| |
| |||||||
Log-Analyse und Auswertung: iStartSurf deinstallierenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
| |
02.09.2014, 09:13
| #1 |
 |  iStartSurf deinstallierenCode:
ATTFilter Nico Mak Computing
WinZip Malware Protector
Datum der Überprüfung Dienstag, 02. September 2014
Datenbankversion 1935
Gefundene Elemente insgesamt 253
Überprüfte Objekte: 262528
Abgelaufene Zeit: 00:05:54
Name Gefundene Elemente
Name der Infektion pup.globalupdate
Kategorie Potentially Unwanted Application
Bedrohungsstufe High
Durchgeführte Aktion NoActionTaken
Elemente gefunden 111
Gefundener Bereich Memory
Details
Dateiname c:\program files (x86)\globalupdate\update\1.3.25.0\goopdate.dll
MD5 0
Signatur 10348850114702906377
Md5hash: 148c0d2b53a597f9caa045ea9589ce97
Gefundener Bereich FileSystem
Details
Dateiname c:\program files (x86)\globalupdate\update\1.3.25.0\googleupdatehelper.msi
MD5 0
Signatur 0
Md5hash: fc7a2f466f7a0f3e873077505719c1a1
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\classes\clsid\{5645e0e7-fc12-43bf-a6e4-f9751942b298}
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\classes\clsid\{5645e0e7-fc12-43bf-a6e4-f9751942b298}\inprocserver32
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\classes\clsid\{5645e0e7-fc12-43bf-a6e4-f9751942b298}\inprocserver32
threadingmodel
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\classes\clsid\{5645e0e7-fc12-43bf-a6e4-f9751942b298}\progid
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\classes\clsid\{c7bf8f4b-7bc7-4f42-b944-3d28a3a86d8a}
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\classes\clsid\{c7bf8f4b-7bc7-4f42-b944-3d28a3a86d8a}\inprocserver32
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\classes\clsid\{c7bf8f4b-7bc7-4f42-b944-3d28a3a86d8a}\inprocserver32
threadingmodel
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\classes\clsid\{c7bf8f4b-7bc7-4f42-b944-3d28a3a86d8a}\progid
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\classes\clsid\{cfc47bb5-5fb5-4ad0-8427-6aa04334a3fc}
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\classes\clsid\{cfc47bb5-5fb5-4ad0-8427-6aa04334a3fc}\inprocserver32
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\classes\clsid\{cfc47bb5-5fb5-4ad0-8427-6aa04334a3fc}\inprocserver32
threadingmodel
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\classes\clsid\{e0adb535-d7b5-4d8b-b15d-578bdd20d76a}
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\classes\clsid\{e0adb535-d7b5-4d8b-b15d-578bdd20d76a}\inprocserver32
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\classes\clsid\{e0adb535-d7b5-4d8b-b15d-578bdd20d76a}\inprocserver32
threadingmodel
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\classes\globalupdate.oneclickctrl.10
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\classes\globalupdate.oneclickctrl.10\clsid
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\classes\globalupdate.update3webcontrol.4
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\classes\globalupdate.update3webcontrol.4\clsid
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update
path
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update
version
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update
globalupdate_task_name_c
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update
lastchecked
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update\clients
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update\clients\{00ba8a8f-c20a-4328-8e58-8463b52ba450}
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update\clients\{00ba8a8f-c20a-4328-8e58-8463b52ba450}
pv
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update\clients\{00ba8a8f-c20a-4328-8e58-8463b52ba450}
name
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update\clients\{00ba8a8f-c20a-4328-8e58-8463b52ba450}
bic
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update\clients\{00ba8a8f-c20a-4328-8e58-8463b52ba450}
verifier
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update\clients\{00ba8a8f-c20a-4328-8e58-8463b52ba450}
srcid_var
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update\clients\{08174260-1228-485d-9b4e-df23fe546e03}
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update\clients\{08174260-1228-485d-9b4e-df23fe546e03}
pv
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update\clients\{08174260-1228-485d-9b4e-df23fe546e03}
name
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update\clients\{08174260-1228-485d-9b4e-df23fe546e03}
bic
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update\clients\{08174260-1228-485d-9b4e-df23fe546e03}
verifier
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update\clients\{08174260-1228-485d-9b4e-df23fe546e03}
srcid_var
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update\clients\{430fd4d0-b729-4f61-aa34-91526481799d}
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update\clients\{430fd4d0-b729-4f61-aa34-91526481799d}
pv
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update\clients\{430fd4d0-b729-4f61-aa34-91526481799d}
name
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update\clientstate
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update\clientstate\{00ba8a8f-c20a-4328-8e58-8463b52ba450}
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update\clientstate\{00ba8a8f-c20a-4328-8e58-8463b52ba450}
pv
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update\clientstate\{00ba8a8f-c20a-4328-8e58-8463b52ba450}
rollcalldaystartsec
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update\clientstate\{00ba8a8f-c20a-4328-8e58-8463b52ba450}
lastchecksuccess
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update\clientstate\{08174260-1228-485d-9b4e-df23fe546e03}
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update\clientstate\{08174260-1228-485d-9b4e-df23fe546e03}
pv
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update\clientstate\{08174260-1228-485d-9b4e-df23fe546e03}
rollcalldaystartsec
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update\clientstate\{08174260-1228-485d-9b4e-df23fe546e03}
lastchecksuccess
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update\clientstate\{430fd4d0-b729-4f61-aa34-91526481799d}
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update\clientstate\{430fd4d0-b729-4f61-aa34-91526481799d}
pv
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update\clientstate\{430fd4d0-b729-4f61-aa34-91526481799d}
brand
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update\clientstate\{430fd4d0-b729-4f61-aa34-91526481799d}
installtime
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update\clientstate\{430fd4d0-b729-4f61-aa34-91526481799d}
rollcalldaystartsec
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update\clientstate\{430fd4d0-b729-4f61-aa34-91526481799d}
lastchecksuccess
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update\clientstatemedium
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update\clientstatemedium\{00ba8a8f-c20a-4328-8e58-8463b52ba450}
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update\clientstatemedium\{08174260-1228-485d-9b4e-df23fe546e03}
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update\network
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update\network\secure
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\microsoft\internet explorer\low rights\elevationpolicy\{5645e0e7-fc12-43bf-a6e4-f9751942b298}
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\microsoft\internet explorer\low rights\elevationpolicy\{5645e0e7-fc12-43bf-a6e4-f9751942b298}
appname
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\microsoft\internet explorer\low rights\elevationpolicy\{5645e0e7-fc12-43bf-a6e4-f9751942b298}
apppath
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\microsoft\internet explorer\low rights\elevationpolicy\{5645e0e7-fc12-43bf-a6e4-f9751942b298}
policy
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\microsoft\internet explorer\low rights\elevationpolicy\{c7bf8f4b-7bc7-4f42-b944-3d28a3a86d8a}
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\microsoft\internet explorer\low rights\elevationpolicy\{c7bf8f4b-7bc7-4f42-b944-3d28a3a86d8a}
appname
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\microsoft\internet explorer\low rights\elevationpolicy\{c7bf8f4b-7bc7-4f42-b944-3d28a3a86d8a}
apppath
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\microsoft\internet explorer\low rights\elevationpolicy\{c7bf8f4b-7bc7-4f42-b944-3d28a3a86d8a}
policy
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\microsoft\windows nt\currentversion\image file execution options\googleupdate.exe
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\microsoft\windows nt\currentversion\image file execution options\googleupdate.exe
disableexceptionchainvalidation
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\microsoft\windows\currentversion\ext\preapproved\{5645e0e7-fc12-43bf-a6e4-f9751942b298}
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\microsoft\windows\currentversion\ext\preapproved\{c7bf8f4b-7bc7-4f42-b944-3d28a3a86d8a}
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\mozillaplugins\@staging.google.com/globalupdate update;version=10
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\mozillaplugins\@staging.google.com/globalupdate update;version=10
path
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\mozillaplugins\@staging.google.com/globalupdate update;version=10
description
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\mozillaplugins\@staging.google.com/globalupdate update;version=10
productname
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\mozillaplugins\@staging.google.com/globalupdate update;version=10
vendor
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\mozillaplugins\@staging.google.com/globalupdate update;version=10
version
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\mozillaplugins\@staging.google.com/globalupdate update;version=10\mimetypes
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\mozillaplugins\@staging.google.com/globalupdate update;version=10\mimetypes\application/x-vnd.google.oneclickctrl.10
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\mozillaplugins\@staging.google.com/globalupdate update;version=4
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\mozillaplugins\@staging.google.com/globalupdate update;version=4
path
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\mozillaplugins\@staging.google.com/globalupdate update;version=4
description
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\mozillaplugins\@staging.google.com/globalupdate update;version=4
productname
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\mozillaplugins\@staging.google.com/globalupdate update;version=4
vendor
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\mozillaplugins\@staging.google.com/globalupdate update;version=4
version
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\mozillaplugins\@staging.google.com/globalupdate update;version=4\mimetypes
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\mozillaplugins\@staging.google.com/globalupdate update;version=4\mimetypes\application/x-vnd.google.update3webcontrol.4
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\globalupdate
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\globalupdate
type
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\globalupdate
start
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\globalupdate
errorcontrol
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\globalupdate
imagepath
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\globalupdate
displayname
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\globalupdate
dependonservice
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\globalupdate
wow64
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\globalupdate
objectname
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\globalupdate
description
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\globalupdate
delayedautostart
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\globalupdatem
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\globalupdatem
type
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\globalupdatem
start
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\globalupdatem
errorcontrol
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\globalupdatem
imagepath
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\globalupdatem
displayname
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\globalupdatem
dependonservice
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\globalupdatem
wow64
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\globalupdatem
objectname
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\globalupdatem
description
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\globalupdatem
delayedautostart
Name der Infektion pup.optional
Kategorie Potentially Unwanted Application
Bedrohungsstufe High
Durchgeführte Aktion NoActionTaken
Elemente gefunden 61
Gefundener Bereich FileSystem
Details
Dateiname c:\program files (x86)\searchprotect\main\bin\cltmngsvc.exe
MD5 0
Signatur 4008520455206799453
Md5hash: d44da098e45085a2acaca6a92d575b8a
Gefundener Bereich FileSystem
Details
Dateiname c:\program files (x86)\searchprotect\main\bin\sptool.dll
MD5 0
Signatur 5502870926556351585
Md5hash: 147fd0b3c9bc7a66f0c8a399ca61cc0b
Gefundener Bereich FileSystem
Details
Dateiname c:\program files (x86)\searchprotect\main\bin\uninstall.exe
MD5 945616464127594250
Signatur 0
Md5hash: 45e9457a13020227b516933f4e13e75b
Gefundener Bereich FileSystem
Details
Dateiname c:\program files (x86)\searchprotect\ui\bin\cltmngui.exe
MD5 0
Signatur 5043636912816771717
Md5hash: b45855f3cfebca58389b19144e6d44d5
Gefundener Bereich FileSystem
Details
Dateiname c:\program files (x86)\searchprotect\searchprotect\bin\cltmng.exe
MD5 0
Signatur 13392094193946676137
Md5hash: 01041912765aac215ebf10746c304016
Gefundener Bereich FileSystem
Details
Dateiname c:\program files (x86)\searchprotect\searchprotect\bin\sptool64.exe
MD5 0
Signatur 5742242505403073202
Md5hash: c885990e0c5489ddd11b098c54d349b8
Gefundener Bereich FileSystem
Details
Dateiname c:\program files (x86)\searchprotect\searchprotect\bin\spvc32.dll
MD5 0
Signatur 10559975309048136720
Md5hash: 598a964a8c1347722c2fd0c6b7f1c154
Gefundener Bereich FileSystem
Details
Dateiname c:\program files (x86)\searchprotect\searchprotect\bin\spvc32loader.dll
MD5 0
Signatur 8283225535962601202
Md5hash: 9a41cf0d3927889ae686a1d105d14433
Gefundener Bereich FileSystem
Details
Dateiname c:\program files (x86)\searchprotect\searchprotect\bin\spvc64.dll
MD5 0
Signatur 14477932829830964117
Md5hash: c826f27ee06f04ab30561269f3fd90d8
Gefundener Bereich FileSystem
Details
Dateiname c:\program files (x86)\searchprotect\searchprotect\bin\spvc64loader.dll
MD5 0
Signatur 3967124370264990919
Md5hash: e85b2a2c30e46d7b0f7e92b9a9255d77
Gefundener Bereich FileSystem
Details
Dateiname c:\users\martina\appdata\local\searchprotect\searchprotect\rep\userrepository.dat
MD5 0
Signatur 0
Md5hash: 7f41fc2517fc97e49b009851eb0f9fc6
Gefundener Bereich FileSystem
Details
Dateiname c:\users\martina\appdata\local\searchprotect\searchprotect\rep\usersettings.dat
MD5 0
Signatur 0
Md5hash: 4d2aadbeb627ccb55d39752c919b7cae
Gefundener Bereich FileSystem
Details
Dateiname c:\users\martina\appdata\local\searchprotect\ui\rep\uirepository.dat
MD5 0
Signatur 0
Md5hash: f749579958724120bb26add6c52a06ac
Gefundener Bereich Memory
Details
Dateiname c:\program files (x86)\youtube accelerator\ipc.dll
MD5 0
Signatur 2222954328128739501
Md5hash: e3ca787c4ef41e3d3c212899dd361daf
Gefundener Bereich Memory
Details
Dateiname c:\program files (x86)\youtube accelerator\xmldb.dll
MD5 0
Signatur 6164794545056868536
Md5hash: e09fa1c699e985e4cf8cfc6457dba9f1
Gefundener Bereich Memory
Details
Dateiname c:\program files (x86)\youtube accelerator\helper.dll
MD5 0
Signatur 9103839266922713970
Md5hash: 3f60c99839e22b593223eb083e1ae454
Gefundener Bereich Memory
Details
Dateiname c:\program files (x86)\globalupdate\update\googleupdate.exe
MD5 0
Signatur 12264191390500570615
Md5hash: d858ba2ee718b1db1ced20646e641d08
Gefundener Bereich FileSystem
Details
Dateiname c:\program files (x86)\globalupdate\update\1.3.25.0\googlecrashhandler.exe
MD5 0
Signatur 12264191390500570615
Md5hash: 03114dadbd9977fc823f95b21fb987e7
Gefundener Bereich FileSystem
Details
Dateiname c:\program files (x86)\globalupdate\update\1.3.25.0\googleupdate.exe
MD5 0
Signatur 12264191390500570615
Md5hash: d858ba2ee718b1db1ced20646e641d08
Gefundener Bereich FileSystem
Details
Dateiname c:\program files (x86)\youtube accelerator\cabex.dll
MD5 0
Signatur 16962820214776606692
Md5hash: 3f4049d8bf040812a96680c5a6b377fd
Gefundener Bereich FileSystem
Details
Dateiname c:\program files (x86)\youtube accelerator\ytalsp.dll
MD5 0
Signatur 2574574794302051618
Md5hash: 6289966fd5c7d68cc37d526f6a40cdfa
Gefundener Bereich FileSystem
Details
Dateiname c:\program files (x86)\globalupdate\update\1.3.25.0\googleupdatebroker.exe
MD5 0
Signatur 11382960367386889684
Md5hash: f98de4108614e4bb81e95e58e36c7000
Gefundener Bereich FileSystem
Details
Dateiname c:\program files (x86)\globalupdate\update\1.3.25.0\googleupdateondemand.exe
MD5 0
Signatur 11382960367386889684
Md5hash: 7e767b342e55eb1dfd74a65d24ea4b70
Gefundener Bereich FileSystem
Details
Dateiname c:\program files (x86)\globalupdate\update\1.3.25.0\goopdateres_en.dll
MD5 0
Signatur 6050752766450381628
Md5hash: 4249db2978306091a48702bb6f9a42c2
Gefundener Bereich FileSystem
Details
Dateiname c:\program files (x86)\globalupdate\update\1.3.25.0\npgoogleupdate4.dll
MD5 0
Signatur 9274589362263618590
Md5hash: 624d999248a19d5dad757606a4457857
Gefundener Bereich FileSystem
Details
Dateiname c:\program files (x86)\globalupdate\update\1.3.25.0\psmachine.dll
MD5 0
Signatur 14069428750905708878
Md5hash: fefef2f226fd6be184bc4a3378b02aaf
Gefundener Bereich FileSystem
Details
Dateiname c:\program files (x86)\globalupdate\update\1.3.25.0\psuser.dll
MD5 0
Signatur 14069428750905708878
Md5hash: 8d90bb3a36521b50d0e512a781e36871
Gefundener Bereich FileSystem
Details
Dateiname c:\users\martina\appdata\roaming\istartsurf\uninstallmanager.exe
MD5 0
Signatur 11577995310399389985
Md5hash: 1608d54dc69ea7e763cdab78f71cafd6
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_classes_root
clsid\{4aa46d49-459f-4358-b4d1-169048547c23}
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_classes_root
clsid\{4aa46d49-459f-4358-b4d1-169048547c23}
id
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\microsoft\internet explorer\searchscopes\{014db5fa-eafb-4592-a95b-f44d3ee87fa9}
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\microsoft\internet explorer\searchscopes\{014db5fa-eafb-4592-a95b-f44d3ee87fa9}
url
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\microsoft\internet explorer\searchscopes\{014db5fa-eafb-4592-a95b-f44d3ee87fa9}
suggestionsurl_json
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\microsoft\internet explorer\searchscopes\{014db5fa-eafb-4592-a95b-f44d3ee87fa9}
displayname
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\microsoft\internet explorer\searchscopes\{014db5fa-eafb-4592-a95b-f44d3ee87fa9}
showsearchsuggestions
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\microsoft\internet explorer\searchscopes\{014db5fa-eafb-4592-a95b-f44d3ee87fa9}
deleted
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\{6791a2f3-fc80-475c-a002-c014af797e9c}
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\{6791a2f3-fc80-475c-a002-c014af797e9c}
n
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\classes\clsid\{1aa60054-57d9-4f99-9a55-d0fbfbe7ecd3}
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\classes\clsid\{4aa46d49-459f-4358-b4d1-169048547c23}
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\classes\clsid\{4aa46d49-459f-4358-b4d1-169048547c23}
id
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\microsoft\windows\currentversion\uninstall\searchprotect
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\microsoft\windows\currentversion\uninstall\searchprotect
displayname
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\microsoft\windows\currentversion\uninstall\searchprotect
displayicon
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\microsoft\windows\currentversion\uninstall\searchprotect
displayversion
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\microsoft\windows\currentversion\uninstall\searchprotect
publisher
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\microsoft\windows\currentversion\uninstall\searchprotect
uninstallstring
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\searchprotect
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\searchprotect
spid
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\searchprotect
environment
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\searchprotect
ts
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\cltmngsvc
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\cltmngsvc
type
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\cltmngsvc
start
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\cltmngsvc
errorcontrol
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\cltmngsvc
imagepath
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\cltmngsvc
displayname
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\cltmngsvc
wow64
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\cltmngsvc
objectname
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\cltmngsvc
dependonservice
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\cltmngsvc
description
Name der Infektion pup.superfish
Kategorie Potentially Unwanted Application
Bedrohungsstufe High
Durchgeführte Aktion NoActionTaken
Elemente gefunden 5
Gefundener Bereich FileSystem
Details
Dateiname c:\users\martina\appdata\local\google\chrome\user data\default\local storage\http_www.superfish.com_0.localstorage
MD5 0
Signatur 0
Md5hash: 5f24451ac3523b39f40c7cd87c4f0dbb
Gefundener Bereich FileSystem
Details
Dateiname c:\users\martina\appdata\local\google\chrome\user data\default\local storage\http_www.superfish.com_0.localstorage-journal
MD5 0
Signatur 0
Md5hash: 4f11aa3c6f98f8edf8f438b61f69d60e
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\microsoft\internet explorer\domstorage\superfish.com
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\microsoft\internet explorer\domstorage\superfish.com
numberofsubdomains
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\microsoft\internet explorer\domstorage\superfish.com
total
Name der Infektion pup.montieratoolbar
Kategorie Potentially Unwanted Application
Bedrohungsstufe High
Durchgeführte Aktion NoActionTaken
Elemente gefunden 2
Gefundener Bereich FileSystem
Details
Dateiname c:\users\martina\appdata\local\google\chrome\user data\default\local storage\http_www.trovi.com_0.localstorage
MD5 0
Signatur 0
Md5hash: f353360d74d4532256cff2bc1d810699
Gefundener Bereich FileSystem
Details
Dateiname c:\users\martina\appdata\local\google\chrome\user data\default\local storage\http_www.trovi.com_0.localstorage-journal
MD5 0
Signatur 0
Md5hash: bf619eac0cdf3f68d496ea9344137e8b
Name der Infektion pup.searchprotect
Kategorie Potentially Unwanted Application
Bedrohungsstufe High
Durchgeführte Aktion NoActionTaken
Elemente gefunden 13
Gefundener Bereich FileSystem
Details
Dateiname c:\users\martina\appdata\local\searchprotect\searchprotect\rep\cvc.dat
MD5 0
Signatur 0
Md5hash: d01872cbb21925c587ff2d2d0d75b756
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\searchprotect
installdir
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\sppd
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\sppd
type
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\sppd
start
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\sppd
errorcontrol
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\sppd
imagepath
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\sppd
displayname
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\sppd
wow64
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\sppd\enum
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\sppd\enum
0
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\sppd\enum
count
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\sppd\enum
nextinstance
Name der Infektion pup.installcore
Kategorie Potentially Unwanted Application
Bedrohungsstufe High
Durchgeführte Aktion NoActionTaken
Elemente gefunden 22
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\installcore\1i1t1q1s
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\installcore\1i1t1q1s
name
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\installcore\1i1t1q1s
reg
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\installcore
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\installcore
t
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\installcore
tb
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\installcore
hp
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\installcore
ds
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\installcore\mysearchdial
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\installcore\mysearchdial
insdate
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\installcore\mysearchdial
instlref
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\installcore\mysearchdial
aflt
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\installcore\mysearchdial
c_ver
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\installcore\uninstall
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\installcore\uninstall\0f1l1g1q0r1l1n1m2z
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\installcore\uninstall\0f1l1g1q0r1l1n1m2z
uninstall
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\installcore\uninstall\0m2u0s1p1t1c1r1m0d1l1t1i
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\installcore\uninstall\0m2u0s1p1t1c1r1m0d1l1t1i
uninstall
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\installcore\uninstall\0m2u0s1p1t1c1r1m0d1l1t1i
sch_desc
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\installcore\uninstall\0m2u0s1p1t1c1r1m0d1l1t1i
sch_link
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\installcore\uninstall\0m2u0s1p1t1c1r1m0d1l1t1i
add_desc
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\installcore\uninstall\0m2u0s1p1t1c1r1m0d1l1t1i
add_link
Name der Infektion pup.1clickdownload
Kategorie Potentially Unwanted Application
Bedrohungsstufe High
Durchgeführte Aktion NoActionTaken
Elemente gefunden 5
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\1clickdownload
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\1clickdownload
uid
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\1clickdownload
lastinstall0
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\1clickdownload
lastinstall3
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\1clickdownload
lastinstall2
Name der Infektion pup.babylon
Kategorie Potentially Unwanted Application
Bedrohungsstufe High
Durchgeführte Aktion NoActionTaken
Elemente gefunden 17
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\babsolution\updater
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\babsolution\updater
cr_ver
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\babsolution\updater
task_st
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\babsolution\updater
lastdyreportsch
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\babsolution\updater
rep
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\babsolution\updater
rstsp
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\babsolution\updater
risp
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\babsolution\updater
userid
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\babsolution\updater
lastdllupdatecheck
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\babsolution\updater\busolutrunningupdt
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\babsolution\updater\busolutrunningupdt
ff21v.exe
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\babsolution\updater\busolutrunningupdt
crxupdater_d.exe
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\babsolution\updater\report
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\babsolution\updater\report
gglsp
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\babsolution\updater\report
sqlt
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\babsolution\updater\updates
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\babsolution\updater\updates
crxenb
Name der Infektion pup.delta
Kategorie Potentially Unwanted Application
Bedrohungsstufe High
Durchgeführte Aktion NoActionTaken
Elemente gefunden 1
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\classes\appid\{c26644c4-2a12-4ca6-8f2e-0ede6cf018f3}
Name der Infektion pup.optional-snk
Kategorie Potentially Unwanted Application
Bedrohungsstufe High
Durchgeführte Aktion NoActionTaken
Elemente gefunden 2
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\{3a7d3e19-1b79-4e4e-bd96-5467da2c4ef0}
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\{3a7d3e19-1b79-4e4e-bd96-5467da2c4ef0}
n
Name der Infektion pup.shopperpro
Kategorie Potentially Unwanted Application
Bedrohungsstufe High
Durchgeführte Aktion NoActionTaken
Elemente gefunden 13
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\microsoft\windows\currentversion\ext\settings\{a5a51d2a-505a-4d84-afc6-e0fa87e47b8c}
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\microsoft\windows\currentversion\ext\settings\{a5a51d2a-505a-4d84-afc6-e0fa87e47b8c}
flags
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\microsoft\windows\currentversion\ext\stats\{a5a51d2a-505a-4d84-afc6-e0fa87e47b8c}
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\microsoft\windows\currentversion\ext\stats\{a5a51d2a-505a-4d84-afc6-e0fa87e47b8c}\iexplore
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\microsoft\windows\currentversion\ext\stats\{a5a51d2a-505a-4d84-afc6-e0fa87e47b8c}\iexplore
type
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\microsoft\windows\currentversion\ext\stats\{a5a51d2a-505a-4d84-afc6-e0fa87e47b8c}\iexplore
flags
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\microsoft\windows\currentversion\ext\stats\{a5a51d2a-505a-4d84-afc6-e0fa87e47b8c}\iexplore
count
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\microsoft\windows\currentversion\ext\stats\{a5a51d2a-505a-4d84-afc6-e0fa87e47b8c}\iexplore
time
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\microsoft\windows\currentversion\ext\stats\{a5a51d2a-505a-4d84-afc6-e0fa87e47b8c}\iexplore
loadtimearray
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\microsoft\windows\currentversion\ext\stats\{a5a51d2a-505a-4d84-afc6-e0fa87e47b8c}\iexplore
navtimearray
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\microsoft\windows\currentversion\explorer\browser helper objects\{a5a51d2a-505a-4d84-afc6-e0fa87e47b8c}
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\microsoft\windows\currentversion\explorer\browser helper objects\{a5a51d2a-505a-4d84-afc6-e0fa87e47b8c}
noexplorer
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\microsoft\windows\currentversion\ext\preapproved\{a5a51d2a-505a-4d84-afc6-e0fa87e47b8c}
Name der Infektion Restricted Settings
Kategorie Security Disabler
Bedrohungsstufe Medium
Durchgeführte Aktion NoActionTaken
Elemente gefunden 1
Gefundener Bereich WindowsSettings
Details
Registrierungsschlüssel hkey_local_machine
software\clients\startmenuinternet\iexplore.exe\shell\open\command
© 2013 WinZip International LLC. All rights reserved.
