.8.10.020:37:09");
Zeile gelöscht : user_pref("extensions.delta.vrsni", "1.8.10.0");
Zeile gelöscht : user_pref("extensions.incredibar_i.aflt", "orgnl");
Zeile gelöscht : user_pref("extensions.incredibar_i.dfltLng", "");
Zeile gelöscht : user_pref("extensions.incredibar_i.did", "10657");
Zeile gelöscht : user_pref("extensions.incredibar_i.excTlbr", false);
Zeile gelöscht : user_pref("extensions.incredibar_i.id", "88084d330000000000001c6f6549ce08");
Zeile gelöscht : user_pref("extensions.incredibar_i.installerproductid", "26");
Zeile gelöscht : user_pref("extensions.incredibar_i.instlDay", "15557");
Zeile gelöscht : user_pref("extensions.incredibar_i.instlRef", "");
Zeile gelöscht : user_pref("extensions.incredibar_i.ms_url_id", "");
Zeile gelöscht : user_pref("extensions.incredibar_i.newTab", false);
Zeile gelöscht : user_pref("extensions.incredibar_i.ppd", "");
Zeile gelöscht : user_pref("extensions.incredibar_i.prdct", "incredibar");
Zeile gelöscht : user_pref("extensions.incredibar_i.productid", "26");
Zeile gelöscht : user_pref("extensions.incredibar_i.prtnrId", "Incredibar");
Zeile gelöscht : user_pref("extensions.incredibar_i.smplGrp", "none");
Zeile gelöscht : user_pref("extensions.incredibar_i.tlbrId", "base");
Zeile gelöscht : user_pref("extensions.incredibar_i.tlbrSrchUrl", "hxxp://mystart.Incredibar.com/?a=6R8BbEiZzb&loc=IB_TB&i=26&search=");
Zeile gelöscht : user_pref("extensions.incredibar_i.upn2", "6R8BbEiZzb");
Zeile gelöscht : user_pref("extensions.incredibar_i.upn2n", "92824830072188233");
Zeile gelöscht : user_pref("extensions.incredibar_i.vrsn", "1.5.11.14");
Zeile gelöscht : user_pref("extensions.incredibar_i.vrsnTs", "1.5.11.1421:47:35");
Zeile gelöscht : user_pref("extensions.incredibar_i.vrsni", "1.5.11.14");
Zeile gelöscht : user_pref("iminent.newtabredirect", "true");
Zeile gelöscht : user_pref("iminent.searchindex", "0");
Zeile gelöscht : user_pref("plugin.state.npconduitfirefoxplugin", 2);
Zeile gelöscht : user_pref("smartbar.machineId", "C+ZTWTECIII4SVZFZN0PU2TMXX6OHC+J7FCARASOYYI4PXDIU1GIM78SRHEYZMFCW9BUNJYASKX592FWY0FH0Q");
Zeile gelöscht : user_pref("valueApps.CT2625848./9B+7E+x305.storedInFile", true);
Zeile gelöscht : user_pref("valueApps.CT2625848./9B+7E,x305.storedInFile", true);
Zeile gelöscht : user_pref("valueApps.CT2625848./9B+7E-x305.storedInFile", true);
Zeile gelöscht : user_pref("valueApps.CT2625848./9B+7E.:2z527.storedInFile", true);
Zeile gelöscht : user_pref("valueApps.CT2625848./9B+7E.x305.storedInFile", true);
Zeile gelöscht : user_pref("valueApps.CT2625848./9B+7E/x305.storedInFile", true);
Zeile gelöscht : user_pref("valueApps.CT2625848./9B+7E06CG5EL8:", "6E6D686B6E706E727171");
Zeile gelöscht : user_pref("valueApps.CT2625848./9B+7E06CG5EL8:.storedInFile", false);
Zeile gelöscht : user_pref("valueApps.CT2625848./9B+7E06CG5EL;8I:K", "247E2D2F226A74736E71747674787777242F4B49474F42357D5D5C3D");
Zeile gelöscht : user_pref("valueApps.CT2625848./9B+7E06CG5EL;8I:K.storedInFile", false);
Zeile gelöscht : user_pref("valueApps.CT2625848./9B+7E0x305.storedInFile", true);
Zeile gelöscht : user_pref("valueApps.CT2625848./9B+7E1x305.storedInFile", true);
Zeile gelöscht : user_pref("valueApps.CT2625848./9B+7E2x305.storedInFile", true);
Zeile gelöscht : user_pref("valueApps.CT2625848./9B+7E3x305.storedInFile", true);
Zeile gelöscht : user_pref("valueApps.CT2625848./9B+7E4x305.storedInFile", true);
Zeile gelöscht : user_pref("valueApps.CT2625848./9B+7E5x305.storedInFile", true);
Zeile gelöscht : user_pref("valueApps.CT2625848./9B+7E6x305.storedInFile", true);
Zeile gelöscht : user_pref("valueApps.CT2625848./9B+7E7x305.storedInFile", true);
Zeile gelöscht : user_pref("valueApps.CT2625848./9B+7E8x305.storedInFile", true);
Zeile gelöscht : user_pref("valueApps.CT2625848./9B+7E9x305.storedInFile", true);
Zeile gelöscht : user_pref("valueApps.CT2625848./9B+7E:x305.storedInFile", true);
Zeile gelöscht : user_pref("valueApps.CT2625848./9B+7E;x305.storedInFile", true);
Zeile gelöscht : user_pref("valueApps.CT2625848./9B+7E<x305.storedInFile", true);
Zeile gelöscht : user_pref("valueApps.CT2625848./9B+7E=x305.storedInFile", true);
Zeile gelöscht : user_pref("valueApps.CT2625848./9B+7E>x305.storedInFile", true);
Zeile gelöscht : user_pref("valueApps.CT2625848./9B+7E?x305.storedInFile", true);
Zeile gelöscht : user_pref("valueApps.CT2625848./9B+7E@x305.storedInFile", true);
Zeile gelöscht : user_pref("valueApps.CT2625848./9B+7EAx305.storedInFile", true);
Zeile gelöscht : user_pref("valueApps.CT2625848./9B+7EBE3G=;D9N9=D", "372C2D326975762E3A3C7B3A39434A494841434B265146492965504656496571734D334B57");
Zeile gelöscht : user_pref("valueApps.CT2625848./9B+7EBE3G=;D9N9=D.storedInFile", false);
Zeile gelöscht : user_pref("valueApps.CT2625848./9B+7EBx305.storedInFile", true);
Zeile gelöscht : user_pref("valueApps.CT2625848./9B+7ECx305.storedInFile", true);
Zeile gelöscht : user_pref("valueApps.CT2625848./9B+7EDx305.storedInFile", true);
Zeile gelöscht : user_pref("valueApps.CT2625848./9B+7Etx305.storedInFile", true);
Zeile gelöscht : user_pref("valueApps.CT2625848./9B-0?3G>D", "6B676D706A706F407A7673727920484A4B7B25235025242A52542A2B25252D2C2E285E2F");
Zeile gelöscht : user_pref("valueApps.CT2625848./9B-0?3G>D.storedInFile", false);
Zeile gelöscht : user_pref("valueApps.CT2625848./9B-0?3G@6:5;", "");
Zeile gelöscht : user_pref("valueApps.CT2625848./9B-0?3G@6:5;.storedInFile", false);
Zeile gelöscht : user_pref("valueApps.CT2625848./9B-0?3GFA7EF", "2B2E2C3D");
Zeile gelöscht : user_pref("valueApps.CT2625848./9B-0?3GFA7EF.storedInFile", false);
Zeile gelöscht : user_pref("valueApps.CT2625848./9B-3=3ECCJA=F>", "247E333D2C452F4135276F292A212C393D44307832332A354448584C3A23282E2E3132333435363B466068576C5E6857705A6C60606B6668563F73796F697861");
Zeile gelöscht : user_pref("valueApps.CT2625848./9B-3=3ECCJA=F>.storedInFile", false);
Zeile gelöscht : user_pref("valueApps.CT2625848./9B/>01=9A6K6<IM;KRIE@PDAWM", "6A696B7273747576");
Zeile gelöscht : user_pref("valueApps.CT2625848./9B/>01=9A6K6<IM;KRIE@PDAWM.storedInFile", false);
Zeile gelöscht : user_pref("valueApps.CT2625848./9B3=>@44I48?", "372C2D3269757633423633414847203E3D474E4D4C45474F2A554A4D2D5858585E4B554E366352564F");
Zeile gelöscht : user_pref("valueApps.CT2625848./9B3=>@44I48?.storedInFile", false);
Zeile gelöscht : user_pref("valueApps.CT2625848./9B5BA==9CJAG", "6E6C716B403E726F7A6F76757B7847784E7878237E");
Zeile gelöscht : user_pref("valueApps.CT2625848./9B5BA==9CJAG.storedInFile", false);
Zeile gelöscht : user_pref("valueApps.CT2625848./9B6B11G4C56B>F;P;ANR@P", "6E6D686B6E706E767278797A72");
Zeile gelöscht : user_pref("valueApps.CT2625848./9B6B11G4C56B>F;P;ANR@P.storedInFile", false);
Zeile gelöscht : user_pref("valueApps.CT2625848./9B90E@.3C;7B=?OFB>>RHIQS", "393F352F3E");
Zeile gelöscht : user_pref("valueApps.CT2625848./9B90E@.3C;7B=?OFB>>RHIQS.storedInFile", false);
Zeile gelöscht : user_pref("valueApps.CT2625848./9B9643G3/9E", "6A");
Zeile gelöscht : user_pref("valueApps.CT2625848./9B9643G3/9E.storedInFile", false);
Zeile gelöscht : user_pref("valueApps.CT2625848./9B;45>:BI9I7IE", "2B2E2C3D");
Zeile gelöscht : user_pref("valueApps.CT2625848./9B;45>:BI9I7IE.storedInFile", false);
Zeile gelöscht : user_pref("valueApps.CT2625848./9B<:222H64<", "393F352F3E");
Zeile gelöscht : user_pref("valueApps.CT2625848./9B<:222H64<.storedInFile", false);
Zeile gelöscht : user_pref("valueApps.CT2625848./9B<:222H64<L8DAJ", "6D70706E7674717977702A787A727A7C757D7B");
Zeile gelöscht : user_pref("valueApps.CT2625848./9B<:222H64<L8DAJ.storedInFile", false);
Zeile gelöscht : user_pref("valueApps.CT2625848./9B=+03EH8H8J?:", "4443");
Zeile gelöscht : user_pref("valueApps.CT2625848./9B=+03EH8H8J?:.storedInFile", false);
Zeile gelöscht : user_pref("valueApps.CT2625848./9B?+E2A52D8", "372C2D326975762E3A3C7B3A39434A494841434B2651464929655046566470727951555E5E52");
Zeile gelöscht : user_pref("valueApps.CT2625848./9B?+E2A52D8.storedInFile", false);
Zeile gelöscht : user_pref("valueApps.CT2625848./9B?B0D:8AJ62<H", "6D");
Zeile gelöscht : user_pref("valueApps.CT2625848./9B?B0D:8AJ62<H.storedInFile", false);
Zeile gelöscht : user_pref("valueApps.CT2625848./9BA@0<0BI6A7GN:6@L?", "6C");
Zeile gelöscht : user_pref("valueApps.CT2625848./9BA@0<0BI6A7GN:6@L?.storedInFile", false);
Zeile gelöscht : user_pref("valueApps.CT2625848.PG_ENABLE", "74727565");
Zeile gelöscht : user_pref("valueApps.CT2625848.PG_ENABLE.storedInFile", false);
Zeile gelöscht : user_pref("valueApps.CT2625848.SF_JUST_INSTALLED", "46414C5345");
Zeile gelöscht : user_pref("valueApps.CT2625848.SF_JUST_INSTALLED.storedInFile", false);
Zeile gelöscht : user_pref("valueApps.CT2625848.SF_STATUS", "454E41424C4544");
Zeile gelöscht : user_pref("valueApps.CT2625848.SF_STATUS.storedInFile", false);
Zeile gelöscht : user_pref("valueApps.CT2625848.SF_USER_ID", "6369645F383432303134323332363231333233313832");
Zeile gelöscht : user_pref("valueApps.CT2625848.SF_USER_ID.storedInFile", false);
Zeile gelöscht : user_pref("valueApps.CT2625848.cbfirsttime", "5475652041707220303820323031342032333A32363A323120474D542B30323030");
Zeile gelöscht : user_pref("valueApps.CT2625848.cbfirsttime.storedInFile", false);
Zeile gelöscht : user_pref("valueApps.CT2625848.mam_gk_appStateReportTime", "31333937353437303431343430");
Zeile gelöscht : user_pref("valueApps.CT2625848.mam_gk_appStateReportTime.storedInFile", false);
Zeile gelöscht : user_pref("valueApps.CT2625848.mam_gk_appState_CouponBuddy", "6F6E");
Zeile gelöscht : user_pref("valueApps.CT2625848.mam_gk_appState_CouponBuddy.storedInFile", false);
Zeile gelöscht : user_pref("valueApps.CT2625848.mam_gk_appState_Easytobook", "6F6E");
Zeile gelöscht : user_pref("valueApps.CT2625848.mam_gk_appState_Easytobook.storedInFile", false);
Zeile gelöscht : user_pref("valueApps.CT2625848.mam_gk_appState_Easytobook_targeted", "6F6E");
Zeile gelöscht : user_pref("valueApps.CT2625848.mam_gk_appState_Easytobook_targeted.storedInFile", false);
Zeile gelöscht : user_pref("valueApps.CT2625848.mam_gk_appState_PriceGong", "6F6E");
Zeile gelöscht : user_pref("valueApps.CT2625848.mam_gk_appState_PriceGong.storedInFile", false);
Zeile gelöscht : user_pref("valueApps.CT2625848.mam_gk_appState_WindowShopper", "6F6E");
Zeile gelöscht : user_pref("valueApps.CT2625848.mam_gk_appState_WindowShopper.storedInFile", false);
Zeile gelöscht : user_pref("valueApps.CT2625848.mam_gk_appsConfig.storedInFile", true);
Zeile gelöscht : user_pref("valueApps.CT2625848.mam_gk_appsDefaultEnabled", "6E756C6C");
Zeile gelöscht : user_pref("valueApps.CT2625848.mam_gk_appsDefaultEnabled.storedInFile", false);
Zeile gelöscht : user_pref("valueApps.CT2625848.mam_gk_calledSetupService", "31");
Zeile gelöscht : user_pref("valueApps.CT2625848.mam_gk_calledSetupService.storedInFile", false);
Zeile gelöscht : user_pref("valueApps.CT2625848.mam_gk_currentVersion", "312E31332E302E3137");
Zeile gelöscht : user_pref("valueApps.CT2625848.mam_gk_currentVersion.storedInFile", false);
Zeile gelöscht : user_pref("valueApps.CT2625848.mam_gk_eventsCache", "7B2262316133643961382D313164642D346633302D386636382D306539393031343165323530223A7B22746F706963223A2273656E645573616765222C2264617461223A7B2263617 46[...]
Zeile gelöscht : user_pref("valueApps.CT2625848.mam_gk_eventsCache.storedInFile", true);
Zeile gelöscht : user_pref("valueApps.CT2625848.mam_gk_existingUsersRecoveryDone", "31");
Zeile gelöscht : user_pref("valueApps.CT2625848.mam_gk_existingUsersRecoveryDone.storedInFile", false);
Zeile gelöscht : user_pref("valueApps.CT2625848.mam_gk_first_time", "31");
Zeile gelöscht : user_pref("valueApps.CT2625848.mam_gk_first_time.storedInFile", false);
Zeile gelöscht : user_pref("valueApps.CT2625848.mam_gk_gadgetOpen", "30");
Zeile gelöscht : user_pref("valueApps.CT2625848.mam_gk_gadgetOpen.storedInFile", false);
Zeile gelöscht : user_pref("valueApps.CT2625848.mam_gk_globalKeysMigratedToLocalStorage", "31");
Zeile gelöscht : user_pref("valueApps.CT2625848.mam_gk_globalKeysMigratedToLocalStorage.storedInFile", false);
Zeile gelöscht : user_pref("valueApps.CT2625848.mam_gk_lastLoginTime", "31333937353437303434313735");
Zeile gelöscht : user_pref("valueApps.CT2625848.mam_gk_lastLoginTime.storedInFile", false);
Zeile gelöscht : user_pref("valueApps.CT2625848.mam_gk_localization.storedInFile", true);
Zeile gelöscht : user_pref("valueApps.CT2625848.mam_gk_mamEnabled", "66616C7365");
Zeile gelöscht : user_pref("valueApps.CT2625848.mam_gk_mamEnabled.storedInFile", false);
Zeile gelöscht : user_pref("valueApps.CT2625848.mam_gk_migrated_from_ls", "31");
Zeile gelöscht : user_pref("valueApps.CT2625848.mam_gk_migrated_from_ls.storedInFile", false);
Zeile gelöscht : user_pref("valueApps.CT2625848.mam_gk_new_welcome_experience", "31");
Zeile gelöscht : user_pref("valueApps.CT2625848.mam_gk_new_welcome_experience.storedInFile", false);
Zeile gelöscht : user_pref("valueApps.CT2625848.mam_gk_settings1.13.0.17.storedInFile", true);
Zeile gelöscht : user_pref("valueApps.CT2625848.mam_gk_showWelcomeGadget", "66616C7365");
Zeile gelöscht : user_pref("valueApps.CT2625848.mam_gk_showWelcomeGadget.storedInFile", false);
Zeile gelöscht : user_pref("valueApps.CT2625848.mam_gk_stamp", "313130325F30");
Zeile gelöscht : user_pref("valueApps.CT2625848.mam_gk_stamp.storedInFile", false);
Zeile gelöscht : user_pref("valueApps.CT2625848.mam_gk_userBornDate", "4E2F41");
Zeile gelöscht : user_pref("valueApps.CT2625848.mam_gk_userBornDate.storedInFile", false);
Zeile gelöscht : user_pref("valueApps.CT2625848.mam_gk_userId", "30356434313931322D333761312D346531342D626531632D323538663664336663663665");
Zeile gelöscht : user_pref("valueApps.CT2625848.mam_gk_userId.storedInFile", false);
Zeile gelöscht : user_pref("valueApps.CT2625848.mam_gk_user_approval_interacted", "31");
Zeile gelöscht : user_pref("valueApps.CT2625848.mam_gk_user_approval_interacted.storedInFile", false);
Zeile gelöscht : user_pref("valueApps.CT2625848.mam_gk_welcomeDialogMode", "31");
Zeile gelöscht : user_pref("valueApps.CT2625848.mam_gk_welcomeDialogMode.storedInFile", false);
Zeile gelöscht : user_pref("valueApps.CT2625848.url_history0001", "68747470733A2F2F7777772E676F6F676C652E636F6D3A3A3A636C69636B68616E646C65723A3A3A313339373136363530393237362C2C2C68747470733A2F2F7777772E676F6F676C652 E[...]
Zeile gelöscht : user_pref("valueApps.CT2625848.url_history0001.storedInFile", true);

