Trojaner-Board
Seite 2 von 3 1 2 3
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   iStartSurf deinstallieren (https://www.trojaner-board.de/158218-istartsurf-deinstallieren.html)

Tinti 03.09.2014 08:05
Teil 2

Code:
(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-03 08:17 - 2014-09-02 11:49 - 00000000 ____D () C:\FRST
2014-09-03 07:54 - 2009-07-14 06:45 - 00015104 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-03 07:54 - 2009-07-14 06:45 - 00015104 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-03 07:53 - 2013-06-14 23:43 - 01758725 _____ () C:\Windows\WindowsUpdate.log
2014-09-03 07:47 - 2014-08-25 23:05 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d5b784a456c2a23342a325557.job
2014-09-03 07:47 - 2013-06-16 16:47 - 00000000 ____D () C:\Users\Martina\AppData\Local\Adobe
2014-09-03 07:46 - 2014-08-21 16:09 - 00000000 ____D () C:\ProgramData\TEMP
2014-09-03 07:46 - 2013-09-18 15:26 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-09-03 07:44 - 2009-07-14 06:51 - 00075101 _____ () C:\Windows\setupact.log
2014-09-02 21:44 - 2013-10-27 07:21 - 00000000 ____D () C:\Users\Martina\AppData\Local\CrashDumps
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedMaxPc
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\ProgramData\SpeedMaxPc
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\Program Files (x86)\SpeedMaxPc
2014-09-02 14:02 - 2013-08-09 13:39 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Skype
2014-09-02 10:40 - 2014-09-02 09:52 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Nico Mak Computing
2014-09-02 08:45 - 2014-09-02 07:07 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-09-02 07:15 - 2014-08-21 16:08 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\istartsurf
2014-09-02 07:09 - 2014-09-02 07:09 - 00000000 _____ () C:\autoexec.bat
2014-09-02 07:08 - 2014-09-02 07:08 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-09-01 22:35 - 2013-06-15 03:18 - 00323572 _____ () C:\Windows\PFRO.log
2014-09-01 22:21 - 2014-08-21 16:12 - 00000000 ____D () C:\Program Files (x86)\FLVPlayer
2014-09-01 22:20 - 2014-08-21 16:15 - 00000000 ____D () C:\Program Files (x86)\TheGoPhoto.it V10
2014-09-01 22:20 - 2014-08-21 16:13 - 00000000 ____D () C:\Program Files (x86)\TheHDvid-Codec V10
2014-09-01 21:49 - 2014-08-30 16:16 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-09-01 14:33 - 2014-09-01 14:33 - 00003073 _____ () C:\AdwCleaner[R17].txt
2014-09-01 11:43 - 2013-11-29 17:31 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-09-01 11:18 - 2009-07-14 19:58 - 00699666 _____ () C:\Windows\system32\perfh007.dat
2014-09-01 11:18 - 2009-07-14 19:58 - 00149774 _____ () C:\Windows\system32\perfc007.dat
2014-09-01 11:18 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-31 20:35 - 2013-06-15 00:30 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\vlc
2014-08-31 19:56 - 2014-08-16 10:48 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\dvdcss
2014-08-31 18:21 - 2014-08-31 18:21 - 00003050 _____ () C:\AdwCleaner[S14].txt
2014-08-31 18:21 - 2014-08-31 18:21 - 00002951 _____ () C:\AdwCleaner[R16].txt
2014-08-30 20:38 - 2014-08-30 20:38 - 00110730 _____ () C:\AdwCleaner[S13].txt
2014-08-30 20:37 - 2014-08-30 20:37 - 00110629 _____ () C:\AdwCleaner[R15].txt
2014-08-30 19:11 - 2014-08-30 16:25 - 00000000 ____D () C:\Users\Martina\.birdfont
2014-08-30 16:25 - 2013-06-14 23:48 - 00000000 ____D () C:\Users\Martina
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Birdfont
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Program Files (x86)\Birdfont
2014-08-30 16:18 - 2014-08-30 16:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InetStat
2014-08-30 16:17 - 2014-08-30 16:16 - 00000000 _____ () C:\END
2014-08-30 16:16 - 2014-08-30 16:16 - 00000000 ____D () C:\Users\Martina\AppData\Local\SearchProtect
2014-08-29 20:07 - 2009-07-14 06:45 - 05101376 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-27 20:00 - 2014-08-27 20:00 - 00003072 _____ () C:\AdwCleaner[S12].txt
2014-08-27 20:00 - 2014-08-27 20:00 - 00003003 _____ () C:\AdwCleaner[R14].txt
2014-08-23 21:29 - 2014-08-23 12:40 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d2d37505a2a6c55326c342341.job
2014-08-23 10:00 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files (x86)\YouTube Accelerator
2014-08-23 04:07 - 2014-08-28 21:00 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 03:45 - 2014-08-28 21:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-23 02:59 - 2014-08-28 21:00 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-22 18:23 - 2014-08-22 18:23 - 00000000 ____D () C:\ProgramData\374311380
2014-08-21 16:15 - 2014-08-21 16:15 - 00004492 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-11.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001818 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-1.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001700 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5_user.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001680 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001410 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-2.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00000896 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore1cfbd4a5e77343e.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001826 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-1.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001704 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5_user.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001684 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001414 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-2.job
