Trojaner-Board
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Alles rund um Windows (https://www.trojaner-board.de/alles-rund-um-windows/)
-   -   Wörter in texten grün unterlegt und doppelt unterstrichen (https://www.trojaner-board.de/150468-woerter-texten-gruen-unterlegt-doppelt-unterstrichen.html)

GummiBauH 01.03.2014 12:33
Wörter in texten grün unterlegt und doppelt unterstrichen
 
Hallo zusammen,

seit ein paar Tagen habe ich das Problem, dass in normalen Texten im Internet plötzlich einzelne Wörter grün unterlegt und doppelt unterstrichen sind. Wenn man mit der Maus darüber fährt, öffnet sich ein kleines Fenster, welches mit einem link auf andere seiten verweist. Adblock Plus und Änderungen der Interneteinstellungen haben nicht geholfen :(

Was kann ich tun? Ich hoffe auf Hilfe!! Danke schon mal im Vorraus :D

mort 01.03.2014 12:36
Hallo, GummiBauH und
:hallo:

Schritt 1

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


GummiBauH 01.03.2014 12:49
Danke fürs Antworten :D

Ich haben den Scan gemacht, aber das FRST Dokument und das Addition Dokument lassen sich nicht in meine Antwort kopieren :(

mort 01.03.2014 13:05
Kannst du mir dein Problem bitte genauer beschreiben? Poste mir die Dateien in Code-Tags: [code]Hier den Inhalt der Datei[/code]. Falls die Dateien zu lang sind, kannst du sie auf mehrere Posts aufteilen.

GummiBauH 01.03.2014 13:15
Also mein problem ist, dass wenn ich beim Verfassen der Nachricht auf das #-Zeichen gehe (es erscheint zwar ), ich die FRST-Textdatei von meinem Desktop nicht dazwischen einfügen kann....

mort 01.03.2014 13:20
Du musst die Datei mit Doppelklick öffnen und dann den Inhalt daraus hier einfügen.

GummiBauH 01.03.2014 13:23
OKay gut....

Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-02-2014 02
Ran by Sofie (administrator) on SOFIE-PC on 01-03-2014 12:41:33
Running from C:\Users\Sofie\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(ASUSTeK Computer Inc.) C:\Windows\system32\FBAgent.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(AMD) C:\Windows\system32\atieclxx.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(PCRx.com, LLC) C:\Program Files (x86)\24x7Help\App24x7Svc.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(ASUS) C:\Program Files (x86)\Common Files\InstantOn\InsOnSrv.exe
(ASUS) C:\Program Files (x86)\Common Files\InstantOn\InsOnWMI.exe
(Blabbers Communications Ltd) C:\ProgramData\GinyasBrowserCompanion\tbhcn.exe
() C:\Program Files (x86)\LyricsContainer\LyricsContainer_wd.exe
(ASUS) C:\Program Files\P4G\BatteryLife.exe
(ASUS) C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Windows\AsScrPro.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler64.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Inbox.com, Inc.) C:\Program Files (x86)\RebateInformer\RebateInf.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Smartbar) C:\Users\Sofie\AppData\Local\Smartbar\Application\SnapDo.exe
(MyPCBackup.com) C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
() C:\Users\Sofie\AppData\Roaming\BrowserCompanion\tbhcn.exe
(Virage Logic Corporation / Sonic Focus) C:\Program Files (x86)\ASUS\ASUS Sonic Focus\SonicFocusTray.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(ASUS) C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(Inbox.com, Inc.) C:\Program Files (x86)\Inbox Toolbar\Inbox.exe
(Crawler, LLC) C:\Program Files (x86)\SiteRanker\SiteRankTray.exe
(Crawler.com) C:\Program Files (x86)\PCPowerSpeed\PCPowerTray.exe
(PCRx.com, LLC) C:\Program Files (x86)\24x7Help\App24x7Help.exe
(SweetIM Technologies Ltd.) C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
(SweetIM Technologies Ltd.) C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
(PCRx.com, LLC) C:\Program Files (x86)\24x7Help\App24x7Hook.exe
(PCRx.com, LLC) C:\Program Files (x86)\24x7Help\App24x7Hook64.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
() C:\Windows\System32\GFilterSvc.exe
() C:\Windows\system32\dmwu.exe
() C:\Program Files (x86)\LyricsContainer\LyricsContainer153.exe
(Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\21.1.0.18\NAV.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\NST.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
() C:\Program Files (x86)\Amazon Browser Bar\ToolbarUpdaterService.exe
(Wajam) C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe
() C:\Program Files\Web Assistant\ExtensionUpdaterService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\NST.exe
(Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\21.1.0.18\NAV.exe
() C:\Windows\SysWOW64\jmdp\stij.exe
() C:\Windows\System32\ljkb\stij.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2278504 2011-09-19] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2589992 2011-07-20] (ELAN Microelectronics Corp.)
HKLM\...\Run: [IntelPAN] - C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1935120 2011-07-28] (Intel(R) Corporation)
HKLM-x32\...\Run: [Nuance PDF Reader-reminder] - C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe [328992 2008-11-03] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [ASUSPRP] - C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3331312 2011-10-19] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] - C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe [737104 2011-07-29] (ecareme)
HKLM-x32\...\Run: [SonicMasterTray] - C:\Program Files (x86)\ASUS\ASUS Sonic Focus\SonicFocusTray.exe [984400 2010-07-10] (Virage Logic Corporation / Sonic Focus)
HKLM-x32\...\Run: [ATKOSD2] - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5716608 2011-07-22] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] - C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-10-07] (ASUS)
HKLM-x32\...\Run: [HControlUser] - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [Wireless Console 3] - C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2317312 2011-09-13] (ASUS)
HKLM-x32\...\Run: [InboxToolbar] - C:\Program Files (x86)\Inbox Toolbar\Inbox.exe [1380312 2013-12-02] (Inbox.com, Inc.)
HKLM-x32\...\Run: [24x7HELP] - C:\Program Files (x86)\24x7Help\App24x7Help.exe [1710232 2012-07-02] (PCRx.com, LLC)
HKLM-x32\...\Run: [SiteRanker] - C:\Program Files (x86)\SiteRanker\SiteRankTray.exe [1059328 2013-11-15] (Crawler, LLC)
HKLM-x32\...\Run: [PCPowerSpeed] - C:\Program Files (x86)\PCPowerSpeed\PCPowerTray.exe [384608 2013-11-01] (Crawler.com)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SweetIM] - C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe [115032 2012-10-04] (SweetIM Technologies Ltd.)
HKLM-x32\...\Run: [Sweetpacks Communicator] - C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe [231768 2012-08-15] (SweetIM Technologies Ltd.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2936684877-3664751725-4146889954-1000\...\Run: [Google Update] - "C:\Users\Sofie\AppData\Local\Google\Update\GoogleUpdate.exe" /c
HKU\S-1-5-21-2936684877-3664751725-4146889954-1000\...\Run: [RebateInformer] - C:\Program Files (x86)\RebateInformer\RebateInf.exe [1553032 2013-06-03] (Inbox.com, Inc.)
HKU\S-1-5-21-2936684877-3664751725-4146889954-1000\...\Run: [Optimizer Pro] - C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe [79664 2012-06-10] (PC Utilities Pro)
HKU\S-1-5-21-2936684877-3664751725-4146889954-1000\...\Run: [Browser Infrastructure Helper] - C:\Users\Sofie\AppData\Local\Smartbar\Application\SnapDo.exe [21536 2013-10-31] (Smartbar)
HKU\S-1-5-21-2936684877-3664751725-4146889954-1000\...\MountPoints2: {f25e06c3-2249-11e3-b620-c8600010830c} - F:\Startme.exe
AppInit_DLLs: C:\PROGRA~2\SEARCH~1\Datamngr\x64\datamngr.dll => C:\Program Files (x86)\Searchqu Toolbar\Datamngr\x64\datamngr.dll [2300344 2013-03-31] (Bandoo Media, inc)
AppInit_DLLs:  C:\PROGRA~2\SEARCH~1\Datamngr\x64\IEBHO.dll => C:\Program Files (x86)\Searchqu Toolbar\Datamngr\x64\IEBHO.dll [1528760 2012-09-02] (Bandoo Media, inc)
Startup: C:\Users\Sofie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
ShortcutTarget: MyPC Backup.lnk -> C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)
Startup: C:\Users\Sofie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Sofie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tbhcn.lnk
ShortcutTarget: tbhcn.lnk -> C:\Users\Sofie\AppData\Roaming\BrowserCompanion\tbhcn.exe ()

==================== Internet (Whitelisted) ====================

ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:13828
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snapdo.com/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=316a50d0-b39e-45f4-965d-1da8865972b7&searchtype=ds&q={searchTerms}&installDate=
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://google.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snapdo.com/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=316a50d0-b39e-45f4-965d-1da8865972b7&searchtype=ds&q={searchTerms}&installDate=
HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://search.babylon.com/?affID=117115&tt=4412_3&babsrc=HP_ss&mntrId=008edbb000000000000078929c833f73
URLSearchHook: HKLM-x32 - (No Name) - {ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} - No File
URLSearchHook: HKLM-x32 - (No Name) - {238d4b4c-d63c-42a7-b6d8-dc96c8c0f5b9} - No File
SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2431} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=109&systemid=431&sr=0&q={searchTerms}
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=341&systemid=406&sr=0&q={searchTerms}
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2431} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=109&systemid=431&sr=0&q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=316a50d0-b39e-45f4-965d-1da8865972b7&searchtype=ds&q={searchTerms}
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=316a50d0-b39e-45f4-965d-1da8865972b7&searchtype=ds&q={searchTerms}
SearchScopes: HKCU - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=316a50d0-b39e-45f4-965d-1da8865972b7&searchtype=ds&q={searchTerms}&installDate=
SearchScopes: HKCU - bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=316a50d0-b39e-45f4-965d-1da8865972b7&searchtype=ds&q={searchTerms}&installDate=
BHO: Snap.DoEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
BHO: Web Assistant - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension64.dll ()
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: DataMngr - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\Program Files (x86)\Searchqu Toolbar\Datamngr\x64\BrowserConnection.dll (Bandoo Media, inc)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Norton Identity Protection - {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.6.0.27\coIEPlg.dll (Symantec Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Ginyas Browser Companion - {00cbb66b-1d3b-46d3-9577-323a336acb50} - C:\Program Files (x86)\BrowserCompanion\jsloader.dll ( )
BHO-x32: No Name - {11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5} - C:\Program Files (x86)\SiteRanker\SiteRank.dll (Crawler, LLC)
BHO-x32: No Name - {238d4b4c-d63c-42a7-b6d8-dc96c8c0f5b9} -  No File
BHO-x32: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.8.3.8\bh\BabylonToolbar.dll No File
BHO-x32: Snap.DoEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Web Assistant - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension32.dll ()
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton AntiVirus\Engine\21.1.0.18\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Incredibar.com Helper Object - {6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll (Montera Technologeis LTD)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Ginyas Browser Companion Verifier - {963B125B-8B21-49A2-A3A8-E37092276531} - C:\Program Files (x86)\BrowserCompanion\updatebhoWin32.dll (Blabbers Communications Ltd)
BHO-x32: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
BHO-x32: DataMngr - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\Program Files (x86)\Searchqu Toolbar\Datamngr\BrowserConnection.dll (Bandoo Media, inc)
BHO-x32: Wajam - {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - C:\Program Files (x86)\Wajam\IE\priam_bho.dll (Wajam)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Norton Identity Protection - {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\coIEPlg.dll (Symantec Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: No Name - {CCB69577-088B-4004-9ED8-FF5BCC83A039} - C:\Program Files (x86)\RebateInformer\RebateI.dll (Inbox.com, Inc.)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Inbox Toolbar - {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - C:\Program Files (x86)\Inbox Toolbar\Inbox.dll (Inbox.com, Inc.)
BHO-x32: No Name - {ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} -  No File
BHO-x32: SweetPacks Browser Helper - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
BHO-x32: AlxHelper Class - {F443A627-5009-4323-9C1D-7FD598D0D712} - C:\Program Files (x86)\Amazon Browser Bar\AmazonBrowserBar.3.0.dll (Amazon.com)
Toolbar: HKLM - Snap.Do - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.6.0.27\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Incredibar Toolbar - {F9639E4A-801B-4843-AEE3-03D9DA199E77} - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll (Montera Technologeis LTD)
Toolbar: HKLM-x32 - SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
Toolbar: HKLM-x32 - &Inbox Toolbar - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\Program Files (x86)\Inbox Toolbar\Inbox.dll (Inbox.com, Inc.)
Toolbar: HKLM-x32 - Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
Toolbar: HKLM-x32 - Snap.Do - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Amazon Browser Bar - {EA582743-9076-4178-9AA6-7393FDF4D5CE} - C:\Program Files (x86)\Amazon Browser Bar\AmazonBrowserBar.3.0.dll (Amazon.com)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} -  No File
Toolbar: HKCU - No Name - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} -  No File
Toolbar: HKCU - No Name - {EBD898F8-FCF6-4694-BC3B-EABC7271EEB1} -  No File
Toolbar: HKCU - No Name - {238D4B4C-D63C-42A7-B6D8-DC96C8C0F5B9} -  No File
Handler: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -  No File
Handler: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -  No File
Handler: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} -  No File
Handler: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -  No File
Handler: rebinfo - {AF808758-C780-404C-A4EE-4526323FD9B6} -  No File
Handler-x32: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)
Handler-x32: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)
Handler-x32: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - C:\Program Files (x86)\Inbox Toolbar\Inbox.dll (Inbox.com, Inc.)
Handler-x32: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)
Handler-x32: rebinfo - {AF808758-C780-404C-A4EE-4526323FD9B6} - C:\Program Files (x86)\RebateInformer\RebateI.dll (Inbox.com, Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Sofie\AppData\Roaming\Mozilla\Firefox\Profiles\rchrgiqv.default
FF user.js: detected! => C:\Users\Sofie\AppData\Roaming\Mozilla\Firefox\Profiles\rchrgiqv.default\user.js
FF NewTab: hxxp://feed.snapdo.com/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=316a50d0-b39e-45f4-965d-1da8865972b7&searchtype=nt&installDate=
FF DefaultSearchEngine: Search the web (Babylon)
FF SearchEngineOrder.1: Search the web (Babylon)
FF SelectedSearchEngine: Web Search
FF Homepage: hxxp://feed.snapdo.com/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=316a50d0-b39e-45f4-965d-1da8865972b7&searchtype=hp&installDate=
FF Keyword.URL: hxxp://feed.snapdo.com/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=316a50d0-b39e-45f4-965d-1da8865972b7&searchtype=ds&installDate=&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: ZEON/PDF,version=2.0 - C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Sofie\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Sofie\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
FF SearchPlugin: C:\Users\Sofie\AppData\Roaming\Mozilla\Firefox\Profiles\rchrgiqv.default\searchplugins\MyStart Search.xml
FF SearchPlugin: C:\Users\Sofie\AppData\Roaming\Mozilla\Firefox\Profiles\rchrgiqv.default\searchplugins\Web Search.xml
FF Extension: Amazon Browser Bar - C:\Users\Sofie\AppData\Roaming\Mozilla\Firefox\Profiles\rchrgiqv.default\Extensions\abb@amazon.com [2013-07-27]
FF Extension: Ginyas Browser Companion - C:\Users\Sofie\AppData\Roaming\Mozilla\Firefox\Profiles\rchrgiqv.default\Extensions\bbrs_002@blabbers.com [2013-02-20]
FF Extension: Savings Sidekick - C:\Users\Sofie\AppData\Roaming\Mozilla\Firefox\Profiles\rchrgiqv.default\Extensions\crossriderapp5060@crossrider.com [2012-10-31]
FF Extension: Snap.Do  - C:\Users\Sofie\AppData\Roaming\Mozilla\Firefox\Profiles\rchrgiqv.default\Extensions\{316a50d0-b39e-45f4-965d-1da8865972b7} [2014-02-15]
FF Extension: Searchqu Toolbar - C:\Users\Sofie\AppData\Roaming\Mozilla\Firefox\Profiles\rchrgiqv.default\Extensions\{99079a25-328f-4bd4-be04-00955acaa0a7} [2012-10-12]
FF Extension: SweetPacks Toolbar for Firefox - C:\Users\Sofie\AppData\Roaming\Mozilla\Firefox\Profiles\rchrgiqv.default\Extensions\{EEE6C361-6118-11DC-9C72-001320C79847} [2012-10-31]
FF Extension: SweetPacks Toolbar for Firefox - C:\Users\Sofie\AppData\Roaming\Mozilla\Firefox\Profiles\rchrgiqv.default\Extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi [2012-10-29]
FF HKLM\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\Web Assistant\Firefox
FF Extension: Web Assistant - C:\Program Files\Web Assistant\Firefox [2012-06-22]
FF HKLM\...\Firefox\Extensions: [{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}] - C:\Program Files\Web Assistant\Firefox
FF Extension: Web Assistant - C:\Program Files\Web Assistant\Firefox [2012-06-22]
FF HKLM-x32\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\Web Assistant\Firefox
FF Extension: Web Assistant - C:\Program Files\Web Assistant\Firefox [2012-06-22]
FF HKLM-x32\...\Firefox\Extensions: [siteranker@siteranker.com] - C:\Program Files (x86)\SiteRanker\firefox\
FF Extension: SiteRanker - C:\Program Files (x86)\SiteRanker\firefox\ []
FF HKLM-x32\...\Firefox\Extensions: [fmconverter@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\
FF Extension: Freemake Video Converter Plugin - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\ []
FF HKLM-x32\...\Firefox\Extensions: [{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}] - C:\Program Files\Web Assistant\Firefox
FF Extension: Web Assistant - C:\Program Files\Web Assistant\Firefox [2012-06-22]
FF HKLM-x32\...\Firefox\Extensions: [{F04D2D30-776C-4d02-8627-8E4385ECA58D}] - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.5.0.67\coFFPlgn\
FF Extension: Norton Identity Safe Toolbar - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.5.0.67\coFFPlgn\ []
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_21.1.0.18\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_21.1.0.18\IPSFF [2013-12-15]
FF HKCU\...\Firefox\Extensions: [{ED76C299-85BC-4891-9237-74A140C28832}] - C:\Program Files (x86)\RebateInformer\Firefox\
FF Extension: RebateInformer - C:\Program Files (x86)\RebateInformer\Firefox\ []
FF HKCU\...\Firefox\Extensions: [{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}] - C:\Program Files (x86)\Wajam\Firefox\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpi
FF Extension: Wajam - C:\Program Files (x86)\Wajam\Firefox\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpi [2013-05-02]
FF HKCU\...\Firefox\Extensions: [{43a7141d-3b82-4576-af55-f89abdc2f8ab}] - C:\Program Files (x86)\LyricsContainer\131.xpi

Chrome:
=======
CHR HomePage: https://www.google.de/?gws_rd=cr
CHR Extension: (Adblock Plus) - C:\Users\Sofie\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-02-16]
CHR HKLM\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\Web Assistant\source.crx [2012-06-22]
CHR HKCU\...\Chrome\Extension: [amfclgbdpgndipgoegfpkkgobahigbcl] - C:\Users\Sofie\AppData\Local\Smartbar/Application\1Extension.crx [2012-06-22]
CHR HKCU\...\Chrome\Extension: [pbjikboenpfhbbejgkoklgkhjpfogcam] - C:\Program Files (x86)\Amazon\ABB\AmazonChrome-bds-amzn.crx [2013-03-21]
CHR HKLM-x32\...\Chrome\Extension: [bmbgdmijgopggjaelphhajpjldacbnba] - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\incredibar.crx [2012-01-21]
CHR HKLM-x32\...\Chrome\Extension: [bodddioamolcibagionmmobehnbhiakf] - C:\Program Files (x86)\BrowserCompanion\blabbers-ch.crx [2012-07-02]
CHR HKLM-x32\...\Chrome\Extension: [dgldkplledicnbnnliodeffobaiaodaf] - C:\Program Files (x86)\SiteRanker\Chrome\siterank_c.crx [2012-07-03]
CHR HKLM-x32\...\Chrome\Extension: [dhdepfaagokllfmhfbcfmocaeigmoebo] - C:\Users\Sofie\AppData\Local\Savings Sidekick\Chrome\Savings Sidekick.crx [2012-07-03]
CHR HKLM-x32\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\Web Assistant\source.crx [2012-06-22]
CHR HKLM-x32\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2012-10-20]
CHR HKLM-x32\...\Chrome\Extension: [jcdgjdiieiljkfkdcloehkohchhpekkn] - C:\Users\Sofie\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetFB.crx [2012-07-09]
CHR HKLM-x32\...\Chrome\Extension: [jpmbfleldcgkldadpdinhjjopdfpjfjp] - C:\Users\Sofie\AppData\Local\Wajam\Chrome\wajam.crx [2013-05-02]
CHR HKLM-x32\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\Exts\Chrome.crx [2014-01-21]
CHR HKLM-x32\...\Chrome\Extension: [ogccgbmabaphcakpiclgcnmcnimhokcj] - C:\Windows\SysWOW64\jmdp\SweetNT.crx [2014-02-04]
CHR HKLM-x32\...\Chrome\Extension: [pgafcinpmmpklohkojmllohdhomoefph] - C:\ProgramData\Video Performer Manager\2.4.897.175\{16cdff19-861d-48e3-a751-d99a27784753}\videomngr.crx [2014-02-04]

==================== Services (Whitelisted) =================

R2 24x7HelpSvc; C:\Program Files (x86)\24x7Help\App24x7Svc.exe [394392 2012-07-02] (PCRx.com, LLC)
S2 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [32808 2013-07-01] (Just Develop It)
S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [100864 2012-09-07] (Freemake)
R2 GFilterSvc; C:\Windows\System32\GFilterSvc.exe [114688 2012-07-22] ()
R2 IBUpdaterService; C:\Windows\system32\dmwu.exe [1859376 2014-02-04] ()
R2 LyricsContainer; C:\Program Files (x86)\LyricsContainer\LyricsContainer153.exe [181248 2014-02-11] ()
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-07-28] ()
R2 NAV; C:\Program Files (x86)\Norton AntiVirus\Engine\21.1.0.18\NAV.exe [262288 2013-10-08] (Symantec Corporation)
R2 NCO; C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\NST.exe [129424 2013-10-06] (Symantec Corporation)
R2 Updater Service for AMZN; C:\Program Files (x86)\Amazon Browser Bar\ToolbarUpdaterService.exe [222368 2013-03-21] ()
R2 WajamUpdater; C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe [109064 2013-04-22] (Wajam)
R2 Web Assistant Updater; C:\Program Files\Web Assistant\ExtensionUpdaterService.exe [188760 2013-01-29] ()

==================== Drivers (Whitelisted) ====================

R3 AiCharger; C:\Windows\SysWOW64\DRIVERS\AiCharger.sys [16768 2011-09-20] (ASUSTek Computer Inc.)
R1 BHDrvx64; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.1.0.18\Definitions\BASHDefs\20140214.001\BHDrvx64.sys [1526488 2013-12-18] (Symantec Corporation)
R1 ccSet_NAV; C:\Windows\system32\drivers\NAVx64\1501000.012\ccSetx64.sys [162392 2013-09-26] (Symantec Corporation)
R1 ccSet_NST; C:\Windows\system32\drivers\NSTx64\7DE06000.01B\ccSetx64.sys [162392 2013-09-27] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-12-05] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2013-12-05] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.1.0.18\Definitions\IPSDefs\20140228.001\IDSvia64.sys [521944 2014-01-21] (Symantec Corporation)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R3 NAVENG; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.1.0.18\Definitions\VirusDefs\20140228.008\ENG64.SYS [126040 2014-02-26] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.1.0.18\Definitions\VirusDefs\20140228.008\EX64.SYS [2099288 2014-02-26] (Symantec Corporation)
R1 SRTSP; C:\Windows\System32\Drivers\NAVx64\1501000.012\SRTSP64.SYS [858200 2013-09-27] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NAVx64\1501000.012\SRTSPX64.SYS [36952 2013-09-10] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NAVx64\1501000.012\SYMDS64.SYS [493656 2013-09-10] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NAVx64\1501000.012\SYMEFA64.SYS [1147480 2013-09-27] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2013-12-06] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NAVx64\1501000.012\Ironx64.SYS [264280 2013-09-27] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NAVx64\1501000.012\SYMNETS.SYS [590936 2013-09-26] (Symantec Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-01 12:41 - 2014-03-01 12:41 - 02155520 _____ (Farbar) C:\Users\Sofie\Desktop\FRST64.exe
2014-03-01 12:41 - 2014-03-01 12:41 - 00034099 _____ () C:\Users\Sofie\Desktop\FRST.txt
2014-03-01 12:17 - 2014-03-01 12:41 - 00000000 ____D () C:\FRST
2014-02-21 15:56 - 2014-02-21 15:56 - 17858952 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-02-16 10:03 - 2013-12-21 10:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-16 10:03 - 2013-12-21 09:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-16 10:02 - 2014-02-06 13:16 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-16 10:02 - 2014-02-06 12:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-16 10:02 - 2014-02-06 12:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-16 10:02 - 2014-02-06 12:12 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-16 10:02 - 2014-02-06 12:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-16 10:02 - 2014-02-06 12:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-16 10:02 - 2014-02-06 11:57 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-16 10:02 - 2014-02-06 11:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-16 10:02 - 2014-02-06 11:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-16 10:02 - 2014-02-06 11:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-16 10:02 - 2014-02-06 11:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-16 10:02 - 2014-02-06 11:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-16 10:02 - 2014-02-06 11:38 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-16 10:02 - 2014-02-06 11:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-16 10:02 - 2014-02-06 11:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-16 10:02 - 2014-02-06 11:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-16 10:02 - 2014-02-06 11:11 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-16 10:02 - 2014-02-06 11:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-16 10:02 - 2014-02-06 11:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-16 10:02 - 2014-02-06 10:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-16 10:02 - 2014-02-06 10:57 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-16 10:02 - 2014-02-06 10:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-16 10:02 - 2014-02-06 10:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-16 10:02 - 2014-02-06 10:50 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-16 10:02 - 2014-02-06 10:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-16 10:02 - 2014-02-06 10:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-16 10:02 - 2014-02-06 10:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-16 10:02 - 2014-02-06 10:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-16 10:02 - 2014-02-06 10:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-16 10:02 - 2014-02-06 10:24 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-16 10:02 - 2014-02-06 10:22 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-16 10:02 - 2014-02-06 10:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-16 10:02 - 2014-02-06 10:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-16 10:02 - 2014-02-06 10:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-16 10:02 - 2014-02-06 09:55 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-16 10:02 - 2014-02-06 09:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-16 10:02 - 2014-02-06 09:40 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-16 10:02 - 2014-02-06 09:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-16 10:02 - 2014-02-06 09:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-12 21:59 - 2014-01-01 00:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-02-12 21:59 - 2014-01-01 00:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-12 21:59 - 2013-12-25 00:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-12 21:59 - 2013-12-24 23:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-12 21:59 - 2013-12-06 03:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-12 21:59 - 2013-12-06 03:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-12 21:59 - 2013-12-06 03:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-12 21:59 - 2013-12-06 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-02-12 21:59 - 2013-12-04 03:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-12 21:59 - 2013-12-04 03:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-12 21:59 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-12 21:59 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-12 21:59 - 2013-12-04 03:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-12 21:59 - 2013-12-04 03:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-12 21:59 - 2013-12-04 03:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-12 21:59 - 2013-12-04 03:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-12 21:59 - 2013-12-04 03:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-12 21:59 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-02-12 21:59 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-02-12 21:59 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-02-12 21:59 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-02-12 21:59 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-12 21:59 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-02-12 21:59 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-02-12 21:59 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-02-12 21:59 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-02-12 21:59 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-12 21:59 - 2013-11-22 23:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-11 21:42 - 2014-02-28 23:51 - 00000406 _____ () C:\Windows\Tasks\LyricsContainer_wd.job
2014-02-11 21:42 - 2014-02-11 21:42 - 00002994 _____ () C:\Windows\System32\Tasks\LyricsContainer_wd
2014-02-07 22:23 - 2014-02-07 22:23 - 00000000 ____D () C:\Windows\SysWOW64\jmdp
2014-02-07 22:23 - 2014-02-07 22:23 - 00000000 ____D () C:\Windows\system32\ljkb