[ Datei : C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\kkmo767h.default\prefs.js ]

Zeile gelöscht : user_pref("browser.newtab.url", "hxxp://search.conduit.com/?ctid=CT3318857&octid=EB_ORIGINAL_CTID&SearchSource=69&CUI=&SSPV=&Lay=1&UM=2&UP=SP266CEBB9-47FA-46C0-833E-798853BA4B3B");
Zeile gelöscht : user_pref("browser.search.order.1", "Delta Search");
Zeile gelöscht : user_pref("browser.search.selectedEngine", "Conduit Search");
Zeile gelöscht : user_pref("browser.startup.homepage", "hxxp://search.conduit.com/?ctid=CT3318857&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SP266CEBB9-47FA-46C0-833E-798853BA4B3B&SSPV=");
Zeile gelöscht : user_pref("extensions.crossrider.bic", "13943500d5b398bc238ba7ec5357c64c");
Zeile gelöscht : user_pref("extensions.enabledAddons", "%7Bf34c9277-6577-4dff-b2d7-7d58092f272f%7D:1.0.0.12,%7BFE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052%7D:2.0.0.573,%7BACAA314B-EEBA-48e4-AD47-84E31C44796C%7D:4.3.3.15,%7B2[...]
Zeile gelöscht : user_pref("iminent.webbooster.scripts.minibar.displayFavLinks", "1");
Zeile gelöscht : user_pref("iminent.webbooster.scripts.minibar.LayoutId", "1");
Zeile gelöscht : user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent134", "1374779550282");
Zeile gelöscht : user_pref("iminent.webbooster.scripts.minibar.ROOTEXTENSION", "chrome://iminentwebbooster/content/minibar");
Zeile gelöscht : user_pref("iminent.webbooster.scripts.minibar.Services.BHPCode", "01");
Zeile gelöscht : user_pref("iminent.webbooster.scripts.minibar.Services.DefaultEvent", "000");
Zeile gelöscht : user_pref("iminent.webbooster.scripts.minibar.Services.DefaultWebSite", "000");
Zeile gelöscht : user_pref("iminent.webbooster.scripts.minibar.Services.IminentClientCode", "11");
Zeile gelöscht : user_pref("iminent.webbooster.scripts.minibar.Services.SmartFavCode", "02");
Zeile gelöscht : user_pref("iminent.webbooster.scripts.minibar.ShowThankyouPixel", "0");
Zeile gelöscht : user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_whiteList", "{\"search.babylon.com\":\"q\",\"search.sweetim.com\":\"q\",\"search.imesh.net\":\"q\",\"www.search-results.com\":\"q\",\"h[...]
Zeile gelöscht : user_pref("{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}.ScriptData_WSG_blackList", "form=CONTLB|babsrc=toolbar|babsrc=tb_ss|invocationType=tb50-ie-aolsoftonic-tbsbox-en-us|invocationType=tb50-ff-aolsoftonic[...]
Zeile gelöscht : user_pref("{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}.ScriptData_WSG_whiteList", "{\"search.babylon.com\":\"q\",\"search.imesh.net\":\"q\",\"www.search-results.com\":\"q\",\"home.mywebsearch.com\":\"searc[...]
Zeile gelöscht : user_pref("iminent.searchindex", "0");
Zeile gelöscht : user_pref("iminent.newtabredirect", "true");