ich hoffe ich hab das richtig gemacht :-) |
|
02.09.2014, 09:14
| #2 | |
| /// TB-Ausbilder   | iStartSurf deinstallierenZitat:
WinZip Malware Protector ist selbst Adware, gleich wieder deinstallieren bitte...  Bitte lesen: Download bei filepony.de: So ladet Ihr unsere Tools richtig! FRST downloaden und wie beschrieben ausführen bitte. |
|
02.09.2014, 13:17
| #3 |
| | iStartSurf deinstallierenFRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 31-08-2014 02
Ran by Martina (administrator) on NB01KRZBMA on 02-09-2014 11:49:33
Running from D:\Martina\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Fuyu LIMITED) C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(GOOBZO) C:\Program Files (x86)\YouTube Accelerator\YouTubeAccelerator.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(ShopperPro) C:\Program Files\Common Files\ShopperPro\spbiu.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(GOOBZO) C:\Program Files (x86)\YouTube Accelerator\YouTubeAcceleratorService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
() C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.486\jsdrv.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(globalUpdate) C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Enigma Software Group USA, LLC.) C:\Config.Msi\1d5c40e.rbf
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [790176 2011-03-31] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [657056 2011-03-31] (Atheros Commnucations)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-09-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-14] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2237328 2013-11-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1273448 2012-04-03] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [449168 2012-03-26] (CANON INC.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [161584 2014-08-04] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SPDriver] => C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.486\jsdrv.exe [3211776 2014-08-07] ()
HKU\.DEFAULT\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-06-15] (Microsoft Corporation)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21446272 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [LiveSupport] => "C:\Program Files (x86)\LiveSupport\LiveSupport.exe" /noshow /log
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [GoobzoYouTubeAccelerator] => C:\Program Files (x86)\YouTube Accelerator\YouTubeAccelerator.exe [2227048 2014-08-21] (GOOBZO)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [SPDriver] => C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.486\jsdrv.exe [3211776 2014-08-07] ()
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-06-16] (Google Inc.)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\RunOnce: [Uninstall C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64"
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\RunOnce: [Uninstall C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64"
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: F - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {9f0476a4-d6a2-11e2-b1ce-90004eb858ed} - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {9f0476aa-d6a2-11e2-b1ce-90004eb858ed} - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {9f0476d6-d6a2-11e2-b1ce-90004eb858ed} - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {c3dde93d-99b1-11e3-9283-90004eb858ee} - F:\Startme.exe
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll [232408 2014-08-31] (Client Connect LTD)
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll [187352 2014-08-31] (Client Connect LTD)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\simplicheck.lnk
ShortcutTarget: simplicheck.lnk -> C:\Program Files (x86)\simplitec\simplicheck\simplicheck.exe (simplitec)
ShellIconOverlayIdentifiers: AccExtIco1 -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: AccExtIco2 -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: AccExtIco3 -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.trovi.com/?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MBE1B69C2-1A5C-4CA3-9376-6B92DBDE9BCF&SearchSource=55&CUI=&UM=6&UP=SPAA41E917-BF56-450F-9DCA-0EBCA6938BAD&SSPV=
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x46388F1AA669CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://at.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-AT
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hp&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
URLSearchHook: HKCU - SearchHook Class - {D8278076-BC68-4484-9233-6E7F1628B56C} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\searchhook.dll (APN LLC.)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.istartsurf.com/?type=sc&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MBE1B69C2-1A5C-4CA3-9376-6B92DBDE9BCF&SearchSource=58&CUI=&UM=6&UP=SPAA41E917-BF56-450F-9DCA-0EBCA6938BAD&q={searchTerms}&SSPV=
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MBE1B69C2-1A5C-4CA3-9376-6B92DBDE9BCF&SearchSource=58&CUI=&UM=6&UP=SPAA41E917-BF56-450F-9DCA-0EBCA6938BAD&q={searchTerms}&SSPV=
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Avira SearchFree Toolbar -> {41564952-412D-5637-00A7-7A786E7484D7} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Shopper Pro -> {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} -> C:\ProgramData\ShopperPro\ShopperPro64.dll (Goobzo Ltd.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: DVDVideoSoft WebPageAdjuster Class -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO: YTAHelper -> {FCE3FA8B-BA81-467C-81D8-E43C00D1BC71} -> C:\ProgramData\YTAHelper\YTAHelper64.dll (Goobzo Ltd.)
BHO-x32: Avira SearchFree Toolbar -> {41564952-412D-5637-00A7-7A786E7484D7} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: No Name -> {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} -> No File
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: FindRight -> {cf710881-c002-4ea4-860a-b6931b040948} -> C:\Program Files (x86)\FindRight\FindRightbho.dll (FindRight)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DVDVideoSoft WebPageAdjuster Class -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
BHO-x32: YTAHelper -> {FCE3FA8B-BA81-467C-81D8-E43C00D1BC71} -> C:\ProgramData\YTAHelper\YTAHelper.dll (Goobzo Ltd.)
Toolbar: HKLM - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
Toolbar: HKLM-x32 - mysearchdial Toolbar - {3004627E-F8E9-4E8B-909D-316753CBA923} - C:\Program Files (x86)\Mysearchdial\1.8.21.0\mysearchdialTlbr.dll No File
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default
FF NewTab: hxxp://www.istartsurf.com/newtab/?type=nt&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX
FF DefaultSearchEngine: istartsurf
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: istartsurf
FF Homepage: hxxp://www.istartsurf.com/?type=hp&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF SearchPlugin: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\bingp.xml
FF SearchPlugin: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\BrowserDefender.xml
FF SearchPlugin: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\delta.xml
FF SearchPlugin: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\Mysearchdial.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\istartsurf.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
FF Extension: TheHDvid-Codec V10 - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\43f13f31-cec7-4ac7-ad4a-18dfdaeae120@gmail.com [2014-08-21]
FF Extension: TheGoPhoto.it V10 - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\EWBNO58637124@CLP39222015.com [2014-08-21]
FF Extension: Fast Start - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\faststartff@gmail.com [2014-08-21]
FF Extension: Avira SearchFree Toolbar plus Web Protection - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\toolbar_AVIRA-V7@apn.ask.com [2013-08-18]
FF Extension: Youtube Accelerator Helper - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\{4C59F3E5-BBD0-4344-8DD2-30866FA0B31E} [2014-08-21]
FF Extension: Shopper-Pro - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\{746505DC-0E21-4667-97F8-72EA6BCF5EEF} [2014-08-21]
FF Extension: FindRight - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\firefox@myfindright.com.xpi [2014-02-18]
FF Extension: Avira SearchFree Toolbar plus Web Protection - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\toolbar_AVIRA-V7@apn.ask.com.xpi [2014-02-21]
FF HKLM-x32\...\Firefox\Extensions: [fiddlerhook@fiddler2.com] - C:\Program Files (x86)\Fiddler2\FiddlerHook
FF Extension: FiddlerHook - C:\Program Files (x86)\Fiddler2\FiddlerHook [2013-06-16]
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2013-07-13]
FF HKLM-x32\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\extensions\faststartff@gmail.com
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe hxxp://www.istartsurf.com/?type=sc&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX
Chrome:
=======
CHR StartupUrls: Default -> "https://www.google.at/?gws_rd=ssl#q=was+ist+it+surf%3F"
CHR DefaultSuggestURL: Default ->
CHR Profile: C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-31]
CHR Extension: (Google Drive) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-31]
CHR Extension: (YouTube) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-31]
CHR Extension: (Google-Suche) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-31]
CHR Extension: (DVDVideoSoft) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp [2013-07-14]
CHR Extension: (Google Wallet) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-27]
CHR Extension: (Google Mail) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-31]
CHR Extension: (Extutil) - C:\Users\Martina\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B [2014-08-31]
CHR Extension: (Managera) - C:\Users\Martina\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42 [2014-08-31]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2013-07-13]
CHR HKLM-x32\...\Chrome\Extension: [aaaaacalgebmfelllfiaoknifldpngjh] - C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7\CRX\ToolbarCR.crx [2014-02-21]
CHR StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe hxxp://www.istartsurf.com/?type=sc&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1021008 2014-08-14] (Avira Operations GmbH & Co. KG)
S4 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2014-02-13] () [File not signed]
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [146592 2011-03-31] (Atheros) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [75936 2011-03-31] (Atheros Commnucations) [File not signed]
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [149296 2014-08-04] (Avira Operations GmbH & Co. KG)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2356408 2014-06-19] (Microsoft Corporation)
R2 CltMngSvc; C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe [2998232 2014-08-31] (Client Connect LTD)
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-08-21] (globalUpdate) [File not signed]
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-08-21] (globalUpdate) [File not signed]
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] ()
R2 SPBIUpd; C:\Program Files\Common Files\ShopperPro\spbiu.exe [2346880 2014-08-07] (ShopperPro)
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [528896 2014-08-21] (Fuyu LIMITED) [File not signed]
R2 YouTubeAcceleratorService; C:\Program Files (x86)\YouTube Accelerator\YouTubeAcceleratorService.exe [1510248 2014-08-21] (GOOBZO)
S2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe -service [X]
S2 Wajam Internet Enhancer Service; C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\WajamInternetEnhancerService.exe [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-07-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-10] (Avira Operations GmbH & Co. KG)
R3 SPBIUpdd; C:\Program Files\Common Files\ShopperPro\spbiw.sys [41856 2014-08-07] ()
R2 SPDRIVER_1.37.0.486; C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.486\jsdrv.sys [52584 2014-08-07] ()
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)
R3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
R3 SPPD; \??\C:\Windows\system32\drivers\SPPD.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-02 11:49 - 2014-09-02 11:49 - 00000000 ____D () C:\FRST
2014-09-02 09:52 - 2014-09-02 10:40 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Nico Mak Computing
2014-09-02 07:09 - 2014-09-02 07:09 - 00000000 _____ () C:\autoexec.bat
2014-09-02 07:08 - 2014-09-02 07:08 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-09-02 07:07 - 2014-09-02 08:45 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-09-01 14:33 - 2014-09-01 14:33 - 00003073 _____ () C:\AdwCleaner[R17].txt
2014-08-31 18:21 - 2014-08-31 18:21 - 00003050 _____ () C:\AdwCleaner[S14].txt
2014-08-31 18:21 - 2014-08-31 18:21 - 00002951 _____ () C:\AdwCleaner[R16].txt
2014-08-30 20:38 - 2014-08-30 20:38 - 00110730 _____ () C:\AdwCleaner[S13].txt
2014-08-30 20:37 - 2014-08-30 20:37 - 00110629 _____ () C:\AdwCleaner[R15].txt
2014-08-30 16:25 - 2014-08-30 19:11 - 00000000 ____D () C:\Users\Martina\.birdfont
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Birdfont
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Program Files (x86)\Birdfont
2014-08-30 16:18 - 2014-08-30 16:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InetStat
2014-08-30 16:16 - 2014-09-01 21:49 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-08-30 16:16 - 2014-08-30 16:17 - 00000000 _____ () C:\END
2014-08-30 16:16 - 2014-08-30 16:16 - 00000000 ____D () C:\Users\Martina\AppData\Local\SearchProtect
2014-08-28 21:00 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-28 21:00 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-28 21:00 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-27 20:00 - 2014-08-27 20:00 - 00003072 _____ () C:\AdwCleaner[S12].txt
2014-08-27 20:00 - 2014-08-27 20:00 - 00003003 _____ () C:\AdwCleaner[R14].txt
2014-08-25 23:05 - 2014-09-02 10:55 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d5b784a456c2a23342a325557.job
2014-08-23 12:40 - 2014-08-23 21:29 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d2d37505a2a6c55326c342341.job
2014-08-22 18:23 - 2014-08-22 18:23 - 00000000 ____D () C:\ProgramData\374311380
2014-08-21 16:15 - 2014-09-01 22:20 - 00000000 ____D () C:\Program Files (x86)\TheGoPhoto.it V10
2014-08-21 16:15 - 2014-08-21 16:15 - 00004492 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-11.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001818 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-1.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001700 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5_user.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001680 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001410 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-2.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00000896 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore1cfbd4a5e77343e.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001826 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-1.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001704 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5_user.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001684 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001414 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-2.job
2014-08-21 16:13 - 2014-09-01 22:20 - 00000000 ____D () C:\Program Files (x86)\TheHDvid-Codec V10
2014-08-21 16:13 - 2014-08-21 16:14 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-08-21 16:13 - 2014-08-21 16:13 - 00004494 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-11.job
2014-08-21 16:13 - 2014-08-21 16:13 - 00000000 ____D () C:\Users\Martina\AppData\Local\globalUpdate
2014-08-21 16:12 - 2014-09-01 22:21 - 00000000 ____D () C:\Program Files (x86)\FLVPlayer
2014-08-21 16:12 - 2014-08-21 16:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FLVPlayer
2014-08-21 16:10 - 2014-08-21 16:10 - 00000260 _____ () C:\Windows\Tasks\Launch 21752.job
2014-08-21 16:10 - 2014-08-21 16:10 - 00000000 ____D () C:\ProgramData\YTAHelper
2014-08-21 16:10 - 2014-08-21 16:10 - 00000000 ____D () C:\ProgramData\ShopperPro
2014-08-21 16:09 - 2014-09-01 22:36 - 00000000 ____D () C:\ProgramData\TEMP
2014-08-21 16:09 - 2014-08-23 10:00 - 00000000 ____D () C:\Program Files (x86)\YouTube Accelerator
2014-08-21 16:09 - 2014-08-21 16:10 - 00000000 ____D () C:\Program Files (x86)\YTAHelper
2014-08-21 16:09 - 2014-08-21 16:10 - 00000000 ____D () C:\Program Files (x86)\ShopperPro
2014-08-21 16:09 - 2014-08-21 16:09 - 00172032 _____ (Jin Hui E-mail: jinhui@jcomsoft.com Web: hxxp://www.jcomsoft.com) C:\Windows\SysWOW64\AniGIF.ocx
2014-08-21 16:09 - 2014-08-21 16:09 - 00001109 _____ () C:\Users\Martina\Desktop\YouTube Accelerator.lnk
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Users\Martina\AppData\Local\CrashRpt
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YouTube Accelerator
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files\Common Files\ShopperPro
2014-08-21 16:08 - 2014-09-02 07:15 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\istartsurf
2014-08-21 16:08 - 2014-08-21 16:08 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\High-Logic FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Local\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\High-Logic FontCreator
2014-08-21 09:48 - 2013-01-24 13:43 - 01415352 _____ (High-Logic B.V.) C:\Windows\SysWOW64\FontInstaller2.dll
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieUserList
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieSiteList
2014-08-20 21:09 - 2014-08-20 21:09 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\DesktopIconGoodgame
2014-08-20 20:31 - 2014-08-20 20:31 - 00000366 _____ () C:\Windows\Tasks\Updater scan.job
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Abelssoft
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\ProgramData\XDMessagingv4
2014-08-20 20:30 - 2014-08-20 20:46 - 00000000 ____D () C:\Users\Martina\AppData\Local\Abelssoft
2014-08-20 20:29 - 2014-08-20 20:29 - 00001013 _____ () C:\Users\Public\Desktop\CHIP Updater.lnk
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CHIP Updater
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\Program Files (x86)\CHIP Updater
2014-08-20 20:28 - 2014-08-20 21:09 - 00000000 ____D () C:\Program Files (x86)\FontForge
2014-08-20 20:28 - 2014-08-20 20:28 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FontForge
2014-08-19 15:23 - 2014-08-19 15:23 - 00001100 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-16 10:48 - 2014-08-31 19:56 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\dvdcss
2014-08-14 14:22 - 2014-08-19 15:23 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-14 07:27 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-14 07:27 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-14 07:27 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-14 07:27 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-14 07:27 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-14 07:27 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-14 07:26 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-14 07:26 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-13 20:44 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-13 20:44 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-08-13 20:44 - 2014-07-09 00:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-08-13 20:44 - 2014-07-09 00:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2014-08-13 20:44 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-13 20:44 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-13 20:44 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-13 20:44 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-13 20:44 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-13 20:44 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-13 20:44 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-13 20:43 - 2014-08-01 01:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-13 20:43 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-13 20:43 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-13 20:43 - 2014-07-25 16:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-13 20:43 - 2014-07-25 16:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-13 20:43 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-13 20:43 - 2014-07-25 15:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-13 20:43 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-13 20:43 - 2014-07-25 15:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-13 20:43 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-13 20:43 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-13 20:43 - 2014-07-25 15:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-13 20:43 - 2014-07-25 15:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-13 20:43 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-13 20:43 - 2014-07-25 15:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-13 20:43 - 2014-07-25 15:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-13 20:43 - 2014-07-25 15:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-13 20:43 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-13 20:43 - 2014-07-25 14:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-13 20:43 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-13 20:43 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-13 20:43 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-13 20:43 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-13 20:43 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-13 20:43 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-13 20:43 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-13 20:43 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-13 20:43 - 2014-07-25 14:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-13 20:43 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-13 20:43 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-13 20:43 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-13 20:43 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-13 20:43 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-13 20:43 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-13 20:43 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-13 20:43 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-13 20:43 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-13 20:43 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-13 20:43 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-13 20:43 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-13 20:43 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-13 20:43 - 2014-07-25 13:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-13 20:43 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-13 20:43 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-13 20:43 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-13 20:43 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-13 20:43 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-13 20:43 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-13 20:43 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-13 20:43 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-13 20:43 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-13 20:43 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-13 20:43 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-13 20:43 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-13 20:43 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-13 20:43 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-13 20:43 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-13 20:43 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-13 20:43 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-13 20:42 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-13 20:42 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-13 20:41 - 2014-08-07 04:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-13 20:41 - 2014-08-07 04:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-07 08:58 - 2014-08-07 08:58 - 00000000 ____D () C:\Users\Martina\restore
2014-08-06 12:12 - 2014-08-11 09:18 - 00000000 ____D () C:\ProgramData\tmp
2014-08-06 12:12 - 2014-08-06 14:31 - 00000000 ____D () C:\ProgramData\hps