==================== One Month Modified Files and Folders =======

2014-03-01 12:41 - 2014-03-01 12:41 - 02155520 _____ (Farbar) C:\Users\Sofie\Desktop\FRST64.exe
2014-03-01 12:41 - 2014-03-01 12:41 - 00034099 _____ () C:\Users\Sofie\Desktop\FRST.txt
2014-03-01 12:41 - 2014-03-01 12:17 - 00000000 ____D () C:\FRST
2014-03-01 12:28 - 2012-08-12 22:16 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-01 12:27 - 2013-02-20 22:16 - 00001038 _____ () C:\Windows\Tasks\GinyasBrowserCompanion Stats Report.job
2014-03-01 12:19 - 2009-07-14 05:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-01 12:19 - 2009-07-14 05:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-01 12:16 - 2013-02-20 22:16 - 00000990 _____ () C:\Windows\Tasks\GinyasBrowserCompanion Runner.job
2014-03-01 12:09 - 2012-07-13 14:36 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-01 11:47 - 2012-07-31 21:43 - 00074758 _____ () C:\Windows\setupact.log
2014-03-01 11:47 - 2012-01-20 00:19 - 01435329 _____ () C:\Windows\WindowsUpdate.log
2014-03-01 11:41 - 2013-09-12 20:52 - 00000000 ____D () C:\Program Files (x86)\LyricsContainer
2014-03-01 11:20 - 2011-10-19 05:11 - 09159726 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-03-01 11:20 - 2011-04-11 13:05 - 00482554 _____ () C:\Windows\system32\perfh001.dat
2014-03-01 11:20 - 2011-04-11 13:05 - 00098716 _____ () C:\Windows\system32\perfc001.dat
2014-03-01 11:20 - 2011-03-17 12:52 - 00728140 _____ () C:\Windows\system32\perfh019.dat
2014-03-01 11:20 - 2011-03-17 12:52 - 00154786 _____ () C:\Windows\system32\perfc019.dat
2014-03-01 11:20 - 2011-02-19 06:02 - 00395884 _____ () C:\Windows\system32\perfh00D.dat
2014-03-01 11:20 - 2011-02-19 06:02 - 00088702 _____ () C:\Windows\system32\perfc00D.dat
2014-03-01 11:20 - 2011-02-19 05:56 - 00610528 _____ () C:\Windows\system32\perfh008.dat
2014-03-01 11:20 - 2011-02-19 05:56 - 00115072 _____ () C:\Windows\system32\perfc008.dat
2014-03-01 11:20 - 2011-02-19 05:51 - 00412012 _____ () C:\Windows\system32\prfh0404.dat
2014-03-01 11:20 - 2011-02-19 05:51 - 00126088 _____ () C:\Windows\system32\prfc0404.dat
2014-03-01 11:20 - 2011-02-19 05:45 - 00732558 _____ () C:\Windows\system32\prfh0816.dat
2014-03-01 11:20 - 2011-02-19 05:45 - 00156850 _____ () C:\Windows\system32\prfc0816.dat
2014-03-01 11:20 - 2011-02-19 05:40 - 00747038 _____ () C:\Windows\system32\perfh013.dat
2014-03-01 11:20 - 2011-02-19 05:40 - 00157046 _____ () C:\Windows\system32\perfc013.dat
2014-03-01 11:20 - 2011-02-19 05:35 - 00743586 _____ () C:\Windows\system32\perfh010.dat
2014-03-01 11:20 - 2011-02-19 05:35 - 00150790 _____ () C:\Windows\system32\perfc010.dat
2014-03-01 11:20 - 2011-02-19 05:29 - 00749256 _____ () C:\Windows\system32\perfh00C.dat
2014-03-01 11:20 - 2011-02-19 05:29 - 00153524 _____ () C:\Windows\system32\perfc00C.dat
2014-03-01 11:20 - 2011-02-19 05:24 - 00711078 _____ () C:\Windows\system32\perfh007.dat
2014-03-01 11:20 - 2011-02-19 05:24 - 00153526 _____ () C:\Windows\system32\perfc007.dat
2014-03-01 11:20 - 2011-02-19 05:19 - 00748996 _____ () C:\Windows\system32\perfh00A.dat
2014-03-01 11:20 - 2011-02-19 05:19 - 00162418 _____ () C:\Windows\system32\perfc00A.dat
2014-03-01 11:20 - 2009-07-14 06:13 - 09159726 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-01 11:19 - 2012-07-13 14:37 - 00000000 ____D () C:\Users\Sofie\AppData\Roaming\BrowserCompanion
2014-02-28 23:53 - 2013-07-27 16:33 - 00000408 _____ () C:\Windows\Tasks\LyricsContainer Update.job
2014-02-28 23:52 - 2013-02-20 22:16 - 00000990 _____ () C:\Windows\Tasks\GinyasBrowserCompanion FireFox Watcher.job
2014-02-28 23:52 - 2013-02-20 22:16 - 00000990 _____ () C:\Windows\Tasks\GinyasBrowserCompanion Chrome Watcher.job
2014-02-28 23:52 - 2013-02-20 22:16 - 00000922 _____ () C:\Windows\Tasks\GinyasBrowserCompanion Update Checker.job
2014-02-28 23:52 - 2012-07-15 09:46 - 00000000 ____D () C:\Program Files (x86)\SiteRanker
2014-02-28 23:52 - 2012-07-15 09:46 - 00000000 ____D () C:\Program Files (x86)\RebateInformer
2014-02-28 23:52 - 2012-07-13 14:36 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-28 23:51 - 2014-02-11 21:42 - 00000406 _____ () C:\Windows\Tasks\LyricsContainer_wd.job
2014-02-28 23:51 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-28 23:50 - 2012-08-14 15:43 - 00280448 _____ () C:\Windows\PFRO.log
2014-02-28 23:39 - 2013-07-27 16:50 - 00000284 _____ () C:\Windows\Tasks\RegClean Pro_UPDATES.job
2014-02-28 23:24 - 2013-07-31 17:25 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-28 23:17 - 2012-06-27 11:16 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-26 21:40 - 2013-07-27 16:50 - 00003108 _____ () C:\Windows\System32\Tasks\RegClean Pro
2014-02-25 19:10 - 2013-07-27 16:50 - 00000276 _____ () C:\Windows\Tasks\RegClean Pro_DEFAULT.job
2014-02-24 17:48 - 2012-06-11 16:50 - 00000000 ____D () C:\Users\Sofie\AppData\Roaming\Skype
2014-02-21 15:57 - 2012-08-12 22:16 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-21 15:57 - 2012-07-16 17:25 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-21 15:57 - 2012-07-16 17:25 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-21 15:56 - 2014-02-21 15:56 - 17858952 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-02-20 22:04 - 2013-07-27 16:35 - 00000000 ____D () C:\Program Files (x86)\Wajam
2014-02-16 13:43 - 2012-01-20 00:29 - 00001530 _____ () C:\Windows\system32\ServiceFilter.ini
2014-02-16 13:36 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\he-IL
2014-02-16 13:36 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\ar-SA
2014-02-16 13:36 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\he-IL
2014-02-16 13:36 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\ar-SA
2014-02-16 10:22 - 2012-06-08 09:24 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-02-16 10:05 - 2009-07-14 03:34 - 00000478 _____ () C:\Windows\win.ini
2014-02-15 22:10 - 2012-07-13 17:10 - 00000000 ____D () C:\Users\Sofie\AppData\Local\CrashDumps
2014-02-15 22:04 - 2012-07-13 14:36 - 00004104 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-15 22:04 - 2012-07-13 14:36 - 00003852 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-15 00:48 - 2012-06-24 17:43 - 00000000 ___RD () C:\Users\Sofie\Desktop\Programme
2014-02-11 21:42 - 2014-02-11 21:42 - 00002994 _____ () C:\Windows\System32\Tasks\LyricsContainer_wd
2014-02-11 21:42 - 2013-07-27 16:33 - 00003056 _____ () C:\Windows\System32\Tasks\LyricsContainer Update
2014-02-11 21:42 - 2009-07-14 04:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-02-11 21:42 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-02-10 20:14 - 2013-07-27 16:53 - 00000000 ____D () C:\Program Files (x86)\Amazon Browser Bar
2014-02-07 22:23 - 2014-02-07 22:23 - 00000000 ____D () C:\Windows\SysWOW64\jmdp
2014-02-07 22:23 - 2014-02-07 22:23 - 00000000 ____D () C:\Windows\system32\ljkb
2014-02-07 22:09 - 2013-04-10 18:05 - 00000000 ____D () C:\Windows\SysWOW64\ARFC
2014-02-07 22:09 - 2012-09-04 14:53 - 00000000 ____D () C:\Windows\SysWOW64\WNLT
2014-02-06 13:16 - 2014-02-16 10:02 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-06 12:30 - 2014-02-16 10:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-06 12:30 - 2014-02-16 10:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-06 12:12 - 2014-02-16 10:02 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-06 12:07 - 2014-02-16 10:02 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-06 12:06 - 2014-02-16 10:02 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-06 11:57 - 2014-02-16 10:02 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-06 11:56 - 2014-02-16 10:02 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-06 11:52 - 2014-02-16 10:02 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-06 11:49 - 2014-02-16 10:02 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-06 11:48 - 2014-02-16 10:02 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-06 11:48 - 2014-02-16 10:02 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-06 11:38 - 2014-02-16 10:02 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-06 11:32 - 2014-02-16 10:02 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-06 11:20 - 2014-02-16 10:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-06 11:17 - 2014-02-16 10:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-06 11:11 - 2014-02-16 10:02 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-06 11:01 - 2014-02-16 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-06 11:00 - 2014-02-16 10:02 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-06 10:57 - 2014-02-16 10:02 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-06 10:57 - 2014-02-16 10:02 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-06 10:52 - 2014-02-16 10:02 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-06 10:52 - 2014-02-16 10:02 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-06 10:50 - 2014-02-16 10:02 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-06 10:49 - 2014-02-16 10:02 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-06 10:47 - 2014-02-16 10:02 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-06 10:46 - 2014-02-16 10:02 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-06 10:25 - 2014-02-16 10:02 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-06 10:25 - 2014-02-16 10:02 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-06 10:24 - 2014-02-16 10:02 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-06 10:22 - 2014-02-16 10:02 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-06 10:13 - 2014-02-16 10:02 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-06 10:09 - 2014-02-16 10:02 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-06 10:03 - 2014-02-16 10:02 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-06 09:55 - 2014-02-16 10:02 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-06 09:41 - 2014-02-16 10:02 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-06 09:40 - 2014-02-16 10:02 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-06 09:36 - 2014-02-16 10:02 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-06 09:34 - 2014-02-16 10:02 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-04 10:28 - 2012-09-04 14:53 - 01859376 _____ () C:\Windows\system32\dmwu.exe
2014-02-04 10:23 - 2012-09-04 14:53 - 00034304 _____ (IncrediMail, Ltd.) C:\Windows\system32\ImHttpComm.dll
2014-02-04 09:39 - 2011-01-07 14:02 - 00829264 _____ (Microsoft Corporation) C:\Windows\system32\msvcr100.dll
2014-02-04 09:39 - 2011-01-07 14:02 - 00608080 _____ (Microsoft Corporation) C:\Windows\system32\msvcp100.dll

Files to move or delete:
====================
C:\Users\Public\AlexaNSISPlugin.9140.dll


Some content of TEMP:
====================
C:\Users\Sofie\AppData\Local\Temp\7za.exe
C:\Users\Sofie\AppData\Local\Temp\BackupSetup.exe
C:\Users\Sofie\AppData\Local\Temp\Browser_Helper_Companion_DE.exe
C:\Users\Sofie\AppData\Local\Temp\DeltaTB.exe
C:\Users\Sofie\AppData\Local\Temp\FreemakeVideoConverter_3.1.2.0.exe
C:\Users\Sofie\AppData\Local\Temp\ICReinstall_ICReinstall_video_downloader.exe
C:\Users\Sofie\AppData\Local\Temp\ICReinstall_video_downloader.exe
C:\Users\Sofie\AppData\Local\Temp\installhelper.dll
C:\Users\Sofie\AppData\Local\Temp\LyricsContainertmp.exe
C:\Users\Sofie\AppData\Local\Temp\mgsqlite3.dll
C:\Users\Sofie\AppData\Local\Temp\NEW_CORRECT_incredibar_install.exe
C:\Users\Sofie\AppData\Local\Temp\OptChrome.exe
C:\Users\Sofie\AppData\Local\Temp\pricepeep_130001_1001.exe
C:\Users\Sofie\AppData\Local\Temp\SetupDataMngr_Searchqu.exe
C:\Users\Sofie\AppData\Local\Temp\Shortcut_bundlesweetimsetup.exe
C:\Users\Sofie\AppData\Local\Temp\SIMEEI2Installer.exe
C:\Users\Sofie\AppData\Local\Temp\SIMEEIInstaller.exe
C:\Users\Sofie\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Sofie\AppData\Local\Temp\SQLite.dll
C:\Users\Sofie\AppData\Local\Temp\sqlite3.dll
C:\Users\Sofie\AppData\Local\Temp\sqlite3.exe
C:\Users\Sofie\AppData\Local\Temp\SRAssetsHelper.dll
C:\Users\Sofie\AppData\Local\Temp\tvaudcyo.dll
C:\Users\Sofie\AppData\Local\Temp\UpdateCheckerSetup.exe
C:\Users\Sofie\AppData\Local\Temp\vcredist_x64.exe
C:\Users\Sofie\AppData\Local\Temp\vcredist_x86.exe
C:\Users\Sofie\AppData\Local\Temp\vlc-2.0.2-win32.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-02-2014 02
Ran by Sofie at 2014-03-01 12:41:54
Running from C:\Users\Sofie\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Norton AntiVirus (Enabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton AntiVirus (Enabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202}

==================== Installed Programs ======================

24x7 Help (HKLM-x32\...\{A957F04C-49F4-4375-8C8A-D04B769EFE47}_is1) (Version: 1.0.0.26 - PCRx.com, LLC)
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Reader X (10.1.9) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.9 - Adobe Systems Incorporated)
Amazon Browser Bar (HKLM\...\Amazon Browser Bar) (Version: 3.0.2012.0802 - Amazon)
Amazon Browser Settings (HKLM-x32\...\Amazon Browser Settings) (Version: 3.0 - Amazon)
AMD APP SDK Runtime (Version: 2.5.775.2 - Advanced Micro Devices Inc.) Hidden
AMD AVIVO64 Codecs (Version: 11.7.0.10927 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{92015CBE-D397-C3EA-99FC-B03051DE69A4}) (Version: 3.0.847.0 - Advanced Micro Devices, Inc.)
Angry Birds (HKLM-x32\...\{F0000C3B-FD74-4E5F-B574-CA4AB150E86F}) (Version: 2.1.0 - Rovio)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.12.9.0 - Asmedia Technology)
ASUS AI Recovery (HKLM-x32\...\{D39F0676-163E-4595-A917-E28F99BBD4D2}) (Version: 1.0.19 - ASUS)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.27 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.0.7 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{33B98264-A889-4913-A0CA-C364A75032B3}) (Version: 1.1.45 - ASUS)
ASUS SmartLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0011 - ASUS)
ASUS Sonic Focus (HKLM-x32\...\{B0002707-4F7E-4745-88A7-852DA8A88635}) (Version: 1.0.0.5 - Synopsys )
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0036 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.0.4 - ASUS)
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.23 - asus)
ASUS WebStorage (HKLM-x32\...\ASUS WebStorage) (Version: 3.0.108.222 - eCareme Technologies, Inc.)
AsusScr_K3 Series_ENG (HKLM-x32\...\AsusScr_K3 Series_ENG) (Version: 1.0.0001 - ASUS)
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.7.142 - ASUSTEK)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0014 - ASUS)
Babylon toolbar  (HKLM-x32\...\BabylonToolbar) (Version:  - BabylonToolbar) <==== ATTENTION
BabylonObjectInstaller (HKLM-x32\...\{83AA2913-C123-4146-85BD-AD8F93971D39}) (Version: 2.0.0.3 - Babylon Ltd)
Bing Bar (HKLM-x32\...\{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}) (Version: 7.0.610.0 - Microsoft Corporation)
BrowserCompanion (HKLM-x32\...\BrowserCompanion) (Version:  - ) <==== ATTENTION
Bubbletown (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115065740}) (Version:  - Oberon Media)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center (x32 Version: 2011.0927.2225.38375 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2011.0927.2225.38375 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2011.0927.2225.38375 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2011.0927.2225.38375 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Profiles Mobile (x32 Version: 2011.0927.2225.38375 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2011.0927.2224.38375 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2011.0927.2224.38375 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2011.0927.2224.38375 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2011.0927.2224.38375 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2011.0927.2224.38375 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2011.0927.2224.38375 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2011.0927.2224.38375 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2011.0927.2224.38375 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2011.0927.2224.38375 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2011.0927.2224.38375 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2011.0927.2224.38375 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2011.0927.2224.38375 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2011.0927.2224.38375 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2011.0927.2224.38375 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2011.0927.2224.38375 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2011.0927.2224.38375 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2011.0927.2224.38375 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2011.0927.2224.38375 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2011.0927.2224.38375 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2011.0927.2224.38375 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2011.0927.2224.38375 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2011.0927.2224.38375 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2011.0927.2225.38375 - Advanced Micro Devices, Inc.) Hidden
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (HKLM-x32\...\{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}) (Version: 15.4.5722.2 - Microsoft Corporation)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3624 - CyberLink Corp.)
CyberLink LabelPrint (x32 Version: 2.5.3624 - CyberLink Corp.) Hidden
CyberLink Media Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.2926 - CyberLink Corp.)
CyberLink Media Suite (x32 Version: 8.0.2926 - CyberLink Corp.) Hidden
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.1126 - CyberLink Corp.)
CyberLink Power2Go (x32 Version: 7.0.0.1126 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Deadtime Stories (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-118716773}) (Version:  - Oberon Media)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{81FB7C60-565A-4869-9D90-3BE1D270E8B7}) (Version:  - Microsoft)
Dream Day First Home (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}) (Version:  - Oberon Media)
Dream Vacation Solitaire (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111249233}) (Version:  - Oberon Media)
ETDWare PS/2-X64 8.0.5.5_WHQL (HKLM\...\Elantech) (Version: 8.0.5.5 - ELAN Microelectronic Corp.)
e-Wörterbücher (HKLM-x32\...\{4737AD9F-13AA-4E4C-B86F-B631D557F6A7}) (Version:  - )
Farm Frenzy 3 - Madagascar (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-119205603}) (Version:  - Oberon Media)
Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.10 - ASUS)
Freemake Video Converter Version 3.1.2 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 3.1.2 - Ellora Assets Corporation)
fTalk (HKCU\...\fTalk) (Version: 4.0.0.3965 - Koyote-Lab Inc)
Galapago (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}) (Version:  - Oberon Media)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Game Park Console (HKLM-x32\...\Game Park Console) (Version: 1.2.4.431 - Oberon Media Inc.)
GeoGebra 4.4 (HKLM-x32\...\GeoGebra 4.4) (Version: 4.4.3.0 - International GeoGebra Institute)
GinyasBrowserCompanion (HKLM-x32\...\GinyasBrowserCompanion) (Version:  - Ginyas) <==== ATTENTION
Go Go Gourmet Chef of the Year (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115290153}) (Version:  - Oberon Media)
Google Chrome (HKCU\...\Google Chrome) (Version: 24.0.1312.57 - Google Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.117 - Google Inc.)
Google Drive (HKLM-x32\...\{E87022D3-C8C9-4C76-8E27-BC7F18F9B8FB}) (Version: 1.14.6059.644 - Google, Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google SketchUp 8 (HKLM-x32\...\{4BA6784F-3B10-473A-B9F5-33A36AC354D5}) (Version: 3.0.14358 - Google, Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.4805.320 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
Graboid Video 3.12 (HKLM-x32\...\Graboid Video) (Version: 3.12 - Graboid Inc.)
gutscheinfilter.de (HKCU\...\{206a7328-437f-4bd9-b53e-12bfee24d588}) (Version:  - gutscheinfilter.de)
IB Updater Service (HKLM-x32\...\WNLT) (Version: 5.0.3.4 - ) <==== ATTENTION
iLivid (HKLM-x32\...\iLivid) (Version: 1.92 - Bandoo Media Inc) <==== ATTENTION
Inbox Toolbar (HKLM-x32\...\{612AD33D-9824-4E87-8396-92374E91C4BB}_is1) (Version: 2.0.0.12 - Inbox.com, Inc.)
Incredibar Toolbar  on IE and Chrome (HKLM-x32\...\incredibar) (Version:  - ) <==== ATTENTION
Incredibar-Games EN Toolbar (HKLM-x32\...\Incredibar-Games_EN Toolbar) (Version: 6.8.10.0 - Incredibar-Games EN) <==== ATTENTION
InstantOn for NB (HKLM-x32\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 2.1.5 - ASUS)
Intel PROSet Wireless (Version:  - ) Hidden
Intel PROSet Wireless (x32 Version:  - ) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Display Audio Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 6.14.00.3074 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi Software (HKLM\...\{25FBDA9A-E868-4B3B-B9FF-D923818511A1}) (Version: 14.2.0000 - Intel Corporation)
Internet Explorer Toolbar 4.6 by SweetPacks (HKLM-x32\...\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}) (Version: 4.6.0004 - SweetIM Technologies Ltd.) <==== ATTENTION
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LyricsContainer (HKLM-x32\...\854e4d75-e926-498d-a2ad-a3e5c9f68079) (Version:  - RYD Software) <==== ATTENTION
Mahjong Memoirs (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-117948443}) (Version:  - Oberon Media)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Mozilla Firefox 14.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 14.0.1 (x86 de)) (Version: 14.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 14.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MyPC Backup  (HKLM\...\MyPC Backup) (Version:  - MyPC Backup) <==== ATTENTION
Norton AntiVirus (HKLM-x32\...\NAV) (Version: 21.1.0.18 - Symantec Corporation)
Norton Identity Safe (HKLM-x32\...\NST) (Version: 2014.6.0.27 - Symantec Corporation)
Nuance PDF Reader (HKLM-x32\...\{B480904D-F73F-4673-B034-8A5F492C9184}) (Version: 6.00.0041 - Nuance Communications, Inc.)
Optimizer Pro v3.0 (HKLM-x32\...\Optimizer Pro_is1) (Version: 3.0 - PC Utilities Pro) <==== ATTENTION
PC Power Speed 1.0.0.27 (HKLM-x32\...\{B0C56FD7-493D-44DD-B007-BBB5117D6E6F}_is1) (Version: 1.0.0.27 - Crawler, LLC.)
PhotoLine 17.5.1.0 (HKLM\...\PhotoLine_is1) (Version: 17.5.1.0 - )
PhotoScape (HKLM-x32\...\PhotoScape) (Version:  - )
Plants vs Zombies (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-117080787}) (Version:  - Oberon Media)
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6473 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Reader Driver (HKLM-x32\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 6.1.7600.10010 - Realtek Semiconductor Corp.)
RebateInformer (HKLM-x32\...\{4EF645BD-65B0-4F98-AD56-D0437B7045F6}_is1) (Version: 1.0.0.83 - Inbox.com, Inc.)
Red Light Center 3D Client (HKLM-x32\...\Red Light Center 3D Client) (Version: 1.9.4421 - Utherverse Digital Inc)
RegClean Pro (HKLM-x32\...\RegClean Pro_is1) (Version: 6.21 - Systweak Inc) <==== ATTENTION
Savings Sidekick (HKLM-x32\...\Savings Sidekick) (Version: 1.23.151.151 - 215 Apps)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
SiteRanker (HKLM-x32\...\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}_is1) (Version: 1.0.0.29 - Crawler, LLC)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Snap.Do (HKLM-x32\...\{084B3661-F647-4E44-9018-D7DCDF538057}) (Version: 11.7.1.13233 - ReSoft Ltd.) <==== ATTENTION
Snap.Do Engine (HKCU\...\{9a32986b-7228-4979-8fdf-e749ebb33136}) (Version: 11.7.1.13233 - ReSoft Ltd.) <==== ATTENTION
SweetIM for Messenger 3.7 (HKLM-x32\...\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}) (Version: 3.7.0007 - SweetIM Technologies Ltd.) <==== ATTENTION
SweetPacks bundle uninstaller (HKLM-x32\...\{0C43FE6B-E881-4AFC-B384-4AEBC90047E8}) (Version: 1.0.0000 - SweetIM Technologies Ltd.) <==== ATTENTION
Turbo Fiesta (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115320460}) (Version:  - Oberon Media)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{001E8BF3-EDC3-4D5E-9C11-1D0E599B6497}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{001E8BF3-EDC3-4D5E-9C11-1D0E599B6497}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837583) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{E21274CE-CA0C-49FA-93F4-DC292A052264}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{C70D2038-A2C4-4A99-87DE-5272BB44F0CE}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{B5C70C99-B109-42FD-B219-FF12CA543F19}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{81812245-FC84-426A-BC02-6659C88CC7B2}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2775360) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{80F56E3F-1D47-4E45-B6E0-FEF4E919F4F9}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{8C55AA83-54C2-4236-A622-78440A411DC5}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{E78E2B68-8FD1-42EE-BB74-99A4D9E6222D}) (Version:  - Microsoft)
Update Manager for SweetPacks 1.1 (HKLM-x32\...\{EA8FA6BE-29BE-4AF2-9352-841F83215EB0}) (Version: 1.1.0008 - SweetIM Technologies Ltd.) <==== ATTENTION
Updater Service (HKLM-x32\...\Updater Service) (Version: 14,12,8,9 - ) <==== ATTENTION
VideoPerformer (HKLM-x32\...\VideoPerformer) (Version:  - PerformerSoft LLC) <==== ATTENTION
VLC media player 1.0.1 (HKLM-x32\...\VLC media player) (Version: 1.0.1 - VideoLAN Team)
Wajam (HKLM-x32\...\Wajam) (Version: 1.80 - Wajam) <==== ATTENTION
Web Assistant 2.0.0.573 (HKLM\...\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1) (Version: 2.0.0.573 - IncrediBar) <==== ATTENTION
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Корпорация Майкрософт) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live 影像中心 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live 程式集 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Searchqu Toolbar (HKLM-x32\...\Searchqu Toolbar) (Version: 4.1.0.2912 - Koyote-Lab Inc) <==== ATTENTION
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.32.0 - ASUS)
Wireless Console 3 (HKLM-x32\...\{C4BC5A5F-4A97-47CC-99C3-AB8E10572AFE}) (Version: 3.0.24 - ASUS)
WiseConvert Toolbar (HKLM-x32\...\WiseConvert Toolbar) (Version: 6.8.9.0 - WiseConvert)
World of Goo (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-116672750}) (Version:  - Oberon Media)
Yontoo 1.10.02 (HKLM\...\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}) (Version: 1.10.02 - Yontoo LLC) <==== ATTENTION
Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις (HKLM-x32\...\{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Элемент управления Windows Live Mesh ActiveX для удаленных подключений (HKLM-x32\...\{BCB0D6F7-7EAB-4009-A6F2-8E0E7F317773}) (Version: 15.4.5722.2 - Microsoft Corporation)
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
פקד ActiveX של Windows Live Mesh עבור חיבורים מרוחקים (HKLM-x32\...\{9D4C7DFA-CBBB-4F06-BDAC-94D831406DF0}) (Version: 15.4.5722.2 - Microsoft Corporation)
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
عنصر تحكم ActiveX الخاص بـ Windows Live Mesh للاتصالات البعيدة (HKLM-x32\...\{E18B30AA-6E2D-480C-B918-AF61009F4010}) (Version: 15.4.5722.2 - Microsoft Corporation)
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
適用遠端連線的 Windows Live Mesh ActiveX 控制項 (HKLM-x32\...\{622DE1BE-9EDE-49D3-B349-29D64760342A}) (Version: 15.4.5722.2 - Microsoft Corporation)