[ Datei : C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\mzwqgr73.default\prefs.js ]

Zeile gelöscht : user_pref("browser.newtab.url", "hxxp://www.delta-search.com/?affID=119556&babsrc=HP_ss&mntrId=88084d330000000000001c6f6549ce08");
Zeile gelöscht : user_pref("browser.search.order.1", "Delta Search");
Zeile gelöscht : user_pref("extensions.crossrider.bic", "13923fe9aac488a9f505c896b99a5b88");
Zeile gelöscht : user_pref("keyword.URL", "hxxp://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=0303b1af-65fc-46f7-982c-da10521eeb0f&searchtype=ds&installDate=21/04/2013&q=");
Zeile gelöscht : user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_referrer", "hxxp://search.conduit.com/?ctid=CT3227980&SearchSource=13/|||8641350045933780");
Zeile gelöscht : user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_temp_referer", "hxxp://search.conduit.com/?ctid=CT3227980&SearchSource=13/|#|old_value|||8641356743139572");
Zeile gelöscht : user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_whiteList", "{\"search.babylon.com\":\"q\",\"search.sweetim.com\":\"q\",\"search.imesh.net\":\"q\",\"www.search-results.com\":\"q\",\"h[...]
Zeile gelöscht : user_pref("iminent.searchindex", "0");
Zeile gelöscht : user_pref("iminent.newtabredirect", "true");

-\\ Google Chrome v

[ Datei : C:\Users\Elvira\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gelöscht [Search Provider] : hxxp://www.softonic.de/s/{searchTerms}
Gelöscht [Search Provider] : hxxp://start.iminent.com/?appId=18887124-D7CB-4033-904E-4E76245108C3&ref=toolbox&q={searchTerms}
Gelöscht [Search Provider] : hxxp://search.conduit.com/Results.aspx?q={searchTerms}&SearchSource=49&ctid=CT3197087
Gelöscht [Search Provider] : hxxp://mystart.incredibar.com/mb203?a=6R8E8GD68p&search={searchTerms}
Gelöscht [Search Provider] : hxxp://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=0303b1af-65fc-46f7-982c-da10521eeb0f&searchtype=ds&q={searchTerms}&installDate=21/04/2013
Gelöscht [Search Provider] : hxxp://search.snap.do/?q={searchTerms}&category=Web&publisher=opencandyde&country=us&feedid=infospace&dpid=global&lan=de&start=1
Gelöscht [Search Provider] : hxxp://log.incredibar-search.com/?q={searchTerms}&pr=&spr=2&o=APN10092&gct=sb&u=92824997758840969&a=6R8E8GD68p&i=26&lang=german&cid=1&source=365503619&gc=de
Gelöscht [Startup_urls] : hxxp://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=0303b1af-65fc-46f7-982c-da10521eeb0f&searchtype=hp&installDate=21/04/2013
Gelöscht [Homepage] : hxxp://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=0303b1af-65fc-46f7-982c-da10521eeb0f&searchtype=hp&installDate=21/04/2013
Gelöscht [Extension] : bkomkajifikmkfnjgphkjcfeepbnojok
Gelöscht [Extension] : bodddioamolcibagionmmobehnbhiakf
Gelöscht [Extension] : booedmolknjekdopkepjjeckmjkdpfgl
Gelöscht [Extension] : dlnembnfbcpjnepmfjmngjenhhajpdfd
Gelöscht [Extension] : flpcjncodpafbgdpnkljologafpionhb
Gelöscht [Extension] : jifflliplgeajjdhmkcfnngfpgbjonjg
Gelöscht [Extension] : ogccgbmabaphcakpiclgcnmcnimhokcj

Alt 02.06.2014, 22:24   #11
Jackson11
 
WINDOWS 7 kommen ständig PopUps usw... - Standard

WINDOWS 7 kommen ständig PopUps usw...



Code:
ATTFilter
[ Datei : C:\Users\\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gelöscht [Search Provider] : hxxp://search.conduit.com/Results.aspx?q={searchTerms}&SearchSource=49&ctid=CT3227982
Gelöscht [Search Provider] : hxxp://www.delta-search.com/?q={searchTerms}&babsrc=NT_ss&s=web&rlz=0&as=3&ac=0%2C188
Gelöscht [Search Provider] : hxxp://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=0303b1af-65fc-46f7-982c-da10521eeb0f&searchtype=ds&q={searchTerms}&installDate=21/04/2013
Gelöscht [Search Provider] : hxxp://search.snapdo.com/?q={searchTerms}&category=Web&dpid=us&lan=de&start=1&searchtype=ds&publisher=snapdoopencandy&country=us&feedid=infospace
Gelöscht [Startup_urls] : hxxp://search.conduit.com/?ctid=CT3318857&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SP266CEBB9-47FA-46C0-833E-798853BA4B3B&SSPV=
Gelöscht [Extension] : aidbbndgjnlaclnmhkdimcdjiebjpdel
Gelöscht [Extension] : bblnhhgpgomleanhbppdnkpofhjijgdp
Gelöscht [Extension] : bfcpnihmbfoaeoakalclfalkdepgiaje
Gelöscht [Extension] : bhphemoobgnikcoofkgackkaimpfmenm
Gelöscht [Extension] : booedmolknjekdopkepjjeckmjkdpfgl
Gelöscht [Extension] : caloheeledhajihipjihanmihhegodlc
Gelöscht [Extension] : cfcbmgbfdbijmjgjihagbomfbjfjmgon
Gelöscht [Extension] : dcpfhaghaadpjpgocojgnlhjcieeooel
Gelöscht [Extension] : dlnembnfbcpjnepmfjmngjenhhajpdfd
Gelöscht [Extension] : ejnmnhkgiphcaeefbaooconkceehicfi
Gelöscht [Extension] : eooncjejnppfjjklapaamhcdmjbilmde
Gelöscht [Extension] : flpcjncodpafbgdpnkljologafpionhb
Gelöscht [Extension] : hgojaaaiddhmiiakpejiklijbalpckih
Gelöscht [Extension] : igdhbblpcellaljokkpfhcjlagemhgjl
Gelöscht [Extension] : jifflliplgeajjdhmkcfnngfpgbjonjg
Gelöscht [Extension] : jpmbfleldcgkldadpdinhjjopdfpjfjp
Gelöscht [Extension] : mocblcnaofikinigmceddfghppkkjbog
Gelöscht [Extension] : nikpibnbobmbdbheedjfogjlikpgpnhp
Gelöscht [Extension] : ogccgbmabaphcakpiclgcnmcnimhokcj
Gelöscht [Extension] : ogfjmhfnldnajmfaofeiaepghjenbgjo

[ Datei : C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gelöscht [Search Provider] : hxxp://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=0303b1af-65fc-46f7-982c-da10521eeb0f&searchtype=ds&q={searchTerms}&installDate=21/04/2013
Gelöscht [Extension] : bblnhhgpgomleanhbppdnkpofhjijgdp
Gelöscht [Extension] : bhphemoobgnikcoofkgackkaimpfmenm
Gelöscht [Extension] : bkomkajifikmkfnjgphkjcfeepbnojok
Gelöscht [Extension] : bodddioamolcibagionmmobehnbhiakf
Gelöscht [Extension] : booedmolknjekdopkepjjeckmjkdpfgl
Gelöscht [Extension] : caloheeledhajihipjihanmihhegodlc
Gelöscht [Extension] : dlnembnfbcpjnepmfjmngjenhhajpdfd
Gelöscht [Extension] : eooncjejnppfjjklapaamhcdmjbilmde
Gelöscht [Extension] : flpcjncodpafbgdpnkljologafpionhb
Gelöscht [Extension] : jifflliplgeajjdhmkcfnngfpgbjonjg
Gelöscht [Extension] : jpmbfleldcgkldadpdinhjjopdfpjfjp
Gelöscht [Extension] : ogccgbmabaphcakpiclgcnmcnimhokcj
Gelöscht [Extension] : ogfjmhfnldnajmfaofeiaepghjenbgjo

*************************

AdwCleaner[R0].txt - [133039 octets] - [01/06/2014 21:35:34]
AdwCleaner[S0].txt - [124447 octets] - [01/06/2014 21:36:52]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [124509 octets] ##########
         
[/CODE]

Alt 03.06.2014, 18:17   #12
M-K-D-B
/// TB-Ausbilder
 
WINDOWS 7 kommen ständig PopUps usw... - Standard

WINDOWS 7 kommen ständig PopUps usw...



Geiles Log...






Wir entfernen die letzten Reste und kontrollieren nochmal alles. ESET kann länger (> 3 h) dauern.
Im Anschluss entfernen wir alle verwendeten Tools und ich gebe dir noch ein paar Tipps mit auf den Weg.




Schritt 1
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument


Code:
ATTFilter
start
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
SearchScopes: HKCU - Plasmoo URL = hxxp://plasmoo.com/index.htm?SearchMashine=true&q={searchTerms}
SearchScopes: HKCU - yandex.ru-230807 URL = 
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
SearchScopes: HKCU - {CE8D1C5D-05D9-4A78-BF26-DDBB1E0B1560} URL = hxxp://yandex.ru/yandsearch?win=29&clid=1855508&text={searchTerms}
FF Extension: Search Assistant - C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\Extensions\{B3834E60-12A8-11E0-A289-939FDFD72085} [2012-09-18]
FF Extension: ep - C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\Extensions\jid1-0xtMKhXFEs4jIg@jetpack.xpi [2014-02-24]
S3 X6va009; \??\C:\Windows\SysWOW64\Drivers\X6va009 [X]
S3 X6va010; \??\C:\Windows\SysWOW64\Drivers\X6va010 [X]
S3 X6va011; \??\C:\Windows\SysWOW64\Drivers\X6va011 [X]
S3 X6va014; \??\C:\Windows\SysWOW64\Drivers\X6va014 [X]
S3 X6va015; \??\C:\Windows\SysWOW64\Drivers\X6va015 [X]
S3 X6va016; \??\C:\Windows\SysWOW64\Drivers\X6va016 [X]
Google Update Helper (x32 Version: 1.3.23.0 - DealPly Technologies Ltd) Hidden <==== ATTENTION
Reboot:
end
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.






Schritt 2
  • Starte die FRST.exe erneut. Setze einen Haken vor Addition und drücke auf Scan.
  • FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.





Bitte poste mit deiner nächsten Antwort
  • die Logdatei des FRST-Fix,
  • die beiden neuen Logdateien von FRST (FRST.txt + Addition.txt).
__________________
Grüße aus Bayern
M-K-D-B

______________________________________

Das Trojaner-Board unterstützen

Alt 03.06.2014, 20:57   #13
Jackson11
 
WINDOWS 7 kommen ständig PopUps usw... - Standard

WINDOWS 7 kommen ständig PopUps usw...