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Fotoviewer.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Foto World.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hartlauer Foto World
2014-08-06 12:00 - 2014-08-06 12:00 - 00000000 ____D () C:\Program Files\Hartlauer Foto World
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-02 11:49 - 2014-09-02 11:49 - 00000000 ____D () C:\FRST
2014-09-02 11:45 - 2013-06-14 23:43 - 01698497 _____ () C:\Windows\WindowsUpdate.log
2014-09-02 10:55 - 2014-08-25 23:05 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d5b784a456c2a23342a325557.job
2014-09-02 10:40 - 2014-09-02 09:52 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Nico Mak Computing
2014-09-02 08:45 - 2014-09-02 07:07 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-09-02 07:15 - 2014-08-21 16:08 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\istartsurf
2014-09-02 07:09 - 2014-09-02 07:09 - 00000000 _____ () C:\autoexec.bat
2014-09-02 07:08 - 2014-09-02 07:08 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-09-01 22:44 - 2009-07-14 06:45 - 00015104 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-01 22:44 - 2009-07-14 06:45 - 00015104 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-01 22:36 - 2014-08-21 16:09 - 00000000 ____D () C:\ProgramData\TEMP
2014-09-01 22:35 - 2013-09-18 15:26 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-09-01 22:35 - 2013-06-15 03:18 - 00323572 _____ () C:\Windows\PFRO.log
2014-09-01 22:35 - 2009-07-14 06:51 - 00075045 _____ () C:\Windows\setupact.log
2014-09-01 22:21 - 2014-08-21 16:12 - 00000000 ____D () C:\Program Files (x86)\FLVPlayer
2014-09-01 22:20 - 2014-08-21 16:15 - 00000000 ____D () C:\Program Files (x86)\TheGoPhoto.it V10
2014-09-01 22:20 - 2014-08-21 16:13 - 00000000 ____D () C:\Program Files (x86)\TheHDvid-Codec V10
2014-09-01 21:49 - 2014-08-30 16:16 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-09-01 21:48 - 2013-08-09 13:39 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Skype
2014-09-01 14:33 - 2014-09-01 14:33 - 00003073 _____ () C:\AdwCleaner[R17].txt
2014-09-01 13:10 - 2013-06-16 16:47 - 00000000 ____D () C:\Users\Martina\AppData\Local\Adobe
2014-09-01 11:43 - 2013-11-29 17:31 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-09-01 11:18 - 2009-07-14 19:58 - 00699666 _____ () C:\Windows\system32\perfh007.dat
2014-09-01 11:18 - 2009-07-14 19:58 - 00149774 _____ () C:\Windows\system32\perfc007.dat
2014-09-01 11:18 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-31 20:35 - 2013-06-15 00:30 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\vlc
2014-08-31 19:56 - 2014-08-16 10:48 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\dvdcss
2014-08-31 18:21 - 2014-08-31 18:21 - 00003050 _____ () C:\AdwCleaner[S14].txt
2014-08-31 18:21 - 2014-08-31 18:21 - 00002951 _____ () C:\AdwCleaner[R16].txt
2014-08-30 20:38 - 2014-08-30 20:38 - 00110730 _____ () C:\AdwCleaner[S13].txt
2014-08-30 20:37 - 2014-08-30 20:37 - 00110629 _____ () C:\AdwCleaner[R15].txt
2014-08-30 19:11 - 2014-08-30 16:25 - 00000000 ____D () C:\Users\Martina\.birdfont
2014-08-30 16:25 - 2013-06-14 23:48 - 00000000 ____D () C:\Users\Martina
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Birdfont
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Program Files (x86)\Birdfont
2014-08-30 16:18 - 2014-08-30 16:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InetStat
2014-08-30 16:17 - 2014-08-30 16:16 - 00000000 _____ () C:\END
2014-08-30 16:16 - 2014-08-30 16:16 - 00000000 ____D () C:\Users\Martina\AppData\Local\SearchProtect
2014-08-29 20:13 - 2013-10-27 07:21 - 00000000 ____D () C:\Users\Martina\AppData\Local\CrashDumps
2014-08-29 20:07 - 2009-07-14 06:45 - 05101376 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-27 20:00 - 2014-08-27 20:00 - 00003072 _____ () C:\AdwCleaner[S12].txt
2014-08-27 20:00 - 2014-08-27 20:00 - 00003003 _____ () C:\AdwCleaner[R14].txt
2014-08-23 21:29 - 2014-08-23 12:40 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d2d37505a2a6c55326c342341.job
2014-08-23 10:00 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files (x86)\YouTube Accelerator
2014-08-23 04:07 - 2014-08-28 21:00 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 03:45 - 2014-08-28 21:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-23 02:59 - 2014-08-28 21:00 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-22 18:23 - 2014-08-22 18:23 - 00000000 ____D () C:\ProgramData\374311380
2014-08-21 16:15 - 2014-08-21 16:15 - 00004492 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-11.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001818 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-1.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001700 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5_user.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001680 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001410 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-2.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00000896 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore1cfbd4a5e77343e.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001826 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-1.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001704 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5_user.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001684 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001414 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-2.job
2014-08-21 16:14 - 2014-08-21 16:13 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-08-21 16:13 - 2014-08-21 16:13 - 00004494 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-11.job
2014-08-21 16:13 - 2014-08-21 16:13 - 00000000 ____D () C:\Users\Martina\AppData\Local\globalUpdate
2014-08-21 16:12 - 2014-08-21 16:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FLVPlayer
2014-08-21 16:10 - 2014-08-21 16:10 - 00000260 _____ () C:\Windows\Tasks\Launch 21752.job
2014-08-21 16:10 - 2014-08-21 16:10 - 00000000 ____D () C:\ProgramData\YTAHelper
2014-08-21 16:10 - 2014-08-21 16:10 - 00000000 ____D () C:\ProgramData\ShopperPro
2014-08-21 16:10 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files (x86)\YTAHelper
2014-08-21 16:10 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files (x86)\ShopperPro
2014-08-21 16:09 - 2014-08-21 16:09 - 00172032 _____ (Jin Hui E-mail: jinhui@jcomsoft.com Web: hxxp://www.jcomsoft.com) C:\Windows\SysWOW64\AniGIF.ocx
2014-08-21 16:09 - 2014-08-21 16:09 - 00001109 _____ () C:\Users\Martina\Desktop\YouTube Accelerator.lnk
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Users\Martina\AppData\Local\CrashRpt
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YouTube Accelerator
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files\Common Files\ShopperPro
2014-08-21 16:08 - 2014-08-21 16:08 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-08-21 16:08 - 2013-06-16 16:53 - 00002354 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-21 16:08 - 2013-06-15 00:32 - 00001358 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-08-21 16:08 - 2013-06-14 23:49 - 00001649 _____ () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\High-Logic FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Local\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\High-Logic FontCreator
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieUserList
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieSiteList
2014-08-20 21:09 - 2014-08-20 21:09 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\DesktopIconGoodgame
2014-08-20 21:09 - 2014-08-20 20:28 - 00000000 ____D () C:\Program Files (x86)\FontForge
2014-08-20 20:46 - 2014-08-20 20:30 - 00000000 ____D () C:\Users\Martina\AppData\Local\Abelssoft
2014-08-20 20:31 - 2014-08-20 20:31 - 00000366 _____ () C:\Windows\Tasks\Updater scan.job
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Abelssoft
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\ProgramData\XDMessagingv4
2014-08-20 20:30 - 2013-06-15 00:32 - 00113576 _____ () C:\Users\Martina\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-20 20:29 - 2014-08-20 20:29 - 00001013 _____ () C:\Users\Public\Desktop\CHIP Updater.lnk
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CHIP Updater
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\Program Files (x86)\CHIP Updater
2014-08-20 20:28 - 2014-08-20 20:28 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FontForge
2014-08-19 15:23 - 2014-08-19 15:23 - 00001100 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-19 15:23 - 2014-08-14 14:22 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-19 15:23 - 2013-08-18 13:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-08-19 15:22 - 2013-08-18 13:04 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-08-14 14:22 - 2013-08-18 13:04 - 00000000 ____D () C:\ProgramData\Avira
2014-08-14 08:08 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-14 07:52 - 2013-06-16 18:01 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-14 07:42 - 2013-08-14 20:07 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-14 07:36 - 2013-06-15 01:38 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-14 07:25 - 2014-05-07 03:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-11 09:18 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\tmp
2014-08-07 08:58 - 2014-08-07 08:58 - 00000000 ____D () C:\Users\Martina\restore
2014-08-07 04:06 - 2014-08-13 20:41 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-07 04:01 - 2014-08-13 20:41 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-06 14:31 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\hps
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Fotoviewer.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Foto World.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hartlauer Foto World
2014-08-06 12:00 - 2014-08-06 12:00 - 00000000 ____D () C:\Program Files\Hartlauer Foto World
2014-08-03 11:04 - 2013-06-16 18:02 - 00000000 ____D () C:\Users\Martina\AppData\Local\Microsoft Help
Some content of TEMP:
====================
C:\Users\Martina\AppData\Local\Temp\avgnt.exe
C:\Users\Martina\AppData\Local\Temp\SHSetup.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2013-08-29 06:40
==================== End Of Log ============================
|
|
02.09.2014, 13:24
| #4 |
| | iStartSurf deinstallieren [CODE]Additional scan result of Farbar Recovery Scan Tool (x64) Version: 31-08-2014 02 Ran by Martina at 2014-09-02 11:50:24 Running from D:\Martina\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859} AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.8.0.1430 - Adobe Systems Incorporated) Adobe AIR (x32 Version: 3.8.0.1430 - Adobe Systems Incorporated) Hidden Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.2.1.260 - Adobe Systems Incorporated) Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.8.800.94 - Adobe Systems Incorporated) Adobe Reader XI (11.0.08) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-A Nico Mak Computing WinZip Malware Protector Datum der Überprüfung Dienstag, 02. September 2014 Datenbankversion 1935 Gefundene Elemente insgesamt 253 Überprüfte Objekte: 262528 Abgelaufene Zeit: 00:05:54 Name Gefundene Elemente Name der Infektion pup.globalupdate Kategorie Potentially Unwanted Application Bedrohungsstufe High Durchgeführte Aktion NoActionTaken Elemente gefunden 111 Gefundener Bereich Memory Details Dateiname c:\program files (x86)\globalupdate\update\1.3.25.0\goopdate.dll MD5 0 Signatur 10348850114702906377 Md5hash: 148c0d2b53a597f9caa045ea9589ce97 Gefundener Bereich FileSystem Details Dateiname c:\program files (x86)\globalupdate\update\1.3.25.0\googleupdatehelper.msi MD5 0 Signatur 0 Md5hash: fc7a2f466f7a0f3e873077505719c1a1 Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\classes\clsid\{5645e0e7-fc12-43bf-a6e4-f9751942b298} Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\classes\clsid\{5645e0e7-fc12-43bf-a6e4-f9751942b298}\inprocserver32 Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\classes\clsid\{5645e0e7-fc12-43bf-a6e4-f9751942b298}\inprocserver32 threadingmodel Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\classes\clsid\{5645e0e7-fc12-43bf-a6e4-f9751942b298}\progid Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\classes\clsid\{c7bf8f4b-7bc7-4f42-b944-3d28a3a86d8a} Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\classes\clsid\{c7bf8f4b-7bc7-4f42-b944-3d28a3a86d8a}\inprocserver32 Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\classes\clsid\{c7bf8f4b-7bc7-4f42-b944-3d28a3a86d8a}\inprocserver32 threadingmodel Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\classes\clsid\{c7bf8f4b-7bc7-4f42-b944-3d28a3a86d8a}\progid Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\classes\clsid\{cfc47bb5-5fb5-4ad0-8427-6aa04334a3fc} Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\classes\clsid\{cfc47bb5-5fb5-4ad0-8427-6aa04334a3fc}\inprocserver32 Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\classes\clsid\{cfc47bb5-5fb5-4ad0-8427-6aa04334a3fc}\inprocserver32 threadingmodel Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\classes\clsid\{e0adb535-d7b5-4d8b-b15d-578bdd20d76a} Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\classes\clsid\{e0adb535-d7b5-4d8b-b15d-578bdd20d76a}\inprocserver32 Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\classes\clsid\{e0adb535-d7b5-4d8b-b15d-578bdd20d76a}\inprocserver32 threadingmodel Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\classes\globalupdate.oneclickctrl.10 Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\classes\globalupdate.oneclickctrl.10\clsid Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\classes\globalupdate.update3webcontrol.4 Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\classes\globalupdate.update3webcontrol.4\clsid Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\globalupdate\update Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\globalupdate\update path Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\globalupdate\update version Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\globalupdate\update globalupdate_task_name_c Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\globalupdate\update lastchecked Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\globalupdate\update\clients Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\globalupdate\update\clients\{00ba8a8f-c20a-4328-8e58-8463b52ba450} Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\globalupdate\update\clients\{00ba8a8f-c20a-4328-8e58-8463b52ba450} pv Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\globalupdate\update\clients\{00ba8a8f-c20a-4328-8e58-8463b52ba450} name Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\globalupdate\update\clients\{00ba8a8f-c20a-4328-8e58-8463b52ba450} bic Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\globalupdate\update\clients\{00ba8a8f-c20a-4328-8e58-8463b52ba450} verifier Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\globalupdate\update\clients\{00ba8a8f-c20a-4328-8e58-8463b52ba450} srcid_var Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\globalupdate\update\clients\{08174260-1228-485d-9b4e-df23fe546e03} Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\globalupdate\update\clients\{08174260-1228-485d-9b4e-df23fe546e03} pv Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\globalupdate\update\clients\{08174260-1228-485d-9b4e-df23fe546e03} name Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\globalupdate\update\clients\{08174260-1228-485d-9b4e-df23fe546e03} bic Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\globalupdate\update\clients\{08174260-1228-485d-9b4e-df23fe546e03} verifier Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\globalupdate\update\clients\{08174260-1228-485d-9b4e-df23fe546e03} srcid_var Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\globalupdate\update\clients\{430fd4d0-b729-4f61-aa34-91526481799d} Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\globalupdate\update\clients\{430fd4d0-b729-4f61-aa34-91526481799d} pv Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\globalupdate\update\clients\{430fd4d0-b729-4f61-aa34-91526481799d} name Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\globalupdate\update\clientstate Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\globalupdate\update\clientstate\{00ba8a8f-c20a-4328-8e58-8463b52ba450} Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\globalupdate\update\clientstate\{00ba8a8f-c20a-4328-8e58-8463b52ba450} pv Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\globalupdate\update\clientstate\{00ba8a8f-c20a-4328-8e58-8463b52ba450} rollcalldaystartsec Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\globalupdate\update\clientstate\{00ba8a8f-c20a-4328-8e58-8463b52ba450} lastchecksuccess Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\globalupdate\update\clientstate\{08174260-1228-485d-9b4e-df23fe546e03} Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\globalupdate\update\clientstate\{08174260-1228-485d-9b4e-df23fe546e03} pv Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\globalupdate\update\clientstate\{08174260-1228-485d-9b4e-df23fe546e03} rollcalldaystartsec Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\globalupdate\update\clientstate\{08174260-1228-485d-9b4e-df23fe546e03} lastchecksuccess Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\globalupdate\update\clientstate\{430fd4d0-b729-4f61-aa34-91526481799d} Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\globalupdate\update\clientstate\{430fd4d0-b729-4f61-aa34-91526481799d} pv Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\globalupdate\update\clientstate\{430fd4d0-b729-4f61-aa34-91526481799d} brand Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\globalupdate\update\clientstate\{430fd4d0-b729-4f61-aa34-91526481799d} installtime Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\globalupdate\update\clientstate\{430fd4d0-b729-4f61-aa34-91526481799d} rollcalldaystartsec Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\globalupdate\update\clientstate\{430fd4d0-b729-4f61-aa34-91526481799d} lastchecksuccess Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\globalupdate\update\clientstatemedium Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\globalupdate\update\clientstatemedium\{00ba8a8f-c20a-4328-8e58-8463b52ba450} Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\globalupdate\update\clientstatemedium\{08174260-1228-485d-9b4e-df23fe546e03} Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\globalupdate\update\network Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\globalupdate\update\network\secure Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\microsoft\internet explorer\low rights\elevationpolicy\{5645e0e7-fc12-43bf-a6e4-f9751942b298} Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\microsoft\internet explorer\low rights\elevationpolicy\{5645e0e7-fc12-43bf-a6e4-f9751942b298} appname Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\microsoft\internet explorer\low rights\elevationpolicy\{5645e0e7-fc12-43bf-a6e4-f9751942b298} apppath Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\microsoft\internet explorer\low rights\elevationpolicy\{5645e0e7-fc12-43bf-a6e4-f9751942b298} policy Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\microsoft\internet explorer\low rights\elevationpolicy\{c7bf8f4b-7bc7-4f42-b944-3d28a3a86d8a} Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\microsoft\internet explorer\low rights\elevationpolicy\{c7bf8f4b-7bc7-4f42-b944-3d28a3a86d8a} appname Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\microsoft\internet explorer\low rights\elevationpolicy\{c7bf8f4b-7bc7-4f42-b944-3d28a3a86d8a} apppath Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\microsoft\internet explorer\low rights\elevationpolicy\{c7bf8f4b-7bc7-4f42-b944-3d28a3a86d8a} policy Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\microsoft\windows nt\currentversion\image file execution options\googleupdate.exe Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\microsoft\windows nt\currentversion\image file execution options\googleupdate.exe disableexceptionchainvalidation Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\microsoft\windows\currentversion\ext\preapproved\{5645e0e7-fc12-43bf-a6e4-f9751942b298} Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\microsoft\windows\currentversion\ext\preapproved\{c7bf8f4b-7bc7-4f42-b944-3d28a3a86d8a} Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\mozillaplugins\@staging.google.com/globalupdate update;version=10 Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\mozillaplugins\@staging.google.com/globalupdate update;version=10 path Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\mozillaplugins\@staging.google.com/globalupdate update;version=10 description Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\mozillaplugins\@staging.google.com/globalupdate update;version=10 productname Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\mozillaplugins\@staging.google.com/globalupdate update;version=10 vendor Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\mozillaplugins\@staging.google.com/globalupdate update;version=10 version Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\mozillaplugins\@staging.google.com/globalupdate update;version=10\mimetypes Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\mozillaplugins\@staging.google.com/globalupdate update;version=10\mimetypes\application/x-vnd.google.oneclickctrl.10 Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\mozillaplugins\@staging.google.com/globalupdate update;version=4 Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\mozillaplugins\@staging.google.com/globalupdate update;version=4 path Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\mozillaplugins\@staging.google.com/globalupdate update;version=4 description Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\mozillaplugins\@staging.google.com/globalupdate update;version=4 productname Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\mozillaplugins\@staging.google.com/globalupdate update;version=4 vendor Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\mozillaplugins\@staging.google.com/globalupdate update;version=4 version Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\mozillaplugins\@staging.google.com/globalupdate update;version=4\mimetypes Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\mozillaplugins\@staging.google.com/globalupdate update;version=4\mimetypes\application/x-vnd.google.update3webcontrol.4 Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine system\currentcontrolset\services\globalupdate Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine system\currentcontrolset\services\globalupdate type Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine system\currentcontrolset\services\globalupdate start Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine system\currentcontrolset\services\globalupdate errorcontrol Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine system\currentcontrolset\services\globalupdate imagepath Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine system\currentcontrolset\services\globalupdate displayname Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine system\currentcontrolset\services\globalupdate dependonservice Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine system\currentcontrolset\services\globalupdate wow64 Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine system\currentcontrolset\services\globalupdate objectname Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine system\currentcontrolset\services\globalupdate description Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine system\currentcontrolset\services\globalupdate delayedautostart Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine system\currentcontrolset\services\globalupdatem Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine system\currentcontrolset\services\globalupdatem type Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine system\currentcontrolset\services\globalupdatem start Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine system\currentcontrolset\services\globalupdatem errorcontrol Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine system\currentcontrolset\services\globalupdatem imagepath Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine system\currentcontrolset\services\globalupdatem displayname Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine system\currentcontrolset\services\globalupdatem