==================== Restore Points  =========================

18-01-2014 17:06:06 Windows Update
16-02-2014 09:01:12 Windows Update
28-02-2014 04:20:58 Windows Update
01-03-2014 10:19:08 Windows Update

==================== Hosts content: ==========================

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {0274573B-0095-4650-ADB0-3579CB0F2BFD} - System32\Tasks\Video Performer Manager => Sc.exe start Video Performer Manager
Task: {029F12D2-13E5-44AE-8E50-0ECAC6D1989E} - System32\Tasks\GinyasBrowserCompanion Update Checker => C:\ProgramData\GinyasBrowserCompanion\tbhcn.exe [2013-02-18] (Blabbers Communications Ltd) <==== ATTENTION
Task: {0736B926-A754-4A54-99F6-3E89C57A733E} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2011-07-22] (ASUS)
Task: {0D76E23C-8046-4051-A64E-DCCD7A6860B9} - System32\Tasks\AIRecoveryRemind => C:\Program Files (x86)\ASUS\AI Recovery\AIRecoveryRemind.exe [2011-11-25] (ASUSTek Computer Inc.)
Task: {1A9EE643-F5C4-4DFD-B584-A30184158AA1} - System32\Tasks\RegClean Pro_DEFAULT => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe [2013-05-27] (Systweak Inc) <==== ATTENTION
Task: {1D5D6C37-BAD1-4094-A458-458C6B991622} - System32\Tasks\GinyasBrowserCompanion Stats Report => C:\ProgramData\GinyasBrowserCompanion\tbhcn.exe [2013-02-18] (Blabbers Communications Ltd) <==== ATTENTION
Task: {233C98A1-E235-47AE-B035-66CB748DB0EF} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\SymErr.exe [2013-06-04] (Symantec Corporation)
Task: {2C690962-4CA9-4ECC-993E-3B9AECFC8E0C} - System32\Tasks\ASUS P4G => C:\Program Files\P4G\BatteryLife.exe [2011-06-01] (ASUS)
Task: {2D81F22D-54CD-461A-A8CB-7D1F3D3A2532} - System32\Tasks\LyricsContainer_wd => C:\Program Files (x86)\LyricsContainer\LyricsContainer_wd.exe [2014-02-11] () <==== ATTENTION
Task: {4A561ED7-1760-400B-80A6-4CC04572DC5C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-21] (Adobe Systems Incorporated)
Task: {4C09EB29-928B-4958-A4C6-65B25DD9806F} - System32\Tasks\GinyasBrowserCompanion Chrome Watcher => C:\ProgramData\GinyasBrowserCompanion\tbhcn.exe [2013-02-18] (Blabbers Communications Ltd) <==== ATTENTION
Task: {535D4444-B07A-4129-990E-9C5F7F2E5495} - System32\Tasks\Games\UpdateCheck_S-1-5-21-2936684877-3664751725-4146889954-1000
Task: {5FA6CE0F-AC00-4AA6-A433-6567B202F013} - System32\Tasks\RegClean Pro => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe [2013-05-27] (Systweak Inc) <==== ATTENTION
Task: {670F948B-EBB9-448F-9455-7E1A2EA4EB69} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [2010-11-15] (ASUS)
Task: {690A4F98-97F9-4B29-B541-037F077152B4} - System32\Tasks\Norton AntiVirus\Norton Error Analyzer => C:\Program Files (x86)\Norton AntiVirus\Engine\21.1.0.18\SymErr.exe [2013-08-01] (Symantec Corporation)
Task: {79479816-1358-4187-B470-E0DE5B2245A2} - System32\Tasks\Norton AntiVirus\Norton Error Processor => C:\Program Files (x86)\Norton AntiVirus\Engine\21.1.0.18\SymErr.exe [2013-08-01] (Symantec Corporation)
Task: {7BB78F33-2CC8-49B4-BD0C-452ABE86066F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-07-13] (Google Inc.)
Task: {8952F998-4ADB-4761-A60D-23CE5EF36E36} - System32\Tasks\GinyasBrowserCompanion Runner => C:\ProgramData\GinyasBrowserCompanion\tbhcn.exe [2013-02-18] (Blabbers Communications Ltd) <==== ATTENTION
Task: {8F037F5F-C02F-4B78-BC64-3AD8E7A7BFF9} - System32\Tasks\ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2011-11-23] (ASUS)
Task: {9490072E-41CE-458C-A41A-B8C438EA2DF8} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2011-09-30] (ASUSTeK Computer Inc.)
Task: {C26CDAD7-1010-4C4E-BBD0-2B6060C1F44F} - System32\Tasks\LyricsContainer Update => C:\Program Files (x86)\LyricsContainer\LrcsCtrUpdr.exe [2014-02-11] () <==== ATTENTION
Task: {C3001DA3-B227-483B-B424-602506E1B1EE} - System32\Tasks\USBChargerPlus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2011-09-20] (ASUSTek Computer Inc.)
Task: {D06659B7-21D8-4C85-91A5-8659593D482C} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton AntiVirus\Engine\21.1.0.18\WSCStub.exe [2013-10-08] (Symantec Corporation)
Task: {E0FE35FB-AC42-4723-BB94-5DAC9F75B169} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\SymErr.exe [2013-06-04] (Symantec Corporation)
Task: {E296B07C-E8EA-463C-A79B-E2D916BF6EC2} - System32\Tasks\GinyasBrowserCompanion FireFox Watcher => C:\ProgramData\GinyasBrowserCompanion\tbhcn.exe [2013-02-18] (Blabbers Communications Ltd) <==== ATTENTION
Task: {FA2B8908-7691-4E43-8E38-6997167382F5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-07-13] (Google Inc.)
Task: {FF099432-7C88-4120-BE3B-268AAE5FD763} - System32\Tasks\RegClean Pro_UPDATES => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe [2013-05-27] (Systweak Inc) <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GinyasBrowserCompanion Chrome Watcher.job => C:\ProgramData\GinyasBrowserCompanion\tbhcn.exe <==== ATTENTION
Task: C:\Windows\Tasks\GinyasBrowserCompanion FireFox Watcher.job => C:\ProgramData\GinyasBrowserCompanion\tbhcn.exe <==== ATTENTION
Task: C:\Windows\Tasks\GinyasBrowserCompanion Runner.job => C:\ProgramData\GinyasBrowserCompanion\tbhcn.exe <==== ATTENTION
Task: C:\Windows\Tasks\GinyasBrowserCompanion Stats Report.job => C:\ProgramData\GinyasBrowserCompanion\tbhcn.exe <==== ATTENTION
Task: C:\Windows\Tasks\GinyasBrowserCompanion Update Checker.job => C:\ProgramData\GinyasBrowserCompanion\tbhcn.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\LyricsContainer Update.job => C:\Program Files (x86)\LyricsContainer\LrcsCtrUpdr.exe <==== ATTENTION
Task: C:\Windows\Tasks\LyricsContainer_wd.job => C:\Program Files (x86)\LyricsContainer\LyricsContainer_wd.exe <==== ATTENTION
Task: C:\Windows\Tasks\RegClean Pro_DEFAULT.job => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe <==== ATTENTION
Task: C:\Windows\Tasks\RegClean Pro_UPDATES.job => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe <==== ATTENTION

==================== Loaded Modules (whitelisted) =============

2011-07-28 05:07 - 2011-07-28 05:07 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2014-02-11 21:42 - 2014-02-11 21:42 - 00093184 _____ () C:\Program Files (x86)\LyricsContainer\LyricsContainer_wd.exe
2010-07-15 01:11 - 2010-07-15 01:11 - 00031360 _____ () C:\Program Files\P4G\DevMng.dll
2011-07-28 05:07 - 2011-07-28 05:07 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll
2013-07-01 18:47 - 2013-07-01 18:47 - 00012288 _____ () C:\Program Files (x86)\MyPC Backup\GetText.dll
2013-07-01 18:43 - 2013-07-01 18:43 - 01102336 _____ () C:\Program Files (x86)\MyPC Backup\x64\System.Data.SQLite.dll
2012-07-02 10:16 - 2012-07-02 10:16 - 00695448 _____ () C:\Users\Sofie\AppData\Roaming\BrowserCompanion\tbhcn.exe
2012-07-22 19:25 - 2012-07-22 19:25 - 00114688 _____ () C:\Windows\System32\GFilterSvc.exe
2012-09-04 14:53 - 2014-02-04 10:28 - 01859376 _____ () C:\Windows\system32\dmwu.exe
2014-02-11 21:42 - 2014-02-11 21:42 - 00181248 _____ () C:\Program Files (x86)\LyricsContainer\LyricsContainer153.exe
2013-03-21 19:24 - 2013-03-21 19:24 - 00222368 _____ () C:\Program Files (x86)\Amazon Browser Bar\ToolbarUpdaterService.exe
2013-03-12 21:35 - 2013-01-29 14:28 - 00188760 _____ () C:\Program Files\Web Assistant\ExtensionUpdaterService.exe
2014-02-04 10:28 - 2014-02-04 10:28 - 01019184 _____ () C:\Windows\SysWOW64\jmdp\stij.exe
2014-02-04 10:28 - 2014-02-04 10:28 - 01217328 _____ () C:\Windows\System32\ljkb\stij.exe
2014-02-04 10:28 - 2014-02-04 10:28 - 01528624 _____ () C:\Windows\System32\ljkb\lmrn.dll
2011-11-23 00:09 - 2011-11-23 00:09 - 00009216 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
2011-09-30 02:06 - 2011-09-30 02:06 - 00208384 _____ () C:\Program Files (x86)\ASUS\ASUS Live Update\alvupdt.dll
2010-08-20 18:57 - 2010-08-20 18:57 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2010-08-20 18:57 - 2010-08-20 18:57 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2013-10-31 16:26 - 2013-10-31 16:26 - 00034848 _____ () C:\Users\Sofie\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Core.dll
2013-10-31 16:26 - 2013-10-31 16:26 - 00056864 _____ () C:\Users\Sofie\AppData\Local\Smartbar\Application\srau.dll
2013-10-31 16:26 - 2013-10-31 16:26 - 00150560 _____ () C:\Users\Sofie\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Utilities.dll
2013-10-31 16:26 - 2013-10-31 16:26 - 00112672 _____ () C:\Users\Sofie\AppData\Local\Smartbar\Application\Smartbar.Resources.HistoryAndStatsWrapper.dll
2013-10-31 16:26 - 2013-10-31 16:26 - 01981472 _____ () C:\Users\Sofie\AppData\Local\Smartbar\Application\Smartbar.GUI.MainClient.dll
2013-10-31 16:26 - 2013-10-31 16:26 - 00055840 _____ () C:\Users\Sofie\AppData\Local\Smartbar\Application\spbl.dll
2013-10-31 16:26 - 2013-10-31 16:26 - 00013344 _____ () C:\Users\Sofie\AppData\Local\Smartbar\Application\siem.dll
2013-10-31 16:26 - 2013-10-31 16:26 - 00049184 _____ () C:\Users\Sofie\AppData\Local\Smartbar\Application\sppsm.dll
2013-10-31 16:26 - 2013-10-31 16:26 - 00728096 _____ () C:\Users\Sofie\AppData\Local\Smartbar\Application\Smartbar.GUI.Controls.dll
2013-10-31 16:26 - 2013-10-31 16:26 - 00082464 _____ () C:\Users\Sofie\AppData\Local\Smartbar\Application\Smartbar.GUI.Docking.dll
2013-10-31 16:26 - 2013-10-31 16:26 - 00014368 _____ () C:\Users\Sofie\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.BusinessEntities.dll
2013-10-31 16:26 - 2013-10-31 16:26 - 00017440 _____ () C:\Users\Sofie\AppData\Local\Smartbar\Application\Smartbar.Personalization.Common.dll
2013-10-31 16:26 - 2013-10-31 16:26 - 00031264 _____ () C:\Users\Sofie\AppData\Local\Smartbar\Application\srut.dll
2013-10-31 16:26 - 2013-10-31 16:26 - 00020512 _____ () C:\Users\Sofie\AppData\Local\Smartbar\Application\srsbs.dll
2013-10-31 16:26 - 2013-10-31 16:26 - 00057888 _____ () C:\Users\Sofie\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.InternetExplorerLocalPlugin.dll
2013-10-31 16:26 - 2013-10-31 16:26 - 00014880 _____ () C:\Users\Sofie\AppData\Local\Smartbar\Application\srpdm.dll
2012-10-20 16:12 - 2012-10-20 16:12 - 00911432 _____ () C:\Windows\assembly\GAC_32\System.Data.SQLite\1.0.66.0__db937bc2d44ff139\System.Data.SQLite.dll
2013-10-31 16:26 - 2013-10-31 16:26 - 00014368 _____ () C:\Users\Sofie\AppData\Local\Smartbar\Application\sgml.dll
2013-10-31 16:26 - 2013-10-31 16:26 - 00053280 _____ () C:\Users\Sofie\AppData\Local\Smartbar\Application\Smartbar.Resources.LanguageSettings.dll
2013-10-31 16:26 - 2013-10-31 16:26 - 00048160 _____ () C:\Users\Sofie\AppData\Local\Smartbar\Application\MACTrackBarLib.dll
2013-10-31 16:26 - 2013-10-31 16:26 - 00026144 _____ () C:\Users\Sofie\AppData\Local\Smartbar\Application\de\Smartbar.Resources.LanguageSettings.resources.dll
2013-10-31 16:26 - 2013-10-31 16:26 - 00025632 _____ () C:\Users\Sofie\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.dll
2013-10-31 15:17 - 2013-10-31 15:17 - 00193056 _____ () C:\Users\Sofie\AppData\Local\Smartbar\Application\sgmu.dll
2013-10-31 15:16 - 2013-10-31 15:16 - 00068640 _____ () C:\Users\Sofie\AppData\Local\Smartbar\Application\AxInterop.WMPLib.dll
2013-10-31 16:26 - 2013-10-31 16:26 - 00248864 _____ () C:\Users\Sofie\AppData\Local\Smartbar\Application\srns.dll
2011-09-13 22:33 - 2011-09-13 22:33 - 01163264 _____ () C:\Program Files (x86)\ASUS\Wireless Console 3\acAuth.dll
2014-02-04 10:28 - 2014-02-04 10:28 - 01235760 _____ () C:\Windows\SysWOW64\jmdp\lmrn.dll
2014-02-22 09:25 - 2014-02-20 02:02 - 00051016 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\chrome_elf.dll
2014-02-22 09:25 - 2014-02-20 02:02 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\libglesv2.dll
2014-02-22 09:25 - 2014-02-20 02:02 - 00100168 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\libegl.dll
2014-02-22 09:25 - 2014-02-20 02:03 - 04060488 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\pdf.dll
2014-02-22 09:25 - 2014-02-20 02:03 - 00394568 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\ppGoogleNaClPluginChrome.dll
2014-02-22 09:25 - 2014-02-20 02:02 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\ffmpegsumo.dll
2014-02-22 09:25 - 2014-02-20 02:03 - 13632840 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupreg: ASUS Screen Saver Protector => C:\Windows\AsScrPro.exe
MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (02/28/2014 11:52:10 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: tbhcn.exe, Version: 1.0.0.9, Zeitstempel: 0x5121f458
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0002e3be
ID des fehlerhaften Prozesses: 0x868
Startzeit der fehlerhaften Anwendung: 0xtbhcn.exe0
Pfad der fehlerhaften Anwendung: tbhcn.exe1
Pfad des fehlerhaften Moduls: tbhcn.exe2
Berichtskennung: tbhcn.exe3

Error: (02/28/2014 11:52:09 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: tbhcn.exe, Version: 1.0.0.9, Zeitstempel: 0x5121f458
Name des fehlerhaften Moduls: tbhcn.exe, Version: 1.0.0.9, Zeitstempel: 0x5121f458
Ausnahmecode: 0x40000015
Fehleroffset: 0x00057738
ID des fehlerhaften Prozesses: 0x858
Startzeit der fehlerhaften Anwendung: 0xtbhcn.exe0
Pfad der fehlerhaften Anwendung: tbhcn.exe1
Pfad des fehlerhaften Moduls: tbhcn.exe2
Berichtskennung: tbhcn.exe3

Error: (02/28/2014 11:14:17 PM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - 1>Failed to compile: mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 . Error code = 0x80070003

Error: (02/28/2014 05:22:38 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: tbhcn.exe, Version: 1.0.0.9, Zeitstempel: 0x5121f458
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0002e3be
ID des fehlerhaften Prozesses: 0x2a3e4
Startzeit der fehlerhaften Anwendung: 0xtbhcn.exe0
Pfad der fehlerhaften Anwendung: tbhcn.exe1
Pfad des fehlerhaften Moduls: tbhcn.exe2
Berichtskennung: tbhcn.exe3

Error: (02/28/2014 05:21:06 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: tbhcn.exe, Version: 1.0.0.9, Zeitstempel: 0x5121f458
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0002e3be
ID des fehlerhaften Prozesses: 0x25724
Startzeit der fehlerhaften Anwendung: 0xtbhcn.exe0
Pfad der fehlerhaften Anwendung: tbhcn.exe1
Pfad des fehlerhaften Moduls: tbhcn.exe2
Berichtskennung: tbhcn.exe3

Error: (02/26/2014 04:31:01 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: conhost.exe, Version: 6.1.7601.18229, Zeitstempel: 0x51fb06ba
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000986ea
ID des fehlerhaften Prozesses: 0x29e10
Startzeit der fehlerhaften Anwendung: 0xconhost.exe0
Pfad der fehlerhaften Anwendung: conhost.exe1
Pfad des fehlerhaften Moduls: conhost.exe2
Berichtskennung: conhost.exe3

Error: (02/25/2014 10:17:37 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: tbhcn.exe, Version: 1.0.0.9, Zeitstempel: 0x5121f458
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0002e3be
ID des fehlerhaften Prozesses: 0x27208
Startzeit der fehlerhaften Anwendung: 0xtbhcn.exe0
Pfad der fehlerhaften Anwendung: tbhcn.exe1
Pfad des fehlerhaften Moduls: tbhcn.exe2
Berichtskennung: tbhcn.exe3

Error: (02/25/2014 10:16:01 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: tbhcn.exe, Version: 1.0.0.9, Zeitstempel: 0x5121f458
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0002e3be
ID des fehlerhaften Prozesses: 0x27338
Startzeit der fehlerhaften Anwendung: 0xtbhcn.exe0
Pfad der fehlerhaften Anwendung: tbhcn.exe1
Pfad des fehlerhaften Moduls: tbhcn.exe2
Berichtskennung: tbhcn.exe3

Error: (02/25/2014 07:10:18 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Updater.exe, Version: 1.0.0.0, Zeitstempel: 0x51d1c0fd
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000986ea
ID des fehlerhaften Prozesses: 0x24b04
Startzeit der fehlerhaften Anwendung: 0xUpdater.exe0
Pfad der fehlerhaften Anwendung: Updater.exe1
Pfad des fehlerhaften Moduls: Updater.exe2
Berichtskennung: Updater.exe3

Error: (02/23/2014 10:17:37 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: tbhcn.exe, Version: 1.0.0.9, Zeitstempel: 0x5121f458
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0002e3be
ID des fehlerhaften Prozesses: 0x21ed0
Startzeit der fehlerhaften Anwendung: 0xtbhcn.exe0
Pfad der fehlerhaften Anwendung: tbhcn.exe1
Pfad des fehlerhaften Moduls: tbhcn.exe2
Berichtskennung: tbhcn.exe3


System errors:
=============
Error: (02/28/2014 11:52:49 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Freemake Improver" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (02/28/2014 11:52:49 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Freemake Improver erreicht.

Error: (02/28/2014 11:52:14 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computer Backup (MyPC Backup)" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (02/28/2014 11:52:14 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Computer Backup (MyPC Backup) erreicht.

Error: (02/27/2014 09:42:59 PM) (Source: bowser) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "STEFANWEBER-PC",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{7599D393-445E-470F-B6EA-3791E806E7D0}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (02/26/2014 03:09:53 PM) (Source: bowser) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "STEFANWEBER-PC",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{7599D393-445E-470F-B6EA-3791E806E7D0}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (02/25/2014 10:02:10 PM) (Source: bowser) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "STEFANWEBER-PC",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{7599D393-445E-470F-B6EA-3791E806E7D0}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (02/23/2014 03:20:21 PM) (Source: bowser) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "STEFANWEBER-PC",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{7599D393-445E-470F-B6EA-3791E806E7D0}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (02/23/2014 03:09:05 PM) (Source: bowser) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "STEFANWEBER-PC",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{7599D393-445E-470F-B6EA-3791E806E7D0}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (02/23/2014 11:20:54 AM) (Source: bowser) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "STEFANWEBER-PC",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{7599D393-445E-470F-B6EA-3791E806E7D0}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.