Code:
ATTFilter
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 02-06-2014
Ran by  at 2014-06-03 21:30:34 Run:1
Running from C:\Users\\Downloads
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
start
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
SearchScopes: HKCU - Plasmoo URL = hxxp://plasmoo.com/index.htm?SearchMashine=true&q={searchTerms}
SearchScopes: HKCU - yandex.ru-230807 URL = 
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
SearchScopes: HKCU - {CE8D1C5D-05D9-4A78-BF26-DDBB1E0B1560} URL = hxxp://yandex.ru/yandsearch?win=29&clid=1855508&text={searchTerms}
FF Extension: Search Assistant - C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\Extensions\{B3834E60-12A8-11E0-A289-939FDFD72085} [2012-09-18]
FF Extension: ep - C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\Extensions\jid1-0xtMKhXFEs4jIg@jetpack.xpi [2014-02-24]
S3 X6va009; \??\C:\Windows\SysWOW64\Drivers\X6va009 [X]
S3 X6va010; \??\C:\Windows\SysWOW64\Drivers\X6va010 [X]
S3 X6va011; \??\C:\Windows\SysWOW64\Drivers\X6va011 [X]
S3 X6va014; \??\C:\Windows\SysWOW64\Drivers\X6va014 [X]
S3 X6va015; \??\C:\Windows\SysWOW64\Drivers\X6va015 [X]
S3 X6va016; \??\C:\Windows\SysWOW64\Drivers\X6va016 [X]
Google Update Helper (x32 Version: 1.3.23.0 - DealPly Technologies Ltd) Hidden <==== ATTENTION
Reboot:
end

*****************

C:\Windows\system32\GroupPolicy\Machine => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\Plasmoo => Key deleted successfully.
HKCR\CLSID\Plasmoo => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\yandex.ru-230807 => Key deleted successfully.
HKCR\CLSID\yandex.ru-230807 => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => Key deleted successfully.
HKCR\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CE8D1C5D-05D9-4A78-BF26-DDBB1E0B1560} => Key deleted successfully.
HKCR\CLSID\{CE8D1C5D-05D9-4A78-BF26-DDBB1E0B1560} => Key not found.
C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\Extensions\{B3834E60-12A8-11E0-A289-939FDFD72085} not found.
C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\Extensions\jid1-0xtMKhXFEs4jIg@jetpack.xpi not found.
X6va009 => Service deleted successfully.
X6va010 => Service deleted successfully.
X6va011 => Service deleted successfully.
X6va014 => Service deleted successfully.
X6va015 => Service deleted successfully.
X6va016 => Service deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}\\SystemComponent => Value deleted successfully.


The system needed a reboot. 

==== End of Fixlog ====
         

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-06-2014
Ran by  (administrator) on -PC on 03-06-2014 21:43:20
Running from C:\Users\\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.EXE
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
( ) C:\Windows\System32\lxbkcoms.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() C:\Program Files (x86)\XSManager\WTGService.exe
(4G Systems GmbH & Co. KG) C:\Windows\service4g.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Service.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-Network.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Lexmark International, Inc.) C:\Program Files (x86)\Lexmark X1100 Series\LXBKbmgr.exe
(Lexmark International, Inc.) C:\Program Files (x86)\Lexmark X1100 Series\LXBKbmon.exe
(Skillbrains) C:\Users\\AppData\Local\Skillbrains\lightshot\3.4.0.0\Lightshot.exe
() C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(4G Systems GmbH & Co. KG) C:\Windows\starter4g.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Microsoft Corporation) C:\Windows\System32\wscript.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Comvigo, Inc.) C:\Windows\SysWOW64\qimlsrv.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(Comvigo, Inc.) C:\Windows\SysWOW64\dsrviml.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11464296 2010-09-03] (Realtek Semiconductor)
HKLM\...\Run: [lxbkbmgr.exe] => C:\Program Files (x86)\Lexmark X1100 Series\lxbkbmgr.exe [74408 2008-02-28] (Lexmark International, Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-03] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-09-30] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [starter4g] => C:\Windows\starter4g.exe [160424 2011-03-30] (4G Systems GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [737872 2014-05-27] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [601928 2013-06-19] (BlueStack Systems, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2465613748-4109621216-2680054910-1000\...\Run: [LightShot] => C:\Users\\AppData\Local\Skillbrains\lightshot\LightShot.exe [226152 2013-02-21] ()
HKU\S-1-5-21-2465613748-4109621216-2680054910-1000\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3588952 2014-04-25] (Electronic Arts)
HKU\S-1-5-21-2465613748-4109621216-2680054910-1000\...\Run: [Pando Media Booster] => C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [4287536 2013-08-29] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\IML.lnk
ShortcutTarget: IML.lnk -> C:\Windows\System32\iml.vbs ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\IML64.lnk
ShortcutTarget: IML64.lnk -> C:\Windows\SysWOW64\iml.vbs ()
Startup: C:\Users\Elvira\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Users\\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Users\Jürgen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Game Alarm.lnk
ShortcutTarget: Game Alarm.lnk -> C:\Games\Game Alarm\gamealarm.exe (Europe Support Ltd. N.V.)
Startup: C:\Users\Jürgen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.hyrican.de
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Bing Bar Helper - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Bing Bar Helper - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: No Name - {FCADDC14-BD46-408A-9842-CDBE1C6D37EB} - C:\Users\\AppData\LocalLow\systems ie bho\bho.dll ()
Toolbar: HKLM - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_182.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @videolan.org/vlc,version=2.0.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.0.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\searchplugins\%Protector Process Name%.xml
FF SearchPlugin: C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\searchplugins\yandex.ru-230807.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: No Name - C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\Extensions\staged [2014-06-03]
FF Extension: Search Assistant - C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\Extensions\{B3834E60-12A8-11E0-A289-939FDFD72085} [2012-09-18]
FF Extension: ep - C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\Extensions\jid1-0xtMKhXFEs4jIg@jetpack.xpi [2014-02-24]

Chrome: 
=======
CHR Extension: (Google Docs) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-01]
CHR Extension: (Google Drive) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-01]
CHR Extension: (YouTube) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-07-21]
CHR Extension: (Google-Suche) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-07-21]
CHR Extension: (Google Wallet) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (Google Mail) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-07-21]

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-05-27] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-05-27] (Avira Operations GmbH & Co. KG)
R2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [393032 2013-06-19] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384840 2013-06-19] (BlueStack Systems, Inc.)
R2 lxbk_device; C:\Windows\system32\lxbkcoms.exe [565928 2008-02-19] ( )
R2 lxbk_device; C:\Windows\SysWOW64\lxbkcoms.exe [537256 2008-02-19] ( )
R2 WTGService; C:\Program Files (x86)\XSManager\WTGService.exe [327392 2012-04-05] ()
R2 XS Stick Service; C:\Windows\service4g.exe [145064 2011-03-30] (4G Systems GmbH & Co. KG)