dependonservice Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine system\currentcontrolset\services\globalupdatem wow64 Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine system\currentcontrolset\services\globalupdatem objectname Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine system\currentcontrolset\services\globalupdatem description Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine system\currentcontrolset\services\globalupdatem delayedautostart Name der Infektion pup.optional Kategorie Potentially Unwanted Application Bedrohungsstufe High Durchgeführte Aktion NoActionTaken Elemente gefunden 61 Gefundener Bereich FileSystem Details Dateiname c:\program files (x86)\searchprotect\main\bin\cltmngsvc.exe MD5 0 Signatur 4008520455206799453 Md5hash: d44da098e45085a2acaca6a92d575b8a Gefundener Bereich FileSystem Details Dateiname c:\program files (x86)\searchprotect\main\bin\sptool.dll MD5 0 Signatur 5502870926556351585 Md5hash: 147fd0b3c9bc7a66f0c8a399ca61cc0b Gefundener Bereich FileSystem Details Dateiname c:\program files (x86)\searchprotect\main\bin\uninstall.exe MD5 945616464127594250 Signatur 0 Md5hash: 45e9457a13020227b516933f4e13e75b Gefundener Bereich FileSystem Details Dateiname c:\program files (x86)\searchprotect\ui\bin\cltmngui.exe MD5 0 Signatur 5043636912816771717 Md5hash: b45855f3cfebca58389b19144e6d44d5 Gefundener Bereich FileSystem Details Dateiname c:\program files (x86)\searchprotect\searchprotect\bin\cltmng.exe MD5 0 Signatur 13392094193946676137 Md5hash: 01041912765aac215ebf10746c304016 Gefundener Bereich FileSystem Details Dateiname c:\program files (x86)\searchprotect\searchprotect\bin\sptool64.exe MD5 0 Signatur 5742242505403073202 Md5hash: c885990e0c5489ddd11b098c54d349b8 Gefundener Bereich FileSystem Details Dateiname c:\program files (x86)\searchprotect\searchprotect\bin\spvc32.dll MD5 0 Signatur 10559975309048136720 Md5hash: 598a964a8c1347722c2fd0c6b7f1c154 Gefundener Bereich FileSystem Details Dateiname c:\program files (x86)\searchprotect\searchprotect\bin\spvc32loader.dll MD5 0 Signatur 8283225535962601202 Md5hash: 9a41cf0d3927889ae686a1d105d14433 Gefundener Bereich FileSystem Details Dateiname c:\program files (x86)\searchprotect\searchprotect\bin\spvc64.dll MD5 0 Signatur 14477932829830964117 Md5hash: c826f27ee06f04ab30561269f3fd90d8 Gefundener Bereich FileSystem Details Dateiname c:\program files (x86)\searchprotect\searchprotect\bin\spvc64loader.dll MD5 0 Signatur 3967124370264990919 Md5hash: e85b2a2c30e46d7b0f7e92b9a9255d77 Gefundener Bereich FileSystem Details Dateiname c:\users\martina\appdata\local\searchprotect\searchprotect\rep\userrepository.dat MD5 0 Signatur 0 Md5hash: 7f41fc2517fc97e49b009851eb0f9fc6 Gefundener Bereich FileSystem Details Dateiname c:\users\martina\appdata\local\searchprotect\searchprotect\rep\usersettings.dat MD5 0 Signatur 0 Md5hash: 4d2aadbeb627ccb55d39752c919b7cae Gefundener Bereich FileSystem Details Dateiname c:\users\martina\appdata\local\searchprotect\ui\rep\uirepository.dat MD5 0 Signatur 0 Md5hash: f749579958724120bb26add6c52a06ac Gefundener Bereich Memory Details Dateiname c:\program files (x86)\youtube accelerator\ipc.dll MD5 0 Signatur 2222954328128739501 Md5hash: e3ca787c4ef41e3d3c212899dd361daf Gefundener Bereich Memory Details Dateiname c:\program files (x86)\youtube accelerator\xmldb.dll MD5 0 Signatur 6164794545056868536 Md5hash: e09fa1c699e985e4cf8cfc6457dba9f1 Gefundener Bereich Memory Details Dateiname c:\program files (x86)\youtube accelerator\helper.dll MD5 0 Signatur 9103839266922713970 Md5hash: 3f60c99839e22b593223eb083e1ae454 Gefundener Bereich Memory Details Dateiname c:\program files (x86)\globalupdate\update\googleupdate.exe MD5 0 Signatur 12264191390500570615 Md5hash: d858ba2ee718b1db1ced20646e641d08 Gefundener Bereich FileSystem Details Dateiname c:\program files (x86)\globalupdate\update\1.3.25.0\googlecrashhandler.exe MD5 0 Signatur 12264191390500570615 Md5hash: 03114dadbd9977fc823f95b21fb987e7 Gefundener Bereich FileSystem Details Dateiname c:\program files (x86)\globalupdate\update\1.3.25.0\googleupdate.exe MD5 0 Signatur 12264191390500570615 Md5hash: d858ba2ee718b1db1ced20646e641d08 Gefundener Bereich FileSystem Details Dateiname c:\program files (x86)\youtube accelerator\cabex.dll MD5 0 Signatur 16962820214776606692 Md5hash: 3f4049d8bf040812a96680c5a6b377fd Gefundener Bereich FileSystem Details Dateiname c:\program files (x86)\youtube accelerator\ytalsp.dll MD5 0 Signatur 2574574794302051618 Md5hash: 6289966fd5c7d68cc37d526f6a40cdfa Gefundener Bereich FileSystem Details Dateiname c:\program files (x86)\globalupdate\update\1.3.25.0\googleupdatebroker.exe MD5 0 Signatur 11382960367386889684 Md5hash: f98de4108614e4bb81e95e58e36c7000 Gefundener Bereich FileSystem Details Dateiname c:\program files (x86)\globalupdate\update\1.3.25.0\googleupdateondemand.exe MD5 0 Signatur 11382960367386889684 Md5hash: 7e767b342e55eb1dfd74a65d24ea4b70 Gefundener Bereich FileSystem Details Dateiname c:\program files (x86)\globalupdate\update\1.3.25.0\goopdateres_en.dll MD5 0 Signatur 6050752766450381628 Md5hash: 4249db2978306091a48702bb6f9a42c2 Gefundener Bereich FileSystem Details Dateiname c:\program files (x86)\globalupdate\update\1.3.25.0\npgoogleupdate4.dll MD5 0 Signatur 9274589362263618590 Md5hash: 624d999248a19d5dad757606a4457857 Gefundener Bereich FileSystem Details Dateiname c:\program files (x86)\globalupdate\update\1.3.25.0\psmachine.dll MD5 0 Signatur 14069428750905708878 Md5hash: fefef2f226fd6be184bc4a3378b02aaf Gefundener Bereich FileSystem Details Dateiname c:\program files (x86)\globalupdate\update\1.3.25.0\psuser.dll MD5 0 Signatur 14069428750905708878 Md5hash: 8d90bb3a36521b50d0e512a781e36871 Gefundener Bereich FileSystem Details Dateiname c:\users\martina\appdata\roaming\istartsurf\uninstallmanager.exe MD5 0 Signatur 11577995310399389985 Md5hash: 1608d54dc69ea7e763cdab78f71cafd6 Gefundener Bereich Registry Details Registrierungsschlüssel hkey_classes_root clsid\{4aa46d49-459f-4358-b4d1-169048547c23} Gefundener Bereich Registry Details Registrierungsschlüssel hkey_classes_root clsid\{4aa46d49-459f-4358-b4d1-169048547c23} id Gefundener Bereich Registry Details Registrierungsschlüssel hkey_current_user software\microsoft\internet explorer\searchscopes\{014db5fa-eafb-4592-a95b-f44d3ee87fa9} Gefundener Bereich Registry Details Registrierungsschlüssel hkey_current_user software\microsoft\internet explorer\searchscopes\{014db5fa-eafb-4592-a95b-f44d3ee87fa9} url Gefundener Bereich Registry Details Registrierungsschlüssel hkey_current_user software\microsoft\internet explorer\searchscopes\{014db5fa-eafb-4592-a95b-f44d3ee87fa9} suggestionsurl_json Gefundener Bereich Registry Details Registrierungsschlüssel hkey_current_user software\microsoft\internet explorer\searchscopes\{014db5fa-eafb-4592-a95b-f44d3ee87fa9} displayname Gefundener Bereich Registry Details Registrierungsschlüssel hkey_current_user software\microsoft\internet explorer\searchscopes\{014db5fa-eafb-4592-a95b-f44d3ee87fa9} showsearchsuggestions Gefundener Bereich Registry Details Registrierungsschlüssel hkey_current_user software\microsoft\internet explorer\searchscopes\{014db5fa-eafb-4592-a95b-f44d3ee87fa9} deleted Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\{6791a2f3-fc80-475c-a002-c014af797e9c} Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\{6791a2f3-fc80-475c-a002-c014af797e9c} n Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\classes\clsid\{1aa60054-57d9-4f99-9a55-d0fbfbe7ecd3} Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\classes\clsid\{4aa46d49-459f-4358-b4d1-169048547c23} Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\classes\clsid\{4aa46d49-459f-4358-b4d1-169048547c23} id Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\microsoft\windows\currentversion\uninstall\searchprotect Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\microsoft\windows\currentversion\uninstall\searchprotect displayname Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\microsoft\windows\currentversion\uninstall\searchprotect displayicon Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\microsoft\windows\currentversion\uninstall\searchprotect displayversion Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\microsoft\windows\currentversion\uninstall\searchprotect publisher Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\microsoft\windows\currentversion\uninstall\searchprotect uninstallstring Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\searchprotect Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\searchprotect spid Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\searchprotect environment Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\searchprotect ts Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine system\currentcontrolset\services\cltmngsvc Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine system\currentcontrolset\services\cltmngsvc type Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine system\currentcontrolset\services\cltmngsvc start Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine system\currentcontrolset\services\cltmngsvc errorcontrol Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine system\currentcontrolset\services\cltmngsvc imagepath Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine system\currentcontrolset\services\cltmngsvc displayname Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine system\currentcontrolset\services\cltmngsvc wow64 Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine system\currentcontrolset\services\cltmngsvc objectname Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine system\currentcontrolset\services\cltmngsvc dependonservice Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine system\currentcontrolset\services\cltmngsvc description Name der Infektion pup.superfish Kategorie Potentially Unwanted Application Bedrohungsstufe High Durchgeführte Aktion NoActionTaken Elemente gefunden 5 Gefundener Bereich FileSystem Details Dateiname c:\users\martina\appdata\local\google\chrome\user data\default\local storage\http_www.superfish.com_0.localstorage MD5 0 Signatur 0 Md5hash: 5f24451ac3523b39f40c7cd87c4f0dbb Gefundener Bereich FileSystem Details Dateiname c:\users\martina\appdata\local\google\chrome\user data\default\local storage\http_www.superfish.com_0.localstorage-journal MD5 0 Signatur 0 Md5hash: 4f11aa3c6f98f8edf8f438b61f69d60e Gefundener Bereich Registry Details Registrierungsschlüssel hkey_current_user software\microsoft\internet explorer\domstorage\superfish.com Gefundener Bereich Registry Details Registrierungsschlüssel hkey_current_user software\microsoft\internet explorer\domstorage\superfish.com numberofsubdomains Gefundener Bereich Registry Details Registrierungsschlüssel hkey_current_user software\microsoft\internet explorer\domstorage\superfish.com total Name der Infektion pup.montieratoolbar Kategorie Potentially Unwanted Application Bedrohungsstufe High Durchgeführte Aktion NoActionTaken Elemente gefunden 2 Gefundener Bereich FileSystem Details Dateiname c:\users\martina\appdata\local\google\chrome\user data\default\local storage\http_www.trovi.com_0.localstorage MD5 0 Signatur 0 Md5hash: f353360d74d4532256cff2bc1d810699 Gefundener Bereich FileSystem Details Dateiname c:\users\martina\appdata\local\google\chrome\user data\default\local storage\http_www.trovi.com_0.localstorage-journal MD5 0 Signatur 0 Md5hash: bf619eac0cdf3f68d496ea9344137e8b Name der Infektion pup.searchprotect Kategorie Potentially Unwanted Application Bedrohungsstufe High Durchgeführte Aktion NoActionTaken Elemente gefunden 13 Gefundener Bereich FileSystem Details Dateiname c:\users\martina\appdata\local\searchprotect\searchprotect\rep\cvc.dat MD5 0 Signatur 0 Md5hash: d01872cbb21925c587ff2d2d0d75b756 Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\searchprotect installdir Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine system\currentcontrolset\services\sppd Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine system\currentcontrolset\services\sppd type Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine system\currentcontrolset\services\sppd start Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine system\currentcontrolset\services\sppd errorcontrol Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine system\currentcontrolset\services\sppd imagepath Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine system\currentcontrolset\services\sppd displayname Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine system\currentcontrolset\services\sppd wow64 Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine system\currentcontrolset\services\sppd\enum Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine system\currentcontrolset\services\sppd\enum 0 Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine system\currentcontrolset\services\sppd\enum count Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine system\currentcontrolset\services\sppd\enum nextinstance Name der Infektion pup.installcore Kategorie Potentially Unwanted Application Bedrohungsstufe High Durchgeführte Aktion NoActionTaken Elemente gefunden 22 Gefundener Bereich Registry Details Registrierungsschlüssel hkey_current_user software\installcore\1i1t1q1s Gefundener Bereich Registry Details Registrierungsschlüssel hkey_current_user software\installcore\1i1t1q1s name Gefundener Bereich Registry Details Registrierungsschlüssel hkey_current_user software\installcore\1i1t1q1s reg Gefundener Bereich Registry Details Registrierungsschlüssel hkey_current_user software\installcore Gefundener Bereich Registry Details Registrierungsschlüssel hkey_current_user software\installcore t Gefundener Bereich Registry Details Registrierungsschlüssel hkey_current_user software\installcore tb Gefundener Bereich Registry Details Registrierungsschlüssel hkey_current_user software\installcore hp Gefundener Bereich Registry Details Registrierungsschlüssel hkey_current_user software\installcore ds Gefundener Bereich Registry Details Registrierungsschlüssel hkey_current_user software\installcore\mysearchdial Gefundener Bereich Registry Details Registrierungsschlüssel hkey_current_user software\installcore\mysearchdial insdate Gefundener Bereich Registry Details Registrierungsschlüssel hkey_current_user software\installcore\mysearchdial instlref Gefundener Bereich Registry Details Registrierungsschlüssel hkey_current_user software\installcore\mysearchdial aflt Gefundener Bereich Registry Details Registrierungsschlüssel hkey_current_user software\installcore\mysearchdial c_ver Gefundener Bereich Registry Details Registrierungsschlüssel hkey_current_user software\installcore\uninstall Gefundener Bereich Registry Details Registrierungsschlüssel hkey_current_user software\installcore\uninstall\0f1l1g1q0r1l1n1m2z Gefundener Bereich Registry Details Registrierungsschlüssel hkey_current_user software\installcore\uninstall\0f1l1g1q0r1l1n1m2z uninstall Gefundener Bereich Registry Details Registrierungsschlüssel hkey_current_user software\installcore\uninstall\0m2u0s1p1t1c1r1m0d1l1t1i Gefundener Bereich Registry Details Registrierungsschlüssel hkey_current_user software\installcore\uninstall\0m2u0s1p1t1c1r1m0d1l1t1i uninstall Gefundener Bereich Registry Details Registrierungsschlüssel hkey_current_user software\installcore\uninstall\0m2u0s1p1t1c1r1m0d1l1t1i sch_desc Gefundener Bereich Registry Details Registrierungsschlüssel hkey_current_user software\installcore\uninstall\0m2u0s1p1t1c1r1m0d1l1t1i sch_link Gefundener Bereich Registry Details Registrierungsschlüssel hkey_current_user software\installcore\uninstall\0m2u0s1p1t1c1r1m0d1l1t1i add_desc Gefundener Bereich Registry Details Registrierungsschlüssel hkey_current_user software\installcore\uninstall\0m2u0s1p1t1c1r1m0d1l1t1i add_link Name der Infektion pup.1clickdownload Kategorie Potentially Unwanted Application Bedrohungsstufe High Durchgeführte Aktion NoActionTaken Elemente gefunden 5 Gefundener Bereich Registry Details Registrierungsschlüssel hkey_current_user software\1clickdownload Gefundener Bereich Registry Details Registrierungsschlüssel hkey_current_user software\1clickdownload uid Gefundener Bereich Registry Details Registrierungsschlüssel hkey_current_user software\1clickdownload lastinstall0 Gefundener Bereich Registry Details Registrierungsschlüssel hkey_current_user software\1clickdownload lastinstall3 Gefundener Bereich Registry Details Registrierungsschlüssel hkey_current_user software\1clickdownload lastinstall2 Name der Infektion pup.babylon Kategorie Potentially Unwanted Application Bedrohungsstufe High Durchgeführte Aktion NoActionTaken Elemente gefunden 17 Gefundener Bereich Registry Details Registrierungsschlüssel hkey_current_user software\babsolution\updater Gefundener Bereich Registry Details Registrierungsschlüssel hkey_current_user software\babsolution\updater cr_ver Gefundener Bereich Registry Details Registrierungsschlüssel hkey_current_user software\babsolution\updater task_st Gefundener Bereich Registry Details Registrierungsschlüssel hkey_current_user software\babsolution\updater lastdyreportsch Gefundener Bereich Registry Details Registrierungsschlüssel hkey_current_user software\babsolution\updater rep Gefundener Bereich Registry Details Registrierungsschlüssel hkey_current_user software\babsolution\updater rstsp Gefundener Bereich Registry Details Registrierungsschlüssel hkey_current_user software\babsolution\updater risp Gefundener Bereich Registry Details Registrierungsschlüssel hkey_current_user software\babsolution\updater userid Gefundener Bereich Registry Details Registrierungsschlüssel hkey_current_user software\babsolution\updater lastdllupdatecheck Gefundener Bereich Registry Details Registrierungsschlüssel hkey_current_user software\babsolution\updater\busolutrunningupdt Gefundener Bereich Registry Details Registrierungsschlüssel hkey_current_user software\babsolution\updater\busolutrunningupdt ff21v.exe Gefundener Bereich Registry Details Registrierungsschlüssel hkey_current_user software\babsolution\updater\busolutrunningupdt crxupdater_d.exe Gefundener Bereich Registry Details Registrierungsschlüssel hkey_current_user software\babsolution\updater\report Gefundener Bereich Registry Details Registrierungsschlüssel hkey_current_user software\babsolution\updater\report gglsp Gefundener Bereich Registry Details Registrierungsschlüssel hkey_current_user software\babsolution\updater\report sqlt Gefundener Bereich Registry Details Registrierungsschlüssel hkey_current_user software\babsolution\updater\updates Gefundener Bereich Registry Details Registrierungsschlüssel hkey_current_user software\babsolution\updater\updates crxenb Name der Infektion pup.delta Kategorie Potentially Unwanted Application Bedrohungsstufe High Durchgeführte Aktion NoActionTaken Elemente gefunden 1 Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\classes\appid\{c26644c4-2a12-4ca6-8f2e-0ede6cf018f3} Name der Infektion pup.optional-snk Kategorie Potentially Unwanted Application Bedrohungsstufe High Durchgeführte Aktion NoActionTaken Elemente gefunden 2 Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\{3a7d3e19-1b79-4e4e-bd96-5467da2c4ef0} Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\{3a7d3e19-1b79-4e4e-bd96-5467da2c4ef0} n Name der Infektion pup.shopperpro Kategorie Potentially Unwanted Application Bedrohungsstufe High Durchgeführte Aktion NoActionTaken Elemente gefunden 13 Gefundener Bereich Registry Details Registrierungsschlüssel hkey_current_user software\microsoft\windows\currentversion\ext\settings\{a5a51d2a-505a-4d84-afc6-e0fa87e47b8c} Gefundener Bereich Registry Details Registrierungsschlüssel hkey_current_user software\microsoft\windows\currentversion\ext\settings\{a5a51d2a-505a-4d84-afc6-e0fa87e47b8c} flags Gefundener Bereich Registry Details Registrierungsschlüssel hkey_current_user software\microsoft\windows\currentversion\ext\stats\{a5a51d2a-505a-4d84-afc6-e0fa87e47b8c} Gefundener Bereich Registry Details Registrierungsschlüssel hkey_current_user software\microsoft\windows\currentversion\ext\stats\{a5a51d2a-505a-4d84-afc6-e0fa87e47b8c}\iexplore Gefundener Bereich Registry Details Registrierungsschlüssel hkey_current_user software\microsoft\windows\currentversion\ext\stats\{a5a51d2a-505a-4d84-afc6-e0fa87e47b8c}\iexplore type Gefundener Bereich Registry Details Registrierungsschlüssel hkey_current_user software\microsoft\windows\currentversion\ext\stats\{a5a51d2a-505a-4d84-afc6-e0fa87e47b8c}\iexplore flags Gefundener Bereich Registry Details Registrierungsschlüssel hkey_current_user software\microsoft\windows\currentversion\ext\stats\{a5a51d2a-505a-4d84-afc6-e0fa87e47b8c}\iexplore count Gefundener Bereich Registry Details Registrierungsschlüssel hkey_current_user software\microsoft\windows\currentversion\ext\stats\{a5a51d2a-505a-4d84-afc6-e0fa87e47b8c}\iexplore time Gefundener Bereich Registry Details Registrierungsschlüssel hkey_current_user software\microsoft\windows\currentversion\ext\stats\{a5a51d2a-505a-4d84-afc6-e0fa87e47b8c}\iexplore loadtimearray Gefundener Bereich Registry Details Registrierungsschlüssel hkey_current_user software\microsoft\windows\currentversion\ext\stats\{a5a51d2a-505a-4d84-afc6-e0fa87e47b8c}\iexplore navtimearray Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\microsoft\windows\currentversion\explorer\browser helper objects\{a5a51d2a-505a-4d84-afc6-e0fa87e47b8c} Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\microsoft\windows\currentversion\explorer\browser helper objects\{a5a51d2a-505a-4d84-afc6-e0fa87e47b8c} noexplorer Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\microsoft\windows\currentversion\ext\preapproved\{a5a51d2a-505a-4d84-afc6-e0fa87e47b8c} Name der Infektion Restricted Settings Kategorie Security Disabler Bedrohungsstufe Medium Durchgeführte Aktion NoActionTaken Elemente gefunden 1 Gefundener Bereich WindowsSettings Details Registrierungsschlüssel hkey_local_machine software\clients\startmenuinternet\iexplore.exe\shell\open\command © 2013 WinZip International LLC. All rights reserved. B0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated) Adobe® Content Viewer (HKLM-x32\...\com.adobe.dmp.contentviewer) (Version: 3.3.0 - Adobe Systems Incorporated) Adobe® Content Viewer (x32 Version: 3.3.0 - Adobe Systems Incorporated) Hidden Apple Application Support (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{2F72F540-1F60-4266-9506-952B21D6640D}) (Version: 6.1.0.13 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Atheros WiFi Driver Installation (HKLM-x32\...\{7D916FA5-DAE9-4A25-B089-655C70EAF607}) (Version: 3.0 - Atheros) Avira (HKLM-x32\...\{e67154a7-9cc5-4167-b782-f3982bc6c70d}) (Version: 1.1.19.30000 - Avira Operations GmbH & Co. KG) Avira (x32 Version: 1.1.19.30000 - Avira Operations GmbH & Co. KG) Hidden Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.6.570 - Avira) Avira SearchFree Toolbar (HKLM-x32\...\{41564952-412D-5637-00A7-A758B70C0A03}) (Version: 12.10.3.4487 - APN, LLC) Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.3.0.95 - Atheros Communications) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - Canon Inc.) Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.0 - Canon Inc.) Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.) Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.0.0 - Canon Inc.) Canon MG4200 series Benutzerregistrierung (HKLM-x32\...\Canon MG4200 series Benutzerregistrierung) (Version: - Canon Inc.) Canon MG4200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG4200_series) (Version: 1.01 - Canon Inc.) Canon MG4200 series On-screen Manual (HKLM-x32\...\Canon MG4200 series On-screen Manual) (Version: 7.5.0 - Canon Inc.) Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.0.0 - Canon Inc.) Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.0.0 - Canon Inc.) CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.0.3661 - CDBurnerXP) CHIP Updater (HKLM-x32\...\CHIP Updater_is1) (Version: 2.28 - Abelssoft) Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{132D27B8-C656-44BD-8C16-73C54EA8A85F}) (Version: - Microsoft) Fiddler (HKLM-x32\...\Fiddler2) (Version: 2.4.4.5 - Telerik) FindRight (HKLM\...\FindRight) (Version: 2014.02.18.181234 - FindRight) <==== ATTENTION FLVPlayer (HKLM-x32\...\1ClickDownload) (Version: 2.1 Build 26473 - FLVPlayer) <==== ATTENTION FontForge 2012-07-31 (HKLM-x32\...\FontForge) (Version: 2012-07-31 - ) Free YouTube to MP3 Converter version 3.12.5.628 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.5.628 - DVDVideoSoft Ltd.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.143 - Google Inc.) Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google) Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.) Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google) Hartlauer Foto World (HKLM-x32\...\Hartlauer Foto World) (Version: 5.1.5 - CEWE Stiftung u Co. KGaA) High-Logic FontCreator 8 (HKLM-x32\...\FontCreator8_is1) (Version: - High-Logic B.V.) istartsurf uninstall (HKLM-x32\...\istartsurf uninstall) (Version: - istartsurf) <==== ATTENTION iTunes (HKLM\...\{76FF0F03-B707-4332-B5D1-A56C8303514E}) (Version: 11.0.4.4 - Apple Inc.) Java 7 Update 21 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217021FF}) (Version: 7.0.210 - Oracle) Java Auto Updater (x32 Version: 2.1.9.5 - Sun Microsystems, Inc.) Hidden Leawo PowerPoint to Video Converter version 2.7.1.0 (HKLM-x32\...\{5D5CB188-F9B1-4103-B2AD-07FB33068377}_is1) (Version: 2.7.1.0 - Leawo Software) MAGIX Foto Designer 7 (HKLM-x32\...\MAGIX_{2DCD52EE-1AE1-4128-9819-A79F7D09B6B3}) (Version: 7.0.1.1 - MAGIX AG) MAGIX Foto Designer 7 (Version: 7.0.1.1 - MAGIX AG) Hidden Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 15.0.4631.1002 - Microsoft Corporation) Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Groove MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office InfoPath MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4023.1211 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ Run Time Lib Setup (HKLM-x32\...\{AAF4238F-7C29-451D-9925-C753271A5728}) (Version: 1.0.0 - Microsoft) Mozilla Firefox 13.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 13.0.1 (x86 de)) (Version: 13.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 13.0.1 - Mozilla) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) Mysearchdial (HKLM-x32\...\mysearchdial) (Version: - Mysearchdial) <==== ATTENTION NSIS Birdfont (HKLM-x32\...\Birdfont) (Version: - ) NVIDIA 3D Vision Treiber 267.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 267.21 - NVIDIA Corporation) NVIDIA Grafiktreiber 267.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 267.21 - NVIDIA Corporation) NVIDIA HD-Audiotreiber 1.2.19.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.2.19.0 - NVIDIA Corporation) NVIDIA Install Application (Version: 2.1002.109.718 - NVIDIA Corporation) Hidden NVIDIA PhysX (x32 Version: 9.10.0514 - NVIDIA Corporation) Hidden NVIDIA PhysX-Systemsoftware 9.10.0514 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.10.0514 - NVIDIA Corporation) NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6721 - NVIDIA Corporation) Hidden NVIDIA Systemsteuerung 267.21 (Version: 267.21 - NVIDIA Corporation) Hidden Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4623.1003 - Microsoft Corporation) Hidden Office 15 Click-to-Run Licensing Component (Version: 15.0.4631.1002 - Microsoft Corporation) Hidden Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4623.1003 - Microsoft Corporation) Hidden PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.0 - pdfforge) PhotoPad Foto-Editor (HKLM-x32\...\PhotoPad) (Version: 2.41 - NCH Software) Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.) Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.92 - Realtek Semiconductor Corp.) Search Protect (HKLM-x32\...\SearchProtect) (Version: 2.17.1.22 - Client Connect LTD) <==== ATTENTION Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version: - Microsoft) Hidden Shopper-Pro (HKLM-x32\...\ShopperPro) (Version: - ) simplitec simplicheck (HKLM-x32\...\{DF103EDA-7937-4966-8EFB-5EF5C38301F2}) (Version: 1.3.9.0 - simplitec GmbH) Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.) Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version: - Microsoft) Update for Microsoft Excel 2010 (KB2837600) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{4ACD847E-547D-493F-9A86-F73EAE1B5174}) (Version: - Microsoft) Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft) Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft) Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version: - Microsoft) Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2687502) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{7DE7DF97-82FE-4B3A-AB8D-1621F9CC464A}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B0D672F7-883E-4279-8E75-D97A5445AB46}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUS_{EAD7BEF9-B28C-425F-B2C5-538CB27EF013}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version: - Microsoft) Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft) Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft) Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version: - Microsoft) Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUS_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version: - Microsoft) Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version: - Microsoft) Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUS_{40EC8FB1-5202-469D-9232-C28FB1C6FC64}) (Version: - Microsoft) Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft) Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft) Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version: - Microsoft) Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version: - Microsoft) Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version: - Microsoft) VLC media player 2.0.5 (HKLM-x32\...\VLC media player) (Version: 2.0.5 - VideoLAN) WindowsMangerProtect20.0.0.722 (HKLM-x32\...\WindowsMangerProtect) (Version: 20.0.0.722 - WindowsProtect LIMITED) <==== ATTENTION WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH) XnView 1.99.5 (HKLM-x32\...\XnView_is1) (Version: 1.99.5 - Gougelet Pierre-e) YouTube Accelerator (HKLM-x32\...\YouTube Accelerator) (Version: 3394(build_88) - Goobzo Ltd.) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-2921778440-697364257-2174348754-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2921778440-697364257-2174348754-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2921778440-697364257-2174348754-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2921778440-697364257-2174348754-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2921778440-697364257-2174348754-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\FileSyncApi64.dll (Microsoft Corporation) ==================== Restore Points ========================= 28-08-2014 21:18:18 Windows Update 02-09-2014 05:07:47 Installed SpyHunter 02-09-2014 05:15:58 Removed SpyHunter 02-09-2014 05:50:31 Installed SpyHunter 02-09-2014 06:43:19 Removed SpyHunter ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {136E99D8-6048-466C-A642-6ED03D639BE9} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2013\OneClick.exe Task: {A9EB2394-AF1F-446F-BB25-754EC1B3C9B7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-15] (Google Inc.) Task: {B78E6EA3-3BE7-484B-948E-4076ECF61197} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-15] (Google Inc.) Task: {C72E5E18-FF2C-49F1-8FC2-B294810C7742} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-20] (Adobe Systems Incorporated) Task: {CC0AA8B8-4984-4151-9A68-08465D6D829C} - System32\Tasks\BrowserDefendert => Sc.exe start BrowserDefendert <==== ATTENTION Task: {F71B22B6-2AE6-45F4-BF99-434CCA5975EA} - System32\Tasks\EPUpdater => C:\Users\Martina\AppData\Roaming\BABSOL~1\Shared\BabMaint.exe <==== ATTENTION Task: C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-1.job => C:\Program Files (x86)\TheGoPhoto.it V10\TheGoPhoto.it V10-codedownloader.exe <==== ATTENTION Task: C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-11.job => C:\Program Files (x86)\TheGoPhoto.it V10\16e09ab7-bf32-41db-a5e3-0520997d5fd9-11.exe <==== ATTENTION Task: C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-2.job => C:\Program Files (x86)\TheGoPhoto.it V10\16e09ab7-bf32-41db-a5e3-0520997d5fd9-2.exe <==== ATTENTION Task: C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5.job => C:\Program Files (x86)\TheGoPhoto.it V10\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5.exe <==== ATTENTION Task: C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5_user.job => C:\Program Files (x86)\TheGoPhoto.it V10\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5.exe <==== ATTENTION Task: C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-1.job => C:\Program Files (x86)\TheHDvid-Codec V10\TheHDvid-Codec V10-codedownloader.exe <==== ATTENTION Task: C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-11.job => C:\Program Files (x86)\TheHDvid-Codec V10\3bd2a66d-6045-4320-bce5-355ba9209e38-11.exe <==== ATTENTION Task: C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-2.job => C:\Program Files (x86)\TheHDvid-Codec V10\3bd2a66d-6045-4320-bce5-355ba9209e38-2.exe <==== ATTENTION Task: C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5.job => C:\Program Files (x86)\TheHDvid-Codec V10\3bd2a66d-6045-4320-bce5-355ba9209e38-5.exe <==== ATTENTION Task: C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5_user.job => C:\Program Files (x86)\TheHDvid-Codec V10\3bd2a66d-6045-4320-bce5-355ba9209e38-5.exe <==== ATTENTION Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\AdobeAAMUpdater-1.0-NB01KRZBMA-Martina.job => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore1cfbd4a5e77343e.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf8a54415c3b16.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\Launch 21752.job => C:\Program Files (x86)\YouTube Accelerator\YouTubeAccelerator.exe Task: C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d2d37505a2a6c55326c342341.job => C:\ProgramData\ShopperPro\spbihe.js" spbiu.exe <==== ATTENTION Task: C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d5b784a456c2a23342a325557.job => C:\ProgramData\ShopperPro\spbihe.js" spbiu.exe <==== ATTENTION Task: C:\Windows\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013.job => C:\Program Files (x86)\TuneUp Utilities 2013\OneClick.exe Task: C:\Windows\Tasks\Updater scan.job => C:\Program Files (x86)\CHIP Updater\CHIPUpdater.exe ==================== Loaded Modules (whitelisted) ============= 2013-10-16 19:02 - 2013-10-16 19:02 - 03358064 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll 2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF 2014-07-04 16:21 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll 2013-11-29 17:53 - 2012-03-28 14:49 - 00140456 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE 2014-08-21 16:10 - 2014-08-07 16:00 - 03211776 _____ () C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.486\jsdrv.exe 2013-10-16 19:01 - 2013-10-16 19:01 - 04624240 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe 2013-04-21 21:44 - 2013-04-21 21:44 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2013-04-21 21:44 - 2013-04-21 21:44 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF 2014-08-14 14:22 - 2014-08-04 14:20 - 00052472 _____ () C:\Users\Martina\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll 2013-10-17 17:45 - 2013-10-17 17:45 - 32726528 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\libcef.dll 2014-08-04 14:20 - 2014-08-04 14:20 - 00139056 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.NativeCore.dll 2014-08-04 14:20 - 2014-08-04 14:20 - 00067832 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.AvConnectorNative.dll 2013-03-13 14:42 - 2013-06-05 15:21 - 00071560 _____ () C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\zlib1.dll 2014-08-07 15:57 - 2014-08-07 15:57 - 01257472 _____ () C:\Program Files\Common Files\ShopperPro\spbici32.dll 2014-08-16 10:33 - 2014-08-07 05:20 - 00718152 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\libglesv2.dll 2014-08-16 10:33 - 2014-08-07 05:20 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\libegl.dll 2014-08-16 10:33 - 2014-08-07 05:20 - 08537928 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\pdf.dll 2014-08-16 10:33 - 2014-08-07 05:20 - 00353096 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ppGoogleNaClPluginChrome.dll 2014-08-16 10:33 - 2014-08-07 05:20 - 01732936 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ffmpegsumo.dll 2014-08-16 10:33 - 2014-08-07 05:20 - 14669128 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\PepperFlash\pepflashplayer.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\ProgramData\TEMP:56E2E879 ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) ==================== Faulty Device Manager Devices ============= Name: Atheros AR3011 Bluetooth(R) Adapter Description: Atheros AR3011 Bluetooth(R) Adapter Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974} Manufacturer: Atheros Communications Service: BTHUSB Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Ethernet-Controller Description: Ethernet-Controller Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (09/02/2014 11:42:49 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 8190 Error: (09/02/2014 11:42:49 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 8190 Error: (09/02/2014 11:42:49 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (09/02/2014 11:42:48 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 7191 Error: (09/02/2014 11:42:48 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 7191 Error: (09/02/2014 11:42:48 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (09/02/2014 11:42:47 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 6162 Error: (09/02/2014 11:42:47 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 6162 Error: (09/02/2014 11:42:47 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (09/02/2014 11:42:46 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 5101 System errors: ============= Error: (09/01/2014 10:35:51 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "Wajam Internet Enhancer Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error: (09/01/2014 10:35:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "IePlugin Services" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error: (09/01/2014 02:38:57 PM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: Der Dienst "Microsoft Office-Klick-und-Los-Dienst" wurde nicht richtig gestartet. Error: (09/01/2014 02:37:34 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Avira Service Host erreicht. Error: (09/01/2014 02:36:51 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "Wajam Internet Enhancer Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error: (09/01/2014 02:30:11 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Avira Service Host erreicht. Error: (09/01/2014 02:29:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "Wajam Internet Enhancer Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error: (09/01/2014 01:11:01 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Avira Service Host erreicht. Error: (09/01/2014 01:10:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "Wajam Internet Enhancer Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error: (08/31/2014 06:24:05 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Avira Service Host erreicht. Microsoft Office Sessions: ========================= Error: (09/02/2014 11:42:49 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 8190 Error: (09/02/2014 11:42:49 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 8190 Error: (09/02/2014 11:42:49 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (09/02/2014 11:42:48 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 7191 Error: (09/02/2014 11:42:48 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 7191 Error: (09/02/2014 11:42:48 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (09/02/2014 11:42:47 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 6162 Error: (09/02/2014 11:42:47 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 6162 Error: (09/02/2014 11:42:47 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (09/02/2014 11:42:46 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 5101 CodeIntegrity Errors: =================================== Date: 2013-08-03 00:31:49.584 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2013-08-03 00:31:49.581 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2013-08-03 00:31:49.578 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2013-08-03 00:31:49.555 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2013-08-03 00:31:49.551 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2013-08-03 00:31:49.545 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2013-08-01 10:10:32.741 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2013-08-01 10:10:32.739 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2013-08-01 10:10:32.736 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2013-08-01 10:10:32.718 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i3-2310M CPU @ 2.10GHz Percentage of memory in use: 65% Total physical RAM: 4077.86 MB Available physical RAM: 1420.95 MB Total Pagefile: 8153.9 MB Available Pagefile: 4849.11 MB Total Virtual: 8192 MB Available Virtual: 8191.83 MB ==================== Drives ================================ Nico Mak Computing WinZip Malware Protector Datum der Überprüfung Dienstag, 02. September 2014 Datenbankversion 1935 Gefundene Elemente insgesamt 253 Überprüfte Objekte: 262528 Abgelaufene Zeit: 00:05:54 Name Gefundene Elemente Name der Infektion pup.globalupdate Kategorie Potentially Unwanted Application Bedrohungsstufe High Durchgeführte Aktion NoActionTaken Elemente gefunden 111 Gefundener Bereich Memory Details Dateiname c:\program files (x86)\globalupdate\update\1.3.25.0\goopdate.dll MD5 0 Signatur 10348850114702906377 Md5hash: 148c0d2b53a597f9caa045ea9589ce97 Gefundener Bereich FileSystem Details Dateiname c:\program files (x86)\globalupdate\update\1.3.25.0\googleupdatehelper.msi MD5 0 Signatur 0 Md5hash: fc7a2f466f7a0f3e873077505719c1a1 Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\classes\clsid\{5645e0e7-fc12-43bf-a6e4-f9751942b298} Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\classes\clsid\{5645e0e7-fc12-43bf-a6e4-f9751942b298}\inprocserver32 Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\classes\clsid\{5645e0e7-fc12-43bf-a6e4-f9751942b298}\inprocserver32 threadingmodel Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\classes\clsid\{5645e0e7-fc12-43bf-a6e4-f9751942b298}\progid Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\classes\clsid\{c7bf8f4b-7bc7-4f42-b944-3d28a3a86d8a} Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\classes\clsid\{c7bf8f4b-7bc7-4f42-b944-3d28a3a86d8a}\inprocserver32 Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\classes\clsid\{c7bf8f4b-7bc7-4f42-b944-3d28a3a86d8a}\inprocserver32 threadingmodel Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\classes\clsid\{c7bf8f4b-7bc7-4f42-b944-3d28a3a86d8a}\progid Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\classes\clsid\{cfc47bb5-5fb5-4ad0-8427-6aa04334a3fc} Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\classes\clsid\{cfc47bb5-5fb5-4ad0-8427-6aa04334a3fc}\inprocserver32 Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\classes\clsid\{cfc47bb5-5fb5-4ad0-8427-6aa04334a3fc}\inprocserver32 threadingmodel Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\classes\clsid\{e0adb535-d7b5-4d8b-b15d-578bdd20d76a} Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\classes\clsid\{e0adb535-d7b5-4d8b-b15d-578bdd20d76a}\inprocserver32 Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\classes\clsid\{e0adb535-d7b5-4d8b-b15d-578bdd20d76a}\inprocserver32 threadingmodel Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\classes\globalupdate.oneclickctrl.10 Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\classes\globalupdate.oneclickctrl.10\clsid Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\classes\globalupdate.update3webcontrol.4 Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\classes\globalupdate.update3webcontrol.4\clsid Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\globalupdate\update Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\globalupdate\update path Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\globalupdate\update version Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\globalupdate\update globalupdate_task_name_c Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\globalupdate\update lastchecked Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\globalupdate\update\clients Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\globalupdate\update\clients\{00ba8a8f-c20a-4328-8e58-8463b52ba450} Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\globalupdate\update\clients\{00ba8a8f-c20a-4328-8e58-8463b52ba450} pv Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\globalupdate\update\clients\{00ba8a8f-c20a-4328-8e58-8463b52ba450} name Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\globalupdate\update\clients\{00ba8a8f-c20a-4328-8e58-8463b52ba450} bic Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\globalupdate\update\clients\{00ba8a8f-c20a-4328-8e58-8463b52ba450} verifier Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\globalupdate\update\clients\{00ba8a8f-c20a-4328-8e58-8463b52ba450} srcid_var Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\globalupdate\update\clients\{08174260-1228-485d-9b4e-df23fe546e03} Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\globalupdate\update\clients\{08174260-1228-485d-9b4e-df23fe546e03} pv Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\globalupdate\update\clients\{08174260-1228-485d-9b4e-df23fe546e03} name Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\globalupdate\update\clients\{08174260-1228-485d-9b4e-df23fe546e03} bic Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\globalupdate\update\clients\{08174260-1228-485d-9b4e-df23fe546e03} verifier Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\globalupdate\update\clients\{08174260-1228-485d-9b4e-df23fe546e03} srcid_var Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\globalupdate\update\clients\{430fd4d0-b729-4f61-aa34-91526481799d} Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\globalupdate\update\clients\{430fd4d0-b729-4f61-aa34-91526481799d} pv Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\globalupdate\update\clients\{430fd4d0-b729-4f61-aa34-91526481799d} name Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\globalupdate\update\clientstate Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\globalupdate\update\clientstate\{00ba8a8f-c20a-4328-8e58-8463b52ba450} Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\globalupdate\update\clientstate\{00ba8a8f-c20a-4328-8e58-8463b52ba450} pv Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\globalupdate\update\clientstate\{00ba8a8f-c20a-4328-8e58-8463b52ba450} rollcalldaystartsec Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\globalupdate\update\clientstate\{00ba8a8f-c20a-4328-8e58-8463b52ba450} lastchecksuccess Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\globalupdate\update\clientstate\{08174260-1228-485d-9b4e-df23fe546e03} Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\globalupdate\update\clientstate\{08174260-1228-485d-9b4e-df23fe546e03} pv Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\globalupdate\update\clientstate\{08174260-1228-485d-9b4e-df23fe546e03} rollcalldaystartsec Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\globalupdate\update\clientstate\{08174260-1228-485d-9b4e-df23fe546e03} lastchecksuccess Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\globalupdate\update\clientstate\{430fd4d0-b729-4f61-aa34-91526481799d} Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\globalupdate\update\clientstate\{430fd4d0-b729-4f61-aa34-91526481799d} pv Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\globalupdate\update\clientstate\{430fd4d0-b729-4f61-aa34-91526481799d} brand Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\globalupdate\update\clientstate\{430fd4d0-b729-4f61-aa34-91526481799d} installtime Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\globalupdate\update\clientstate\{430fd4d0-b729-4f61-aa34-91526481799d} rollcalldaystartsec Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\globalupdate\update\clientstate\{430fd4d0-b729-4f61-aa34-91526481799d} lastchecksuccess Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\globalupdate\update\clientstatemedium Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\globalupdate\update\clientstatemedium\{00ba8a8f-c20a-4328-8e58-8463b52ba450} Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\globalupdate\update\clientstatemedium\{08174260-1228-485d-9b4e-df23fe546e03} Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\globalupdate\update\network Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\globalupdate\update\network\secure Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\microsoft\internet explorer\low rights\elevationpolicy\{5645e0e7-fc12-43bf-a6e4-f9751942b298} Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\microsoft\internet explorer\low rights\elevationpolicy\{5645e0e7-fc12-43bf-a6e4-f9751942b298} appname Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\microsoft\internet explorer\low rights\elevationpolicy\{5645e0e7-fc12-43bf-a6e4-f9751942b298} apppath Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\microsoft\internet explorer\low rights\elevationpolicy\{5645e0e7-fc12-43bf-a6e4-f9751942b298} policy Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\microsoft\internet explorer\low rights\elevationpolicy\{c7bf8f4b-7bc7-4f42-b944-3d28a3a86d8a} Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\microsoft\internet explorer\low rights\elevationpolicy\{c7bf8f4b-7bc7-4f42-b944-3d28a3a86d8a} appname Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\microsoft\internet explorer\low rights\elevationpolicy\{c7bf8f4b-7bc7-4f42-b944-3d28a3a86d8a} apppath Gefundener Bereich Registry Details Registrierungsschlüssel hkey_local_machine software\microsoft\internet explorer\low rights\elevationpolicy\{c7bf8f4b-7bc7-4f42-b944-3d28a3a86d8a} policy |