Microsoft Office Sessions:
=========================
Error: (02/28/2014 11:52:10 PM) (Source: Application Error)(User: )
Description: tbhcn.exe1.0.0.95121f458ntdll.dll6.1.7601.18247521ea8e7c00000050002e3be86801cf34d7a8882908C:\ProgramData\GinyasBrowserCompanion\tbhcn.exeC:\Windows\SysWOW64\ntdll.dllf443d487-a0ca-11e3-a5f6-c8600010830c

Error: (02/28/2014 11:52:09 PM) (Source: Application Error)(User: )
Description: tbhcn.exe1.0.0.95121f458tbhcn.exe1.0.0.95121f458400000150005773885801cf34d7a8882908C:\ProgramData\GinyasBrowserCompanion\tbhcn.exeC:\ProgramData\GinyasBrowserCompanion\tbhcn.exef3bc2617-a0ca-11e3-a5f6-c8600010830c

Error: (02/28/2014 11:14:17 PM) (Source: .NET Runtime Optimization Service)(User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - 1>Failed to compile: mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 . Error code = 0x80070003
mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089

Error: (02/28/2014 05:22:38 AM) (Source: Application Error)(User: )
Description: tbhcn.exe1.0.0.95121f458ntdll.dll6.1.7601.18247521ea8e7c00000050002e3be2a3e401cf343c7ca57f02C:\ProgramData\GinyasBrowserCompanion\tbhcn.exeC:\Windows\SysWOW64\ntdll.dllf43e14b5-a02f-11e3-8e9b-c8600010830c

Error: (02/28/2014 05:21:06 AM) (Source: Application Error)(User: )
Description: tbhcn.exe1.0.0.95121f458ntdll.dll6.1.7601.18247521ea8e7c00000050002e3be2572401cf343c7d3dd714C:\ProgramData\GinyasBrowserCompanion\tbhcn.exeC:\Windows\SysWOW64\ntdll.dllbd8f2c1b-a02f-11e3-8e9b-c8600010830c

Error: (02/26/2014 04:31:01 PM) (Source: Application Error)(User: )
Description: conhost.exe6.1.7601.1822951fb06bantdll.dll6.1.7601.18247521eaf24c000000500000000000986ea29e1001cf3307c03caf7dC:\Windows\system32\conhost.exeC:\Windows\SYSTEM32\ntdll.dllfed28138-9efa-11e3-8e9b-c8600010830c

Error: (02/25/2014 10:17:37 PM) (Source: Application Error)(User: )
Description: tbhcn.exe1.0.0.95121f458ntdll.dll6.1.7601.18247521ea8e7c00000050002e3be2720801cf326ec8088036C:\ProgramData\GinyasBrowserCompanion\tbhcn.exeC:\Windows\SysWOW64\ntdll.dll3fbb2a1f-9e62-11e3-8e9b-c8600010830c

Error: (02/25/2014 10:16:01 PM) (Source: Application Error)(User: )
Description: tbhcn.exe1.0.0.95121f458ntdll.dll6.1.7601.18247521ea8e7c00000050002e3be2733801cf326ec8088036C:\ProgramData\GinyasBrowserCompanion\tbhcn.exeC:\Windows\SysWOW64\ntdll.dll066ed088-9e62-11e3-8e9b-c8600010830c

Error: (02/25/2014 07:10:18 PM) (Source: Application Error)(User: )
Description: Updater.exe1.0.0.051d1c0fdntdll.dll6.1.7601.18247521eaf24c000000500000000000986ea24b0401cf3254d617fe7cC:\Program Files (x86)\MyPC Backup\Updater.exeC:\Windows\SYSTEM32\ntdll.dll14f9fc40-9e48-11e3-8e9b-c8600010830c

Error: (02/23/2014 10:17:37 PM) (Source: Application Error)(User: )
Description: tbhcn.exe1.0.0.95121f458ntdll.dll6.1.7601.18247521ea8e7c00000050002e3be21ed001cf30dc73388cd1C:\ProgramData\GinyasBrowserCompanion\tbhcn.exeC:\Windows\SysWOW64\ntdll.dlleae717fb-9ccf-11e3-8e9b-c8600010830c


==================== Memory info ===========================

Percentage of memory in use: 50%
Total physical RAM: 6048.05 MB
Available physical RAM: 3007.77 MB
Total Pagefile: 12094.29 MB
Available Pagefile: 8811.61 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:186.3 GB) (Free:113.6 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (DATA) (Fixed) (Total:254.46 GB) (Free:254.28 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: E3102A4B)

Partition: GPT Partition Type.

mort 01.03.2014 13:25
edit

GummiBauH 01.03.2014 13:31
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-02-2014 02
Ran by Sofie at 2014-03-01 12:41:54
Running from C:\Users\Sofie\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Norton AntiVirus (Enabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton AntiVirus (Enabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202}

==================== Installed Programs ======================

24x7 Help (HKLM-x32\...\{A957F04C-49F4-4375-8C8A-D04B769EFE47}_is1) (Version: 1.0.0.26 - PCRx.com, LLC)
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Reader X (10.1.9) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.9 - Adobe Systems Incorporated)
Amazon Browser Bar (HKLM\...\Amazon Browser Bar) (Version: 3.0.2012.0802 - Amazon)
Amazon Browser Settings (HKLM-x32\...\Amazon Browser Settings) (Version: 3.0 - Amazon)
AMD APP SDK Runtime (Version: 2.5.775.2 - Advanced Micro Devices Inc.) Hidden
AMD AVIVO64 Codecs (Version: 11.7.0.10927 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{92015CBE-D397-C3EA-99FC-B03051DE69A4}) (Version: 3.0.847.0 - Advanced Micro Devices, Inc.)
Angry Birds (HKLM-x32\...\{F0000C3B-FD74-4E5F-B574-CA4AB150E86F}) (Version: 2.1.0 - Rovio)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.12.9.0 - Asmedia Technology)
ASUS AI Recovery (HKLM-x32\...\{D39F0676-163E-4595-A917-E28F99BBD4D2}) (Version: 1.0.19 - ASUS)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.27 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.0.7 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{33B98264-A889-4913-A0CA-C364A75032B3}) (Version: 1.1.45 - ASUS)
ASUS SmartLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0011 - ASUS)
ASUS Sonic Focus (HKLM-x32\...\{B0002707-4F7E-4745-88A7-852DA8A88635}) (Version: 1.0.0.5 - Synopsys )
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0036 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.0.4 - ASUS)
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.23 - asus)
ASUS WebStorage (HKLM-x32\...\ASUS WebStorage) (Version: 3.0.108.222 - eCareme Technologies, Inc.)
AsusScr_K3 Series_ENG (HKLM-x32\...\AsusScr_K3 Series_ENG) (Version: 1.0.0001 - ASUS)
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.7.142 - ASUSTEK)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0014 - ASUS)
Babylon toolbar  (HKLM-x32\...\BabylonToolbar) (Version:  - BabylonToolbar) <==== ATTENTION
BabylonObjectInstaller (HKLM-x32\...\{83AA2913-C123-4146-85BD-AD8F93971D39}) (Version: 2.0.0.3 - Babylon Ltd)
Bing Bar (HKLM-x32\...\{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}) (Version: 7.0.610.0 - Microsoft Corporation)
BrowserCompanion (HKLM-x32\...\BrowserCompanion) (Version:  - ) <==== ATTENTION
Bubbletown (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115065740}) (Version:  - Oberon Media)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center (x32 Version: 2011.0927.2225.38375 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2011.0927.2225.38375 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2011.0927.2225.38375 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2011.0927.2225.38375 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Profiles Mobile (x32 Version: 2011.0927.2225.38375 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2011.0927.2224.38375 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2011.0927.2224.38375 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2011.0927.2224.38375 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2011.0927.2224.38375 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2011.0927.2224.38375 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2011.0927.2224.38375 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2011.0927.2224.38375 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2011.0927.2224.38375 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2011.0927.2224.38375 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2011.0927.2224.38375 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2011.0927.2224.38375 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2011.0927.2224.38375 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2011.0927.2224.38375 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2011.0927.2224.38375 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2011.0927.2224.38375 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2011.0927.2224.38375 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2011.0927.2224.38375 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2011.0927.2224.38375 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2011.0927.2224.38375 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2011.0927.2224.38375 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2011.0927.2224.38375 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2011.0927.2224.38375 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2011.0927.2225.38375 - Advanced Micro Devices, Inc.) Hidden
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (HKLM-x32\...\{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}) (Version: 15.4.5722.2 - Microsoft Corporation)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3624 - CyberLink Corp.)
CyberLink LabelPrint (x32 Version: 2.5.3624 - CyberLink Corp.) Hidden
CyberLink Media Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.2926 - CyberLink Corp.)
CyberLink Media Suite (x32 Version: 8.0.2926 - CyberLink Corp.) Hidden
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.1126 - CyberLink Corp.)
CyberLink Power2Go (x32 Version: 7.0.0.1126 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Deadtime Stories (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-118716773}) (Version:  - Oberon Media)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{81FB7C60-565A-4869-9D90-3BE1D270E8B7}) (Version:  - Microsoft)
Dream Day First Home (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}) (Version:  - Oberon Media)
Dream Vacation Solitaire (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111249233}) (Version:  - Oberon Media)
ETDWare PS/2-X64 8.0.5.5_WHQL (HKLM\...\Elantech) (Version: 8.0.5.5 - ELAN Microelectronic Corp.)
e-Wörterbücher (HKLM-x32\...\{4737AD9F-13AA-4E4C-B86F-B631D557F6A7}) (Version:  - )
Farm Frenzy 3 - Madagascar (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-119205603}) (Version:  - Oberon Media)
Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.10 - ASUS)
Freemake Video Converter Version 3.1.2 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 3.1.2 - Ellora Assets Corporation)
fTalk (HKCU\...\fTalk) (Version: 4.0.0.3965 - Koyote-Lab Inc)
Galapago (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}) (Version:  - Oberon Media)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Game Park Console (HKLM-x32\...\Game Park Console) (Version: 1.2.4.431 - Oberon Media Inc.)
GeoGebra 4.4 (HKLM-x32\...\GeoGebra 4.4) (Version: 4.4.3.0 - International GeoGebra Institute)
GinyasBrowserCompanion (HKLM-x32\...\GinyasBrowserCompanion) (Version:  - Ginyas) <==== ATTENTION
Go Go Gourmet Chef of the Year (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115290153}) (Version:  - Oberon Media)
Google Chrome (HKCU\...\Google Chrome) (Version: 24.0.1312.57 - Google Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.117 - Google Inc.)
Google Drive (HKLM-x32\...\{E87022D3-C8C9-4C76-8E27-BC7F18F9B8FB}) (Version: 1.14.6059.644 - Google, Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google SketchUp 8 (HKLM-x32\...\{4BA6784F-3B10-473A-B9F5-33A36AC354D5}) (Version: 3.0.14358 - Google, Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.4805.320 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
Graboid Video 3.12 (HKLM-x32\...\Graboid Video) (Version: 3.12 - Graboid Inc.)
gutscheinfilter.de (HKCU\...\{206a7328-437f-4bd9-b53e-12bfee24d588}) (Version:  - gutscheinfilter.de)
IB Updater Service (HKLM-x32\...\WNLT) (Version: 5.0.3.4 - ) <==== ATTENTION
iLivid (HKLM-x32\...\iLivid) (Version: 1.92 - Bandoo Media Inc) <==== ATTENTION
Inbox Toolbar (HKLM-x32\...\{612AD33D-9824-4E87-8396-92374E91C4BB}_is1) (Version: 2.0.0.12 - Inbox.com, Inc.)
Incredibar Toolbar  on IE and Chrome (HKLM-x32\...\incredibar) (Version:  - ) <==== ATTENTION
Incredibar-Games EN Toolbar (HKLM-x32\...\Incredibar-Games_EN Toolbar) (Version: 6.8.10.0 - Incredibar-Games EN) <==== ATTENTION
InstantOn for NB (HKLM-x32\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 2.1.5 - ASUS)
Intel PROSet Wireless (Version:  - ) Hidden
Intel PROSet Wireless (x32 Version:  - ) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Display Audio Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 6.14.00.3074 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi Software (HKLM\...\{25FBDA9A-E868-4B3B-B9FF-D923818511A1}) (Version: 14.2.0000 - Intel Corporation)
Internet Explorer Toolbar 4.6 by SweetPacks (HKLM-x32\...\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}) (Version: 4.6.0004 - SweetIM Technologies Ltd.) <==== ATTENTION
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LyricsContainer (HKLM-x32\...\854e4d75-e926-498d-a2ad-a3e5c9f68079) (Version:  - RYD Software) <==== ATTENTION
Mahjong Memoirs (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-117948443}) (Version:  - Oberon Media)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Mozilla Firefox 14.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 14.0.1 (x86 de)) (Version: 14.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 14.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MyPC Backup  (HKLM\...\MyPC Backup) (Version:  - MyPC Backup) <==== ATTENTION
Norton AntiVirus (HKLM-x32\...\NAV) (Version: 21.1.0.18 - Symantec Corporation)
Norton Identity Safe (HKLM-x32\...\NST) (Version: 2014.6.0.27 - Symantec Corporation)
Nuance PDF Reader (HKLM-x32\...\{B480904D-F73F-4673-B034-8A5F492C9184}) (Version: 6.00.0041 - Nuance Communications, Inc.)
Optimizer Pro v3.0 (HKLM-x32\...\Optimizer Pro_is1) (Version: 3.0 - PC Utilities Pro) <==== ATTENTION
PC Power Speed 1.0.0.27 (HKLM-x32\...\{B0C56FD7-493D-44DD-B007-BBB5117D6E6F}_is1) (Version: 1.0.0.27 - Crawler, LLC.)
PhotoLine 17.5.1.0 (HKLM\...\PhotoLine_is1) (Version: 17.5.1.0 - )
PhotoScape (HKLM-x32\...\PhotoScape) (Version:  - )
Plants vs Zombies (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-117080787}) (Version:  - Oberon Media)
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6473 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Reader Driver (HKLM-x32\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 6.1.7600.10010 - Realtek Semiconductor Corp.)
RebateInformer (HKLM-x32\...\{4EF645BD-65B0-4F98-AD56-D0437B7045F6}_is1) (Version: 1.0.0.83 - Inbox.com, Inc.)
Red Light Center 3D Client (HKLM-x32\...\Red Light Center 3D Client) (Version: 1.9.4421 - Utherverse Digital Inc)
RegClean Pro (HKLM-x32\...\RegClean Pro_is1) (Version: 6.21 - Systweak Inc) <==== ATTENTION
Savings Sidekick (HKLM-x32\...\Savings Sidekick) (Version: 1.23.151.151 - 215 Apps)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
SiteRanker (HKLM-x32\...\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}_is1) (Version: 1.0.0.29 - Crawler, LLC)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Snap.Do (HKLM-x32\...\{084B3661-F647-4E44-9018-D7DCDF538057}) (Version: 11.7.1.13233 - ReSoft Ltd.) <==== ATTENTION
Snap.Do Engine (HKCU\...\{9a32986b-7228-4979-8fdf-e749ebb33136}) (Version: 11.7.1.13233 - ReSoft Ltd.) <==== ATTENTION
SweetIM for Messenger 3.7 (HKLM-x32\...\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}) (Version: 3.7.0007 - SweetIM Technologies Ltd.) <==== ATTENTION
SweetPacks bundle uninstaller (HKLM-x32\...\{0C43FE6B-E881-4AFC-B384-4AEBC90047E8}) (Version: 1.0.0000 - SweetIM Technologies Ltd.) <==== ATTENTION
Turbo Fiesta (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115320460}) (Version:  - Oberon Media)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{001E8BF3-EDC3-4D5E-9C11-1D0E599B6497}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{001E8BF3-EDC3-4D5E-9C11-1D0E599B6497}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837583) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{E21274CE-CA0C-49FA-93F4-DC292A052264}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{C70D2038-A2C4-4A99-87DE-5272BB44F0CE}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{B5C70C99-B109-42FD-B219-FF12CA543F19}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{81812245-FC84-426A-BC02-6659C88CC7B2}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2775360) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{80F56E3F-1D47-4E45-B6E0-FEF4E919F4F9}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{8C55AA83-54C2-4236-A622-78440A411DC5}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{E78E2B68-8FD1-42EE-BB74-99A4D9E6222D}) (Version:  - Microsoft)
Update Manager for SweetPacks 1.1 (HKLM-x32\...\{EA8FA6BE-29BE-4AF2-9352-841F83215EB0}) (Version: 1.1.0008 - SweetIM Technologies Ltd.) <==== ATTENTION
Updater Service (HKLM-x32\...\Updater Service) (Version: 14,12,8,9 - ) <==== ATTENTION
VideoPerformer (HKLM-x32\...\VideoPerformer) (Version:  - PerformerSoft LLC) <==== ATTENTION
VLC media player 1.0.1 (HKLM-x32\...\VLC media player) (Version: 1.0.1 - VideoLAN Team)
Wajam (HKLM-x32\...\Wajam) (Version: 1.80 - Wajam) <==== ATTENTION
Web Assistant 2.0.0.573 (HKLM\...\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1) (Version: 2.0.0.573 - IncrediBar) <==== ATTENTION
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Корпорация Майкрософт) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live 影像中心 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live 程式集 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Searchqu Toolbar (HKLM-x32\...\Searchqu Toolbar) (Version: 4.1.0.2912 - Koyote-Lab Inc) <==== ATTENTION
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.32.0 - ASUS)
Wireless Console 3 (HKLM-x32\...\{C4BC5A5F-4A97-47CC-99C3-AB8E10572AFE}) (Version: 3.0.24 - ASUS)
WiseConvert Toolbar (HKLM-x32\...\WiseConvert Toolbar) (Version: 6.8.9.0 - WiseConvert)
World of Goo (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-116672750}) (Version:  - Oberon Media)
Yontoo 1.10.02 (HKLM\...\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}) (Version: 1.10.02 - Yontoo LLC) <==== ATTENTION
Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις (HKLM-x32\...\{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Элемент управления Windows Live Mesh ActiveX для удаленных подключений (HKLM-x32\...\{BCB0D6F7-7EAB-4009-A6F2-8E0E7F317773}) (Version: 15.4.5722.2 - Microsoft Corporation)
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
פקד ActiveX של Windows Live Mesh עבור חיבורים מרוחקים (HKLM-x32\...\{9D4C7DFA-CBBB-4F06-BDAC-94D831406DF0}) (Version: 15.4.5722.2 - Microsoft Corporation)
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
عنصر تحكم ActiveX الخاص بـ Windows Live Mesh للاتصالات البعيدة (HKLM-x32\...\{E18B30AA-6E2D-480C-B918-AF61009F4010}) (Version: 15.4.5722.2 - Microsoft Corporation)
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
適用遠端連線的 Windows Live Mesh ActiveX 控制項 (HKLM-x32\...\{622DE1BE-9EDE-49D3-B349-29D64760342A}) (Version: 15.4.5722.2 - Microsoft Corporation)

==================== Restore Points  =========================

18-01-2014 17:06:06 Windows Update
16-02-2014 09:01:12 Windows Update
28-02-2014 04:20:58 Windows Update
01-03-2014 10:19:08 Windows Update

==================== Hosts content: ==========================

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {0274573B-0095-4650-ADB0-3579CB0F2BFD} - System32\Tasks\Video Performer Manager => Sc.exe start Video Performer Manager
Task: {029F12D2-13E5-44AE-8E50-0ECAC6D1989E} - System32\Tasks\GinyasBrowserCompanion Update Checker => C:\ProgramData\GinyasBrowserCompanion\tbhcn.exe [2013-02-18] (Blabbers Communications Ltd) <==== ATTENTION
Task: {0736B926-A754-4A54-99F6-3E89C57A733E} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2011-07-22] (ASUS)
Task: {0D76E23C-8046-4051-A64E-DCCD7A6860B9} - System32\Tasks\AIRecoveryRemind => C:\Program Files (x86)\ASUS\AI Recovery\AIRecoveryRemind.exe [2011-11-25] (ASUSTek Computer Inc.)
Task: {1A9EE643-F5C4-4DFD-B584-A30184158AA1} - System32\Tasks\RegClean Pro_DEFAULT => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe [2013-05-27] (Systweak Inc) <==== ATTENTION
Task: {1D5D6C37-BAD1-4094-A458-458C6B991622} - System32\Tasks\GinyasBrowserCompanion Stats Report => C:\ProgramData\GinyasBrowserCompanion\tbhcn.exe [2013-02-18] (Blabbers Communications Ltd) <==== ATTENTION
Task: {233C98A1-E235-47AE-B035-66CB748DB0EF} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\SymErr.exe [2013-06-04] (Symantec Corporation)
Task: {2C690962-4CA9-4ECC-993E-3B9AECFC8E0C} - System32\Tasks\ASUS P4G => C:\Program Files\P4G\BatteryLife.exe [2011-06-01] (ASUS)
Task: {2D81F22D-54CD-461A-A8CB-7D1F3D3A2532} - System32\Tasks\LyricsContainer_wd => C:\Program Files (x86)\LyricsContainer\LyricsContainer_wd.exe [2014-02-11] () <==== ATTENTION
Task: {4A561ED7-1760-400B-80A6-4CC04572DC5C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-21] (Adobe Systems Incorporated)
Task: {4C09EB29-928B-4958-A4C6-65B25DD9806F} - System32\Tasks\GinyasBrowserCompanion Chrome Watcher => C:\ProgramData\GinyasBrowserCompanion\tbhcn.exe [2013-02-18] (Blabbers Communications Ltd) <==== ATTENTION
Task: {535D4444-B07A-4129-990E-9C5F7F2E5495} - System32\Tasks\Games\UpdateCheck_S-1-5-21-2936684877-3664751725-4146889954-1000
Task: {5FA6CE0F-AC00-4AA6-A433-6567B202F013} - System32\Tasks\RegClean Pro => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe [2013-05-27] (Systweak Inc) <==== ATTENTION
Task: {670F948B-EBB9-448F-9455-7E1A2EA4EB69} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [2010-11-15] (ASUS)
Task: {690A4F98-97F9-4B29-B541-037F077152B4} - System32\Tasks\Norton AntiVirus\Norton Error Analyzer => C:\Program Files (x86)\Norton AntiVirus\Engine\21.1.0.18\SymErr.exe [2013-08-01] (Symantec Corporation)
Task: {79479816-1358-4187-B470-E0DE5B2245A2} - System32\Tasks\Norton AntiVirus\Norton Error Processor => C:\Program Files (x86)\Norton AntiVirus\Engine\21.1.0.18\SymErr.exe [2013-08-01] (Symantec Corporation)
Task: {7BB78F33-2CC8-49B4-BD0C-452ABE86066F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-07-13] (Google Inc.)
Task: {8952F998-4ADB-4761-A60D-23CE5EF36E36} - System32\Tasks\GinyasBrowserCompanion Runner => C:\ProgramData\GinyasBrowserCompanion\tbhcn.exe [2013-02-18] (Blabbers Communications Ltd) <==== ATTENTION
Task: {8F037F5F-C02F-4B78-BC64-3AD8E7A7BFF9} - System32\Tasks\ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2011-11-23] (ASUS)
Task: {9490072E-41CE-458C-A41A-B8C438EA2DF8} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2011-09-30] (ASUSTeK Computer Inc.)
Task: {C26CDAD7-1010-4C4E-BBD0-2B6060C1F44F} - System32\Tasks\LyricsContainer Update => C:\Program Files (x86)\LyricsContainer\LrcsCtrUpdr.exe [2014-02-11] () <==== ATTENTION
Task: {C3001DA3-B227-483B-B424-602506E1B1EE} - System32\Tasks\USBChargerPlus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2011-09-20] (ASUSTek Computer Inc.)
Task: {D06659B7-21D8-4C85-91A5-8659593D482C} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton AntiVirus\Engine\21.1.0.18\WSCStub.exe [2013-10-08] (Symantec Corporation)
Task: {E0FE35FB-AC42-4723-BB94-5DAC9F75B169} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\SymErr.exe [2013-06-04] (Symantec Corporation)
Task: {E296B07C-E8EA-463C-A79B-E2D916BF6EC2} - System32\Tasks\GinyasBrowserCompanion FireFox Watcher => C:\ProgramData\GinyasBrowserCompanion\tbhcn.exe [2013-02-18] (Blabbers Communications Ltd) <==== ATTENTION
Task: {FA2B8908-7691-4E43-8E38-6997167382F5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-07-13] (Google Inc.)
Task: {FF099432-7C88-4120-BE3B-268AAE5FD763} - System32\Tasks\RegClean Pro_UPDATES => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe [2013-05-27] (Systweak Inc) <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GinyasBrowserCompanion Chrome Watcher.job => C:\ProgramData\GinyasBrowserCompanion\tbhcn.exe <==== ATTENTION
Task: C:\Windows\Tasks\GinyasBrowserCompanion FireFox Watcher.job => C:\ProgramData\GinyasBrowserCompanion\tbhcn.exe <==== ATTENTION
Task: C:\Windows\Tasks\GinyasBrowserCompanion Runner.job => C:\ProgramData\GinyasBrowserCompanion\tbhcn.exe <==== ATTENTION
Task: C:\Windows\Tasks\GinyasBrowserCompanion Stats Report.job => C:\ProgramData\GinyasBrowserCompanion\tbhcn.exe <==== ATTENTION
Task: C:\Windows\Tasks\GinyasBrowserCompanion Update Checker.job => C:\ProgramData\GinyasBrowserCompanion\tbhcn.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\LyricsContainer Update.job => C:\Program Files (x86)\LyricsContainer\LrcsCtrUpdr.exe <==== ATTENTION
Task: C:\Windows\Tasks\LyricsContainer_wd.job => C:\Program Files (x86)\LyricsContainer\LyricsContainer_wd.exe <==== ATTENTION
Task: C:\Windows\Tasks\RegClean Pro_DEFAULT.job => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe <==== ATTENTION
Task: C:\Windows\Tasks\RegClean Pro_UPDATES.job => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe <==== ATTENTION