==================== Drivers (Whitelisted) ====================

R3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [31920 2013-06-02] (Wondershare)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [112080 2014-04-29] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-04-29] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-19] (Avira Operations GmbH & Co. KG)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [70984 2013-06-19] (BlueStack Systems)
S3 cmnsusbser; C:\Windows\System32\DRIVERS\cmnsusbser.sys [117888 2012-10-05] (Mobile Connector)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-06-01] (Malwarebytes Corporation)
S3 RTL8187B; C:\Windows\System32\DRIVERS\rtl8187B.sys [450048 2010-03-31] (Realtek Semiconductor Corporation                           )
R3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [762472 2011-10-31] (Realtek Semiconductor Corporation                           )
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-03 21:43 - 2014-06-03 21:42 - 02068992 _____ (Farbar) C:\Users\\Desktop\FRST64.exe
2014-06-03 21:40 - 2014-06-03 21:42 - 02068992 _____ (Farbar) C:\Users\\Downloads\FRST64.exe
2014-06-03 16:27 - 2014-06-03 16:27 - 00000392 _____ () C:\Windows\Tasks\update-sys.job
2014-06-03 16:27 - 2014-06-03 16:27 - 00000000 ____D () C:\Users\\AppData\Roaming\Security Systems
2014-06-03 16:27 - 2014-06-03 16:27 - 00000000 ____D () C:\Users\\AppData\Local\Skillbrains
2014-06-03 16:27 - 2014-06-03 16:27 - 00000000 ____D () C:\Program Files (x86)\Skillbrains
2014-06-03 16:26 - 2014-06-03 16:26 - 02620112 _____ (Skillbrains ) C:\Users\\Desktop\setup-lightshot3-2-0-0.exe
2014-06-03 16:24 - 2014-06-03 16:24 - 00357712 _____ (Softonic) C:\Users\Jürgen\Downloads\SoftonicDownloader_fuer_lightshot (1).exe
2014-06-03 16:23 - 2014-06-03 16:24 - 00357712 _____ (Softonic) C:\Users\Jürgen\Downloads\SoftonicDownloader_fuer_lightshot.exe
2014-06-03 00:21 - 2014-06-03 00:21 - 00832944 _____ () C:\Windows\Minidump\060314-22698-01.dmp
2014-06-02 23:17 - 2014-06-01 21:53 - 00124182 _____ () C:\Users\\Documents\AdwCleaner[S0].txt
2014-06-02 22:59 - 2014-06-02 22:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2014-06-02 22:59 - 2014-06-02 22:59 - 00000000 ____D () C:\Program Files (x86)\7-Zip
2014-06-02 22:58 - 2014-06-02 22:59 - 01110476 _____ () C:\Users\\Downloads\7z920.exe
2014-06-02 16:53 - 2014-06-02 16:53 - 00000000 _____ () C:\Windows\SysWOW64\sho1DE3.tmp
2014-06-02 00:03 - 2014-06-02 00:05 - 00033347 _____ () C:\Users\\Downloads\Addition.txt
2014-06-02 00:02 - 2014-06-02 00:04 - 00041741 _____ () C:\Users\\Downloads\FRST.txt
2014-06-01 23:39 - 2014-06-01 23:39 - 00065175 _____ () C:\Users\\Desktop\zoek-results.txt
2014-06-01 23:35 - 2014-06-03 21:44 - 00000000 ____D () C:\Users\\AppData\Local\Temp
2014-06-01 23:35 - 2014-06-03 20:55 - 00000000 ____D () C:\Users\Jürgen\AppData\Local\temp
2014-06-01 23:35 - 2014-06-02 19:36 - 00000000 ____D () C:\Users\Martina\AppData\Local\temp
2014-06-01 23:35 - 2014-06-02 16:42 - 00000000 ____D () C:\Users\Elvira\AppData\Local\temp
2014-06-01 23:35 - 2014-06-01 23:35 - 00000000 ____D () C:\Users\Public\AppData\Local\temp
2014-06-01 23:35 - 2014-06-01 23:35 - 00000000 ____D () C:\Users\Default\AppData\Local\temp
2014-06-01 23:35 - 2014-06-01 23:35 - 00000000 ____D () C:\Users\Default User\AppData\Local\temp
2014-06-01 23:35 - 2014-06-01 22:59 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-06-01 23:01 - 2014-06-01 23:37 - 00065553 _____ () C:\zoek-results.log
2014-06-01 22:58 - 2014-06-01 23:30 - 00000000 ____D () C:\zoek_backup
2014-06-01 22:55 - 2014-06-01 22:56 - 00001154 _____ () C:\Users\\Desktop\mbam.txt
2014-06-01 22:10 - 2014-06-01 22:35 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-01 22:10 - 2014-06-01 22:10 - 00001113 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-06-01 22:10 - 2014-06-01 22:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-06-01 22:10 - 2014-06-01 22:10 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-01 22:10 - 2014-06-01 22:10 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-06-01 22:10 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-06-01 22:10 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-06-01 22:10 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-06-01 22:08 - 2014-06-01 22:08 - 00005727 _____ () C:\Users\\Desktop\JRT.txt
2014-06-01 21:57 - 2014-06-01 21:57 - 00000000 ____D () C:\Windows\ERUNT
2014-06-01 21:53 - 2014-06-01 21:53 - 00124182 _____ () C:\Users\\Desktop\AdwCleaner[S0].txt
2014-06-01 21:36 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-06-01 21:33 - 2014-06-01 21:41 - 00000000 ____D () C:\AdwCleaner
2014-06-01 21:32 - 2014-06-01 21:31 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\\Desktop\mbam-setup-2.0.2.1012.exe
2014-06-01 21:31 - 2014-06-01 21:31 - 01285120 _____ () C:\Users\\Desktop\zoek.exe
2014-06-01 21:31 - 2014-06-01 21:28 - 01016261 _____ (Thisisu) C:\Users\\Desktop\JRT.exe
2014-06-01 21:30 - 2014-06-01 21:28 - 01327971 _____ () C:\Users\\Desktop\adwcleaner_3.211.exe
2014-06-01 21:29 - 2014-06-01 21:31 - 01285120 _____ () C:\Users\\Downloads\zoek.exe
2014-06-01 21:28 - 2014-06-01 21:31 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\\Downloads\mbam-setup-2.0.2.1012.exe
2014-06-01 21:28 - 2014-06-01 21:28 - 01327971 _____ () C:\Users\\Downloads\adwcleaner_3.211.exe
2014-06-01 21:28 - 2014-06-01 21:28 - 01016261 _____ (Thisisu) C:\Users\\Downloads\JRT.exe
2014-06-01 01:19 - 2014-06-01 01:19 - 00051290 _____ () C:\ComboFix.txt
2014-05-31 21:17 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-05-31 21:17 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-05-31 21:17 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-05-31 21:17 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-05-31 21:17 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-05-31 21:17 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-05-31 21:17 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-05-31 21:17 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-05-31 21:15 - 2014-06-01 01:19 - 00000000 ____D () C:\Qoobox
2014-05-31 21:14 - 2014-06-01 01:16 - 00000000 ____D () C:\Windows\erdnt
2014-05-31 21:12 - 2014-05-31 21:08 - 05203398 ____R (Swearware) C:\Users\\Desktop\ComboFix.exe
2014-05-31 21:07 - 2014-05-31 21:08 - 05203398 _____ (Swearware) C:\Users\\Downloads\ComboFix.exe
2014-05-31 20:38 - 2014-05-31 21:02 - 00044395 _____ () C:\Users\\Desktop\Addition.txt
2014-05-31 20:37 - 2014-06-03 21:44 - 00015875 _____ () C:\Users\\Desktop\FRST.txt
2014-05-31 20:37 - 2014-06-03 21:43 - 00000000 ____D () C:\FRST
2014-05-31 20:10 - 2014-05-31 20:11 - 00250250 _____ () C:\Users\\Downloads\140520063508.jpeg
2014-05-31 16:02 - 2014-05-31 16:02 - 00052891 _____ () C:\Users\Jürgen\Downloads\7B1.tmp
2014-05-29 15:46 - 2014-05-29 15:46 - 00000000 ____D () C:\ProgramData\PopCap Games
2014-05-29 15:46 - 2014-05-29 15:46 - 00000000 ____D () C:\ProgramData\EA Core
2014-05-29 15:43 - 2014-05-29 15:43 - 00001286 _____ () C:\Users\Public\Desktop\Pflanzen gegen Zombies.lnk
2014-05-29 15:43 - 2014-05-29 15:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pflanzen gegen Zombies
2014-05-17 10:44 - 2014-05-17 10:44 - 00001072 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1001Core1cf71ac260e523e.job
2014-05-14 22:03 - 2014-05-06 02:46 - 17847808 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-14 22:03 - 2014-05-06 02:21 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-14 22:03 - 2014-05-06 02:21 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-14 22:03 - 2014-05-06 01:32 - 12347392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-14 22:03 - 2014-05-06 01:14 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-14 22:03 - 2014-05-06 01:14 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-14 14:00 - 2014-05-09 08:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-14 14:00 - 2014-05-09 08:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-14 14:00 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-14 14:00 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-14 14:00 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-14 14:00 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-14 14:00 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-14 14:00 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-14 14:00 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-14 14:00 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-05-14 14:00 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-14 14:00 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-14 14:00 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-14 14:00 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-14 14:00 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-14 14:00 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-14 14:00 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-14 14:00 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-14 14:00 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-14 14:00 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-14 14:00 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-14 14:00 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-14 14:00 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-14 14:00 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-14 14:00 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-14 14:00 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-14 14:00 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-14 14:00 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-14 14:00 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-14 14:00 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-14 14:00 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-14 14:00 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-14 14:00 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-14 14:00 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-14 14:00 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-14 14:00 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-14 14:00 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-14 14:00 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-05-14 14:00 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-05-14 14:00 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-05-14 14:00 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-05-14 14:00 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-14 14:00 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-05-14 14:00 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-14 14:00 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-12 19:41 - 2014-05-12 19:41 - 00994160 _____ () C:\Users\Jürgen\Downloads\setup (17).exe
2014-05-11 17:57 - 2014-05-11 17:58 - 00994160 _____ () C:\Users\Jürgen\Downloads\setup (16).exe
2014-05-11 10:47 - 2014-05-11 10:47 - 00001076 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1002Core1cf6cf59b1b4d7c.job
2014-05-11 07:51 - 2014-05-11 07:51 - 00001076 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1000Core1cf6cdd52a1ae5.job
2014-05-10 19:18 - 2014-05-10 19:19 - 00994160 _____ () C:\Users\Jürgen\Downloads\setup (15).exe