|
02.09.2014, 13:26
| #5 |
| | iStartSurf deinstallieren Das ist jetzt der zweite Teil von Addition txt. Da es zuviele Zeichen sind. :-) Code:
ATTFilter Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\microsoft\windows nt\currentversion\image file execution options\googleupdate.exe
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\microsoft\windows nt\currentversion\image file execution options\googleupdate.exe
disableexceptionchainvalidation
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\microsoft\windows\currentversion\ext\preapproved\{5645e0e7-fc12-43bf-a6e4-f9751942b298}
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\microsoft\windows\currentversion\ext\preapproved\{c7bf8f4b-7bc7-4f42-b944-3d28a3a86d8a}
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\mozillaplugins\@staging.google.com/globalupdate update;version=10
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\mozillaplugins\@staging.google.com/globalupdate update;version=10
path
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\mozillaplugins\@staging.google.com/globalupdate update;version=10
description
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\mozillaplugins\@staging.google.com/globalupdate update;version=10
productname
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\mozillaplugins\@staging.google.com/globalupdate update;version=10
vendor
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\mozillaplugins\@staging.google.com/globalupdate update;version=10
version
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\mozillaplugins\@staging.google.com/globalupdate update;version=10\mimetypes
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\mozillaplugins\@staging.google.com/globalupdate update;version=10\mimetypes\application/x-vnd.google.oneclickctrl.10
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\mozillaplugins\@staging.google.com/globalupdate update;version=4
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\mozillaplugins\@staging.google.com/globalupdate update;version=4
path
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\mozillaplugins\@staging.google.com/globalupdate update;version=4
description
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\mozillaplugins\@staging.google.com/globalupdate update;version=4
productname
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\mozillaplugins\@staging.google.com/globalupdate update;version=4
vendor
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\mozillaplugins\@staging.google.com/globalupdate update;version=4
version
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\mozillaplugins\@staging.google.com/globalupdate update;version=4\mimetypes
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\mozillaplugins\@staging.google.com/globalupdate update;version=4\mimetypes\application/x-vnd.google.update3webcontrol.4
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\globalupdate
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\globalupdate
type
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\globalupdate
start
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\globalupdate
errorcontrol
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\globalupdate
imagepath
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\globalupdate
displayname
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\globalupdate
dependonservice
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\globalupdate
wow64
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\globalupdate
objectname
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\globalupdate
description
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\globalupdate
delayedautostart
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\globalupdatem
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\globalupdatem
type
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\globalupdatem
start
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\globalupdatem
errorcontrol
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\globalupdatem
imagepath
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\globalupdatem
displayname
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\globalupdatem
dependonservice
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\globalupdatem
wow64
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\globalupdatem
objectname
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\globalupdatem
description
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\globalupdatem
delayedautostart
Name der Infektion pup.optional
Kategorie Potentially Unwanted Application
Bedrohungsstufe High
Durchgeführte Aktion NoActionTaken
Elemente gefunden 61
Gefundener Bereich FileSystem
Details
Dateiname c:\program files (x86)\searchprotect\main\bin\cltmngsvc.exe
MD5 0
Signatur 4008520455206799453
Md5hash: d44da098e45085a2acaca6a92d575b8a
Gefundener Bereich FileSystem
Details
Dateiname c:\program files (x86)\searchprotect\main\bin\sptool.dll
MD5 0
Signatur 5502870926556351585
Md5hash: 147fd0b3c9bc7a66f0c8a399ca61cc0b
Gefundener Bereich FileSystem
Details
Dateiname c:\program files (x86)\searchprotect\main\bin\uninstall.exe
MD5 945616464127594250
Signatur 0
Md5hash: 45e9457a13020227b516933f4e13e75b
Gefundener Bereich FileSystem
Details
Dateiname c:\program files (x86)\searchprotect\ui\bin\cltmngui.exe
MD5 0
Signatur 5043636912816771717
Md5hash: b45855f3cfebca58389b19144e6d44d5
Gefundener Bereich FileSystem
Details
Dateiname c:\program files (x86)\searchprotect\searchprotect\bin\cltmng.exe
MD5 0
Signatur 13392094193946676137
Md5hash: 01041912765aac215ebf10746c304016
Gefundener Bereich FileSystem
Details
Dateiname c:\program files (x86)\searchprotect\searchprotect\bin\sptool64.exe
MD5 0
Signatur 5742242505403073202
Md5hash: c885990e0c5489ddd11b098c54d349b8
Gefundener Bereich FileSystem
Details
Dateiname c:\program files (x86)\searchprotect\searchprotect\bin\spvc32.dll
MD5 0
Signatur 10559975309048136720
Md5hash: 598a964a8c1347722c2fd0c6b7f1c154
Gefundener Bereich FileSystem
Details
Dateiname c:\program files (x86)\searchprotect\searchprotect\bin\spvc32loader.dll
MD5 0
Signatur 8283225535962601202
Md5hash: 9a41cf0d3927889ae686a1d105d14433
Gefundener Bereich FileSystem
Details
Dateiname c:\program files (x86)\searchprotect\searchprotect\bin\spvc64.dll
MD5 0
Signatur 14477932829830964117
Md5hash: c826f27ee06f04ab30561269f3fd90d8
Gefundener Bereich FileSystem
Details
Dateiname c:\program files (x86)\searchprotect\searchprotect\bin\spvc64loader.dll
MD5 0
Signatur 3967124370264990919
Md5hash: e85b2a2c30e46d7b0f7e92b9a9255d77
Gefundener Bereich FileSystem
Details
Dateiname c:\users\martina\appdata\local\searchprotect\searchprotect\rep\userrepository.dat
MD5 0
Signatur 0
Md5hash: 7f41fc2517fc97e49b009851eb0f9fc6
Gefundener Bereich FileSystem
Details
Dateiname c:\users\martina\appdata\local\searchprotect\searchprotect\rep\usersettings.dat
MD5 0
Signatur 0
Md5hash: 4d2aadbeb627ccb55d39752c919b7cae
Gefundener Bereich FileSystem
Details
Dateiname c:\users\martina\appdata\local\searchprotect\ui\rep\uirepository.dat
MD5 0
Signatur 0
Md5hash: f749579958724120bb26add6c52a06ac
Gefundener Bereich Memory
Details
Dateiname c:\program files (x86)\youtube accelerator\ipc.dll
MD5 0
Signatur 2222954328128739501
Md5hash: e3ca787c4ef41e3d3c212899dd361daf
Gefundener Bereich Memory
Details
Dateiname c:\program files (x86)\youtube accelerator\xmldb.dll
MD5 0
Signatur 6164794545056868536
Md5hash: e09fa1c699e985e4cf8cfc6457dba9f1
Gefundener Bereich Memory
Details
Dateiname c:\program files (x86)\youtube accelerator\helper.dll
MD5 0
Signatur 9103839266922713970
Md5hash: 3f60c99839e22b593223eb083e1ae454
Gefundener Bereich Memory
Details
Dateiname c:\program files (x86)\globalupdate\update\googleupdate.exe
MD5 0
Signatur 12264191390500570615
Md5hash: d858ba2ee718b1db1ced20646e641d08
Gefundener Bereich FileSystem
Details
Dateiname c:\program files (x86)\globalupdate\update\1.3.25.0\googlecrashhandler.exe
MD5 0
Signatur 12264191390500570615
Md5hash: 03114dadbd9977fc823f95b21fb987e7
Gefundener Bereich FileSystem
Details
Dateiname c:\program files (x86)\globalupdate\update\1.3.25.0\googleupdate.exe
MD5 0
Signatur 12264191390500570615
Md5hash: d858ba2ee718b1db1ced20646e641d08
Gefundener Bereich FileSystem
Details
Dateiname c:\program files (x86)\youtube accelerator\cabex.dll
MD5 0
Signatur 16962820214776606692
Md5hash: 3f4049d8bf040812a96680c5a6b377fd
Gefundener Bereich FileSystem
Details
Dateiname c:\program files (x86)\youtube accelerator\ytalsp.dll
MD5 0
Signatur 2574574794302051618
Md5hash: 6289966fd5c7d68cc37d526f6a40cdfa
Gefundener Bereich FileSystem
Details
Dateiname c:\program files (x86)\globalupdate\update\1.3.25.0\googleupdatebroker.exe
MD5 0
Signatur 11382960367386889684
Md5hash: f98de4108614e4bb81e95e58e36c7000
Gefundener Bereich FileSystem
Details
Dateiname c:\program files (x86)\globalupdate\update\1.3.25.0\googleupdateondemand.exe
MD5 0
Signatur 11382960367386889684
Md5hash: 7e767b342e55eb1dfd74a65d24ea4b70
Gefundener Bereich FileSystem
Details
Dateiname c:\program files (x86)\globalupdate\update\1.3.25.0\goopdateres_en.dll
MD5 0
Signatur 6050752766450381628
Md5hash: 4249db2978306091a48702bb6f9a42c2
Gefundener Bereich FileSystem
Details
Dateiname c:\program files (x86)\globalupdate\update\1.3.25.0\npgoogleupdate4.dll
MD5 0
Signatur 9274589362263618590
Md5hash: 624d999248a19d5dad757606a4457857
Gefundener Bereich FileSystem
Details
Dateiname c:\program files (x86)\globalupdate\update\1.3.25.0\psmachine.dll
MD5 0
Signatur 14069428750905708878
Md5hash: fefef2f226fd6be184bc4a3378b02aaf
Gefundener Bereich FileSystem
Details
Dateiname c:\program files (x86)\globalupdate\update\1.3.25.0\psuser.dll
MD5 0
Signatur 14069428750905708878
Md5hash: 8d90bb3a36521b50d0e512a781e36871
Gefundener Bereich FileSystem
Details
Dateiname c:\users\martina\appdata\roaming\istartsurf\uninstallmanager.exe
MD5 0
Signatur 11577995310399389985
Md5hash: 1608d54dc69ea7e763cdab78f71cafd6
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_classes_root
clsid\{4aa46d49-459f-4358-b4d1-169048547c23}
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_classes_root
clsid\{4aa46d49-459f-4358-b4d1-169048547c23}
id
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\microsoft\internet explorer\searchscopes\{014db5fa-eafb-4592-a95b-f44d3ee87fa9}
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\microsoft\internet explorer\searchscopes\{014db5fa-eafb-4592-a95b-f44d3ee87fa9}
url
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\microsoft\internet explorer\searchscopes\{014db5fa-eafb-4592-a95b-f44d3ee87fa9}
suggestionsurl_json
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\microsoft\internet explorer\searchscopes\{014db5fa-eafb-4592-a95b-f44d3ee87fa9}
displayname
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\microsoft\internet explorer\searchscopes\{014db5fa-eafb-4592-a95b-f44d3ee87fa9}
showsearchsuggestions
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\microsoft\internet explorer\searchscopes\{014db5fa-eafb-4592-a95b-f44d3ee87fa9}
deleted
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\{6791a2f3-fc80-475c-a002-c014af797e9c}
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\{6791a2f3-fc80-475c-a002-c014af797e9c}
n
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\classes\clsid\{1aa60054-57d9-4f99-9a55-d0fbfbe7ecd3}
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\classes\clsid\{4aa46d49-459f-4358-b4d1-169048547c23}
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\classes\clsid\{4aa46d49-459f-4358-b4d1-169048547c23}
id
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\microsoft\windows\currentversion\uninstall\searchprotect
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\microsoft\windows\currentversion\uninstall\searchprotect
displayname
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\microsoft\windows\currentversion\uninstall\searchprotect
displayicon
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\microsoft\windows\currentversion\uninstall\searchprotect
displayversion
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\microsoft\windows\currentversion\uninstall\searchprotect
publisher
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\microsoft\windows\currentversion\uninstall\searchprotect
uninstallstring
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\searchprotect
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\searchprotect
spid
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\searchprotect
environment
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\searchprotect
ts
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\cltmngsvc
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\cltmngsvc
type
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\cltmngsvc
start
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\cltmngsvc
errorcontrol
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\cltmngsvc
imagepath
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\cltmngsvc
displayname
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\cltmngsvc
wow64
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\cltmngsvc
objectname
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\cltmngsvc
dependonservice
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\cltmngsvc
description
Name der Infektion pup.superfish
Kategorie Potentially Unwanted Application
Bedrohungsstufe High
Durchgeführte Aktion NoActionTaken
Elemente gefunden 5
Gefundener Bereich FileSystem
Details
Dateiname c:\users\martina\appdata\local\google\chrome\user data\default\local storage\http_www.superfish.com_0.localstorage
MD5 0
Signatur 0
Md5hash: 5f24451ac3523b39f40c7cd87c4f0dbb
Gefundener Bereich FileSystem
Details
Dateiname c:\users\martina\appdata\local\google\chrome\user data\default\local storage\http_www.superfish.com_0.localstorage-journal
MD5 0
Signatur 0
Md5hash: 4f11aa3c6f98f8edf8f438b61f69d60e
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\microsoft\internet explorer\domstorage\superfish.com
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\microsoft\internet explorer\domstorage\superfish.com
numberofsubdomains
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\microsoft\internet explorer\domstorage\superfish.com
total
Name der Infektion pup.montieratoolbar
Kategorie Potentially Unwanted Application
Bedrohungsstufe High
Durchgeführte Aktion NoActionTaken
Elemente gefunden 2
Gefundener Bereich FileSystem
Details
Dateiname c:\users\martina\appdata\local\google\chrome\user data\default\local storage\http_www.trovi.com_0.localstorage
MD5 0
Signatur 0
Md5hash: f353360d74d4532256cff2bc1d810699
Gefundener Bereich FileSystem
Details
Dateiname c:\users\martina\appdata\local\google\chrome\user data\default\local storage\http_www.trovi.com_0.localstorage-journal
MD5 0
Signatur 0
Md5hash: bf619eac0cdf3f68d496ea9344137e8b
Name der Infektion pup.searchprotect
Kategorie Potentially Unwanted Application
Bedrohungsstufe High
Durchgeführte Aktion NoActionTaken
Elemente gefunden 13
Gefundener Bereich FileSystem
Details
Dateiname c:\users\martina\appdata\local\searchprotect\searchprotect\rep\cvc.dat
MD5 0
Signatur 0
Md5hash: d01872cbb21925c587ff2d2d0d75b756
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\searchprotect
installdir
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\sppd
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\sppd
type
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\sppd
start
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\sppd
errorcontrol
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\sppd
imagepath
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\sppd
displayname
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\sppd
wow64
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\sppd\enum
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\sppd\enum
0
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\sppd\enum
count
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\sppd\enum
nextinstance
Name der Infektion pup.installcore
Kategorie Potentially Unwanted Application
Bedrohungsstufe High
Durchgeführte Aktion NoActionTaken
Elemente gefunden 22
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\installcore\1i1t1q1s
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\installcore\1i1t1q1s
name
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\installcore\1i1t1q1s
reg
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\installcore
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\installcore
t
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\installcore
tb
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\installcore
hp
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\installcore
ds
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\installcore\mysearchdial
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\installcore\mysearchdial
insdate
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\installcore\mysearchdial
instlref
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\installcore\mysearchdial
aflt
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\installcore\mysearchdial
c_ver
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\installcore\uninstall
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\installcore\uninstall\0f1l1g1q0r1l1n1m2z
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\installcore\uninstall\0f1l1g1q0r1l1n1m2z
uninstall
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\installcore\uninstall\0m2u0s1p1t1c1r1m0d1l1t1i
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\installcore\uninstall\0m2u0s1p1t1c1r1m0d1l1t1i
uninstall
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\installcore\uninstall\0m2u0s1p1t1c1r1m0d1l1t1i
sch_desc
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\installcore\uninstall\0m2u0s1p1t1c1r1m0d1l1t1i
sch_link
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\installcore\uninstall\0m2u0s1p1t1c1r1m0d1l1t1i
add_desc
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\installcore\uninstall\0m2u0s1p1t1c1r1m0d1l1t1i
add_link
Name der Infektion pup.1clickdownload
Kategorie Potentially Unwanted Application
Bedrohungsstufe High
Durchgeführte Aktion NoActionTaken
Elemente gefunden 5
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\1clickdownload
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\1clickdownload
uid
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\1clickdownload
lastinstall0
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\1clickdownload
lastinstall3
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\1clickdownload
lastinstall2
Name der Infektion pup.babylon
Kategorie Potentially Unwanted Application
Bedrohungsstufe High
Durchgeführte Aktion NoActionTaken
Elemente gefunden 17
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\babsolution\updater
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\babsolution\updater
cr_ver
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\babsolution\updater
task_st
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\babsolution\updater
lastdyreportsch
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\babsolution\updater
rep
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\babsolution\updater
rstsp
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\babsolution\updater
risp
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\babsolution\updater
userid
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\babsolution\updater
lastdllupdatecheck
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\babsolution\updater\busolutrunningupdt
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\babsolution\updater\busolutrunningupdt
ff21v.exe
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\babsolution\updater\busolutrunningupdt
crxupdater_d.exe
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\babsolution\updater\report
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\babsolution\updater\report
gglsp
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\babsolution\updater\report
sqlt
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\babsolution\updater\updates
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\babsolution\updater\updates
crxenb
Name der Infektion pup.delta
Kategorie Potentially Unwanted Application
Bedrohungsstufe High
Durchgeführte Aktion NoActionTaken
Elemente gefunden 1
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\classes\appid\{c26644c4-2a12-4ca6-8f2e-0ede6cf018f3}
Name der Infektion pup.optional-snk
Kategorie Potentially Unwanted Application
Bedrohungsstufe High
Durchgeführte Aktion NoActionTaken
Elemente gefunden 2
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\{3a7d3e19-1b79-4e4e-bd96-5467da2c4ef0}
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\{3a7d3e19-1b79-4e4e-bd96-5467da2c4ef0}
n
Name der Infektion pup.shopperpro
Kategorie Potentially Unwanted Application
Bedrohungsstufe High
Durchgeführte Aktion NoActionTaken
Elemente gefunden 13
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\microsoft\windows\currentversion\ext\settings\{a5a51d2a-505a-4d84-afc6-e0fa87e47b8c}
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\microsoft\windows\currentversion\ext\settings\{a5a51d2a-505a-4d84-afc6-e0fa87e47b8c}
flags
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\microsoft\windows\currentversion\ext\stats\{a5a51d2a-505a-4d84-afc6-e0fa87e47b8c}
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\microsoft\windows\currentversion\ext\stats\{a5a51d2a-505a-4d84-afc6-e0fa87e47b8c}\iexplore
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\microsoft\windows\currentversion\ext\stats\{a5a51d2a-505a-4d84-afc6-e0fa87e47b8c}\iexplore
type
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\microsoft\windows\currentversion\ext\stats\{a5a51d2a-505a-4d84-afc6-e0fa87e47b8c}\iexplore
flags
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\microsoft\windows\currentversion\ext\stats\{a5a51d2a-505a-4d84-afc6-e0fa87e47b8c}\iexplore
count
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\microsoft\windows\currentversion\ext\stats\{a5a51d2a-505a-4d84-afc6-e0fa87e47b8c}\iexplore
time
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\microsoft\windows\currentversion\ext\stats\{a5a51d2a-505a-4d84-afc6-e0fa87e47b8c}\iexplore
loadtimearray
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\microsoft\windows\currentversion\ext\stats\{a5a51d2a-505a-4d84-afc6-e0fa87e47b8c}\iexplore
navtimearray
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\microsoft\windows\currentversion\explorer\browser helper objects\{a5a51d2a-505a-4d84-afc6-e0fa87e47b8c}
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\microsoft\windows\currentversion\explorer\browser helper objects\{a5a51d2a-505a-4d84-afc6-e0fa87e47b8c}
noexplorer
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\microsoft\windows\currentversion\ext\preapproved\{a5a51d2a-505a-4d84-afc6-e0fa87e47b8c}
Name der Infektion Restricted Settings
Kategorie Security Disabler
Bedrohungsstufe Medium
Durchgeführte Aktion NoActionTaken
Elemente gefunden 1
Gefundener Bereich WindowsSettings
Details
Registrierungsschlüssel hkey_local_machine
software\clients\startmenuinternet\iexplore.exe\shell\open\command
© 2013 WinZip International LLC. All rights reserved.