==================== Loaded Modules (whitelisted) =============

2011-07-28 05:07 - 2011-07-28 05:07 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2014-02-11 21:42 - 2014-02-11 21:42 - 00093184 _____ () C:\Program Files (x86)\LyricsContainer\LyricsContainer_wd.exe
2010-07-15 01:11 - 2010-07-15 01:11 - 00031360 _____ () C:\Program Files\P4G\DevMng.dll
2011-07-28 05:07 - 2011-07-28 05:07 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll
2013-07-01 18:47 - 2013-07-01 18:47 - 00012288 _____ () C:\Program Files (x86)\MyPC Backup\GetText.dll
2013-07-01 18:43 - 2013-07-01 18:43 - 01102336 _____ () C:\Program Files (x86)\MyPC Backup\x64\System.Data.SQLite.dll
2012-07-02 10:16 - 2012-07-02 10:16 - 00695448 _____ () C:\Users\Sofie\AppData\Roaming\BrowserCompanion\tbhcn.exe
2012-07-22 19:25 - 2012-07-22 19:25 - 00114688 _____ () C:\Windows\System32\GFilterSvc.exe
2012-09-04 14:53 - 2014-02-04 10:28 - 01859376 _____ () C:\Windows\system32\dmwu.exe
2014-02-11 21:42 - 2014-02-11 21:42 - 00181248 _____ () C:\Program Files (x86)\LyricsContainer\LyricsContainer153.exe
2013-03-21 19:24 - 2013-03-21 19:24 - 00222368 _____ () C:\Program Files (x86)\Amazon Browser Bar\ToolbarUpdaterService.exe
2013-03-12 21:35 - 2013-01-29 14:28 - 00188760 _____ () C:\Program Files\Web Assistant\ExtensionUpdaterService.exe
2014-02-04 10:28 - 2014-02-04 10:28 - 01019184 _____ () C:\Windows\SysWOW64\jmdp\stij.exe
2014-02-04 10:28 - 2014-02-04 10:28 - 01217328 _____ () C:\Windows\System32\ljkb\stij.exe
2014-02-04 10:28 - 2014-02-04 10:28 - 01528624 _____ () C:\Windows\System32\ljkb\lmrn.dll
2011-11-23 00:09 - 2011-11-23 00:09 - 00009216 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
2011-09-30 02:06 - 2011-09-30 02:06 - 00208384 _____ () C:\Program Files (x86)\ASUS\ASUS Live Update\alvupdt.dll
2010-08-20 18:57 - 2010-08-20 18:57 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2010-08-20 18:57 - 2010-08-20 18:57 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2013-10-31 16:26 - 2013-10-31 16:26 - 00034848 _____ () C:\Users\Sofie\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Core.dll
2013-10-31 16:26 - 2013-10-31 16:26 - 00056864 _____ () C:\Users\Sofie\AppData\Local\Smartbar\Application\srau.dll
2013-10-31 16:26 - 2013-10-31 16:26 - 00150560 _____ () C:\Users\Sofie\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Utilities.dll
2013-10-31 16:26 - 2013-10-31 16:26 - 00112672 _____ () C:\Users\Sofie\AppData\Local\Smartbar\Application\Smartbar.Resources.HistoryAndStatsWrapper.dll
2013-10-31 16:26 - 2013-10-31 16:26 - 01981472 _____ () C:\Users\Sofie\AppData\Local\Smartbar\Application\Smartbar.GUI.MainClient.dll
2013-10-31 16:26 - 2013-10-31 16:26 - 00055840 _____ () C:\Users\Sofie\AppData\Local\Smartbar\Application\spbl.dll
2013-10-31 16:26 - 2013-10-31 16:26 - 00013344 _____ () C:\Users\Sofie\AppData\Local\Smartbar\Application\siem.dll
2013-10-31 16:26 - 2013-10-31 16:26 - 00049184 _____ () C:\Users\Sofie\AppData\Local\Smartbar\Application\sppsm.dll
2013-10-31 16:26 - 2013-10-31 16:26 - 00728096 _____ () C:\Users\Sofie\AppData\Local\Smartbar\Application\Smartbar.GUI.Controls.dll
2013-10-31 16:26 - 2013-10-31 16:26 - 00082464 _____ () C:\Users\Sofie\AppData\Local\Smartbar\Application\Smartbar.GUI.Docking.dll
2013-10-31 16:26 - 2013-10-31 16:26 - 00014368 _____ () C:\Users\Sofie\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.BusinessEntities.dll
2013-10-31 16:26 - 2013-10-31 16:26 - 00017440 _____ () C:\Users\Sofie\AppData\Local\Smartbar\Application\Smartbar.Personalization.Common.dll
2013-10-31 16:26 - 2013-10-31 16:26 - 00031264 _____ () C:\Users\Sofie\AppData\Local\Smartbar\Application\srut.dll
2013-10-31 16:26 - 2013-10-31 16:26 - 00020512 _____ () C:\Users\Sofie\AppData\Local\Smartbar\Application\srsbs.dll
2013-10-31 16:26 - 2013-10-31 16:26 - 00057888 _____ () C:\Users\Sofie\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.InternetExplorerLocalPlugin.dll
2013-10-31 16:26 - 2013-10-31 16:26 - 00014880 _____ () C:\Users\Sofie\AppData\Local\Smartbar\Application\srpdm.dll
2012-10-20 16:12 - 2012-10-20 16:12 - 00911432 _____ () C:\Windows\assembly\GAC_32\System.Data.SQLite\1.0.66.0__db937bc2d44ff139\System.Data.SQLite.dll
2013-10-31 16:26 - 2013-10-31 16:26 - 00014368 _____ () C:\Users\Sofie\AppData\Local\Smartbar\Application\sgml.dll
2013-10-31 16:26 - 2013-10-31 16:26 - 00053280 _____ () C:\Users\Sofie\AppData\Local\Smartbar\Application\Smartbar.Resources.LanguageSettings.dll
2013-10-31 16:26 - 2013-10-31 16:26 - 00048160 _____ () C:\Users\Sofie\AppData\Local\Smartbar\Application\MACTrackBarLib.dll
2013-10-31 16:26 - 2013-10-31 16:26 - 00026144 _____ () C:\Users\Sofie\AppData\Local\Smartbar\Application\de\Smartbar.Resources.LanguageSettings.resources.dll
2013-10-31 16:26 - 2013-10-31 16:26 - 00025632 _____ () C:\Users\Sofie\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.dll
2013-10-31 15:17 - 2013-10-31 15:17 - 00193056 _____ () C:\Users\Sofie\AppData\Local\Smartbar\Application\sgmu.dll
2013-10-31 15:16 - 2013-10-31 15:16 - 00068640 _____ () C:\Users\Sofie\AppData\Local\Smartbar\Application\AxInterop.WMPLib.dll
2013-10-31 16:26 - 2013-10-31 16:26 - 00248864 _____ () C:\Users\Sofie\AppData\Local\Smartbar\Application\srns.dll
2011-09-13 22:33 - 2011-09-13 22:33 - 01163264 _____ () C:\Program Files (x86)\ASUS\Wireless Console 3\acAuth.dll
2014-02-04 10:28 - 2014-02-04 10:28 - 01235760 _____ () C:\Windows\SysWOW64\jmdp\lmrn.dll
2014-02-22 09:25 - 2014-02-20 02:02 - 00051016 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\chrome_elf.dll
2014-02-22 09:25 - 2014-02-20 02:02 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\libglesv2.dll
2014-02-22 09:25 - 2014-02-20 02:02 - 00100168 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\libegl.dll
2014-02-22 09:25 - 2014-02-20 02:03 - 04060488 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\pdf.dll
2014-02-22 09:25 - 2014-02-20 02:03 - 00394568 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\ppGoogleNaClPluginChrome.dll
2014-02-22 09:25 - 2014-02-20 02:02 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\ffmpegsumo.dll
2014-02-22 09:25 - 2014-02-20 02:03 - 13632840 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupreg: ASUS Screen Saver Protector => C:\Windows\AsScrPro.exe
MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (02/28/2014 11:52:10 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: tbhcn.exe, Version: 1.0.0.9, Zeitstempel: 0x5121f458
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0002e3be
ID des fehlerhaften Prozesses: 0x868
Startzeit der fehlerhaften Anwendung: 0xtbhcn.exe0
Pfad der fehlerhaften Anwendung: tbhcn.exe1
Pfad des fehlerhaften Moduls: tbhcn.exe2
Berichtskennung: tbhcn.exe3

Error: (02/28/2014 11:52:09 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: tbhcn.exe, Version: 1.0.0.9, Zeitstempel: 0x5121f458
Name des fehlerhaften Moduls: tbhcn.exe, Version: 1.0.0.9, Zeitstempel: 0x5121f458
Ausnahmecode: 0x40000015
Fehleroffset: 0x00057738
ID des fehlerhaften Prozesses: 0x858
Startzeit der fehlerhaften Anwendung: 0xtbhcn.exe0
Pfad der fehlerhaften Anwendung: tbhcn.exe1
Pfad des fehlerhaften Moduls: tbhcn.exe2
Berichtskennung: tbhcn.exe3

Error: (02/28/2014 11:14:17 PM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - 1>Failed to compile: mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 . Error code = 0x80070003

Error: (02/28/2014 05:22:38 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: tbhcn.exe, Version: 1.0.0.9, Zeitstempel: 0x5121f458
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0002e3be
ID des fehlerhaften Prozesses: 0x2a3e4
Startzeit der fehlerhaften Anwendung: 0xtbhcn.exe0
Pfad der fehlerhaften Anwendung: tbhcn.exe1
Pfad des fehlerhaften Moduls: tbhcn.exe2
Berichtskennung: tbhcn.exe3

Error: (02/28/2014 05:21:06 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: tbhcn.exe, Version: 1.0.0.9, Zeitstempel: 0x5121f458
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0002e3be
ID des fehlerhaften Prozesses: 0x25724
Startzeit der fehlerhaften Anwendung: 0xtbhcn.exe0
Pfad der fehlerhaften Anwendung: tbhcn.exe1
Pfad des fehlerhaften Moduls: tbhcn.exe2
Berichtskennung: tbhcn.exe3

Error: (02/26/2014 04:31:01 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: conhost.exe, Version: 6.1.7601.18229, Zeitstempel: 0x51fb06ba
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000986ea
ID des fehlerhaften Prozesses: 0x29e10
Startzeit der fehlerhaften Anwendung: 0xconhost.exe0
Pfad der fehlerhaften Anwendung: conhost.exe1
Pfad des fehlerhaften Moduls: conhost.exe2
Berichtskennung: conhost.exe3

Error: (02/25/2014 10:17:37 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: tbhcn.exe, Version: 1.0.0.9, Zeitstempel: 0x5121f458
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0002e3be
ID des fehlerhaften Prozesses: 0x27208
Startzeit der fehlerhaften Anwendung: 0xtbhcn.exe0
Pfad der fehlerhaften Anwendung: tbhcn.exe1
Pfad des fehlerhaften Moduls: tbhcn.exe2
Berichtskennung: tbhcn.exe3

Error: (02/25/2014 10:16:01 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: tbhcn.exe, Version: 1.0.0.9, Zeitstempel: 0x5121f458
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0002e3be
ID des fehlerhaften Prozesses: 0x27338
Startzeit der fehlerhaften Anwendung: 0xtbhcn.exe0
Pfad der fehlerhaften Anwendung: tbhcn.exe1
Pfad des fehlerhaften Moduls: tbhcn.exe2
Berichtskennung: tbhcn.exe3

Error: (02/25/2014 07:10:18 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Updater.exe, Version: 1.0.0.0, Zeitstempel: 0x51d1c0fd
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000986ea
ID des fehlerhaften Prozesses: 0x24b04
Startzeit der fehlerhaften Anwendung: 0xUpdater.exe0
Pfad der fehlerhaften Anwendung: Updater.exe1
Pfad des fehlerhaften Moduls: Updater.exe2
Berichtskennung: Updater.exe3

Error: (02/23/2014 10:17:37 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: tbhcn.exe, Version: 1.0.0.9, Zeitstempel: 0x5121f458
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0002e3be
ID des fehlerhaften Prozesses: 0x21ed0
Startzeit der fehlerhaften Anwendung: 0xtbhcn.exe0
Pfad der fehlerhaften Anwendung: tbhcn.exe1
Pfad des fehlerhaften Moduls: tbhcn.exe2
Berichtskennung: tbhcn.exe3


System errors:
=============
Error: (02/28/2014 11:52:49 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Freemake Improver" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (02/28/2014 11:52:49 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Freemake Improver erreicht.

Error: (02/28/2014 11:52:14 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computer Backup (MyPC Backup)" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (02/28/2014 11:52:14 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Computer Backup (MyPC Backup) erreicht.

Error: (02/27/2014 09:42:59 PM) (Source: bowser) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "STEFANWEBER-PC",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{7599D393-445E-470F-B6EA-3791E806E7D0}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (02/26/2014 03:09:53 PM) (Source: bowser) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "STEFANWEBER-PC",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{7599D393-445E-470F-B6EA-3791E806E7D0}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (02/25/2014 10:02:10 PM) (Source: bowser) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "STEFANWEBER-PC",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{7599D393-445E-470F-B6EA-3791E806E7D0}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (02/23/2014 03:20:21 PM) (Source: bowser) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "STEFANWEBER-PC",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{7599D393-445E-470F-B6EA-3791E806E7D0}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (02/23/2014 03:09:05 PM) (Source: bowser) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "STEFANWEBER-PC",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{7599D393-445E-470F-B6EA-3791E806E7D0}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (02/23/2014 11:20:54 AM) (Source: bowser) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "STEFANWEBER-PC",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{7599D393-445E-470F-B6EA-3791E806E7D0}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.


Microsoft Office Sessions:
=========================
Error: (02/28/2014 11:52:10 PM) (Source: Application Error)(User: )
Description: tbhcn.exe1.0.0.95121f458ntdll.dll6.1.7601.18247521ea8e7c00000050002e3be86801cf34d7a8882908C:\ProgramData\GinyasBrowserCompanion\tbhcn.exeC:\Windows\SysWOW64\ntdll.dllf443d487-a0ca-11e3-a5f6-c8600010830c

Error: (02/28/2014 11:52:09 PM) (Source: Application Error)(User: )
Description: tbhcn.exe1.0.0.95121f458tbhcn.exe1.0.0.95121f458400000150005773885801cf34d7a8882908C:\ProgramData\GinyasBrowserCompanion\tbhcn.exeC:\ProgramData\GinyasBrowserCompanion\tbhcn.exef3bc2617-a0ca-11e3-a5f6-c8600010830c

Error: (02/28/2014 11:14:17 PM) (Source: .NET Runtime Optimization Service)(User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - 1>Failed to compile: mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 . Error code = 0x80070003
mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089

Error: (02/28/2014 05:22:38 AM) (Source: Application Error)(User: )
Description: tbhcn.exe1.0.0.95121f458ntdll.dll6.1.7601.18247521ea8e7c00000050002e3be2a3e401cf343c7ca57f02C:\ProgramData\GinyasBrowserCompanion\tbhcn.exeC:\Windows\SysWOW64\ntdll.dllf43e14b5-a02f-11e3-8e9b-c8600010830c

Error: (02/28/2014 05:21:06 AM) (Source: Application Error)(User: )
Description: tbhcn.exe1.0.0.95121f458ntdll.dll6.1.7601.18247521ea8e7c00000050002e3be2572401cf343c7d3dd714C:\ProgramData\GinyasBrowserCompanion\tbhcn.exeC:\Windows\SysWOW64\ntdll.dllbd8f2c1b-a02f-11e3-8e9b-c8600010830c

Error: (02/26/2014 04:31:01 PM) (Source: Application Error)(User: )
Description: conhost.exe6.1.7601.1822951fb06bantdll.dll6.1.7601.18247521eaf24c000000500000000000986ea29e1001cf3307c03caf7dC:\Windows\system32\conhost.exeC:\Windows\SYSTEM32\ntdll.dllfed28138-9efa-11e3-8e9b-c8600010830c

Error: (02/25/2014 10:17:37 PM) (Source: Application Error)(User: )
Description: tbhcn.exe1.0.0.95121f458ntdll.dll6.1.7601.18247521ea8e7c00000050002e3be2720801cf326ec8088036C:\ProgramData\GinyasBrowserCompanion\tbhcn.exeC:\Windows\SysWOW64\ntdll.dll3fbb2a1f-9e62-11e3-8e9b-c8600010830c

Error: (02/25/2014 10:16:01 PM) (Source: Application Error)(User: )
Description: tbhcn.exe1.0.0.95121f458ntdll.dll6.1.7601.18247521ea8e7c00000050002e3be2733801cf326ec8088036C:\ProgramData\GinyasBrowserCompanion\tbhcn.exeC:\Windows\SysWOW64\ntdll.dll066ed088-9e62-11e3-8e9b-c8600010830c

Error: (02/25/2014 07:10:18 PM) (Source: Application Error)(User: )
Description: Updater.exe1.0.0.051d1c0fdntdll.dll6.1.7601.18247521eaf24c000000500000000000986ea24b0401cf3254d617fe7cC:\Program Files (x86)\MyPC Backup\Updater.exeC:\Windows\SYSTEM32\ntdll.dll14f9fc40-9e48-11e3-8e9b-c8600010830c

Error: (02/23/2014 10:17:37 PM) (Source: Application Error)(User: )
Description: tbhcn.exe1.0.0.95121f458ntdll.dll6.1.7601.18247521ea8e7c00000050002e3be21ed001cf30dc73388cd1C:\ProgramData\GinyasBrowserCompanion\tbhcn.exeC:\Windows\SysWOW64\ntdll.dlleae717fb-9ccf-11e3-8e9b-c8600010830c


==================== Memory info ===========================

Percentage of memory in use: 50%
Total physical RAM: 6048.05 MB
Available physical RAM: 3007.77 MB
Total Pagefile: 12094.29 MB
Available Pagefile: 8811.61 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:186.3 GB) (Free:113.6 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (DATA) (Fixed) (Total:254.46 GB) (Free:254.28 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: E3102A4B)

Partition: GPT Partition Type.

==================== End Of Log ============================

mort 01.03.2014 15:26
Schritt 1

Klicke bitte auf den Windowsbutton in der Taskleiste und dort wiederum auf "Systemsteuerung". Wenn du hier angelangt bist, gehe auf "Programme deinstallieren" unter "Programme". Hier kannst du nun folgende Programm deinstallieren.
  • Amazon Browser Bar
  • Babylon toolbar
  • BabylonObjectInstaller
  • Bing Bar
  • BrowserCompanion
  • GinyasBrowserCompanion
  • gutscheinfilter.de
  • IB Updater Service
  • iLivid
  • Inbox Toolbar
  • Incredibar Toolbar on IE and Chrome
  • Incredibar-Games EN Toolbar
  • LyricsContainer
  • MyPC Backup
  • Optimizer Pro v3.0
  • PC Power Speed 1.0.0.27
  • RegClean Pro
  • RebateInformer
  • Savings Sidekick
  • SiteRanker
  • Snap.Do
  • Snap.Do Engine
  • SweetIM for Messenger 3.7
  • SweetPacks bundle uninstaller
  • Update Manager for SweetPacks 1.1
  • Updater Service
  • VideoPerformer
  • Wajam
  • Web Assistant 2.0.0.573
  • Windows Searchqu Toolbar
  • WiseConvert Toolbar
  • Yontoo 1.10.02

Schritt 2

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).


Schritt 3

Starte noch einmal FRST.
  • Ändere keine der Voreinstellungen und drücke auf Scan.
  • Wenn der Scan abgeschlossen ist, werden ein neues Logfile FRST.txt erstellt und auf dem Desktop gespeichert.
  • Poste den Inhalt dieses Logfiles bitte hier in deinen Thread.

GummiBauH 01.03.2014 16:51
Code:
# AdwCleaner v3.020 - Bericht erstellt am 01/03/2014 um 16:37:27
# Aktualisiert 27/02/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Sofie - SOFIE-PC
# Gestartet von : C:\Users\Sofie\Desktop\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****

Dienst Gelöscht : Updater Service for AMZN
[#] Dienst Gelöscht : Web Assistant Updater

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\boost_interprocess
Ordner Gelöscht : C:\ProgramData\IBUpdaterService
Ordner Gelöscht : C:\ProgramData\Tarma Installer
Ordner Gelöscht : C:\Program Files (x86)\~BabylonToolbar
Ordner Gelöscht : C:\Program Files (x86)\Amazon Browser Bar
Ordner Gelöscht : C:\Program Files (x86)\MyPC Backup
Ordner Gelöscht : C:\Program Files (x86)\Searchqu Toolbar
Ordner Gelöscht : C:\Users\Sofie\AppData\Local\Amazon Browser Bar
Ordner Gelöscht : C:\Users\Sofie\AppData\Local\Ilivid Player
Ordner Gelöscht : C:\Users\Sofie\AppData\LocalLow\Conduit
Ordner Gelöscht : C:\Users\Sofie\AppData\LocalLow\incredibar.com
Ordner Gelöscht : C:\Users\Sofie\AppData\LocalLow\PriceGong
Ordner Gelöscht : C:\Users\Sofie\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\Sofie\AppData\Roaming\BrowserCompanion
Ordner Gelöscht : C:\Users\Sofie\AppData\Roaming\OpenCandy
Ordner Gelöscht : C:\Users\Sofie\AppData\Roaming\Systweak
Ordner Gelöscht : C:\Users\Sofie\AppData\Roaming\Mozilla\Firefox\Profiles\rchrgiqv.default\Smartbar
Ordner Gelöscht : C:\Users\Sofie\AppData\Roaming\Mozilla\Firefox\Profiles\rchrgiqv.default\SweetPacksToolbarData
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\Extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}
Datei Gelöscht : C:\END
Datei Gelöscht : C:\Windows\System32\roboot64.exe
Datei Gelöscht : C:\Users\Sofie\AppData\Local\Temp\Searchqu.ini
Datei Gelöscht : C:\Users\Sofie\AppData\Local\Temp\searchqutoolbar-manifest.xml
Datei Gelöscht : C:\Users\Sofie\AppData\Local\Temp\SetupDataMngr_Searchqu.exe
Datei Gelöscht : C:\Users\Sofie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tbhcn.lnk
Datei Gelöscht : C:\Users\Sofie\AppData\Roaming\Mozilla\Firefox\Profiles\rchrgiqv.default\bprotector_extensions.sqlite
Datei Gelöscht : C:\Users\Sofie\AppData\Roaming\Mozilla\Firefox\Profiles\rchrgiqv.default\bprotector_prefs.js
Datei Gelöscht : C:\Users\Sofie\AppData\Roaming\Mozilla\Firefox\Profiles\rchrgiqv.default\searchplugins\MyStart Search.xml
Datei Gelöscht : C:\Users\Sofie\AppData\Roaming\Mozilla\Firefox\Profiles\rchrgiqv.default\searchplugins\Web Search.xml
Datei Gelöscht : C:\Users\Sofie\AppData\Roaming\Mozilla\Firefox\Profiles\rchrgiqv.default\user.js
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\user.js
Datei Gelöscht : C:\Users\Sofie\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data
Datei Gelöscht : C:\Users\Sofie\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{336D0C35-8A85-403A-B9D2-65C292C39087}]
Wert Gelöscht : [x64] HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{336D0C35-8A85-403A-B9D2-65C292C39087}]
Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{FE1DEEEA-DB6D-44B8-83F0-34FC0F9D1052}]
Wert Gelöscht : [x64] HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{FE1DEEEA-DB6D-44B8-83F0-34FC0F9D1052}]
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\bodddioamolcibagionmmobehnbhiakf
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\BrowserConnection.dll
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\DNSBHO.dll
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\b
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Babylon.dskBnd
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\bbylnApp.appCore
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BrowserConnection.Loader
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BrowserConnection.Loader.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\DnsBHO.BHO
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\DnsBHO.BHO.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\escort.escrtBtn.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\App24x7Help_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\App24x7Help_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_install_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_install_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\NEW_CORRECT_incredibar_install_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\NEW_CORRECT_incredibar_install_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Savings Sidekick_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Savings Sidekick_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\sweetpacksupdatemanager_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\VideoPerformerSetup_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\VideoPerformerSetup_RASMANCS
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Sweetpacks Communicator]
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater
Schlüssel Gelöscht : HKCU\Software\5b6d68ce06ebe41
Schlüssel Gelöscht : HKLM\SOFTWARE\5b6d68ce06ebe41
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT3158970
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT3196716
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_art-of-illusion_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_art-of-illusion_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_click-musicalkeys_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_click-musicalkeys_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_makehuman_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_makehuman_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_mp3directcut_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_mp3directcut_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_photoscape_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_photoscape_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{AC662AF2-4601-4A68-84DF-A3FE83F1A5F9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{291BCCC1-6890-484A-89D3-318C928DAC1B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{98889811-442D-49DD-99D7-DC866BE87DBC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{9D717F81-9148-4F12-8568-69135F087DB0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FEFD3AF5-A346-4451-AA23-A3AD54915515}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{44B619BC-3D2B-4990-AA4F-9AA366921792}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FD8F79A0-D2E2-4FA2-AEAF-393EAC8064F7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{5B4144E1-B61D-495A-9A50-CD1A95D86D15}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{841D5A49-E48D-413C-9C28-EB3D9081D705}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4F12-8568-69135F087DB0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D717F81-9148-4F12-8568-69135F087DB0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{042DA63B-0933-403D-9395-B49307691690}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9D717F81-9148-4F12-8568-69135F087DB0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D0F4A166-B8D4-48B8-9D63-80849FE137CB}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CCB69577-088B-4004-9ED8-FF5BCC83A039}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CCB69577-088B-4004-9ED8-FF5BCC83A039}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D7E97865-918F-41E4-9CD0-25AB1C574CE8}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{9D717F81-9148-4F12-8568-69135F087DB0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{FEFD3AF5-A346-4451-AA23-A3AD54915515}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{44B619BC-3D2B-4990-AA4F-9AA366921792}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FD8F79A0-D2E2-4FA2-AEAF-393EAC8064F7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4F12-8568-69135F087DB0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Schlüssel Gelöscht : HKCU\Software\Alexa Internet
Schlüssel Gelöscht : HKCU\Software\BabylonToolbar
Schlüssel Gelöscht : HKCU\Software\caphyon
Schlüssel Gelöscht : HKCU\Software\DataMngr
Schlüssel Gelöscht : HKCU\Software\distromatic
Schlüssel Gelöscht : HKCU\Software\FLEXnet
Schlüssel Gelöscht : HKCU\Software\fTalk
Schlüssel Gelöscht : HKCU\Software\IM
Schlüssel Gelöscht : HKCU\Software\ImInstaller
Schlüssel Gelöscht : HKCU\Software\incredibar
Schlüssel Gelöscht : HKCU\Software\performersoft llc
Schlüssel Gelöscht : HKCU\Software\SmartBar
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Toolbar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Crossrider
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\LyricsContainer
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\PriceGong
Schlüssel Gelöscht : HKLM\Software\Babylon
Schlüssel Gelöscht : HKLM\Software\BabylonToolbar
Schlüssel Gelöscht : HKLM\Software\caphyon
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\Software\systweak
Schlüssel Gelöscht : HKLM\Software\Web Assistant
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\fTalk
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Amazon Browser Settings
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\DataMngr
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Tarma Installer
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Web Assistant
Daten Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SEARCH~1\Datamngr\x64\datamngr.dll
Daten Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SEARCH~1\Datamngr\x64\IEBHO.dll