==================== One Month Modified Files and Folders =======

2014-06-03 21:44 - 2014-06-01 23:35 - 00000000 ____D () C:\Users\\AppData\Local\Temp
2014-06-03 21:44 - 2014-05-31 20:37 - 00015875 _____ () C:\Users\\Desktop\FRST.txt
2014-06-03 21:44 - 2013-08-29 02:01 - 00000000 ____D () C:\Users\\AppData\Local\PMB Files
2014-06-03 21:43 - 2014-05-31 20:37 - 00000000 ____D () C:\FRST
2014-06-03 21:42 - 2014-06-03 21:43 - 02068992 _____ (Farbar) C:\Users\\Desktop\FRST64.exe
2014-06-03 21:42 - 2014-06-03 21:40 - 02068992 _____ (Farbar) C:\Users\\Downloads\FRST64.exe
2014-06-03 21:41 - 2009-07-14 06:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-03 21:41 - 2009-07-14 06:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-03 21:38 - 2012-07-21 10:07 - 01366437 _____ () C:\Windows\WindowsUpdate.log
2014-06-03 21:35 - 2012-09-12 01:43 - 00000000 ____D () C:\ProgramData\Origin
2014-06-03 21:34 - 2013-12-10 00:50 - 00000374 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-06-03 21:33 - 2012-09-12 01:43 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-06-03 21:32 - 2014-02-28 16:37 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2014-06-03 21:32 - 2009-07-14 06:51 - 00178881 _____ () C:\Windows\setupact.log
2014-06-03 21:30 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-06-03 20:55 - 2014-06-01 23:35 - 00000000 ____D () C:\Users\Jürgen\AppData\Local\temp
2014-06-03 16:27 - 2014-06-03 16:27 - 00000392 _____ () C:\Windows\Tasks\update-sys.job
2014-06-03 16:27 - 2014-06-03 16:27 - 00000000 ____D () C:\Users\\AppData\Roaming\Security Systems
2014-06-03 16:27 - 2014-06-03 16:27 - 00000000 ____D () C:\Users\\AppData\Local\Skillbrains
2014-06-03 16:27 - 2014-06-03 16:27 - 00000000 ____D () C:\Program Files (x86)\Skillbrains
2014-06-03 16:27 - 2012-07-22 23:07 - 00000779 _____ () C:\Users\\AppData\Local\UserProducts.xml
2014-06-03 16:27 - 2012-07-22 23:07 - 00000392 _____ () C:\Windows\Tasks\update-S-1-5-21-2465613748-4109621216-2680054910-1000.job
2014-06-03 16:27 - 2012-07-22 23:07 - 00000000 ____D () C:\Users\\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LightShot
2014-06-03 16:26 - 2014-06-03 16:26 - 02620112 _____ (Skillbrains ) C:\Users\\Desktop\setup-lightshot3-2-0-0.exe
2014-06-03 16:24 - 2014-06-03 16:24 - 00357712 _____ (Softonic) C:\Users\Jürgen\Downloads\SoftonicDownloader_fuer_lightshot (1).exe
2014-06-03 16:24 - 2014-06-03 16:23 - 00357712 _____ (Softonic) C:\Users\Jürgen\Downloads\SoftonicDownloader_fuer_lightshot.exe
2014-06-03 13:56 - 2014-03-06 18:07 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-06-03 03:09 - 2013-12-04 02:02 - 02271049 _____ () C:\Windows\IE11_main.log
2014-06-03 00:21 - 2014-06-03 00:21 - 00832944 _____ () C:\Windows\Minidump\060314-22698-01.dmp
2014-06-03 00:21 - 2012-11-25 09:51 - 600737197 _____ () C:\Windows\MEMORY.DMP
2014-06-03 00:21 - 2012-11-25 09:51 - 00000000 ____D () C:\Windows\Minidump
2014-06-02 22:59 - 2014-06-02 22:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2014-06-02 22:59 - 2014-06-02 22:59 - 00000000 ____D () C:\Program Files (x86)\7-Zip
2014-06-02 22:59 - 2014-06-02 22:58 - 01110476 _____ () C:\Users\\Downloads\7z920.exe
2014-06-02 19:36 - 2014-06-01 23:35 - 00000000 ____D () C:\Users\Martina\AppData\Local\temp
2014-06-02 19:33 - 2012-07-21 15:29 - 00002380 _____ () C:\Users\Martina\Desktop\Google Chrome.lnk
2014-06-02 16:53 - 2014-06-02 16:53 - 00000000 _____ () C:\Windows\SysWOW64\sho1DE3.tmp
2014-06-02 16:42 - 2014-06-01 23:35 - 00000000 ____D () C:\Users\Elvira\AppData\Local\temp
2014-06-02 15:17 - 2012-07-21 21:59 - 00000000 ____D () C:\Users\Jürgen\AppData\Local\Mozilla
2014-06-02 00:05 - 2014-06-02 00:03 - 00033347 _____ () C:\Users\\Downloads\Addition.txt
2014-06-02 00:04 - 2014-06-02 00:02 - 00041741 _____ () C:\Users\\Downloads\FRST.txt
2014-06-01 23:39 - 2014-06-01 23:39 - 00065175 _____ () C:\Users\\Desktop\zoek-results.txt
2014-06-01 23:37 - 2014-06-01 23:01 - 00065553 _____ () C:\zoek-results.log
2014-06-01 23:36 - 2010-10-01 09:36 - 00602110 _____ () C:\Windows\PFRO.log
2014-06-01 23:35 - 2014-06-01 23:35 - 00000000 ____D () C:\Users\Public\AppData\Local\temp
2014-06-01 23:35 - 2014-06-01 23:35 - 00000000 ____D () C:\Users\Default\AppData\Local\temp
2014-06-01 23:35 - 2014-06-01 23:35 - 00000000 ____D () C:\Users\Default User\AppData\Local\temp
2014-06-01 23:30 - 2014-06-01 22:58 - 00000000 ____D () C:\zoek_backup
2014-06-01 23:24 - 2012-07-21 10:25 - 00000000 ____D () C:\Users\
2014-06-01 22:59 - 2014-06-01 23:35 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-06-01 22:56 - 2014-06-01 22:55 - 00001154 _____ () C:\Users\\Desktop\mbam.txt
2014-06-01 22:35 - 2014-06-01 22:10 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-01 22:10 - 2014-06-01 22:10 - 00001113 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-06-01 22:10 - 2014-06-01 22:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-06-01 22:10 - 2014-06-01 22:10 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-01 22:10 - 2014-06-01 22:10 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-06-01 22:08 - 2014-06-01 22:08 - 00005727 _____ () C:\Users\\Desktop\JRT.txt
2014-06-01 21:57 - 2014-06-01 21:57 - 00000000 ____D () C:\Windows\ERUNT
2014-06-01 21:53 - 2014-06-02 23:17 - 00124182 _____ () C:\Users\\Documents\AdwCleaner[S0].txt
2014-06-01 21:53 - 2014-06-01 21:53 - 00124182 _____ () C:\Users\\Desktop\AdwCleaner[S0].txt
2014-06-01 21:41 - 2014-06-01 21:33 - 00000000 ____D () C:\AdwCleaner
2014-06-01 21:40 - 2012-07-21 15:21 - 00000000 ____D () C:\Users\Martina
2014-06-01 21:40 - 2012-07-21 15:12 - 00000000 ____D () C:\Users\Elvira
2014-06-01 21:40 - 2012-07-21 14:35 - 00000000 ____D () C:\Users\Jürgen
2014-06-01 21:40 - 2012-07-21 10:25 - 00000000 ___RD () C:\Users\\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-06-01 21:31 - 2014-06-01 21:32 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\\Desktop\mbam-setup-2.0.2.1012.exe
2014-06-01 21:31 - 2014-06-01 21:31 - 01285120 _____ () C:\Users\\Desktop\zoek.exe
2014-06-01 21:31 - 2014-06-01 21:29 - 01285120 _____ () C:\Users\\Downloads\zoek.exe
2014-06-01 21:31 - 2014-06-01 21:28 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\\Downloads\mbam-setup-2.0.2.1012.exe
2014-06-01 21:28 - 2014-06-01 21:31 - 01016261 _____ (Thisisu) C:\Users\\Desktop\JRT.exe
2014-06-01 21:28 - 2014-06-01 21:30 - 01327971 _____ () C:\Users\\Desktop\adwcleaner_3.211.exe
2014-06-01 21:28 - 2014-06-01 21:28 - 01327971 _____ () C:\Users\\Downloads\adwcleaner_3.211.exe
2014-06-01 21:28 - 2014-06-01 21:28 - 01016261 _____ (Thisisu) C:\Users\\Downloads\JRT.exe
2014-06-01 21:19 - 2010-10-01 08:53 - 00000000 ____D () C:\ProgramData\Norton
2014-06-01 08:29 - 2009-07-14 19:58 - 00699884 _____ () C:\Windows\system32\perfh007.dat
2014-06-01 08:29 - 2009-07-14 19:58 - 00149766 _____ () C:\Windows\system32\perfc007.dat
2014-06-01 08:29 - 2009-07-14 07:13 - 01622236 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-01 01:19 - 2014-06-01 01:19 - 00051290 _____ () C:\ComboFix.txt
2014-06-01 01:19 - 2014-05-31 21:15 - 00000000 ____D () C:\Qoobox
2014-06-01 01:19 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-06-01 01:16 - 2014-05-31 21:14 - 00000000 ____D () C:\Windows\erdnt
2014-06-01 01:15 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-05-31 21:08 - 2014-05-31 21:12 - 05203398 ____R (Swearware) C:\Users\\Desktop\ComboFix.exe
2014-05-31 21:08 - 2014-05-31 21:07 - 05203398 _____ (Swearware) C:\Users\\Downloads\ComboFix.exe
2014-05-31 21:02 - 2014-05-31 20:38 - 00044395 _____ () C:\Users\\Desktop\Addition.txt
2014-05-31 20:11 - 2014-05-31 20:10 - 00250250 _____ () C:\Users\\Downloads\140520063508.jpeg
2014-05-31 19:54 - 2014-01-21 14:44 - 00000000 ____D () C:\Users\Jürgen\Documents\FIFA 14
2014-05-31 16:02 - 2014-05-31 16:02 - 00052891 _____ () C:\Users\Jürgen\Downloads\7B1.tmp
2014-05-30 08:22 - 2012-07-21 15:20 - 00002375 _____ () C:\Users\Elvira\Desktop\Google Chrome.lnk
2014-05-29 15:46 - 2014-05-29 15:46 - 00000000 ____D () C:\ProgramData\PopCap Games
2014-05-29 15:46 - 2014-05-29 15:46 - 00000000 ____D () C:\ProgramData\EA Core
2014-05-29 15:43 - 2014-05-29 15:43 - 00001286 _____ () C:\Users\Public\Desktop\Pflanzen gegen Zombies.lnk
2014-05-29 15:43 - 2014-05-29 15:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pflanzen gegen Zombies
2014-05-29 15:43 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-05-29 15:41 - 2010-10-01 08:19 - 00116460 _____ () C:\Windows\DirectX.log
2014-05-29 15:38 - 2012-09-12 01:55 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-05-29 15:05 - 2012-09-12 01:55 - 00000000 ____D () C:\Users\Jürgen\AppData\Roaming\Origin
2014-05-28 15:35 - 2012-08-14 02:38 - 00000000 ____D () C:\Users\Jürgen\AppData\Roaming\.minecraft
2014-05-28 08:14 - 2012-07-21 10:38 - 00002380 _____ () C:\Users\\Desktop\Google Chrome.lnk
2014-05-26 15:56 - 2014-01-08 17:58 - 00000000 ____D () C:\Users\Jürgen\Tracing
2014-05-23 19:34 - 2012-07-21 14:48 - 00002375 _____ () C:\Users\Jürgen\Desktop\Google Chrome.lnk
2014-05-21 10:29 - 2012-07-21 10:25 - 00000000 ___RD () C:\Users\\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-17 19:31 - 2012-07-21 15:21 - 00000000 ___RD () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-17 19:31 - 2012-07-21 15:21 - 00000000 ___RD () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-17 10:44 - 2014-05-17 10:44 - 00001072 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1001Core1cf71ac260e523e.job
2014-05-15 16:07 - 2012-07-21 15:12 - 00000000 ___RD () C:\Users\Elvira\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-15 16:07 - 2012-07-21 15:12 - 00000000 ___RD () C:\Users\Elvira\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-15 16:05 - 2012-07-21 14:35 - 00000000 ___RD () C:\Users\Jürgen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-15 16:05 - 2012-07-21 14:35 - 00000000 ___RD () C:\Users\Jürgen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-15 16:01 - 2014-04-30 17:52 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-14 22:00 - 2013-07-13 07:57 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-14 22:00 - 2010-10-01 10:17 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-12 19:41 - 2014-05-12 19:41 - 00994160 _____ () C:\Users\Jürgen\Downloads\setup (17).exe
2014-05-12 07:26 - 2014-06-01 22:10 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-12 07:26 - 2014-06-01 22:10 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-12 07:25 - 2014-06-01 22:10 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-11 17:58 - 2014-05-11 17:57 - 00994160 _____ () C:\Users\Jürgen\Downloads\setup (16).exe
2014-05-11 10:47 - 2014-05-11 10:47 - 00001076 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1002Core1cf6cf59b1b4d7c.job
2014-05-11 07:51 - 2014-05-11 07:51 - 00001076 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1000Core1cf6cdd52a1ae5.job
2014-05-10 19:19 - 2014-05-10 19:18 - 00994160 _____ () C:\Users\Jürgen\Downloads\setup (15).exe
2014-05-09 08:14 - 2014-05-14 14:00 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-09 08:11 - 2014-05-14 14:00 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-06 02:46 - 2014-05-14 22:03 - 17847808 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 02:21 - 2014-05-14 22:03 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-06 02:21 - 2014-05-14 22:03 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-06 01:32 - 2014-05-14 22:03 - 12347392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-06 01:14 - 2014-05-14 22:03 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-06 01:14 - 2014-05-14 22:03 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-04 13:46 - 2012-08-24 17:14 - 00528384 ____H () C:\Users\Jürgen\Downloads\photothumb.db
2014-05-04 13:45 - 2013-10-17 18:56 - 00000000 ____D () C:\Users\Jürgen\Downloads\Karikatur2

Some content of TEMP:
====================
C:\Users\Elvira\AppData\Local\Temp\avgnt.exe
C:\Users\Elvira\AppData\Local\Temp\GURE1EC.exe
C:\Users\Elvira\AppData\Local\Temp\rtdrvmon.exe
C:\Users\\AppData\Local\Temp\avgnt.exe
C:\Users\\AppData\Local\Temp\FoxySecuritySetup.exe
C:\Users\\AppData\Local\Temp\rtdrvmon.exe
C:\Users\Jürgen\AppData\Local\Temp\avgnt.exe
C:\Users\Jürgen\AppData\Local\Temp\rtdrvmon.exe
C:\Users\Martina\AppData\Local\Temp\avgnt.exe
C:\Users\Martina\AppData\Local\Temp\rtdrvmon.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-09-01 11:24