Drive c: (LWC) (Fixed) (Total:78.03 GB) (Free:31.81 GB) NTFS
Drive d: (DATEN) (Fixed) (Total:154.76 GB) (Free:137.35 GB) NTFS
Drive e: (SLEEPING_WITH_THE_ENEMY) (CDROM) (Total:4.43 GB) (Free:0 GB) UDF
==================== MBR & Partition Table ==================
==================== End Of Log ============================
|
|
02.09.2014, 18:09
| #6 | |
| /// TB-Ausbilder | iStartSurf deinstallieren Servus, Zitat:
Bitte alle Tools direkt auf den Desktop downloaden bzw. dorthin verschieben und vom Desktop starten, da unsere Anleitungen daraufhin ausgelegt sind. Zudem lassen sich dann am Ende der Bereinigung alle verwendeten Tools sehr einfach entfernen. FRST nochmal:
|
|
03.09.2014, 07:46
| #7 |
| | iStartSurf deinstallieren teil 1 Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-09-2014
Ran by Martina at 2014-09-03 08:21:50
Running from D:\Martina\Desktop
Boot Mode: Normal
==========================================================
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-09-2014
Ran by Martina (administrator) on NB01KRZBMA on 03-09-2014 08:17:04
Running from D:\Martina\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Fuyu LIMITED) C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(ShopperPro) C:\Program Files\Common Files\ShopperPro\spbiu.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(GOOBZO) C:\Program Files (x86)\YouTube Accelerator\YouTubeAcceleratorService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
() C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.486\jsdrv.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(globalUpdate) C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Farbar) D:\Martina\Desktop\FRST64 (1).exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [790176 2011-03-31] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [657056 2011-03-31] (Atheros Commnucations)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-09-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-14] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2237328 2013-11-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1273448 2012-04-03] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [449168 2012-03-26] (CANON INC.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [161584 2014-08-04] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SPDriver] => C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.486\jsdrv.exe [3211776 2014-08-07] ()
HKU\.DEFAULT\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-06-15] (Microsoft Corporation)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21446272 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [LiveSupport] => "C:\Program Files (x86)\LiveSupport\LiveSupport.exe" /noshow /log
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [GoobzoYouTubeAccelerator] => C:\Program Files (x86)\YouTube Accelerator\YouTubeAccelerator.exe [2227048 2014-08-21] (GOOBZO)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [SPDriver] => C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.486\jsdrv.exe [3211776 2014-08-07] ()
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-06-16] (Google Inc.)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\RunOnce: [Uninstall C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64"
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\RunOnce: [Uninstall C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64"
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: F - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {9f0476a4-d6a2-11e2-b1ce-90004eb858ed} - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {9f0476aa-d6a2-11e2-b1ce-90004eb858ed} - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {9f0476d6-d6a2-11e2-b1ce-90004eb858ed} - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {c3dde93d-99b1-11e3-9283-90004eb858ee} - F:\Startme.exe
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll [232408 2014-08-31] (Client Connect LTD)
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll [187352 2014-08-31] (Client Connect LTD)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\simplicheck.lnk
ShortcutTarget: simplicheck.lnk -> C:\Program Files (x86)\simplitec\simplicheck\simplicheck.exe (simplitec)
ShellIconOverlayIdentifiers: AccExtIco1 -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: AccExtIco2 -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: AccExtIco3 -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.trovi.com/?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MBE1B69C2-1A5C-4CA3-9376-6B92DBDE9BCF&SearchSource=55&CUI=&UM=6&UP=SPAA41E917-BF56-450F-9DCA-0EBCA6938BAD&SSPV=
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x46388F1AA669CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://at.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-AT
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hp&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
URLSearchHook: HKCU - SearchHook Class - {D8278076-BC68-4484-9233-6E7F1628B56C} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\searchhook.dll (APN LLC.)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.istartsurf.com/?type=sc&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MBE1B69C2-1A5C-4CA3-9376-6B92DBDE9BCF&SearchSource=58&CUI=&UM=6&UP=SPAA41E917-BF56-450F-9DCA-0EBCA6938BAD&q={searchTerms}&SSPV=
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MBE1B69C2-1A5C-4CA3-9376-6B92DBDE9BCF&SearchSource=58&CUI=&UM=6&UP=SPAA41E917-BF56-450F-9DCA-0EBCA6938BAD&q={searchTerms}&SSPV=
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Avira SearchFree Toolbar -> {41564952-412D-5637-00A7-7A786E7484D7} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Shopper Pro -> {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} -> C:\ProgramData\ShopperPro\ShopperPro64.dll (Goobzo Ltd.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: DVDVideoSoft WebPageAdjuster Class -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO: YTAHelper -> {FCE3FA8B-BA81-467C-81D8-E43C00D1BC71} -> C:\ProgramData\YTAHelper\YTAHelper64.dll (Goobzo Ltd.)
BHO-x32: Avira SearchFree Toolbar -> {41564952-412D-5637-00A7-7A786E7484D7} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: No Name -> {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} -> No File
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: FindRight -> {cf710881-c002-4ea4-860a-b6931b040948} -> C:\Program Files (x86)\FindRight\FindRightbho.dll (FindRight)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DVDVideoSoft WebPageAdjuster Class -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
BHO-x32: YTAHelper -> {FCE3FA8B-BA81-467C-81D8-E43C00D1BC71} -> C:\ProgramData\YTAHelper\YTAHelper.dll (Goobzo Ltd.)
Toolbar: HKLM - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
Toolbar: HKLM-x32 - mysearchdial Toolbar - {3004627E-F8E9-4E8B-909D-316753CBA923} - C:\Program Files (x86)\Mysearchdial\1.8.21.0\mysearchdialTlbr.dll No File
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default
FF NewTab: hxxp://www.istartsurf.com/newtab/?type=nt&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX
FF DefaultSearchEngine: istartsurf
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: istartsurf
FF Homepage: hxxp://www.istartsurf.com/?type=hp&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF SearchPlugin: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\bingp.xml
FF SearchPlugin: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\BrowserDefender.xml
FF SearchPlugin: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\delta.xml
FF SearchPlugin: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\Mysearchdial.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\istartsurf.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
FF Extension: TheHDvid-Codec V10 - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\43f13f31-cec7-4ac7-ad4a-18dfdaeae120@gmail.com [2014-08-21]
FF Extension: TheGoPhoto.it V10 - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\EWBNO58637124@CLP39222015.com [2014-08-21]
FF Extension: Fast Start - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\faststartff@gmail.com [2014-08-21]
FF Extension: Avira SearchFree Toolbar plus Web Protection - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\toolbar_AVIRA-V7@apn.ask.com [2013-08-18]
FF Extension: Youtube Accelerator Helper - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\{4C59F3E5-BBD0-4344-8DD2-30866FA0B31E} [2014-08-21]
FF Extension: Shopper-Pro - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\{746505DC-0E21-4667-97F8-72EA6BCF5EEF} [2014-08-21]
FF Extension: FindRight - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\firefox@myfindright.com.xpi [2014-02-18]
FF Extension: Avira SearchFree Toolbar plus Web Protection - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\toolbar_AVIRA-V7@apn.ask.com.xpi [2014-02-21]
FF HKLM-x32\...\Firefox\Extensions: [fiddlerhook@fiddler2.com] - C:\Program Files (x86)\Fiddler2\FiddlerHook
FF Extension: FiddlerHook - C:\Program Files (x86)\Fiddler2\FiddlerHook [2013-06-16]
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2013-07-13]
FF HKLM-x32\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\extensions\faststartff@gmail.com
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe hxxp://www.istartsurf.com/?type=sc&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX
Chrome:
=======
CHR StartupUrls: Default -> "https://www.google.at/?gws_rd=ssl#q=was+ist+it+surf%3F"
CHR DefaultSuggestURL: Default ->
CHR Profile: C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-31]
CHR Extension: (Google Drive) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-31]
CHR Extension: (YouTube) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-31]
CHR Extension: (Google-Suche) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-31]
CHR Extension: (DVDVideoSoft) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp [2013-07-14]
CHR Extension: (Google Wallet) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-27]
CHR Extension: (Google Mail) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-31]
CHR Extension: (Extutil) - C:\Users\Martina\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B [2014-08-31]
CHR Extension: (Managera) - C:\Users\Martina\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42 [2014-08-31]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2013-07-13]
CHR HKLM-x32\...\Chrome\Extension: [aaaaacalgebmfelllfiaoknifldpngjh] - C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7\CRX\ToolbarCR.crx [2014-02-21]
CHR StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe hxxp://www.istartsurf.com/?type=sc&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1021008 2014-08-14] (Avira Operations GmbH & Co. KG)
S4 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2014-02-13] () [File not signed]
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [146592 2011-03-31] (Atheros) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [75936 2011-03-31] (Atheros Commnucations) [File not signed]
S2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [149296 2014-08-04] (Avira Operations GmbH & Co. KG)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2356408 2014-06-19] (Microsoft Corporation)
R2 CltMngSvc; C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe [2998232 2014-08-31] (Client Connect LTD)
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-08-21] (globalUpdate) [File not signed]
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-08-21] (globalUpdate) [File not signed]
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] ()
R2 SPBIUpd; C:\Program Files\Common Files\ShopperPro\spbiu.exe [2346880 2014-08-07] (ShopperPro)
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [528896 2014-08-21] (Fuyu LIMITED) [File not signed]
R2 YouTubeAcceleratorService; C:\Program Files (x86)\YouTube Accelerator\YouTubeAcceleratorService.exe [1510248 2014-08-21] (GOOBZO)
S2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe -service [X]
S2 Wajam Internet Enhancer Service; C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\WajamInternetEnhancerService.exe [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-07-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-10] (Avira Operations GmbH & Co. KG)
R3 SPBIUpdd; C:\Program Files\Common Files\ShopperPro\spbiw.sys [41856 2014-08-07] ()
R2 SPDRIVER_1.37.0.486; C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.486\jsdrv.sys [52584 2014-08-07] ()
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
R3 SPPD; \??\C:\Windows\system32\drivers\SPPD.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedMaxPc
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\ProgramData\SpeedMaxPc
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\Program Files (x86)\SpeedMaxPc
2014-09-02 11:49 - 2014-09-03 08:17 - 00000000 ____D () C:\FRST
2014-09-02 09:52 - 2014-09-02 10:40 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Nico Mak Computing
2014-09-02 07:09 - 2014-09-02 07:09 - 00000000 _____ () C:\autoexec.bat
2014-09-02 07:08 - 2014-09-02 07:08 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-09-02 07:07 - 2014-09-02 08:45 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-09-01 14:33 - 2014-09-01 14:33 - 00003073 _____ () C:\AdwCleaner[R17].txt
2014-08-31 18:21 - 2014-08-31 18:21 - 00003050 _____ () C:\AdwCleaner[S14].txt
2014-08-31 18:21 - 2014-08-31 18:21 - 00002951 _____ () C:\AdwCleaner[R16].txt
2014-08-30 20:38 - 2014-08-30 20:38 - 00110730 _____ () C:\AdwCleaner[S13].txt
2014-08-30 20:37 - 2014-08-30 20:37 - 00110629 _____ () C:\AdwCleaner[R15].txt
2014-08-30 16:25 - 2014-08-30 19:11 - 00000000 ____D () C:\Users\Martina\.birdfont
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Birdfont
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Program Files (x86)\Birdfont
2014-08-30 16:18 - 2014-08-30 16:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InetStat
2014-08-30 16:16 - 2014-09-01 21:49 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-08-30 16:16 - 2014-08-30 16:17 - 00000000 _____ () C:\END
2014-08-30 16:16 - 2014-08-30 16:16 - 00000000 ____D () C:\Users\Martina\AppData\Local\SearchProtect
2014-08-28 21:00 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-28 21:00 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-28 21:00 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-27 20:00 - 2014-08-27 20:00 - 00003072 _____ () C:\AdwCleaner[S12].txt
2014-08-27 20:00 - 2014-08-27 20:00 - 00003003 _____ () C:\AdwCleaner[R14].txt
2014-08-25 23:05 - 2014-09-03 07:47 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d5b784a456c2a23342a325557.job
2014-08-23 12:40 - 2014-08-23 21:29 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d2d37505a2a6c55326c342341.job
2014-08-22 18:23 - 2014-08-22 18:23 - 00000000 ____D () C:\ProgramData\374311380
2014-08-21 16:15 - 2014-09-01 22:20 - 00000000 ____D () C:\Program Files (x86)\TheGoPhoto.it V10
2014-08-21 16:15 - 2014-08-21 16:15 - 00004492 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-11.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001818 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-1.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001700 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5_user.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001680 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001410 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-2.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00000896 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore1cfbd4a5e77343e.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001826 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-1.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001704 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5_user.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001684 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001414 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-2.job
2014-08-21 16:13 - 2014-09-01 22:20 - 00000000 ____D () C:\Program Files (x86)\TheHDvid-Codec V10
2014-08-21 16:13 - 2014-08-21 16:14 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-08-21 16:13 - 2014-08-21 16:13 - 00004494 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-11.job
2014-08-21 16:13 - 2014-08-21 16:13 - 00000000 ____D () C:\Users\Martina\AppData\Local\globalUpdate
2014-08-21 16:12 - 2014-09-01 22:21 - 00000000 ____D () C:\Program Files (x86)\FLVPlayer
2014-08-21 16:12 - 2014-08-21 16:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FLVPlayer
2014-08-21 16:10 - 2014-08-21 16:10 - 00000260 _____ () C:\Windows\Tasks\Launch 21752.job
2014-08-21 16:10 - 2014-08-21 16:10 - 00000000 ____D () C:\ProgramData\YTAHelper
2014-08-21 16:10 - 2014-08-21 16:10 - 00000000 ____D () C:\ProgramData\ShopperPro
2014-08-21 16:09 - 2014-09-03 07:46 - 00000000 ____D () C:\ProgramData\TEMP
2014-08-21 16:09 - 2014-08-23 10:00 - 00000000 ____D () C:\Program Files (x86)\YouTube Accelerator
2014-08-21 16:09 - 2014-08-21 16:10 - 00000000 ____D () C:\Program Files (x86)\YTAHelper
2014-08-21 16:09 - 2014-08-21 16:10 - 00000000 ____D () C:\Program Files (x86)\ShopperPro
2014-08-21 16:09 - 2014-08-21 16:09 - 00172032 _____ (Jin Hui E-mail: jinhui@jcomsoft.com Web: hxxp://www.jcomsoft.com) C:\Windows\SysWOW64\AniGIF.ocx
2014-08-21 16:09 - 2014-08-21 16:09 - 00001109 _____ () C:\Users\Martina\Desktop\YouTube Accelerator.lnk
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Users\Martina\AppData\Local\CrashRpt
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YouTube Accelerator
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files\Common Files\ShopperPro
2014-08-21 16:08 - 2014-09-02 07:15 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\istartsurf
2014-08-21 16:08 - 2014-08-21 16:08 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\High-Logic FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Local\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\High-Logic FontCreator
2014-08-21 09:48 - 2013-01-24 13:43 - 01415352 _____ (High-Logic B.V.) C:\Windows\SysWOW64\FontInstaller2.dll
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieUserList
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieSiteList
2014-08-20 21:09 - 2014-08-20 21:09 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\DesktopIconGoodgame
2014-08-20 20:31 - 2014-08-20 20:31 - 00000366 _____ () C:\Windows\Tasks\Updater scan.job
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Abelssoft
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\ProgramData\XDMessagingv4
2014-08-20 20:30 - 2014-08-20 20:46 - 00000000 ____D () C:\Users\Martina\AppData\Local\Abelssoft
2014-08-20 20:29 - 2014-08-20 20:29 - 00001013 _____ () C:\Users\Public\Desktop\CHIP Updater.lnk
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CHIP Updater
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\Program Files (x86)\CHIP Updater
2014-08-20 20:28 - 2014-08-20 21:09 - 00000000 ____D () C:\Program Files (x86)\FontForge
2014-08-20 20:28 - 2014-08-20 20:28 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FontForge
2014-08-19 15:23 - 2014-08-19 15:23 - 00001100 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-16 10:48 - 2014-08-31 19:56 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\dvdcss
2014-08-14 14:22 - 2014-08-19 15:23 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-14 07:27 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-14 07:27 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-14 07:27 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-14 07:27 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-14 07:27 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-14 07:27 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-14 07:26 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-14 07:26 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-13 20:44 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-13 20:44 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-08-13 20:44 - 2014-07-09 00:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-08-13 20:44 - 2014-07-09 00:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2014-08-13 20:44 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-13 20:44 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-13 20:44 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-13 20:44 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-13 20:44 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-13 20:44 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-13 20:44 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-13 20:43 - 2014-08-01 01:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-13 20:43 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-13 20:43 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-13 20:43 - 2014-07-25 16:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-13 20:43 - 2014-07-25 16:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-13 20:43 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-13 20:43 - 2014-07-25 15:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-13 20:43 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-13 20:43 - 2014-07-25 15:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-13 20:43 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-13 20:43 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-13 20:43 - 2014-07-25 15:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-13 20:43 - 2014-07-25 15:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-13 20:43 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-13 20:43 - 2014-07-25 15:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-13 20:43 - 2014-07-25 15:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-13 20:43 - 2014-07-25 15:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-13 20:43 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-13 20:43 - 2014-07-25 14:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-13 20:43 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-13 20:43 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-13 20:43 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-13 20:43 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-13 20:43 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-13 20:43 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-13 20:43 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-13 20:43 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-13 20:43 - 2014-07-25 14:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-13 20:43 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-13 20:43 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-13 20:43 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-13 20:43 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-13 20:43 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-13 20:43 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-13 20:43 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-13 20:43 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-13 20:43 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-13 20:43 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-13 20:43 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-13 20:43 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-13 20:43 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-13 20:43 - 2014-07-25 13:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-13 20:43 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-13 20:43 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-13 20:43 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-13 20:43 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-13 20:43 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-13 20:43 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-13 20:43 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-13 20:43 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-13 20:43 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-13 20:43 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-13 20:43 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-13 20:43 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-13 20:43 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-13 20:43 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-13 20:43 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-13 20:43 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-13 20:43 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-13 20:42 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-13 20:42 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-13 20:41 - 2014-08-07 04:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-13 20:41 - 2014-08-07 04:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-07 08:58 - 2014-08-07 08:58 - 00000000 ____D () C:\Users\Martina\restore