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.16518

Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default]

-\\ Mozilla Firefox v14.0.1 (de)

[ Datei : C:\Users\Sofie\AppData\Roaming\Mozilla\Firefox\Profiles\rchrgiqv.default\prefs.js ]

Zeile gelöscht : user_pref("CT3158970.1000082.isPlayDisplay", "true");
Zeile gelöscht : user_pref("CT3158970.1000082.state", "{\"state\":\"stopped\",\"text\":\"Californi...\",\"description\":\"California Rock\",\"url\":\"hxxp://feedlive.net/california.asx\"}");
Zeile gelöscht : user_pref("CT3158970.1000234.TWC_TMP_city", "");
Zeile gelöscht : user_pref("CT3158970.1000234.TWC_TMP_country", "DE");
Zeile gelöscht : user_pref("CT3158970.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"false\"}");
Zeile gelöscht : user_pref("CT3158970.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");
Zeile gelöscht : user_pref("CT3158970.FirstTime", "true");
Zeile gelöscht : user_pref("CT3158970.FirstTimeFF3", "true");
Zeile gelöscht : user_pref("CT3158970.UserID", "UN71304012289073291");
Zeile gelöscht : user_pref("CT3158970.addressBarTakeOverEnabledInHidden", "true");
Zeile gelöscht : user_pref("CT3158970.autoDisableScopes", -1);
Zeile gelöscht : user_pref("CT3158970.defaultSearch", "false");
Zeile gelöscht : user_pref("CT3158970.embeddedsData", "[{\"appId\":\"129675591388832722\",\"apiPermissions\":{\"crossDomainAjax\":true,\"getMainFrameTitle\":true,\"getMainFrameUrl\":true,\"getSearchTerm\":true,\"insta[...]
Zeile gelöscht : user_pref("CT3158970.enableAlerts", "always");
Zeile gelöscht : user_pref("CT3158970.enableSearchFromAddressBar", "false");
Zeile gelöscht : user_pref("CT3158970.firstTimeDialogOpened", "true");
Zeile gelöscht : user_pref("CT3158970.fixPageNotFoundError", "false");
Zeile gelöscht : user_pref("CT3158970.fixPageNotFoundErrorInHidden", "true");
Zeile gelöscht : user_pref("CT3158970.fixUrls", true);
Zeile gelöscht : user_pref("CT3158970.hxxp___api32_thetrafficstat_net.pid2", "e94bdd40c90b240b");
Zeile gelöscht : user_pref("CT3158970.installId", "ConduitNSISIntegration");
Zeile gelöscht : user_pref("CT3158970.installType", "ConduitNSISIntegration");
Zeile gelöscht : user_pref("CT3158970.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"false\"}");
Zeile gelöscht : user_pref("CT3158970.isNewTabEnabled", false);
Zeile gelöscht : user_pref("CT3158970.isPerformedSmartBarTransition", "true");
Zeile gelöscht : user_pref("CT3158970.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Zeile gelöscht : user_pref("CT3158970.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"\",\"EB_MAIN_FRAME_TITLE\":\"\",\"EB_TOOLBAR_SUB_DOMAIN\":\"hxxp://IncredibarGamesEN.OurToolbar.com/\",\"[...]
Zeile gelöscht : user_pref("CT3158970.openThankYouPage", "false");
Zeile gelöscht : user_pref("CT3158970.openUninstallPage", "true");
Zeile gelöscht : user_pref("CT3158970.search.searchAppId", "129675591388832722");
Zeile gelöscht : user_pref("CT3158970.search.searchCount", "0");
Zeile gelöscht : user_pref("CT3158970.searchInNewTabEnabled", "false");
Zeile gelöscht : user_pref("CT3158970.searchInNewTabEnabledInHidden", "true");
Zeile gelöscht : user_pref("CT3158970.searchProtector.notifyChanges", "{\"dataType\":\"string\",\"data\":\"false\"}");
Zeile gelöscht : user_pref("CT3158970.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"false\"}");
Zeile gelöscht : user_pref("CT3158970.sendUsageEnabled", "false");
Zeile gelöscht : user_pref("CT3158970.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Zeile gelöscht : user_pref("CT3158970.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}");
Zeile gelöscht : user_pref("CT3158970.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT3158970\"}");
Zeile gelöscht : user_pref("CT3158970.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://IncredibarGamesEN.OurToolbar.com//xpi\"}");
Zeile gelöscht : user_pref("CT3158970.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"Incredibar-Games EN\"}");
Zeile gelöscht : user_pref("CT3158970.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
Zeile gelöscht : user_pref("CT3158970.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data\":\"2\"}");
Zeile gelöscht : user_pref("CT3158970.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1347462812702");
Zeile gelöscht : user_pref("CT3158970.serviceLayer_services_appTracking_lastUpdate", "1347462749890");
Zeile gelöscht : user_pref("CT3158970.serviceLayer_services_appsMetadata_lastUpdate", "1347625719867");
Zeile gelöscht : user_pref("CT3158970.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1347462812699");
Zeile gelöscht : user_pref("CT3158970.serviceLayer_services_login_10.10.20.14_lastUpdate", "1347625727223");
Zeile gelöscht : user_pref("CT3158970.serviceLayer_services_optimizer_lastUpdate", "1345455373655");
Zeile gelöscht : user_pref("CT3158970.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1347462812700");
Zeile gelöscht : user_pref("CT3158970.serviceLayer_services_searchAPI_lastUpdate", "1347625727224");
Zeile gelöscht : user_pref("CT3158970.serviceLayer_services_serviceMap_lastUpdate", "1347625707855");
Zeile gelöscht : user_pref("CT3158970.serviceLayer_services_toolbarContextMenu_lastUpdate", "1347462812692");
Zeile gelöscht : user_pref("CT3158970.serviceLayer_services_toolbarSettings_lastUpdate", "1347625726797");
Zeile gelöscht : user_pref("CT3158970.serviceLayer_services_translation_lastUpdate", "1347625719868");
Zeile gelöscht : user_pref("CT3158970.settingsINI", true);
Zeile gelöscht : user_pref("CT3158970.shouldFirstTimeDialog", "false");
Zeile gelöscht : user_pref("CT3158970.smartbar.CTID", "CT3158970");
Zeile gelöscht : user_pref("CT3158970.smartbar.Uninstall", "0");
Zeile gelöscht : user_pref("CT3158970.smartbar.toolbarName", "Incredibar-Games EN ");
Zeile gelöscht : user_pref("CT3158970.startPage", "userChanged");
Zeile gelöscht : user_pref("CT3158970.toolbarBornServerTime", "20-8-2012");
Zeile gelöscht : user_pref("CT3158970.toolbarCurrentServerTime", "12-9-2012");
Zeile gelöscht : user_pref("browser.search.defaultenginename", "Search the web (Babylon)");
Zeile gelöscht : user_pref("browser.search.order.1", "Search the web (Babylon)");
Zeile gelöscht : user_pref("browser.search.selectedEngine", "Web Search");
Zeile gelöscht : user_pref("browser.startup.homepage", "hxxp://feed.snapdo.com/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=316a50d0-b39e-45f4-965d-1da8865972b7&searchtype=hp&installDate=");
Zeile gelöscht : user_pref("extensions.BabylonToolbar.admin", false);
Zeile gelöscht : user_pref("extensions.BabylonToolbar.aflt", "babsst");
Zeile gelöscht : user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}");
Zeile gelöscht : user_pref("extensions.BabylonToolbar.dfltLng", "en");
Zeile gelöscht : user_pref("extensions.BabylonToolbar.excTlbr", false);
Zeile gelöscht : user_pref("extensions.BabylonToolbar.id", "008edbb000000000000078929c833f73");
Zeile gelöscht : user_pref("extensions.BabylonToolbar.instlDay", "15644");
Zeile gelöscht : user_pref("extensions.BabylonToolbar.instlRef", "sst");
Zeile gelöscht : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
Zeile gelöscht : user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
Zeile gelöscht : user_pref("extensions.BabylonToolbar.tlbrId", "base");
Zeile gelöscht : user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "hxxp://search.babylon.com/?babsrc=TB_def&mntrId=008edbb000000000000078929c833f73&q=");
Zeile gelöscht : user_pref("extensions.BabylonToolbar.vrsn", "1.8.3.8");
Zeile gelöscht : user_pref("extensions.BabylonToolbar.vrsni", "1.8.3.8");
Zeile gelöscht : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://search.babylon.com/?affID=117115&tt=4412_3&babsrc=NT_ss&mntrId=008edbb000000000000078929c833f73");
Zeile gelöscht : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Zeile gelöscht : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.8.3.813:56:43");
Zeile gelöscht : user_pref("extensions.crossrider.bic", "1416545d5b8308cea3c04a8314a454cf");
Zeile gelöscht : user_pref("extensions.helperbar.LastHiddenTime", 23007715);
Zeile gelöscht : user_pref("extensions.helperbar.SmartbarDisabled", true);
Zeile gelöscht : user_pref("extensions.wajam.affiliate_id", "1401");
Zeile gelöscht : user_pref("extensions.wajam.firstrun", "false");
Zeile gelöscht : user_pref("extensions.wajam.log_send_info", "false");
Zeile gelöscht : user_pref("extensions.wajam.mappingListJsonString", "{\"version\":\"0.21088\",\"update_interval\":1302,\"base_url\":\"hxxp:\\/\\/www.wajam.com\\/\",\"update_url\":\"hxxp:\\/\\/www.wajam.com\\/addon\\/[...]
Zeile gelöscht : user_pref("extensions.wajam.no_trace", "false");
Zeile gelöscht : user_pref("extensions.wajam.server_current_mapping_version", "0.21088");
Zeile gelöscht : user_pref("extensions.wajam.supported_sites.encryptedgoogle.wajam_google_js", "try {window[");
Zeile gelöscht : user_pref("extensions.wajam.trace_log", "1380462778485 - onFlagInfoReceived - Server mapping version: 0.21087\n1380462778485 - onFlagInfoReceived - No client-side server mapping version, don");
Zeile gelöscht : user_pref("extensions.wajam.unique_id", "6C3E11F0C6EAB055D8B12CC2DAD2779E");
Zeile gelöscht : user_pref("extensions.wajam.user_current_mapping_version", "0");
Zeile gelöscht : user_pref("extensions.wajam.version", "1.26");
Zeile gelöscht : user_pref("keyword.URL", "hxxp://feed.snapdo.com/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=316a50d0-b39e-45f4-965d-1da8865972b7&searchtype=ds&installDate=&q=");
Zeile gelöscht : user_pref("sweetim.toolbar.Visibility.VisibilityGuardLastUnHide", "1380462882591");
Zeile gelöscht : user_pref("sweetim.toolbar.Visibility.enable", "true");
Zeile gelöscht : user_pref("sweetim.toolbar.Visibility.intervaldays", "7");
Zeile gelöscht : user_pref("sweetim.toolbar.cda.DisableOveride.enable", "true");
Zeile gelöscht : user_pref("sweetim.toolbar.cda.HideOveride.enable", "true");
Zeile gelöscht : user_pref("sweetim.toolbar.cda.RemoveOveride.enable", "true");
Zeile gelöscht : user_pref("sweetim.toolbar.cda.returnValue", "disable");
Zeile gelöscht : user_pref("sweetim.toolbar.dialogs.0.enable", "true");
Zeile gelöscht : user_pref("sweetim.toolbar.dialogs.0.handler", "chrome://sim_toolbar_package/content/optionsdialog-handler.js");
Zeile gelöscht : user_pref("sweetim.toolbar.dialogs.0.height", "335");
Zeile gelöscht : user_pref("sweetim.toolbar.dialogs.0.id", "id_options_dialog");
Zeile gelöscht : user_pref("sweetim.toolbar.dialogs.0.title", "$string.config.label;");
Zeile gelöscht : user_pref("sweetim.toolbar.dialogs.0.url", "hxxp://www.sweetim.com/simffbar/options_remote_ff_1_6.html");
Zeile gelöscht : user_pref("sweetim.toolbar.dialogs.0.width", "761");
Zeile gelöscht : user_pref("sweetim.toolbar.dialogs.1.enable", "true");
Zeile gelöscht : user_pref("sweetim.toolbar.dialogs.1.handler", "chrome://sim_toolbar_package/content/exampledialog-handler.js");
Zeile gelöscht : user_pref("sweetim.toolbar.dialogs.1.height", "300");
Zeile gelöscht : user_pref("sweetim.toolbar.dialogs.1.id", "id_example_dialog");
Zeile gelöscht : user_pref("sweetim.toolbar.dialogs.1.title", "Example (unit-test) dialog");
Zeile gelöscht : user_pref("sweetim.toolbar.dialogs.1.url", "chrome://sim_toolbar_package/content/exampledialog.html");
Zeile gelöscht : user_pref("sweetim.toolbar.dialogs.1.width", "500");
Zeile gelöscht : user_pref("sweetim.toolbar.dialogs.2.enable", "true");
Zeile gelöscht : user_pref("sweetim.toolbar.dialogs.2.handler", "chrome://sim_toolbar_package/content/cdadialog-handler.js");
Zeile gelöscht : user_pref("sweetim.toolbar.dialogs.2.height", "150");
Zeile gelöscht : user_pref("sweetim.toolbar.dialogs.2.id", "id_dialog_hide_disable_remove");
Zeile gelöscht : user_pref("sweetim.toolbar.dialogs.2.title", "Option Dialog");
Zeile gelöscht : user_pref("sweetim.toolbar.dialogs.2.url", "hxxp://www.sweetim.com/simffbar/simcdadialog.asp");
Zeile gelöscht : user_pref("sweetim.toolbar.dialogs.2.width", "530");
Zeile gelöscht : user_pref("sweetim.toolbar.dnscatch.domain-blacklist", ".*.sweetim.com/.*|.*.facebook.com/.*|.*.google.com/.*|.*.google.co.in/.*|.*.google.com.br/.*|.*.google.es/.*|.*.youtube.com/.*|.*.yahoo.com/.*|.[...]
Zeile gelöscht : user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0");
Zeile gelöscht : user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7");
Zeile gelöscht : user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log");
Zeile gelöscht : user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000");
Zeile gelöscht : user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7");
Zeile gelöscht : user_pref("sweetim.toolbar.mode.debug", "false");
Zeile gelöscht : user_pref("sweetim.toolbar.previous.keyword.URL", "hxxp://feed.snapdo.com/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=316a50d0-b39e-45f4-965d-1da8865972b7&searchtype=ds&installDate=01[...]
Zeile gelöscht : user_pref("sweetim.toolbar.scripts.0.addcontextdiv", "true");
Zeile gelöscht : user_pref("sweetim.toolbar.scripts.0.callback", "simVerification");
Zeile gelöscht : user_pref("sweetim.toolbar.scripts.0.domain-blacklist", "");
Zeile gelöscht : user_pref("sweetim.toolbar.scripts.0.domain-whitelist", "hxxp://(www.|apps.)?facebook\\.com.*");
Zeile gelöscht : user_pref("sweetim.toolbar.scripts.0.elementid", "id_script_sim_fb");
Zeile gelöscht : user_pref("sweetim.toolbar.scripts.0.enable", "false");
Zeile gelöscht : user_pref("sweetim.toolbar.scripts.0.id", "id_script_fb");
Zeile gelöscht : user_pref("sweetim.toolbar.scripts.0.url", "hxxp://sc.sweetim.com/apps/in/fb/infb.js");
Zeile gelöscht : user_pref("sweetim.toolbar.scripts.1.addcontextdiv", "true");
Zeile gelöscht : user_pref("sweetim.toolbar.scripts.1.callback", "simVerification");
Zeile gelöscht : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
Zeile gelöscht : user_pref("sweetim.toolbar.scripts.1.domain-whitelist", "hxxps://(www.|apps.)?facebook\\.com.*");
Zeile gelöscht : user_pref("sweetim.toolbar.scripts.1.elementid", "id_script_sim_fb");
Zeile gelöscht : user_pref("sweetim.toolbar.scripts.1.enable", "false");
Zeile gelöscht : user_pref("sweetim.toolbar.scripts.1.id", "id_script_fb_hxxpS");
Zeile gelöscht : user_pref("sweetim.toolbar.scripts.1.url", "hxxps://sc.sweetim.com/apps/in/fb/infb.js");
Zeile gelöscht : user_pref("sweetim.toolbar.scripts.2.addcontextdiv", "false");
Zeile gelöscht : user_pref("sweetim.toolbar.scripts.2.callback", "");
Zeile gelöscht : user_pref("sweetim.toolbar.scripts.2.domain-blacklist", ".*.google..*|.*.bing..*|.*.live..*|.*.msn..*|.*.yahoo..*|.*.youtube.com.*|.*ask.com.*|.*.sweetim.com.*");
Zeile gelöscht : user_pref("sweetim.toolbar.scripts.2.domain-whitelist", "");
Zeile gelöscht : user_pref("sweetim.toolbar.scripts.2.elementid", "id_predict_include_script");
Zeile gelöscht : user_pref("sweetim.toolbar.scripts.2.enable", "false");
Zeile gelöscht : user_pref("sweetim.toolbar.scripts.2.id", "id_script_prad");
Zeile gelöscht : user_pref("sweetim.toolbar.scripts.2.url", "hxxp://cdn1.certified-apps.com/scripts/shared/enable.js?si=3104&tid=chff1");
Zeile gelöscht : user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engine=\"hxxp://*google.*\" param=\"q=\" /><EXTERNAL_SEARCH engine=\"hxxp://search.yahoo.com/*\" param=\"[...]
Zeile gelöscht : user_pref("sweetim.toolbar.search.history.capacity", "10");
Zeile gelöscht : user_pref("sweetim.toolbar.searchguard.enable", "false");
Zeile gelöscht : user_pref("sweetim.toolbar.searchguard.initialized_by_rc", "true");
Zeile gelöscht : user_pref("sweetim.toolbar.simapp_id", "{633F3B70-C9F3-11E1-87FB-C8600010830C}");
Zeile gelöscht : user_pref("sweetim.toolbar.version", "1.6.0.3");
Zeile gelöscht : user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_temp_referer", "hxxp://www.searchnu.com/406");
Zeile gelöscht : user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_whiteList", "{\"search.babylon.com\":\"q\",\"search.sweetim.com\":\"q\",\"search.imesh.net\":\"q\",\"www.search-results.com\":\"q\",\"h[...]
Zeile gelöscht : user_pref("{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}.ScriptData_WSG_blackList", "form=CONTLB|babsrc=toolbar|babsrc=tb_ss|invocationType=tb50-ie-aolsoftonic-tbsbox-en-us|invocationType=tb50-ff-aolsoftonic[...]
Zeile gelöscht : user_pref("{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}.ScriptData_WSG_whiteList", "{\"search.babylon.com\":\"q\",\"search.imesh.net\":\"q\",\"www.search-results.com\":\"q\",\"home.mywebsearch.com\":\"searc[...]

-\\ Google Chrome v33.0.1750.117

[ Datei : C:\Users\Sofie\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gelöscht : homepage
Gelöscht : icon_url
Gelöscht : search_url
Gelöscht : keyword

*************************

AdwCleaner[R0].txt - [42064 octets] - [01/03/2014 16:36:12]
AdwCleaner[S0].txt - [40020 octets] - [01/03/2014 16:37:27]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [40081 octets] ##########

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-02-2014 02
Ran by Sofie (administrator) on SOFIE-PC on 01-03-2014 16:50:27
Running from C:\Users\Sofie\Desktop\FRST64
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(ASUSTeK Computer Inc.) C:\Windows\system32\FBAgent.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(ASUS) C:\Program Files (x86)\Common Files\InstantOn\InsOnSrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\21.1.0.18\NAV.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\NST.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(ASUS) C:\Program Files (x86)\Common Files\InstantOn\InsOnWMI.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\NST.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files\P4G\BatteryLife.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Windows\AsScrPro.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler64.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(Virage Logic Corporation / Sonic Focus) C:\Program Files (x86)\ASUS\ASUS Sonic Focus\SonicFocusTray.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(ASUS) C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\21.1.0.18\NAV.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2278504 2011-09-19] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2589992 2011-07-20] (ELAN Microelectronics Corp.)
HKLM\...\Run: [IntelPAN] - C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1935120 2011-07-28] (Intel(R) Corporation)
HKLM-x32\...\Run: [Nuance PDF Reader-reminder] - C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe [328992 2008-11-03] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [ASUSPRP] - C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3331312 2011-10-19] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] - C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe [737104 2011-07-29] (ecareme)
HKLM-x32\...\Run: [SonicMasterTray] - C:\Program Files (x86)\ASUS\ASUS Sonic Focus\SonicFocusTray.exe [984400 2010-07-10] (Virage Logic Corporation / Sonic Focus)
HKLM-x32\...\Run: [ATKOSD2] - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5716608 2011-07-22] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] - C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-10-07] (ASUS)
HKLM-x32\...\Run: [HControlUser] - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [Wireless Console 3] - C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2317312 2011-09-13] (ASUS)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2936684877-3664751725-4146889954-1000\...\Run: [Google Update] - "C:\Users\Sofie\AppData\Local\Google\Update\GoogleUpdate.exe" /c
HKU\S-1-5-21-2936684877-3664751725-4146889954-1000\...\MountPoints2: {f25e06c3-2249-11e3-b620-c8600010830c} - F:\Startme.exe
Startup: C:\Users\Sofie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
URLSearchHook: HKLM-x32 - (No Name) - {ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} - No File
URLSearchHook: HKLM-x32 - (No Name) - {238d4b4c-d63c-42a7-b6d8-dc96c8c0f5b9} - No File
SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2431} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=109&systemid=431&sr=0&q={searchTerms}
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2431} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=109&systemid=431&sr=0&q={searchTerms}
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Norton Identity Protection - {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.6.0.27\coIEPlg.dll (Symantec Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: No Name - {238d4b4c-d63c-42a7-b6d8-dc96c8c0f5b9} -  No File
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton AntiVirus\Engine\21.1.0.18\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Norton Identity Protection - {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\coIEPlg.dll (Symantec Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: No Name - {ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} -  No File
Toolbar: HKLM - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.6.0.27\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM - No Name - !{238d4b4c-d63c-42a7-b6d8-dc96c8c0f5b9} -  No File
Toolbar: HKLM - No Name - !{ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKLM-x32 - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - No Name - !{238d4b4c-d63c-42a7-b6d8-dc96c8c0f5b9} -  No File
Toolbar: HKLM-x32 - No Name - !{ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKCU - No Name - {EBD898F8-FCF6-4694-BC3B-EABC7271EEB1} -  No File
Toolbar: HKCU - No Name - {238D4B4C-D63C-42A7-B6D8-DC96C8C0F5B9} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Sofie\AppData\Roaming\Mozilla\Firefox\Profiles\rchrgiqv.default
FF NewTab: about:blank
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: ZEON/PDF,version=2.0 - C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Sofie\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Sofie\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
FF HKLM-x32\...\Firefox\Extensions: [fmconverter@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\
FF Extension: Freemake Video Converter Plugin - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\ []
FF HKLM-x32\...\Firefox\Extensions: [{F04D2D30-776C-4d02-8627-8E4385ECA58D}] - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.5.0.67\coFFPlgn\
FF Extension: Norton Identity Safe Toolbar - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.5.0.67\coFFPlgn\ []
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_21.1.0.18\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_21.1.0.18\IPSFF [2013-12-15]
FF HKCU\...\Firefox\Extensions: [{43a7141d-3b82-4576-af55-f89abdc2f8ab}] - C:\Program Files (x86)\LyricsContainer\131.xpi

Chrome:
=======
CHR HomePage: hxxp://feed.snapdo.com/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=316a50d0-b39e-45f4-965d-1da8865972b7&searchtype=hp&installDate=
CHR DefaultSearchKeyword: search.snapdo.com
CHR DefaultSearchProvider: Web
CHR DefaultSearchURL: hxxp://feed.snapdo.com/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=316a50d0-b39e-45f4-965d-1da8865972b7&searchtype=ds&q={searchTerms}&installDate=
CHR DefaultNewTabURL:
CHR Extension: (Adblock Plus) - C:\Users\Sofie\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-02-16]
CHR HKLM-x32\...\Chrome\Extension: [dgldkplledicnbnnliodeffobaiaodaf] - C:\Program Files (x86)\SiteRanker\Chrome\siterank_c.crx [2014-02-16]
CHR HKLM-x32\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2012-10-20]
CHR HKLM-x32\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\Exts\Chrome.crx [2014-01-21]

==================== Services (Whitelisted) =================

R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [100864 2012-09-07] (Freemake)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-07-28] ()
R2 NAV; C:\Program Files (x86)\Norton AntiVirus\Engine\21.1.0.18\NAV.exe [262288 2013-10-08] (Symantec Corporation)
R2 NCO; C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\NST.exe [129424 2013-10-06] (Symantec Corporation)