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-06-2014
Ran by  at 2014-06-03 21:44:55
Running from C:\Users\\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.7.700.224 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.182 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.2.122 - Adobe Systems, Inc.)
Alcatraz (HKLM-x32\...\Alcatraz/DE-German_is1) (Version:  - City Interactive)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - ATI Technologies Inc.) Hidden
Apowersoft kostenloser Bildschirmrekorder V1.2.4 (HKLM-x32\...\{4EFA42DB-E4EC-4537-9DF3-5158D08A9785}_is1) (Version: 1.2.4 - Apowersoft)
Arma 3 (HKLM-x32\...\Steam App 107410) (Version:  - Bohemia Interactive)
Arma 3 Tools (HKLM-x32\...\Steam App 233800) (Version:  - Bohemia Interactive)
ATI Catalyst Install Manager (HKLM\...\{8DF9D3DF-6D03-A04F-217F-F2577D973DBE}) (Version: 3.0.795.0 - ATI Technologies, Inc.)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.4.642 - Avira)
Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.7.14.901 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{9D84E30F-6757-4A56-BCB5-51ADE3AE8631}) (Version: 0.7.14.901 - BlueStack Systems, Inc.)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2010.0930.2237.38732 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.0930.2237.38732 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2010.0930.2237.38732 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2010.0930.2237.38732 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Czech (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Danish (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Dutch (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help English (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Finnish (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help French (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help German (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Greek (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Italian (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Japanese (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Korean (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Polish (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Russian (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Spanish (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Swedish (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Thai (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Turkish (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
ccc-core-static (x32 Version: 2010.0930.2237.38732 - Ihr Firmenname) Hidden
ccc-utility64 (Version: 2010.0930.2237.38732 - ATI) Hidden
Cross Fire En (HKLM-x32\...\Cross Fire_is1) (Version:  - Z8Games.com)
Crossfire Europe (HKLM-x32\...\Crossfire Europe) (Version: 1181 - SG INTERACTIVE)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
FIFA 13 (HKLM-x32\...\{A29E18C2-7AB1-4b6b-848C-5D5E2C85F0C0}) (Version: 1.2.0.0 - Electronic Arts)
FIFA 14 (HKLM-x32\...\{AA7A2800-1E75-4240-855B-03AFF8E5171E}) (Version: 1.0.0.7 - Electronic Arts)
Foxy Security (HKLM-x32\...\Foxy Security) (Version:  - )
Free Audio CD to MP3 Converter version 1.3.12.1228 (HKLM-x32\...\Free Audio CD to MP3 Converter_is1) (Version: 1.3.12.1228 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.14.1022 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.14.1022 - DVDVideoSoft Ltd.)
GIMP 2.8.6 (HKLM\...\GIMP-2_is1) (Version: 2.8.6 - The GIMP Team)
Google Chrome (HKCU\...\Google Chrome) (Version: 35.0.1916.114 - Google Inc.)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.23.0 - DealPly Technologies Ltd) <==== ATTENTION
Hama Black Force Pad (HKLM-x32\...\{4999B2F1-3E74-409A-B8B5-E94448AA9EA6}) (Version: 2007.01.01 - )
HydraVision (x32 Version: 4.2.180.0 - ATI Technologies Inc.) Hidden
IM Lock (HKLM-x32\...\IMLock) (Version:  - Comvigo, Inc.)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)
ISY N150 Micro WLAN USB-Adapter (HKLM-x32\...\{B20F9D1C-A0A5-4cd8-8306-DA03872311B1}) (Version: 1.00.0155 - ISY)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Lexmark X1100 Series (HKLM\...\Lexmark X1100 Series) (Version:  - Lexmark International, Inc.)
lightshot-3.4.0.0 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 3.4.0.0 - Skillbrains)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
Need For Speed™ World (HKLM-x32\...\{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1) (Version: 1.0.0.993 - Electronic Arts)
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.0.2.2065 - Electronic Arts, Inc.)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.9 - Pando Networks Inc.)
Pflanzen gegen Zombies™ (HKLM-x32\...\{5E6536C2-E79A-49CF-83EA-817AD81F9FC8}) (Version: 1.2.0.1093 - Electronic Arts, Inc.)
PhotoScape (HKLM-x32\...\PhotoScape) (Version:  - )
Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6121 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6194 - Realtek Semiconductor Corp.)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Sniper - Art of Victory (HKLM-x32\...\sniper_de_is1) (Version:  - City Interactive)
Spelling Dictionaries Support For Adobe Reader 9 (HKLM-x32\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.8.1 - TeamSpeak Systems GmbH)
VLC media player 2.0.3 (HKLM-x32\...\VLC media player) (Version: 2.0.3 - VideoLAN)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger Companion Core (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WiseConvert (HKLM-x32\...\WiseConvert) (Version: 1.0 - WiseConvert)
WMV9/VC-1 Video Playback (Version: 1.00.0000 - ATI Technologies Inc.) Hidden
World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812}_is1) (Version:  - Wargaming.net)
XSManager (HKLM-x32\...\XSManager) (Version: 3.2 - XSManager)

==================== Restore Points  =========================

29-05-2014 23:00:34 Windows Update
30-05-2014 06:27:09 Windows Update
31-05-2014 01:00:50 Windows Update
31-05-2014 05:58:19 Windows Update
01-06-2014 00:18:30 Windows Update
01-06-2014 21:01:41 zoek.exe restore point
01-06-2014 23:46:03 TuneUp Utilities 2013 wird entfernt
01-06-2014 23:47:18 TuneUp Utilities Language Pack (de-DE) wird entfernt
02-06-2014 00:53:25 Windows Update
02-06-2014 14:42:32 Windows Update
02-06-2014 17:36:37 Windows Update
02-06-2014 22:16:17 Windows Update
03-06-2014 01:00:18 Windows Update

==================== Hosts content: ==========================

2009-07-14 04:34 - 2014-06-01 01:15 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {00CDF369-5C82-4B09-A8B8-22E0110976DE} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1001Core => C:\Users\Elvira\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-21] (Google Inc.)
Task: {162D19D2-88E6-425F-ACF9-085709C10976} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1003Core => C:\Users\Jürgen\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-21] (Google Inc.)
Task: {180C32E6-A575-49A3-AA4D-7E9EDC44A1AA} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2013\OneClick.exe
Task: {1FD7E7FA-4C1B-46AA-B808-A6B47969B523} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1000UA => C:\Users\\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-21] (Google Inc.)
Task: {25715EC7-88B9-4811-B0FD-540AC855053B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1002UA => C:\Users\Martina\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-21] (Google Inc.)
Task: {2D13B59E-4C34-49F2-81B8-8A7F2D96CC2F} - \PC Performer Manager No Task File <==== ATTENTION
Task: {620FBD68-8B3D-47C5-BEE1-EA19B1705EC4} - System32\Tasks\Games\UpdateCheck_S-1-5-21-2465613748-4109621216-2680054910-1001
Task: {62745FA6-88B4-4F26-B2F4-09469D925348} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {635AC757-77D2-41EE-A578-F6A8974BF31D} - System32\Tasks\AdobeFlashPlayerUpdate => C:\Windows\SysWOW64\FlashPlayerUpdateService.exe
Task: {6875CA21-089D-4DC0-A439-FE49B1E33DB4} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: {6E350C8D-3672-4719-8CF1-5A8B8CA44909} - System32\Tasks\update-S-1-5-21-2465613748-4109621216-2680054910-1003 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2013-01-16] ()
Task: {77E350C2-2250-4BEE-B575-EF12CA6A03F8} - \update-sys No Task File <==== ATTENTION
Task: {820F5D76-F745-4811-BE70-3E99A14E89D9} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1002Core => C:\Users\Martina\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-21] (Google Inc.)
Task: {9C4EF4AE-24AC-494E-BB1E-389E59772369} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-11] (Adobe Systems Incorporated)
Task: {A66165D0-A739-46B9-AA91-33C0AE65F710} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1003UA => C:\Users\Jürgen\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-21] (Google Inc.)
Task: {ABD96266-25AF-494C-B2F5-17C5D8F015E2} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1001UA => C:\Users\Elvira\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-21] (Google Inc.)
Task: {B3ACA1F2-AC10-4A74-A012-61E186CB35DD} - System32\Tasks\update-S-1-5-21-2465613748-4109621216-2680054910-1000 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2013-01-16] ()
Task: {BEE6EDB5-D13A-4C37-B3C9-40075E803219} - System32\Tasks\AdobeFlashPlayerUpdate 2 => C:\Windows\SysWOW64\FlashPlayerUpdateService.exe
Task: {D1301EC2-67C9-4E08-9A87-56DB18075640} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1000Core => C:\Users\\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-21] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1000Core1cf6cdd52a1ae5.job => C:\Users\\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1000UA.job => C:\Users\\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1001Core1cf71ac260e523e.job => C:\Users\Elvira\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1001UA.job => C:\Users\Elvira\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1002Core1cf6cf59b1b4d7c.job => C:\Users\Martina\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1002UA.job => C:\Users\Martina\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013.job => C:\Program Files (x86)\TuneUp Utilities 2013\OneClick.exe
Task: C:\Windows\Tasks\update-S-1-5-21-2465613748-4109621216-2680054910-1000.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\Windows\Tasks\update-S-1-5-21-2465613748-4109621216-2680054910-1003.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\Windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe

==================== Loaded Modules (whitelisted) =============

2005-09-13 16:27 - 2005-09-13 16:27 - 00054784 _____ () C:\Windows\system32\lxbkcnv4.dll
2012-10-05 10:38 - 2012-04-05 17:35 - 00327392 ____N () C:\Program Files (x86)\XSManager\WTGService.exe
2013-08-29 01:39 - 2013-08-29 01:40 - 04287536 _____ () C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
2010-08-04 15:58 - 2010-08-04 15:58 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2010-09-30 22:36 - 2010-09-30 22:36 - 00270336 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2012-08-10 16:51 - 2012-08-10 16:51 - 00985088 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
2014-02-14 11:30 - 2014-02-14 11:30 - 00170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\bfd5296be62268bc7a31a424f0d1ad5f\IsdiInterop.ni.dll
2010-10-01 09:40 - 2010-03-03 20:08 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\\Downloads\Bestaetigung_Rechnung_zu_Ihrer_byebye_Reise_21200789.eml:OECustomProperty
AlternateDataStreams: C:\Users\\Downloads\nachricht (1).eml:OECustomProperty
AlternateDataStreams: C:\Users\\Downloads\nachricht.eml:OECustomProperty

==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/03/2014 09:39:46 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm FRST64.exe, Version 1.6.2014.1 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 100c

Startzeit: 01cf7f6385094897

Endzeit: 0

Anwendungspfad: C:\Users\\Desktop\FRST64.exe

Berichts-ID: cbecc728-eb56-11e3-8157-1c6f6549ce08

Error: (06/03/2014 09:31:11 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst konnte nicht heruntergefahren werden. Aufgetretener Fehler: System.InvalidOperationException: UpdatePendingStatus kann nur während der Verarbeitung von Befehlen zum Starten, Beenden, Anhalten und Fortsetzen aufgerufen werden.
   bei System.ServiceProcess.ServiceBase.RequestAdditionalTime(Int32 milliseconds)
   bei BlueStacks.hyperDroid.Service.Service.OnStop()
   bei BlueStacks.hyperDroid.Service.Service.OnShutdown()
   bei System.ServiceProcess.ServiceBase.DeferredShutdown()

Error: (06/03/2014 09:29:02 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm FRST64.exe, Version 1.6.2014.1 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1604

Startzeit: 01cf7f6206b8e485

Endzeit: 5

Anwendungspfad: C:\Users\\Downloads\FRST64.exe

Berichts-ID: 4e779dbf-eb55-11e3-a84b-1c6f6549ce08

Error: (06/03/2014 09:28:18 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm FRST64.exe, Version 30.5.2014.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 378

Startzeit: 01cf7f61ef976bca

Endzeit: 16

Anwendungspfad: C:\Users\\Desktop\FRST64.exe

Berichts-ID: 33eeb150-eb55-11e3-a84b-1c6f6549ce08

Error: (06/03/2014 04:24:56 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (06/03/2014 04:24:41 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (06/03/2014 04:24:31 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (06/03/2014 01:44:07 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (06/03/2014 00:23:08 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (06/02/2014 11:25:11 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)


System errors:
=============
Error: (06/03/2014 01:44:07 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet: 
%%1064

Error: (06/03/2014 03:09:18 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Internet Explorer 11 für Windows 7 für x64-basierte Systeme

Error: (06/03/2014 00:23:08 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet: 
%%1064

Error: (06/03/2014 00:21:54 AM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x00000116 (0xfffffa8009e0f010, 0xfffff88003c14f94, 0x0000000000000000, 0x0000000000000002)C:\Windows\MEMORY.DMP060314-22698-01

Error: (06/03/2014 00:21:45 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎03.‎06.‎2014 um 00:19:46 unerwartet heruntergefahren.