2014-08-06 12:12 - 2014-08-11 09:18 - 00000000 ____D () C:\ProgramData\tmp
2014-08-06 12:12 - 2014-08-06 14:31 - 00000000 ____D () C:\ProgramData\hps
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Fotoviewer.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Foto World.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hartlauer Foto World
2014-08-06 12:00 - 2014-08-06 12:00 - 00000000 ____D () C:\Program Files\Hartlauer Foto World
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-03 08:17 - 2014-09-02 11:49 - 00000000 ____D () C:\FRST
2014-09-03 07:54 - 2009-07-14 06:45 - 00015104 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-03 07:54 - 2009-07-14 06:45 - 00015104 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-03 07:53 - 2013-06-14 23:43 - 01758725 _____ () C:\Windows\WindowsUpdate.log
2014-09-03 07:47 - 2014-08-25 23:05 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d5b784a456c2a23342a325557.job
2014-09-03 07:47 - 2013-06-16 16:47 - 00000000 ____D () C:\Users\Martina\AppData\Local\Adobe
2014-09-03 07:46 - 2014-08-21 16:09 - 00000000 ____D () C:\ProgramData\TEMP
2014-09-03 07:46 - 2013-09-18 15:26 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-09-03 07:44 - 2009-07-14 06:51 - 00075101 _____ () C:\Windows\setupact.log
2014-09-02 21:44 - 2013-10-27 07:21 - 00000000 ____D () C:\Users\Martina\AppData\Local\CrashDumps
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedMaxPc
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\ProgramData\SpeedMaxPc
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\Program Files (x86)\SpeedMaxPc
2014-09-02 14:02 - 2013-08-09 13:39 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Skype
2014-09-02 10:40 - 2014-09-02 09:52 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Nico Mak Computing
2014-09-02 08:45 - 2014-09-02 07:07 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-09-02 07:15 - 2014-08-21 16:08 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\istartsurf
2014-09-02 07:09 - 2014-09-02 07:09 - 00000000 _____ () C:\autoexec.bat
2014-09-02 07:08 - 2014-09-02 07:08 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-09-01 22:35 - 2013-06-15 03:18 - 00323572 _____ () C:\Windows\PFRO.log
2014-09-01 22:21 - 2014-08-21 16:12 - 00000000 ____D () C:\Program Files (x86)\FLVPlayer
2014-09-01 22:20 - 2014-08-21 16:15 - 00000000 ____D () C:\Program Files (x86)\TheGoPhoto.it V10
2014-09-01 22:20 - 2014-08-21 16:13 - 00000000 ____D () C:\Program Files (x86)\TheHDvid-Codec V10
2014-09-01 21:49 - 2014-08-30 16:16 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-09-01 14:33 - 2014-09-01 14:33 - 00003073 _____ () C:\AdwCleaner[R17].txt
2014-09-01 11:43 - 2013-11-29 17:31 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-09-01 11:18 - 2009-07-14 19:58 - 00699666 _____ () C:\Windows\system32\perfh007.dat
2014-09-01 11:18 - 2009-07-14 19:58 - 00149774 _____ () C:\Windows\system32\perfc007.dat
2014-09-01 11:18 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-31 20:35 - 2013-06-15 00:30 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\vlc
2014-08-31 19:56 - 2014-08-16 10:48 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\dvdcss
2014-08-31 18:21 - 2014-08-31 18:21 - 00003050 _____ () C:\AdwCleaner[S14].txt
2014-08-31 18:21 - 2014-08-31 18:21 - 00002951 _____ () C:\AdwCleaner[R16].txt
2014-08-30 20:38 - 2014-08-30 20:38 - 00110730 _____ () C:\AdwCleaner[S13].txt
2014-08-30 20:37 - 2014-08-30 20:37 - 00110629 _____ () C:\AdwCleaner[R15].txt
2014-08-30 19:11 - 2014-08-30 16:25 - 00000000 ____D () C:\Users\Martina\.birdfont
2014-08-30 16:25 - 2013-06-14 23:48 - 00000000 ____D () C:\Users\Martina
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Birdfont
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Program Files (x86)\Birdfont
2014-08-30 16:18 - 2014-08-30 16:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InetStat
2014-08-30 16:17 - 2014-08-30 16:16 - 00000000 _____ () C:\END
2014-08-30 16:16 - 2014-08-30 16:16 - 00000000 ____D () C:\Users\Martina\AppData\Local\SearchProtect
2014-08-29 20:07 - 2009-07-14 06:45 - 05101376 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-27 20:00 - 2014-08-27 20:00 - 00003072 _____ () C:\AdwCleaner[S12].txt
2014-08-27 20:00 - 2014-08-27 20:00 - 00003003 _____ () C:\AdwCleaner[R14].txt
2014-08-23 21:29 - 2014-08-23 12:40 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d2d37505a2a6c55326c342341.job
2014-08-23 10:00 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files (x86)\YouTube Accelerator
2014-08-23 04:07 - 2014-08-28 21:00 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 03:45 - 2014-08-28 21:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-23 02:59 - 2014-08-28 21:00 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-22 18:23 - 2014-08-22 18:23 - 00000000 ____D () C:\ProgramData\374311380
2014-08-21 16:15 - 2014-08-21 16:15 - 00004492 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-11.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001818 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-1.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001700 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5_user.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001680 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001410 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-2.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00000896 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore1cfbd4a5e77343e.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001826 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-1.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001704 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5_user.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001684 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001414 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-2.job
2014-08-21 16:14 - 2014-08-21 16:13 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-08-21 16:13 - 2014-08-21 16:13 - 00004494 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-11.job
2014-08-21 16:13 - 2014-08-21 16:13 - 00000000 ____D () C:\Users\Martina\AppData\Local\globalUpdate
2014-08-21 16:12 - 2014-08-21 16:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FLVPlayer
2014-08-21 16:10 - 2014-08-21 16:10 - 00000260 _____ () C:\Windows\Tasks\Launch 21752.job
2014-08-21 16:10 - 2014-08-21 16:10 - 00000000 ____D () C:\ProgramData\YTAHelper
2014-08-21 16:10 - 2014-08-21 16:10 - 00000000 ____D () C:\ProgramData\ShopperPro
2014-08-21 16:10 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files (x86)\YTAHelper
2014-08-21 16:10 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files (x86)\ShopperPro
2014-08-21 16:09 - 2014-08-21 16:09 - 00172032 _____ (Jin Hui E-mail: jinhui@jcomsoft.com Web: hxxp://www.jcomsoft.com) C:\Windows\SysWOW64\AniGIF.ocx
2014-08-21 16:09 - 2014-08-21 16:09 - 00001109 _____ () C:\Users\Martina\Desktop\YouTube Accelerator.lnk
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Users\Martina\AppData\Local\CrashRpt
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YouTube Accelerator
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files\Common Files\ShopperPro
2014-08-21 16:08 - 2014-08-21 16:08 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-08-21 16:08 - 2013-06-16 16:53 - 00002354 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-21 16:08 - 2013-06-15 00:32 - 00001358 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-08-21 16:08 - 2013-06-14 23:49 - 00001649 _____ () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\High-Logic FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Local\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\High-Logic FontCreator
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieUserList
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieSiteList
2014-08-20 21:09 - 2014-08-20 21:09 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\DesktopIconGoodgame
2014-08-20 21:09 - 2014-08-20 20:28 - 00000000 ____D () C:\Program Files (x86)\FontForge
2014-08-20 20:46 - 2014-08-20 20:30 - 00000000 ____D () C:\Users\Martina\AppData\Local\Abelssoft
2014-08-20 20:31 - 2014-08-20 20:31 - 00000366 _____ () C:\Windows\Tasks\Updater scan.job
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Abelssoft
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\ProgramData\XDMessagingv4
2014-08-20 20:30 - 2013-06-15 00:32 - 00113576 _____ () C:\Users\Martina\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-20 20:29 - 2014-08-20 20:29 - 00001013 _____ () C:\Users\Public\Desktop\CHIP Updater.lnk
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CHIP Updater
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\Program Files (x86)\CHIP Updater
2014-08-20 20:28 - 2014-08-20 20:28 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FontForge
2014-08-19 15:23 - 2014-08-19 15:23 - 00001100 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-19 15:23 - 2014-08-14 14:22 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-19 15:23 - 2013-08-18 13:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-08-19 15:22 - 2013-08-18 13:04 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-08-14 14:22 - 2013-08-18 13:04 - 00000000 ____D () C:\ProgramData\Avira
2014-08-14 08:08 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-14 07:52 - 2013-06-16 18:01 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-14 07:42 - 2013-08-14 20:07 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-14 07:36 - 2013-06-15 01:38 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-14 07:25 - 2014-05-07 03:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-11 09:18 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\tmp
2014-08-07 08:58 - 2014-08-07 08:58 - 00000000 ____D () C:\Users\Martina\restore
2014-08-07 04:06 - 2014-08-13 20:41 - 00529920 _____ (Microsoft Corporation) C:\WiScan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-09-2014
Ran by Martina (administrator) on NB01KRZBMA on 03-09-2014 08:17:04
Running from D:\Martina\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Fuyu LIMITED) C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(ShopperPro) C:\Program Files\Common Files\ShopperPro\spbiu.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(GOOBZO) C:\Program Files (x86)\YouTube Accelerator\YouTubeAcceleratorService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
() C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.486\jsdrv.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(globalUpdate) C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Farbar) D:\Martina\Desktop\FRST64 (1).exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [790176 2011-03-31] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [657056 2011-03-31] (Atheros Commnucations)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-09-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-14] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2237328 2013-11-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1273448 2012-04-03] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [449168 2012-03-26] (CANON INC.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [161584 2014-08-04] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SPDriver] => C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.486\jsdrv.exe [3211776 2014-08-07] ()
HKU\.DEFAULT\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-06-15] (Microsoft Corporation)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21446272 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [LiveSupport] => "C:\Program Files (x86)\LiveSupport\LiveSupport.exe" /noshow /log
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [GoobzoYouTubeAccelerator] => C:\Program Files (x86)\YouTube Accelerator\YouTubeAccelerator.exe [2227048 2014-08-21] (GOOBZO)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [SPDriver] => C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.486\jsdrv.exe [3211776 2014-08-07] ()
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-06-16] (Google Inc.)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\RunOnce: [Uninstall C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64"
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\RunOnce: [Uninstall C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64"
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: F - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {9f0476a4-d6a2-11e2-b1ce-90004eb858ed} - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {9f0476aa-d6a2-11e2-b1ce-90004eb858ed} - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {9f0476d6-d6a2-11e2-b1ce-90004eb858ed} - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {c3dde93d-99b1-11e3-9283-90004eb858ee} - F:\Startme.exe
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll [232408 2014-08-31] (Client Connect LTD)
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll [187352 2014-08-31] (Client Connect LTD)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\simplicheck.lnk
ShortcutTarget: simplicheck.lnk -> C:\Program Files (x86)\simplitec\simplicheck\simplicheck.exe (simplitec)
ShellIconOverlayIdentifiers: AccExtIco1 -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: AccExtIco2 -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: AccExtIco3 -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.trovi.com/?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MBE1B69C2-1A5C-4CA3-9376-6B92DBDE9BCF&SearchSource=55&CUI=&UM=6&UP=SPAA41E917-BF56-450F-9DCA-0EBCA6938BAD&SSPV=
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x46388F1AA669CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://at.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-AT
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hp&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
URLSearchHook: HKCU - SearchHook Class - {D8278076-BC68-4484-9233-6E7F1628B56C} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\searchhook.dll (APN LLC.)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.istartsurf.com/?type=sc&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MBE1B69C2-1A5C-4CA3-9376-6B92DBDE9BCF&SearchSource=58&CUI=&UM=6&UP=SPAA41E917-BF56-450F-9DCA-0EBCA6938BAD&q={searchTerms}&SSPV=
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MBE1B69C2-1A5C-4CA3-9376-6B92DBDE9BCF&SearchSource=58&CUI=&UM=6&UP=SPAA41E917-BF56-450F-9DCA-0EBCA6938BAD&q={searchTerms}&SSPV=
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Avira SearchFree Toolbar -> {41564952-412D-5637-00A7-7A786E7484D7} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Shopper Pro -> {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} -> C:\ProgramData\ShopperPro\ShopperPro64.dll (Goobzo Ltd.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: DVDVideoSoft WebPageAdjuster Class -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO: YTAHelper -> {FCE3FA8B-BA81-467C-81D8-E43C00D1BC71} -> C:\ProgramData\YTAHelper\YTAHelper64.dll (Goobzo Ltd.)
BHO-x32: Avira SearchFree Toolbar -> {41564952-412D-5637-00A7-7A786E7484D7} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: No Name -> {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} -> No File
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: FindRight -> {cf710881-c002-4ea4-860a-b6931b040948} -> C:\Program Files (x86)\FindRight\FindRightbho.dll (FindRight)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DVDVideoSoft WebPageAdjuster Class -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
BHO-x32: YTAHelper -> {FCE3FA8B-BA81-467C-81D8-E43C00D1BC71} -> C:\ProgramData\YTAHelper\YTAHelper.dll (Goobzo Ltd.)
Toolbar: HKLM - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
Toolbar: HKLM-x32 - mysearchdial Toolbar - {3004627E-F8E9-4E8B-909D-316753CBA923} - C:\Program Files (x86)\Mysearchdial\1.8.21.0\mysearchdialTlbr.dll No File
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default
FF NewTab: hxxp://www.istartsurf.com/newtab/?type=nt&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX
FF DefaultSearchEngine: istartsurf
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: istartsurf
FF Homepage: hxxp://www.istartsurf.com/?type=hp&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF SearchPlugin: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\bingp.xml
FF SearchPlugin: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\BrowserDefender.xml
FF SearchPlugin: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\delta.xml
FF SearchPlugin: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\Mysearchdial.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\istartsurf.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
FF Extension: TheHDvid-Codec V10 - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\43f13f31-cec7-4ac7-ad4a-18dfdaeae120@gmail.com [2014-08-21]
FF Extension: TheGoPhoto.it V10 - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\EWBNO58637124@CLP39222015.com [2014-08-21]
FF Extension: Fast Start - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\faststartff@gmail.com [2014-08-21]
FF Extension: Avira SearchFree Toolbar plus Web Protection - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\toolbar_AVIRA-V7@apn.ask.com [2013-08-18]
FF Extension: Youtube Accelerator Helper - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\{4C59F3E5-BBD0-4344-8DD2-30866FA0B31E} [2014-08-21]
FF Extension: Shopper-Pro - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\{746505DC-0E21-4667-97F8-72EA6BCF5EEF} [2014-08-21]
FF Extension: FindRight - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\firefox@myfindright.com.xpi [2014-02-18]
FF Extension: Avira SearchFree Toolbar plus Web Protection - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\toolbar_AVIRA-V7@apn.ask.com.xpi [2014-02-21]
FF HKLM-x32\...\Firefox\Extensions: [fiddlerhook@fiddler2.com] - C:\Program Files (x86)\Fiddler2\FiddlerHook
FF Extension: FiddlerHook - C:\Program Files (x86)\Fiddler2\FiddlerHook [2013-06-16]
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2013-07-13]
FF HKLM-x32\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\extensions\faststartff@gmail.com
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe hxxp://www.istartsurf.com/?type=sc&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX
Chrome:
=======
CHR StartupUrls: Default -> "https://www.google.at/?gws_rd=ssl#q=was+ist+it+surf%3F"
CHR DefaultSuggestURL: Default ->
CHR Profile: C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-31]
CHR Extension: (Google Drive) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-31]
CHR Extension: (YouTube) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-31]
CHR Extension: (Google-Suche) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-31]
CHR Extension: (DVDVideoSoft) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp [2013-07-14]
CHR Extension: (Google Wallet) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-27]
CHR Extension: (Google Mail) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-31]
CHR Extension: (Extutil) - C:\Users\Martina\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B [2014-08-31]
CHR Extension: (Managera) - C:\Users\Martina\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42 [2014-08-31]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2013-07-13]
CHR HKLM-x32\...\Chrome\Extension: [aaaaacalgebmfelllfiaoknifldpngjh] - C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7\CRX\ToolbarCR.crx [2014-02-21]
CHR StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe hxxp://www.istartsurf.com/?type=sc&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1021008 2014-08-14] (Avira Operations GmbH & Co. KG)
S4 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2014-02-13] () [File not signed]
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [146592 2011-03-31] (Atheros) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [75936 2011-03-31] (Atheros Commnucations) [File not signed]
S2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [149296 2014-08-04] (Avira Operations GmbH & Co. KG)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2356408 2014-06-19] (Microsoft Corporation)
R2 CltMngSvc; C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe [2998232 2014-08-31] (Client Connect LTD)
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-08-21] (globalUpdate) [File not signed]
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-08-21] (globalUpdate) [File not signed]
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] ()
R2 SPBIUpd; C:\Program Files\Common Files\ShopperPro\spbiu.exe [2346880 2014-08-07] (ShopperPro)
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [528896 2014-08-21] (Fuyu LIMITED) [File not signed]
R2 YouTubeAcceleratorService; C:\Program Files (x86)\YouTube Accelerator\YouTubeAcceleratorService.exe [1510248 2014-08-21] (GOOBZO)
S2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe -service [X]
S2 Wajam Internet Enhancer Service; C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\WajamInternetEnhancerService.exe [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-07-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-10] (Avira Operations GmbH & Co. KG)
R3 SPBIUpdd; C:\Program Files\Common Files\ShopperPro\spbiw.sys [41856 2014-08-07] ()
R2 SPDRIVER_1.37.0.486; C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.486\jsdrv.sys [52584 2014-08-07] ()
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
R3 SPPD; \??\C:\Windows\system32\drivers\SPPD.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
|
|
| Themen zu iStartSurf deinstallieren |
| berechtigung, deinstalliere, deinstallieren, fehlercode 0xc0000005, gestern, google, immer wieder, inter, interne, internet, istartsurf, konnte, laufe, laufen, nicht mehr, office, runter, scan, spyhunter, spyhunter entfernen, versuche, virenscan, virus, öffnen |
Hybrid-Darstellung