==================== Drivers (Whitelisted) ====================

R3 AiCharger; C:\Windows\SysWOW64\DRIVERS\AiCharger.sys [16768 2011-09-20] (ASUSTek Computer Inc.)
R1 BHDrvx64; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.1.0.18\Definitions\BASHDefs\20140214.001\BHDrvx64.sys [1526488 2013-12-18] (Symantec Corporation)
R1 ccSet_NAV; C:\Windows\system32\drivers\NAVx64\1501000.012\ccSetx64.sys [162392 2013-09-26] (Symantec Corporation)
R1 ccSet_NST; C:\Windows\system32\drivers\NSTx64\7DE06000.01B\ccSetx64.sys [162392 2013-09-27] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-12-05] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2013-12-05] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.1.0.18\Definitions\IPSDefs\20140228.001\IDSvia64.sys [521944 2014-01-21] (Symantec Corporation)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R3 NAVENG; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.1.0.18\Definitions\VirusDefs\20140228.008\ENG64.SYS [126040 2014-02-26] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.1.0.18\Definitions\VirusDefs\20140228.008\EX64.SYS [2099288 2014-02-26] (Symantec Corporation)
R1 SRTSP; C:\Windows\System32\Drivers\NAVx64\1501000.012\SRTSP64.SYS [858200 2013-09-27] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NAVx64\1501000.012\SRTSPX64.SYS [36952 2013-09-10] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NAVx64\1501000.012\SYMDS64.SYS [493656 2013-09-10] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NAVx64\1501000.012\SYMEFA64.SYS [1147480 2013-09-27] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2013-12-06] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NAVx64\1501000.012\Ironx64.SYS [264280 2013-09-27] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NAVx64\1501000.012\SYMNETS.SYS [590936 2013-09-26] (Symantec Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-01 16:36 - 2014-03-01 16:37 - 00000000 ____D () C:\AdwCleaner
2014-03-01 16:34 - 2014-03-01 16:34 - 01244192 _____ () C:\Users\Sofie\Desktop\adwcleaner.exe
2014-03-01 14:31 - 2014-03-01 16:50 - 00000000 ____D () C:\Users\Sofie\Desktop\FRST64
2014-03-01 12:17 - 2014-03-01 16:48 - 00000000 ____D () C:\FRST
2014-02-21 15:56 - 2014-02-21 15:56 - 17858952 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-02-16 10:03 - 2013-12-21 10:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-16 10:03 - 2013-12-21 09:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-16 10:02 - 2014-02-06 13:16 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-16 10:02 - 2014-02-06 12:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-16 10:02 - 2014-02-06 12:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-16 10:02 - 2014-02-06 12:12 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-16 10:02 - 2014-02-06 12:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-16 10:02 - 2014-02-06 12:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-16 10:02 - 2014-02-06 11:57 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-16 10:02 - 2014-02-06 11:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-16 10:02 - 2014-02-06 11:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-16 10:02 - 2014-02-06 11:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-16 10:02 - 2014-02-06 11:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-16 10:02 - 2014-02-06 11:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-16 10:02 - 2014-02-06 11:38 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-16 10:02 - 2014-02-06 11:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-16 10:02 - 2014-02-06 11:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-16 10:02 - 2014-02-06 11:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-16 10:02 - 2014-02-06 11:11 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-16 10:02 - 2014-02-06 11:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-16 10:02 - 2014-02-06 11:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-16 10:02 - 2014-02-06 10:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-16 10:02 - 2014-02-06 10:57 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-16 10:02 - 2014-02-06 10:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-16 10:02 - 2014-02-06 10:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-16 10:02 - 2014-02-06 10:50 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-16 10:02 - 2014-02-06 10:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-16 10:02 - 2014-02-06 10:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-16 10:02 - 2014-02-06 10:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-16 10:02 - 2014-02-06 10:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-16 10:02 - 2014-02-06 10:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-16 10:02 - 2014-02-06 10:24 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-16 10:02 - 2014-02-06 10:22 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-16 10:02 - 2014-02-06 10:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-16 10:02 - 2014-02-06 10:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-16 10:02 - 2014-02-06 10:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-16 10:02 - 2014-02-06 09:55 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-16 10:02 - 2014-02-06 09:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-16 10:02 - 2014-02-06 09:40 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-16 10:02 - 2014-02-06 09:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-16 10:02 - 2014-02-06 09:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-12 21:59 - 2014-01-01 00:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-02-12 21:59 - 2014-01-01 00:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-12 21:59 - 2013-12-25 00:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-12 21:59 - 2013-12-24 23:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-12 21:59 - 2013-12-06 03:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-12 21:59 - 2013-12-06 03:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-12 21:59 - 2013-12-06 03:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-12 21:59 - 2013-12-06 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-02-12 21:59 - 2013-12-04 03:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-12 21:59 - 2013-12-04 03:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-12 21:59 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-12 21:59 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-12 21:59 - 2013-12-04 03:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-12 21:59 - 2013-12-04 03:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-12 21:59 - 2013-12-04 03:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-12 21:59 - 2013-12-04 03:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-12 21:59 - 2013-12-04 03:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-12 21:59 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-02-12 21:59 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-02-12 21:59 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-02-12 21:59 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-02-12 21:59 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-12 21:59 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-02-12 21:59 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-02-12 21:59 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-02-12 21:59 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-02-12 21:59 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-12 21:59 - 2013-11-22 23:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll

==================== One Month Modified Files and Folders =======

2014-03-01 16:50 - 2014-03-01 14:31 - 00000000 ____D () C:\Users\Sofie\Desktop\FRST64
2014-03-01 16:48 - 2014-03-01 12:17 - 00000000 ____D () C:\FRST
2014-03-01 16:48 - 2009-07-14 05:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-01 16:48 - 2009-07-14 05:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-01 16:45 - 2012-01-20 00:19 - 01451941 _____ () C:\Windows\WindowsUpdate.log
2014-03-01 16:42 - 2012-07-13 14:36 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-01 16:40 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-01 16:39 - 2012-07-31 21:43 - 00074926 _____ () C:\Windows\setupact.log
2014-03-01 16:37 - 2014-03-01 16:36 - 00000000 ____D () C:\AdwCleaner
2014-03-01 16:37 - 2012-06-22 05:45 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-01 16:37 - 2012-06-08 09:11 - 00000000 ___RD () C:\Users\Sofie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-01 16:34 - 2014-03-01 16:34 - 01244192 _____ () C:\Users\Sofie\Desktop\adwcleaner.exe
2014-03-01 16:28 - 2012-08-12 22:16 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-01 16:19 - 2012-08-14 15:43 - 00291426 _____ () C:\Windows\PFRO.log
2014-03-01 16:09 - 2012-07-13 14:36 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-01 11:20 - 2011-10-19 05:11 - 09159726 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-03-01 11:20 - 2011-04-11 13:05 - 00482554 _____ () C:\Windows\system32\perfh001.dat
2014-03-01 11:20 - 2011-04-11 13:05 - 00098716 _____ () C:\Windows\system32\perfc001.dat
2014-03-01 11:20 - 2011-03-17 12:52 - 00728140 _____ () C:\Windows\system32\perfh019.dat
2014-03-01 11:20 - 2011-03-17 12:52 - 00154786 _____ () C:\Windows\system32\perfc019.dat
2014-03-01 11:20 - 2011-02-19 06:02 - 00395884 _____ () C:\Windows\system32\perfh00D.dat
2014-03-01 11:20 - 2011-02-19 06:02 - 00088702 _____ () C:\Windows\system32\perfc00D.dat
2014-03-01 11:20 - 2011-02-19 05:56 - 00610528 _____ () C:\Windows\system32\perfh008.dat
2014-03-01 11:20 - 2011-02-19 05:56 - 00115072 _____ () C:\Windows\system32\perfc008.dat
2014-03-01 11:20 - 2011-02-19 05:51 - 00412012 _____ () C:\Windows\system32\prfh0404.dat
2014-03-01 11:20 - 2011-02-19 05:51 - 00126088 _____ () C:\Windows\system32\prfc0404.dat
2014-03-01 11:20 - 2011-02-19 05:45 - 00732558 _____ () C:\Windows\system32\prfh0816.dat
2014-03-01 11:20 - 2011-02-19 05:45 - 00156850 _____ () C:\Windows\system32\prfc0816.dat
2014-03-01 11:20 - 2011-02-19 05:40 - 00747038 _____ () C:\Windows\system32\perfh013.dat
2014-03-01 11:20 - 2011-02-19 05:40 - 00157046 _____ () C:\Windows\system32\perfc013.dat
2014-03-01 11:20 - 2011-02-19 05:35 - 00743586 _____ () C:\Windows\system32\perfh010.dat
2014-03-01 11:20 - 2011-02-19 05:35 - 00150790 _____ () C:\Windows\system32\perfc010.dat
2014-03-01 11:20 - 2011-02-19 05:29 - 00749256 _____ () C:\Windows\system32\perfh00C.dat
2014-03-01 11:20 - 2011-02-19 05:29 - 00153524 _____ () C:\Windows\system32\perfc00C.dat
2014-03-01 11:20 - 2011-02-19 05:24 - 00711078 _____ () C:\Windows\system32\perfh007.dat
2014-03-01 11:20 - 2011-02-19 05:24 - 00153526 _____ () C:\Windows\system32\perfc007.dat
2014-03-01 11:20 - 2011-02-19 05:19 - 00748996 _____ () C:\Windows\system32\perfh00A.dat
2014-03-01 11:20 - 2011-02-19 05:19 - 00162418 _____ () C:\Windows\system32\perfc00A.dat
2014-03-01 11:20 - 2009-07-14 06:13 - 09159726 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-28 23:24 - 2013-07-31 17:25 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-28 23:17 - 2012-06-27 11:16 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-24 17:48 - 2012-06-11 16:50 - 00000000 ____D () C:\Users\Sofie\AppData\Roaming\Skype
2014-02-21 15:57 - 2012-08-12 22:16 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-21 15:57 - 2012-07-16 17:25 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-21 15:57 - 2012-07-16 17:25 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-21 15:56 - 2014-02-21 15:56 - 17858952 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-02-16 13:43 - 2012-01-20 00:29 - 00001530 _____ () C:\Windows\system32\ServiceFilter.ini
2014-02-16 13:36 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\he-IL
2014-02-16 13:36 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\ar-SA
2014-02-16 13:36 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\he-IL
2014-02-16 13:36 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\ar-SA
2014-02-16 10:22 - 2012-06-08 09:24 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-02-16 10:05 - 2009-07-14 03:34 - 00000478 _____ () C:\Windows\win.ini
2014-02-15 22:10 - 2012-07-13 17:10 - 00000000 ____D () C:\Users\Sofie\AppData\Local\CrashDumps
2014-02-15 22:04 - 2012-07-13 14:36 - 00004104 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-15 22:04 - 2012-07-13 14:36 - 00003852 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-15 00:48 - 2012-06-24 17:43 - 00000000 ___RD () C:\Users\Sofie\Desktop\Programme
2014-02-11 21:42 - 2009-07-14 04:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-02-11 21:42 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-02-06 13:16 - 2014-02-16 10:02 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-06 12:30 - 2014-02-16 10:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-06 12:30 - 2014-02-16 10:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-06 12:12 - 2014-02-16 10:02 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-06 12:07 - 2014-02-16 10:02 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-06 12:06 - 2014-02-16 10:02 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-06 11:57 - 2014-02-16 10:02 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-06 11:56 - 2014-02-16 10:02 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-06 11:52 - 2014-02-16 10:02 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-06 11:49 - 2014-02-16 10:02 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-06 11:48 - 2014-02-16 10:02 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-06 11:48 - 2014-02-16 10:02 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-06 11:38 - 2014-02-16 10:02 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-06 11:32 - 2014-02-16 10:02 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-06 11:20 - 2014-02-16 10:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-06 11:17 - 2014-02-16 10:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-06 11:11 - 2014-02-16 10:02 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-06 11:01 - 2014-02-16 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-06 11:00 - 2014-02-16 10:02 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-06 10:57 - 2014-02-16 10:02 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-06 10:57 - 2014-02-16 10:02 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-06 10:52 - 2014-02-16 10:02 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-06 10:52 - 2014-02-16 10:02 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-06 10:50 - 2014-02-16 10:02 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-06 10:49 - 2014-02-16 10:02 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-06 10:47 - 2014-02-16 10:02 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-06 10:46 - 2014-02-16 10:02 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-06 10:25 - 2014-02-16 10:02 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-06 10:25 - 2014-02-16 10:02 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-06 10:24 - 2014-02-16 10:02 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-06 10:22 - 2014-02-16 10:02 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-06 10:13 - 2014-02-16 10:02 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-06 10:09 - 2014-02-16 10:02 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-06 10:03 - 2014-02-16 10:02 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-06 09:55 - 2014-02-16 10:02 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-06 09:41 - 2014-02-16 10:02 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-06 09:40 - 2014-02-16 10:02 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-06 09:36 - 2014-02-16 10:02 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-06 09:34 - 2014-02-16 10:02 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-04 09:39 - 2011-01-07 14:02 - 00829264 _____ (Microsoft Corporation) C:\Windows\system32\msvcr100.dll
2014-02-04 09:39 - 2011-01-07 14:02 - 00608080 _____ (Microsoft Corporation) C:\Windows\system32\msvcp100.dll

Files to move or delete:
====================
C:\Users\Public\AlexaNSISPlugin.9140.dll


Some content of TEMP:
====================
C:\Users\Sofie\AppData\Local\Temp\BackupSetup.exe
C:\Users\Sofie\AppData\Local\Temp\Browser_Helper_Companion_DE.exe
C:\Users\Sofie\AppData\Local\Temp\DeltaTB.exe
C:\Users\Sofie\AppData\Local\Temp\FreemakeVideoConverter_3.1.2.0.exe
C:\Users\Sofie\AppData\Local\Temp\ICReinstall_ICReinstall_video_downloader.exe
C:\Users\Sofie\AppData\Local\Temp\ICReinstall_video_downloader.exe
C:\Users\Sofie\AppData\Local\Temp\installhelper.dll
C:\Users\Sofie\AppData\Local\Temp\LyricsContainertmp.exe
C:\Users\Sofie\AppData\Local\Temp\mgsqlite3.dll
C:\Users\Sofie\AppData\Local\Temp\NEW_CORRECT_incredibar_install.exe
C:\Users\Sofie\AppData\Local\Temp\pricepeep_130001_1001.exe
C:\Users\Sofie\AppData\Local\Temp\Quarantine.exe
C:\Users\Sofie\AppData\Local\Temp\Shortcut_bundlesweetimsetup.exe
C:\Users\Sofie\AppData\Local\Temp\SIMEEI2Installer.exe
C:\Users\Sofie\AppData\Local\Temp\SIMEEIInstaller.exe
C:\Users\Sofie\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Sofie\AppData\Local\Temp\SQLite.dll
C:\Users\Sofie\AppData\Local\Temp\sqlite3.dll
C:\Users\Sofie\AppData\Local\Temp\SRAssetsHelper.dll
C:\Users\Sofie\AppData\Local\Temp\tvaudcyo.dll
C:\Users\Sofie\AppData\Local\Temp\UpdateCheckerSetup.exe
C:\Users\Sofie\AppData\Local\Temp\vcredist_x64.exe
C:\Users\Sofie\AppData\Local\Temp\vcredist_x86.exe
C:\Users\Sofie\AppData\Local\Temp\vlc-2.0.2-win32.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2009-07-29 06:04

==================== End Of Log ============================
--- --- ---

--- --- ---

mort 01.03.2014 21:24
Schritt 1

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
URLSearchHook: HKLM-x32 - (No Name) - {ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} - No File
URLSearchHook: HKLM-x32 - (No Name) - {238d4b4c-d63c-42a7-b6d8-dc96c8c0f5b9} - No File
SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2431} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=109&systemid=431&sr=0&q={searchTerms}
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2431} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=109&systemid=431&sr=0&q={searchTerms}
BHO-x32: No Name - {238d4b4c-d63c-42a7-b6d8-dc96c8c0f5b9} -  No File
BHO-x32: No Name - {ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} -  No File
Toolbar: HKLM - No Name - !{238d4b4c-d63c-42a7-b6d8-dc96c8c0f5b9} -  No File
Toolbar: HKLM - No Name - !{ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKLM-x32 - No Name - !{238d4b4c-d63c-42a7-b6d8-dc96c8c0f5b9} -  No File
Toolbar: HKLM-x32 - No Name - !{ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKCU - No Name - {EBD898F8-FCF6-4694-BC3B-EABC7271EEB1} -  No File
Toolbar: HKCU - No Name - {238D4B4C-D63C-42A7-B6D8-DC96C8C0F5B9} -  No File
FF HKCU\...\Firefox\Extensions: [{43a7141d-3b82-4576-af55-f89abdc2f8ab}] - C:\Program Files (x86)\LyricsContainer\131.xpi
CHR HomePage: hxxp://feed.snapdo.com/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=316a50d0-b39e-45f4-965d-1da8865972b7&searchtype=hp&installDate=
CHR DefaultSearchKeyword: search.snapdo.com
CHR DefaultSearchURL: hxxp://feed.snapdo.com/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=316a50d0-b39e-45f4-965d-1da8865972b7&searchtype=ds&q={searchTerms}&installDate=
CHR HKLM-x32\...\Chrome\Extension: [dgldkplledicnbnnliodeffobaiaodaf] - C:\Program Files (x86)\SiteRanker\Chrome\siterank_c.crx [2014-02-16]
C:\Program Files (x86)\LyricsContainer
C:\Program Files (x86)\SiteRanker

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.



Schritt 2

Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.



Schritt 3


ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset



Schritt 4

Starte noch einmal FRST.
  • Ändere keine der Voreinstellungen und drücke auf Scan.
  • Wenn der Scan abgeschlossen ist, werden ein neues Logfile FRST.txt erstellt und auf dem Desktop gespeichert.
  • Poste den Inhalt dieses Logfiles bitte hier in deinen Thread.

GummiBauH 01.03.2014 21:56
Ich habe das fixlist-Dokument erstellt. FRST geöffnet und den Fix-Button gedrückt, aber es erscheint nur ein kleines Fenster in welchem steht: " Warning! Looks you don't know what to do. To prevent damage to the system the tool will exit"

mort 01.03.2014 22:18
Bitte kopiere folgenden oder oben stehenden Text in eine leere fixlist.txt :)

Code:
URLSearchHook: HKLM-x32 - (No Name) - {ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} - No File
URLSearchHook: HKLM-x32 - (No Name) - {238d4b4c-d63c-42a7-b6d8-dc96c8c0f5b9} - No File
SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2431} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=109&systemid=431&sr=0&q={searchTerms}
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2431} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=109&systemid=431&sr=0&q={searchTerms}
BHO-x32: No Name - {238d4b4c-d63c-42a7-b6d8-dc96c8c0f5b9} -  No File
BHO-x32: No Name - {ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} -  No File
Toolbar: HKLM - No Name - !{238d4b4c-d63c-42a7-b6d8-dc96c8c0f5b9} -  No File
Toolbar: HKLM - No Name - !{ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKLM-x32 - No Name - !{238d4b4c-d63c-42a7-b6d8-dc96c8c0f5b9} -  No File
Toolbar: HKLM-x32 - No Name - !{ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKCU - No Name - {EBD898F8-FCF6-4694-BC3B-EABC7271EEB1} -  No File
Toolbar: HKCU - No Name - {238D4B4C-D63C-42A7-B6D8-DC96C8C0F5B9} -  No File
FF HKCU\...\Firefox\Extensions: [{43a7141d-3b82-4576-af55-f89abdc2f8ab}] - C:\Program Files (x86)\LyricsContainer\131.xpi
CHR HomePage: hxxp://feed.snapdo.com/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=316a50d0-b39e-45f4-965d-1da8865972b7&searchtype=hp&installDate=
CHR DefaultSearchKeyword: search.snapdo.com
CHR DefaultSearchURL: hxxp://feed.snapdo.com/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=316a50d0-b39e-45f4-965d-1da8865972b7&searchtype=ds&q={searchTerms}&installDate=
CHR HKLM-x32\...\Chrome\Extension: [dgldkplledicnbnnliodeffobaiaodaf] - C:\Program Files (x86)\SiteRanker\Chrome\siterank_c.crx [2014-02-16]
C:\Program Files (x86)\LyricsContainer
C:\Program Files (x86)\SiteRanker

GummiBauH 02.03.2014 09:45
Code:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 27-02-2014 02
Ran by Sofie at 2014-03-01 22:25:35 Run:1
Running from C:\Users\Sofie\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
URLSearchHook: HKLM-x32 - (No Name) - {ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} - No File
URLSearchHook: HKLM-x32 - (No Name) - {238d4b4c-d63c-42a7-b6d8-dc96c8c0f5b9} - No File
SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2431} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=109&systemid=431&sr=0&q={searchTerms}
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2431} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=109&systemid=431&sr=0&q={searchTerms}
BHO-x32: No Name - {238d4b4c-d63c-42a7-b6d8-dc96c8c0f5b9} -  No File
BHO-x32: No Name - {ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} -  No File
Toolbar: HKLM - No Name - !{238d4b4c-d63c-42a7-b6d8-dc96c8c0f5b9} -  No File
Toolbar: HKLM - No Name - !{ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKLM-x32 - No Name - !{238d4b4c-d63c-42a7-b6d8-dc96c8c0f5b9} -  No File
Toolbar: HKLM-x32 - No Name - !{ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKCU - No Name - {EBD898F8-FCF6-4694-BC3B-EABC7271EEB1} -  No File
Toolbar: HKCU - No Name - {238D4B4C-D63C-42A7-B6D8-DC96C8C0F5B9} -  No File
FF HKCU\...\Firefox\Extensions: [{43a7141d-3b82-4576-af55-f89abdc2f8ab}] - C:\Program Files (x86)\LyricsContainer\131.xpi
CHR HomePage: hxxp://feed.snapdo.com/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=316a50d0-b39e-45f4-965d-1da8865972b7&searchtype=hp&installDate=
CHR DefaultSearchKeyword: search.snapdo.com
CHR DefaultSearchURL: hxxp://feed.snapdo.com/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=316a50d0-b39e-45f4-965d-1da8865972b7&searchtype=ds&q={searchTerms}&installDate=
CHR HKLM-x32\...\Chrome\Extension: [dgldkplledicnbnnliodeffobaiaodaf] - C:\Program Files (x86)\SiteRanker\Chrome\siterank_c.crx [2014-02-16]
C:\Program Files (x86)\LyricsContainer
C:\Program Files (x86)\SiteRanker
       
*****************

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\URLSearchHooks\\{ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} => Value deleted successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\URLSearchHooks\\{238d4b4c-d63c-42a7-b6d8-dc96c8c0f5b9} => Value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2431} => Key deleted successfully.
HKCR\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2431} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{238d4b4c-d63c-42a7-b6d8-dc96c8c0f5b9} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{238d4b4c-d63c-42a7-b6d8-dc96c8c0f5b9} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\!{238d4b4c-d63c-42a7-b6d8-dc96c8c0f5b9} => Value deleted successfully.
HKCR\CLSID\!{238d4b4c-d63c-42a7-b6d8-dc96c8c0f5b9} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\!{ae07101b-46d4-4a98-af68-0333ea26e113} => Value deleted successfully.
HKCR\CLSID\!{ae07101b-46d4-4a98-af68-0333ea26e113} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\!{238d4b4c-d63c-42a7-b6d8-dc96c8c0f5b9} => Value deleted successfully.
HKCR\Wow6432Node\CLSID\!{238d4b4c-d63c-42a7-b6d8-dc96c8c0f5b9} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\!{ae07101b-46d4-4a98-af68-0333ea26e113} => Value deleted successfully.
HKCR\Wow6432Node\CLSID\!{ae07101b-46d4-4a98-af68-0333ea26e113} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EBD898F8-FCF6-4694-BC3B-EABC7271EEB1} => Value deleted successfully.
HKCR\CLSID\{EBD898F8-FCF6-4694-BC3B-EABC7271EEB1} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{238D4B4C-D63C-42A7-B6D8-DC96C8C0F5B9} => Value deleted successfully.
HKCR\CLSID\{238D4B4C-D63C-42A7-B6D8-DC96C8C0F5B9} => Key not found.
HKCU\Software\Mozilla\Firefox\Extensions\\{43a7141d-3b82-4576-af55-f89abdc2f8ab} => Value deleted successfully.
CHR HomePage: hxxp://feed.snapdo.com/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=316a50d0-b39e-45f4-965d-1da8865972b7&searchtype=hp&installDate= ==> The Chrome "Settings" can be used to fix the entry.
CHR DefaultSearchKeyword: search.snapdo.com ==> The Chrome "Settings" can be used to fix the entry.
CHR DefaultSearchURL: hxxp://feed.snapdo.com/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=316a50d0-b39e-45f4-965d-1da8865972b7&searchtype=ds&q={searchTerms}&installDate= ==> The Chrome "Settings" can be used to fix the entry.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dgldkplledicnbnnliodeffobaiaodaf => Key deleted successfully.
"C:\Program Files (x86)\SiteRanker\Chrome\siterank_c.crx" => File/Directory not found.
"C:\Program Files (x86)\LyricsContainer" => File/Directory not found.
"C:\Program Files (x86)\SiteRanker" => File/Directory not found.