Error: (06/02/2014 11:26:02 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0

Error: (06/02/2014 11:25:11 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet: 
%%1064

Error: (06/02/2014 11:23:54 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎02.‎06.‎2014 um 23:22:30 unerwartet heruntergefahren.

Error: (06/02/2014 07:46:41 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Internet Explorer 11 für Windows 7 für x64-basierte Systeme

Error: (06/02/2014 04:52:50 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Internet Explorer 11 für Windows 7 für x64-basierte Systeme


Microsoft Office Sessions:
=========================
Error: (06/03/2014 09:39:46 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: FRST64.exe1.6.2014.1100c01cf7f63850948970C:\Users\\Desktop\FRST64.execbecc728-eb56-11e3-8157-1c6f6549ce08

Error: (06/03/2014 09:31:11 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst konnte nicht heruntergefahren werden. Aufgetretener Fehler: System.InvalidOperationException: UpdatePendingStatus kann nur während der Verarbeitung von Befehlen zum Starten, Beenden, Anhalten und Fortsetzen aufgerufen werden.
   bei System.ServiceProcess.ServiceBase.RequestAdditionalTime(Int32 milliseconds)
   bei BlueStacks.hyperDroid.Service.Service.OnStop()
   bei BlueStacks.hyperDroid.Service.Service.OnShutdown()
   bei System.ServiceProcess.ServiceBase.DeferredShutdown()

Error: (06/03/2014 09:29:02 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: FRST64.exe1.6.2014.1160401cf7f6206b8e4855C:\Users\\Downloads\FRST64.exe4e779dbf-eb55-11e3-a84b-1c6f6549ce08

Error: (06/03/2014 09:28:18 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: FRST64.exe30.5.2014.037801cf7f61ef976bca16C:\Users\\Desktop\FRST64.exe33eeb150-eb55-11e3-a84b-1c6f6549ce08

Error: (06/03/2014 04:24:56 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Jürgen\Downloads\SoftonicDownloader_fuer_lightshot (1).exe

Error: (06/03/2014 04:24:41 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Jürgen\Downloads\SoftonicDownloader_fuer_lightshot (1).exe

Error: (06/03/2014 04:24:31 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Jürgen\Downloads\SoftonicDownloader_fuer_lightshot (1).exe

Error: (06/03/2014 01:44:07 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (06/03/2014 00:23:08 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (06/02/2014 11:25:11 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)


CodeIntegrity Errors:
===================================
  Date: 2014-06-01 01:13:13.041
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-06-01 01:13:12.901
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Percentage of memory in use: 55%
Total physical RAM: 3959.48 MB
Available physical RAM: 1744.3 MB
Total Pagefile: 7917.15 MB
Available Pagefile: 5364.62 MB
Total Virtual: 8192 MB
Available Virtual: 8191.86 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:727.71 GB) (Free:494.35 GB) NTFS
Drive d: (Volume) (Fixed) (Total:195.31 GB) (Free:195.22 GB) NTFS
Drive e: (Recovery) (Fixed) (Total:8 GB) (Free:2.57 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 30B6D843)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=728 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=195 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=8 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         

Alt 04.06.2014, 16:51   #14
M-K-D-B
/// TB-Ausbilder
 
WINDOWS 7 kommen ständig PopUps usw... - Standard

WINDOWS 7 kommen ständig PopUps usw...



"Herzlichen Glückwunsch"... du hast dich soeben wieder selbst mit Adware infiziert... bedanken kannst du dich bei dir selber!
Zitat:
2014-06-03 16:27 - 2014-06-03 16:27 - 00000392 _____ () C:\Windows\Tasks\update-sys.job
2014-06-03 16:27 - 2014-06-03 16:27 - 00000000 ____D () C:\Users\\AppData\Roaming\Security Systems
2014-06-03 16:27 - 2014-06-03 16:27 - 00000000 ____D () C:\Users\\AppData\Local\Skillbrains
2014-06-03 16:27 - 2014-06-03 16:27 - 00000000 ____D () C:\Program Files (x86)\Skillbrains
2014-06-03 16:26 - 2014-06-03 16:26 - 02620112 _____ (Skillbrains ) C:\Users\\Desktop\setup-lightshot3-2-0-0.exe
2014-06-03 16:24 - 2014-06-03 16:24 - 00357712 _____ (Softonic) C:\Users\Jürgen\Downloads\SoftonicDownloader_fuer_lightshot (1).exe
2014-06-03 16:23 - 2014-06-03 16:24 - 00357712 _____ (Softonic) C:\Users\Jürgen\Downloads\SoftonicDownloader_fuer_lightshot.exe
1. Von Softonic lädt man sich keine Software, außer du möchtest Pop-ups und Werbung bekommen
2. In meinem 1. Post erwähnte ich, dass du keine Software installieren oder deinstallieren sollst, bis wir hier fertig sind.... aber was machst du? Du machst natürlich genau das, was du nicht machen sollst...







Schritt 1
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).





Schritt 2
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.







Schritt 3
Bitte deaktiviere dein Anti-Viren-Programm, da es das Ergebnis beeinflussen oder ggf. die Bereinigung stören kann.
Bitte lade dir zoek.exe von hier: http://hijackthis.nl/smeenk/ und speichere die Datei auf deinem Desktop.
  • Starte Zoek.exe mit einem Doppelklick.
  • Achtung: Das folgende Skript wurde nur für diesen speziellen Fall geschrieben und könnte andere Computer beschädigen.
  • Kopiere den Text der folgenden Box in das Skriptfenster von zoek:
    Code:
    ATTFilter
    iedefaults;
    resetIEproxy;
    FFdefaults;
    CHRdefaults;
    emptyclsid;
    autoclean;
             
  • Nun klicke auf "Run script" und sei geduldig bis das Skript durchgelaufen ist.
  • Wenn das Tool fertig ist, wird sich Notepad mit der Logdatei öffnen (ggf. erst nach einem Neustart). Das Log befindet sich aber auch noch unter c:\ .
  • Bitte poste mir das ZOEK-Log (möglichst in CODE-Tags - #-Symbol im Antwortfenster klicken).





Schritt 4
  • Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Scan.
  • FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.






Bitte poste mit deiner nächsten Antwort
  • die Logdatei von AdwCleaner,
  • die Logdatei von MBAM,
  • die Logdatei von Zoek,
  • die beiden neuen Logdateien von FRST.
__________________
Grüße aus Bayern
M-K-D-B

______________________________________

Das Trojaner-Board unterstützen

Alt 04.06.2014, 17:24   #15
Jackson11
 
WINDOWS 7 kommen ständig PopUps usw... - Standard

WINDOWS 7 kommen ständig PopUps usw...



Sorry, das war mein Sohn, obwohl ich es ihm verboten hatte, leider :-((

Antwort

Themen zu WINDOWS 7 kommen ständig PopUps usw...
association, bingbar, bluestacks, branding, dvdvideosoft ltd., lightning, pum.bad.proxy, pup.bprotector, pup.bundleinstaller.vg, pup.optional.bandoo, pup.optional.bprotector.a, pup.optional.conduit, pup.optional.conduit.a, pup.optional.crossrider.a, pup.optional.datamngr.a, pup.optional.dealply.a, pup.optional.delta.a, pup.optional.feven.a, pup.optional.fevenpro.a, pup.optional.hqvideoprofession.a, pup.optional.iminent, pup.optional.iminent.a, pup.optional.incredibar, pup.optional.installbrain.a, pup.optional.pricegong.a, pup.optional.savingssidekick.a, pup.optional.softonic.a, pup.optional.somoto.a, pup.optional.sweetim.a, pup.optional.wajam.a, trojan.bho, vcredist



Ähnliche Themen: WINDOWS 7 kommen ständig PopUps usw...


  1. ständig Popups und andere Websiten mit Windows 7
    Plagegeister aller Art und deren Bekämpfung - 19.10.2014 (20)
  2. Windows 8: Mehrere Trojaner - ständig Popups im IE
    Log-Analyse und Auswertung - 25.06.2014 (6)
  3. Firefox: Es kommen ständig die gleichen Werbe-Fenster zwischendurch
    Plagegeister aller Art und deren Bekämpfung - 26.04.2014 (9)
  4. Ständig Popups und automatische Weiterleitung auf Internetseiten (Windows 7 professional, firefox und ie)
    Plagegeister aller Art und deren Bekämpfung - 22.04.2014 (9)
  5. Bei Browseröffnung kommen ständig Aufforderungen Viren zu beseitigen und Werbebanner
    Plagegeister aller Art und deren Bekämpfung - 24.02.2014 (16)
  6. Firefox öffnet ständig Popups
    Plagegeister aller Art und deren Bekämpfung - 02.07.2013 (18)
  7. Antivirus 2009 und sudiet.b kommen ständig
    Log-Analyse und Auswertung - 02.01.2009 (1)
  8. CID Popups gehen ständig aufwas tun?
    Log-Analyse und Auswertung - 04.06.2008 (17)
  9. Ständig Popups!!!
    Log-Analyse und Auswertung - 03.03.2008 (3)
  10. Ständig Popups
    Log-Analyse und Auswertung - 13.09.2007 (2)
  11. Bekomme ständig PopUps
    Log-Analyse und Auswertung - 27.06.2007 (2)
  12. Ständig IE-Popups
    Log-Analyse und Auswertung - 09.06.2007 (1)
  13. ständig PopUps mit EXP/Agent.B
    Log-Analyse und Auswertung - 22.02.2007 (3)
  14. 2 x iexplore + ständig popups
    Plagegeister aller Art und deren Bekämpfung - 03.11.2006 (10)
  15. Ständig Popups bei CS
    Log-Analyse und Auswertung - 10.08.2006 (1)
  16. Wenn ich Steam benutzte kommen Popups!
    Log-Analyse und Auswertung - 22.04.2006 (6)
  17. Ständig Popups aus dem nichts
    Log-Analyse und Auswertung - 23.11.2005 (1)

Zum Thema WINDOWS 7 kommen ständig PopUps usw... - Hi Leute, habe Windows 7 64bit Version und bekomme ständig PopUps und dass ich Flashplayer usw neu laden soll. Frst Log: Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) - WINDOWS 7 kommen ständig PopUps usw......
Archiv
Du betrachtest: WINDOWS 7 kommen ständig PopUps usw... auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.