==== End of Fixlog ====
Code:
Malwarebytes Anti-Malware (Test) 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2014.03.01.08

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16518
Sofie :: SOFIE-PC [Administrator]

Schutz: Aktiviert

01.03.2014 22:31:17
mbam-log-2014-03-01 (22-31-17).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 218422
Laufzeit: 6 Minute(n), 56 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 1
HKLM\SOFTWARE\SWEETIM (PUP.Optional.SweetIM.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Registrierungswerte: 1
HKLM\Software\SweetIM|simapp_id (PUP.Optional.SweetIM.A) -> Daten: {633F3B70-C9F3-11E1-87FB-C8600010830C} -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 3
C:\Users\Sofie\AppData\Local\Temp\ct3158970 (PUP.Optional.Conduit.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Sofie\AppData\Local\Temp\ct3158970\xpi (PUP.Optional.Conduit.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Sofie\AppData\Local\Temp\CT3241949 (PUP.Optional.Conduit.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateien: 40
C:\Users\Sofie\AppData\Local\Temp\DeltaTB.exe (PUP.Optional.Delta.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Sofie\AppData\Local\Temp\LyricsContainertmp.exe (PUP.Optional.Bundler) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Sofie\AppData\Local\Temp\mgsqlite3.dll (PUP.Optional.SweetIM) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Sofie\AppData\Local\Temp\OptimizerPro_new.zip (PUP.Optional.OptimizePro.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Sofie\AppData\Local\Temp\pricepeep_130001_1001.exe (PUP.Optional.PricePeep.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Sofie\AppData\Local\Temp\Shortcut_bundlesweetimsetup.exe (PUP.Optional.SweetIM) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Sofie\AppData\Local\Temp\SQLite.dll (PUP.Optional.SweetIM) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Sofie\AppData\Local\Temp\UpdateCheckerSetup.exe (PUP.Optional.FilesFrog.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Sofie\AppData\Local\Temp\273d3a33-e35e-4f06-9287-d1cf3fab5272\LinkuryInstaller.msi (PUP.Optional.SmartBar.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Sofie\AppData\Local\Temp\2827278562\chromeupdaterfull.exe (PUP.Optional.SweetIM) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Sofie\AppData\Local\Temp\2bc7f693c2d13e046771d4aac84aa3fd\OptimizerPro.exe (PUP.Optional.OptimizePro.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Sofie\AppData\Local\Temp\2bc7f693c2d13e046771d4aac84aa3fd_\OptimizerPro.exe (PUP.Optional.OptimizePro.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Sofie\AppData\Local\Temp\ct3158970\ieLogic.exe (PUP.Optional.Conduit) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Sofie\AppData\Local\Temp\D1A824F0-BAB0-7891-AFB5-268B9BEA910D\Setup.exe (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Sofie\AppData\Local\Temp\InstallShare22236\bab_setup.exe (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Sofie\AppData\Local\Temp\is1098755234\Vgrabber.exe (PUP.BundleInstaller.VG) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Sofie\AppData\Local\Temp\nsu1DC2.tmp\LyricsContainer_1060-8001_v122.exe (PUP.Optional.LyricsAd) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Sofie\AppData\Local\Temp\nsu1DC2.tmp\wajam_2207-6c14163c.exe (PUP.Optional.Wajam) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Sofie\AppData\Local\Temp\OfferID4\simupdater.exe (PUP.Optional.SweetIM) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Sofie\AppData\Local\Temp\OfferID5\simboapp.exe (PUP.Optional.SweetIM) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Sofie\AppData\Local\Temp\OfferID9000\bundlesweetimsetup.exe (PUP.Optional.SweetIM) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Sofie\AppData\Local\Temp\OfferID9001\bundlesweetimsetup.exe (PUP.Optional.SweetIM) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Sofie\AppData\Local\Temp\OfferID9999\bundlesweetimsetup.exe (PUP.Optional.SweetIM) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Windows\Temp\TBU002\Update.exe (PUP.Optional.Searchprotect) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Windows\Temp\TBU003\Update.exe (PUP.Optional.Searchprotect) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Windows\Temp\TBU004\Update.exe (PUP.Optional.Searchprotect) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Windows\Temp\TBU007\Update.exe (PUP.Optional.Searchprotect) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Windows\Temp\TBU008\Update.exe (PUP.Optional.Searchprotect) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Sofie\AppData\Roaming\Mozilla\Extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433} (PUP.Optional.Searchqu.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Sofie\AppData\Local\Temp\ICReinstall_ICReinstall_video_downloader.exe (PUP.Optional.InstallCore.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Sofie\AppData\Local\Temp\ct3158970\chLogic.exe (PUP.Optional.Conduit.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Sofie\AppData\Local\Temp\ct3158970\CT3158970.txt (PUP.Optional.Conduit.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Sofie\AppData\Local\Temp\ct3158970\CT3158970.xpi (PUP.Optional.Conduit.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Sofie\AppData\Local\Temp\ct3158970\ffLogic.exe (PUP.Optional.Conduit.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Sofie\AppData\Local\Temp\ct3158970\initData.json (PUP.Optional.Conduit.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Sofie\AppData\Local\Temp\ct3158970\manifest.json (PUP.Optional.Conduit.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Sofie\AppData\Local\Temp\ct3158970\statisticsStub.exe (PUP.Optional.Conduit.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Sofie\AppData\Local\Temp\ct3158970\version.txt (PUP.Optional.Conduit.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Sofie\AppData\Local\Temp\ct3158970\xpi\install.rdf (PUP.Optional.Conduit.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Sofie\AppData\Local\Temp\CT3241949\ddt.csf (PUP.Optional.Conduit.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)
Code:
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=60f70132362dfc44a1c40d9273662320
# engine=17283
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-03-02 08:34:54
# local_time=2014-03-02 09:34:54 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=3590 16777213 100 84 4388485 212738680 0 0
# compatibility_mode=5893 16776574 100 94 20120364 145379144 0 0
# scanned=355112
# found=1
# cleaned=0
# scan_time=38438
sh=D32422BFECAD8DA33EC581C0F111E1A0C49A7526 ft=1 fh=37bc181b13a095b6 vn="multiple threats" ac=I fn="C:\Users\Sofie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OTUCYAST\LyricsContainer_1060-8001_up[1]"

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-03-2014 01
Ran by Sofie (administrator) on SOFIE-PC on 02-03-2014 09:44:51
Running from C:\Users\Sofie\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(ASUSTeK Computer Inc.) C:\Windows\system32\FBAgent.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\Common Files\InstantOn\InsOnSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUS) C:\Program Files\P4G\BatteryLife.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(ASUS) C:\Program Files (x86)\Common Files\InstantOn\InsOnWMI.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(ASUS) C:\Windows\AsScrPro.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler64.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
(Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\21.1.0.18\NAV.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\NST.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\NST.exe
(Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\21.1.0.18\NAV.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(Virage Logic Corporation / Sonic Focus) C:\Program Files (x86)\ASUS\ASUS Sonic Focus\SonicFocusTray.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(ASUS) C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2278504 2011-09-19] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2589992 2011-07-20] (ELAN Microelectronics Corp.)
HKLM\...\Run: [IntelPAN] - C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1935120 2011-07-28] (Intel(R) Corporation)
HKLM-x32\...\Run: [Nuance PDF Reader-reminder] - C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe [328992 2008-11-03] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [ASUSPRP] - C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3331312 2011-10-19] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] - C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe [737104 2011-07-29] (ecareme)
HKLM-x32\...\Run: [SonicMasterTray] - C:\Program Files (x86)\ASUS\ASUS Sonic Focus\SonicFocusTray.exe [984400 2010-07-10] (Virage Logic Corporation / Sonic Focus)
HKLM-x32\...\Run: [ATKOSD2] - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5716608 2011-07-22] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] - C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-10-07] (ASUS)
HKLM-x32\...\Run: [HControlUser] - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [Wireless Console 3] - C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2317312 2011-09-13] (ASUS)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2936684877-3664751725-4146889954-1000\...\Run: [Google Update] - "C:\Users\Sofie\AppData\Local\Google\Update\GoogleUpdate.exe" /c
HKU\S-1-5-21-2936684877-3664751725-4146889954-1000\...\MountPoints2: {f25e06c3-2249-11e3-b620-c8600010830c} - F:\Startme.exe
Startup: C:\Users\Sofie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Norton Identity Protection - {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.6.0.27\coIEPlg.dll (Symantec Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton AntiVirus\Engine\21.1.0.18\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Norton Identity Protection - {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\coIEPlg.dll (Symantec Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKLM - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.6.0.27\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Sofie\AppData\Roaming\Mozilla\Firefox\Profiles\rchrgiqv.default
FF NewTab: about:blank
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: ZEON/PDF,version=2.0 - C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Sofie\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Sofie\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
FF HKLM-x32\...\Firefox\Extensions: [fmconverter@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\
FF Extension: Freemake Video Converter Plugin - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\ []
FF HKLM-x32\...\Firefox\Extensions: [{F04D2D30-776C-4d02-8627-8E4385ECA58D}] - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.5.0.67\coFFPlgn\
FF Extension: Norton Identity Safe Toolbar - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.5.0.67\coFFPlgn\ []
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_21.1.0.18\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_21.1.0.18\IPSFF [2013-12-15]

Chrome:
=======
CHR HomePage: https://www.google.de/?gws_rd=cr
CHR Extension: (Adblock Plus) - C:\Users\Sofie\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-02-16]
CHR HKLM-x32\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2012-10-20]
CHR HKLM-x32\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\Exts\Chrome.crx [2014-01-21]

==================== Services (Whitelisted) =================

R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [100864 2012-09-07] (Freemake)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-07-28] ()
R2 NAV; C:\Program Files (x86)\Norton AntiVirus\Engine\21.1.0.18\NAV.exe [262288 2013-10-08] (Symantec Corporation)
R2 NCO; C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\NST.exe [129424 2013-10-06] (Symantec Corporation)

==================== Drivers (Whitelisted) ====================

R3 AiCharger; C:\Windows\SysWOW64\DRIVERS\AiCharger.sys [16768 2011-09-20] (ASUSTek Computer Inc.)
R1 BHDrvx64; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.1.0.18\Definitions\BASHDefs\20140214.001\BHDrvx64.sys [1526488 2013-12-18] (Symantec Corporation)
R1 ccSet_NAV; C:\Windows\system32\drivers\NAVx64\1501000.012\ccSetx64.sys [162392 2013-09-26] (Symantec Corporation)
R1 ccSet_NST; C:\Windows\system32\drivers\NSTx64\7DE06000.01B\ccSetx64.sys [162392 2013-09-27] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-12-05] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2013-12-05] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.1.0.18\Definitions\IPSDefs\20140228.001\IDSvia64.sys [521944 2014-01-21] (Symantec Corporation)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.1.0.18\Definitions\VirusDefs\20140301.008\ENG64.SYS [126040 2014-02-26] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.1.0.18\Definitions\VirusDefs\20140301.008\EX64.SYS [2099288 2014-02-26] (Symantec Corporation)
R1 SRTSP; C:\Windows\System32\Drivers\NAVx64\1501000.012\SRTSP64.SYS [858200 2013-09-27] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NAVx64\1501000.012\SRTSPX64.SYS [36952 2013-09-10] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NAVx64\1501000.012\SYMDS64.SYS [493656 2013-09-10] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NAVx64\1501000.012\SYMEFA64.SYS [1147480 2013-09-27] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2013-12-06] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NAVx64\1501000.012\Ironx64.SYS [264280 2013-09-27] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NAVx64\1501000.012\SYMNETS.SYS [590936 2013-09-26] (Symantec Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-02 09:44 - 2014-03-02 09:44 - 00016841 _____ () C:\Users\Sofie\Desktop\FRST.txt
2014-03-02 09:44 - 2014-03-02 09:44 - 00000000 ____D () C:\Users\Sofie\Desktop\FRST-OlderVersion
2014-03-01 22:48 - 2014-03-01 22:49 - 02347384 _____ (ESET) C:\Users\Sofie\Downloads\esetsmartinstaller_enu.exe
2014-03-01 22:29 - 2014-03-01 22:29 - 00000000 ____D () C:\Users\Sofie\AppData\Roaming\Malwarebytes
2014-03-01 22:29 - 2014-03-01 22:29 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-01 22:29 - 2014-03-01 22:29 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware
2014-03-01 22:29 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-01 21:36 - 2013-12-10 18:43 - 00038200 _____ (TuneUp Software) C:\Windows\system32\uxtD34.tmp
2014-03-01 21:34 - 2014-03-01 21:34 - 00000000 ____D () C:\Users\Sofie\AppData\Roaming\TuneUp Software
2014-03-01 21:33 - 2014-03-01 21:36 - 00000000 ____D () C:\ProgramData\TuneUp Software
2014-03-01 21:33 - 2014-03-01 21:33 - 00000000 __SHD () C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2014-03-01 16:36 - 2014-03-01 16:37 - 00000000 ____D () C:\AdwCleaner
2014-03-01 14:31 - 2014-03-02 09:44 - 00000000 ____D () C:\Users\Sofie\Desktop\Laptopreinigung
2014-03-01 12:41 - 2014-03-02 09:44 - 02156544 _____ (Farbar) C:\Users\Sofie\Desktop\FRST64.exe
2014-03-01 12:17 - 2014-03-02 09:44 - 00000000 ____D () C:\FRST
2014-02-21 15:56 - 2014-02-21 15:56 - 17858952 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-02-16 10:03 - 2013-12-21 10:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-16 10:03 - 2013-12-21 09:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-16 10:02 - 2014-02-06 13:16 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-16 10:02 - 2014-02-06 12:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-16 10:02 - 2014-02-06 12:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-16 10:02 - 2014-02-06 12:12 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-16 10:02 - 2014-02-06 12:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-16 10:02 - 2014-02-06 12:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-16 10:02 - 2014-02-06 11:57 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-16 10:02 - 2014-02-06 11:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-16 10:02 - 2014-02-06 11:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-16 10:02 - 2014-02-06 11:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-16 10:02 - 2014-02-06 11:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-16 10:02 - 2014-02-06 11:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-16 10:02 - 2014-02-06 11:38 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-16 10:02 - 2014-02-06 11:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-16 10:02 - 2014-02-06 11:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-16 10:02 - 2014-02-06 11:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-16 10:02 - 2014-02-06 11:11 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-16 10:02 - 2014-02-06 11:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-16 10:02 - 2014-02-06 11:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-16 10:02 - 2014-02-06 10:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-16 10:02 - 2014-02-06 10:57 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-16 10:02 - 2014-02-06 10:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-16 10:02 - 2014-02-06 10:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-16 10:02 - 2014-02-06 10:50 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-16 10:02 - 2014-02-06 10:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-16 10:02 - 2014-02-06 10:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-16 10:02 - 2014-02-06 10:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-16 10:02 - 2014-02-06 10:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-16 10:02 - 2014-02-06 10:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-16 10:02 - 2014-02-06 10:24 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-16 10:02 - 2014-02-06 10:22 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-16 10:02 - 2014-02-06 10:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-16 10:02 - 2014-02-06 10:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-16 10:02 - 2014-02-06 10:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-16 10:02 - 2014-02-06 09:55 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-16 10:02 - 2014-02-06 09:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-16 10:02 - 2014-02-06 09:40 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-16 10:02 - 2014-02-06 09:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-16 10:02 - 2014-02-06 09:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-12 21:59 - 2014-01-01 00:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-02-12 21:59 - 2014-01-01 00:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-12 21:59 - 2013-12-25 00:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-12 21:59 - 2013-12-24 23:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-12 21:59 - 2013-12-06 03:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-12 21:59 - 2013-12-06 03:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-12 21:59 - 2013-12-06 03:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-12 21:59 - 2013-12-06 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-02-12 21:59 - 2013-12-04 03:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-12 21:59 - 2013-12-04 03:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-12 21:59 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-12 21:59 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-12 21:59 - 2013-12-04 03:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-12 21:59 - 2013-12-04 03:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-12 21:59 - 2013-12-04 03:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-12 21:59 - 2013-12-04 03:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-12 21:59 - 2013-12-04 03:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-12 21:59 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-02-12 21:59 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-02-12 21:59 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-02-12 21:59 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-02-12 21:59 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-12 21:59 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-02-12 21:59 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-02-12 21:59 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-02-12 21:59 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-02-12 21:59 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-12 21:59 - 2013-11-22 23:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll

==================== One Month Modified Files and Folders =======

2014-03-02 09:45 - 2014-03-02 09:44 - 00016841 _____ () C:\Users\Sofie\Desktop\FRST.txt
2014-03-02 09:44 - 2014-03-02 09:44 - 00000000 ____D () C:\Users\Sofie\Desktop\FRST-OlderVersion
2014-03-02 09:44 - 2014-03-01 14:31 - 00000000 ____D () C:\Users\Sofie\Desktop\Laptopreinigung
2014-03-02 09:44 - 2014-03-01 12:41 - 02156544 _____ (Farbar) C:\Users\Sofie\Desktop\FRST64.exe
2014-03-02 09:44 - 2014-03-01 12:17 - 00000000 ____D () C:\FRST
2014-03-02 09:28 - 2012-08-12 22:16 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-02 09:09 - 2012-07-13 14:36 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-02 08:35 - 2012-07-31 21:43 - 00075150 _____ () C:\Windows\setupact.log
2014-03-01 23:16 - 2012-01-20 00:19 - 01474278 _____ () C:\Windows\WindowsUpdate.log
2014-03-01 22:52 - 2009-07-14 05:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-01 22:52 - 2009-07-14 05:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-01 22:49 - 2014-03-01 22:48 - 02347384 _____ (ESET) C:\Users\Sofie\Downloads\esetsmartinstaller_enu.exe
2014-03-01 22:44 - 2012-07-13 14:36 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-01 22:44 - 2012-01-20 00:29 - 00001576 _____ () C:\Windows\system32\ServiceFilter.ini
2014-03-01 22:43 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-01 22:42 - 2012-08-14 15:43 - 00302556 _____ () C:\Windows\PFRO.log
2014-03-01 22:29 - 2014-03-01 22:29 - 00000000 ____D () C:\Users\Sofie\AppData\Roaming\Malwarebytes
2014-03-01 22:29 - 2014-03-01 22:29 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-01 22:29 - 2014-03-01 22:29 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware
2014-03-01 21:36 - 2014-03-01 21:33 - 00000000 ____D () C:\ProgramData\TuneUp Software
2014-03-01 21:34 - 2014-03-01 21:34 - 00000000 ____D () C:\Users\Sofie\AppData\Roaming\TuneUp Software
2014-03-01 21:33 - 2014-03-01 21:33 - 00000000 __SHD () C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2014-03-01 16:37 - 2014-03-01 16:36 - 00000000 ____D () C:\AdwCleaner
2014-03-01 16:37 - 2012-06-22 05:45 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-01 16:37 - 2012-06-08 09:11 - 00000000 ___RD () C:\Users\Sofie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-01 11:20 - 2011-10-19 05:11 - 09159726 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-03-01 11:20 - 2011-04-11 13:05 - 00482554 _____ () C:\Windows\system32\perfh001.dat
2014-03-01 11:20 - 2011-04-11 13:05 - 00098716 _____ () C:\Windows\system32\perfc001.dat
2014-03-01 11:20 - 2011-03-17 12:52 - 00728140 _____ () C:\Windows\system32\perfh019.dat
2014-03-01 11:20 - 2011-03-17 12:52 - 00154786 _____ () C:\Windows\system32\perfc019.dat
2014-03-01 11:20 - 2011-02-19 06:02 - 00395884 _____ () C:\Windows\system32\perfh00D.dat
2014-03-01 11:20 - 2011-02-19 06:02 - 00088702 _____ () C:\Windows\system32\perfc00D.dat
2014-03-01 11:20 - 2011-02-19 05:56 - 00610528 _____ () C:\Windows\system32\perfh008.dat
2014-03-01 11:20 - 2011-02-19 05:56 - 00115072 _____ () C:\Windows\system32\perfc008.dat
2014-03-01 11:20 - 2011-02-19 05:51 - 00412012 _____ () C:\Windows\system32\prfh0404.dat
2014-03-01 11:20 - 2011-02-19 05:51 - 00126088 _____ () C:\Windows\system32\prfc0404.dat
2014-03-01 11:20 - 2011-02-19 05:45 - 00732558 _____ () C:\Windows\system32\prfh0816.dat
2014-03-01 11:20 - 2011-02-19 05:45 - 00156850 _____ () C:\Windows\system32\prfc0816.dat
2014-03-01 11:20 - 2011-02-19 05:40 - 00747038 _____ () C:\Windows\system32\perfh013.dat
2014-03-01 11:20 - 2011-02-19 05:40 - 00157046 _____ () C:\Windows\system32\perfc013.dat
2014-03-01 11:20 - 2011-02-19 05:35 - 00743586 _____ () C:\Windows\system32\perfh010.dat
2014-03-01 11:20 - 2011-02-19 05:35 - 00150790 _____ () C:\Windows\system32\perfc010.dat
2014-03-01 11:20 - 2011-02-19 05:29 - 00749256 _____ () C:\Windows\system32\perfh00C.dat
2014-03-01 11:20 - 2011-02-19 05:29 - 00153524 _____ () C:\Windows\system32\perfc00C.dat
2014-03-01 11:20 - 2011-02-19 05:24 - 00711078 _____ () C:\Windows\system32\perfh007.dat
2014-03-01 11:20 - 2011-02-19 05:24 - 00153526 _____ () C:\Windows\system32\perfc007.dat
2014-03-01 11:20 - 2011-02-19 05:19 - 00748996 _____ () C:\Windows\system32\perfh00A.dat
2014-03-01 11:20 - 2011-02-19 05:19 - 00162418 _____ () C:\Windows\system32\perfc00A.dat
2014-03-01 11:20 - 2009-07-14 06:13 - 09159726 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-28 23:24 - 2013-07-31 17:25 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-28 23:17 - 2012-06-27 11:16 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-24 17:48 - 2012-06-11 16:50 - 00000000 ____D () C:\Users\Sofie\AppData\Roaming\Skype
2014-02-21 15:57 - 2012-08-12 22:16 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-21 15:57 - 2012-07-16 17:25 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-21 15:57 - 2012-07-16 17:25 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-21 15:56 - 2014-02-21 15:56 - 17858952 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-02-16 13:36 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\he-IL
2014-02-16 13:36 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\ar-SA
2014-02-16 13:36 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\he-IL
2014-02-16 13:36 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\ar-SA
2014-02-16 10:22 - 2012-06-08 09:24 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-02-16 10:05 - 2009-07-14 03:34 - 00000478 _____ () C:\Windows\win.ini
2014-02-15 22:10 - 2012-07-13 17:10 - 00000000 ____D () C:\Users\Sofie\AppData\Local\CrashDumps
2014-02-15 22:04 - 2012-07-13 14:36 - 00004104 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-15 22:04 - 2012-07-13 14:36 - 00003852 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-15 00:48 - 2012-06-24 17:43 - 00000000 ___RD () C:\Users\Sofie\Desktop\Programme
2014-02-11 21:42 - 2009-07-14 04:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-02-11 21:42 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-02-06 13:16 - 2014-02-16 10:02 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-06 12:30 - 2014-02-16 10:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-06 12:30 - 2014-02-16 10:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-06 12:12 - 2014-02-16 10:02 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-06 12:07 - 2014-02-16 10:02 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-06 12:06 - 2014-02-16 10:02 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-06 11:57 - 2014-02-16 10:02 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-06 11:56 - 2014-02-16 10:02 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-06 11:52 - 2014-02-16 10:02 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-06 11:49 - 2014-02-16 10:02 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-06 11:48 - 2014-02-16 10:02 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-06 11:48 - 2014-02-16 10:02 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-06 11:38 - 2014-02-16 10:02 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-06 11:32 - 2014-02-16 10:02 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-06 11:20 - 2014-02-16 10:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-06 11:17 - 2014-02-16 10:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-06 11:11 - 2014-02-16 10:02 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-06 11:01 - 2014-02-16 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-06 11:00 - 2014-02-16 10:02 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-06 10:57 - 2014-02-16 10:02 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-06 10:57 - 2014-02-16 10:02 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-06 10:52 - 2014-02-16 10:02 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-06 10:52 - 2014-02-16 10:02 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-06 10:50 - 2014-02-16 10:02 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-06 10:49 - 2014-02-16 10:02 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-06 10:47 - 2014-02-16 10:02 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-06 10:46 - 2014-02-16 10:02 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-06 10:25 - 2014-02-16 10:02 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-06 10:25 - 2014-02-16 10:02 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-06 10:24 - 2014-02-16 10:02 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-06 10:22 - 2014-02-16 10:02 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-06 10:13 - 2014-02-16 10:02 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-06 10:09 - 2014-02-16 10:02 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-06 10:03 - 2014-02-16 10:02 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-06 09:55 - 2014-02-16 10:02 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-06 09:41 - 2014-02-16 10:02 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-06 09:40 - 2014-02-16 10:02 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-06 09:36 - 2014-02-16 10:02 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-06 09:34 - 2014-02-16 10:02 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-04 09:39 - 2011-01-07 14:02 - 00829264 _____ (Microsoft Corporation) C:\Windows\system32\msvcr100.dll
2014-02-04 09:39 - 2011-01-07 14:02 - 00608080 _____ (Microsoft Corporation) C:\Windows\system32\msvcp100.dll

Files to move or delete:
====================
C:\Users\Public\AlexaNSISPlugin.9140.dll


Some content of TEMP:
====================
C:\Users\Sofie\AppData\Local\Temp\BackupSetup.exe
C:\Users\Sofie\AppData\Local\Temp\Browser_Helper_Companion_DE.exe
C:\Users\Sofie\AppData\Local\Temp\FreemakeVideoConverter_3.1.2.0.exe
C:\Users\Sofie\AppData\Local\Temp\ICReinstall_video_downloader.exe
C:\Users\Sofie\AppData\Local\Temp\installhelper.dll
C:\Users\Sofie\AppData\Local\Temp\NEW_CORRECT_incredibar_install.exe
C:\Users\Sofie\AppData\Local\Temp\Quarantine.exe
C:\Users\Sofie\AppData\Local\Temp\SIMEEI2Installer.exe
C:\Users\Sofie\AppData\Local\Temp\SIMEEIInstaller.exe
C:\Users\Sofie\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Sofie\AppData\Local\Temp\sqlite3.dll
C:\Users\Sofie\AppData\Local\Temp\SRAssetsHelper.dll
C:\Users\Sofie\AppData\Local\Temp\TUUUninstallHelper.exe
C:\Users\Sofie\AppData\Local\Temp\tvaudcyo.dll
C:\Users\Sofie\AppData\Local\Temp\vcredist_x64.exe
C:\Users\Sofie\AppData\Local\Temp\vcredist_x86.exe
C:\Users\Sofie\AppData\Local\Temp\vlc-2.0.2-win32.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2009-07-29 06:04

==================== End Of Log ============================
--- --- ---

--- --- ---


Alle Zeitangaben in WEZ +1. Es ist jetzt 04:57 Uhr.
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131