2014-08-21 16:14 - 2014-08-21 16:13 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-08-21 16:13 - 2014-08-21 16:13 - 00004494 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-11.job
2014-08-21 16:13 - 2014-08-21 16:13 - 00000000 ____D () C:\Users\Martina\AppData\Local\globalUpdate
2014-08-21 16:12 - 2014-08-21 16:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FLVPlayer
2014-08-21 16:10 - 2014-08-21 16:10 - 00000260 _____ () C:\Windows\Tasks\Launch 21752.job
2014-08-21 16:10 - 2014-08-21 16:10 - 00000000 ____D () C:\ProgramData\YTAHelper
2014-08-21 16:10 - 2014-08-21 16:10 - 00000000 ____D () C:\ProgramData\ShopperPro
2014-08-21 16:10 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files (x86)\YTAHelper
2014-08-21 16:10 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files (x86)\ShopperPro
2014-08-21 16:09 - 2014-08-21 16:09 - 00172032 _____ (Jin Hui E-mail: jinhui@jcomsoft.com Web: hxxp://www.jcomsoft.com) C:\Windows\SysWOW64\AniGIF.ocx
2014-08-21 16:09 - 2014-08-21 16:09 - 00001109 _____ () C:\Users\Martina\Desktop\YouTube Accelerator.lnk
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Users\Martina\AppData\Local\CrashRpt
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YouTube Accelerator
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files\Common Files\ShopperPro
2014-08-21 16:08 - 2014-08-21 16:08 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-08-21 16:08 - 2013-06-16 16:53 - 00002354 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-21 16:08 - 2013-06-15 00:32 - 00001358 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-08-21 16:08 - 2013-06-14 23:49 - 00001649 _____ () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\High-Logic FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Local\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\High-Logic FontCreator
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieUserList
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieSiteList
2014-08-20 21:09 - 2014-08-20 21:09 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\DesktopIconGoodgame
2014-08-20 21:09 - 2014-08-20 20:28 - 00000000 ____D () C:\Program Files (x86)\FontForge
2014-08-20 20:46 - 2014-08-20 20:30 - 00000000 ____D () C:\Users\Martina\AppData\Local\Abelssoft
2014-08-20 20:31 - 2014-08-20 20:31 - 00000366 _____ () C:\Windows\Tasks\Updater scan.job
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Abelssoft
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\ProgramData\XDMessagingv4
2014-08-20 20:30 - 2013-06-15 00:32 - 00113576 _____ () C:\Users\Martina\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-20 20:29 - 2014-08-20 20:29 - 00001013 _____ () C:\Users\Public\Desktop\CHIP Updater.lnk
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CHIP Updater
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\Program Files (x86)\CHIP Updater
2014-08-20 20:28 - 2014-08-20 20:28 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FontForge
2014-08-19 15:23 - 2014-08-19 15:23 - 00001100 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-19 15:23 - 2014-08-14 14:22 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-19 15:23 - 2013-08-18 13:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-08-19 15:22 - 2013-08-18 13:04 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-08-14 14:22 - 2013-08-18 13:04 - 00000000 ____D () C:\ProgramData\Avira
2014-08-14 08:08 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-14 07:52 - 2013-06-16 18:01 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-14 07:42 - 2013-08-14 20:07 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-14 07:36 - 2013-06-15 01:38 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-14 07:25 - 2014-05-07 03:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-11 09:18 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\tmp
2014-08-07 08:58 - 2014-08-07 08:58 - 00000000 ____D () C:\Users\Martina\restore
2014-08-07 04:06 - 2014-08-13 20:41 - 00529920 _____ (Microsoft Corporation) C:\WiScan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-09-2014
Ran by Martina (administrator) on NB01KRZBMA on 03-09-2014 08:17:04
Running from D:\Martina\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Fuyu LIMITED) C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(ShopperPro) C:\Program Files\Common Files\ShopperPro\spbiu.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(GOOBZO) C:\Program Files (x86)\YouTube Accelerator\YouTubeAcceleratorService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
() C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.486\jsdrv.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(globalUpdate) C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Farbar) D:\Martina\Desktop\FRST64 (1).exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [790176 2011-03-31] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [657056 2011-03-31] (Atheros Commnucations)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-09-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-14] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2237328 2013-11-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1273448 2012-04-03] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [449168 2012-03-26] (CANON INC.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [161584 2014-08-04] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SPDriver] => C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.486\jsdrv.exe [3211776 2014-08-07] ()
HKU\.DEFAULT\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-06-15] (Microsoft Corporation)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21446272 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [LiveSupport] => "C:\Program Files (x86)\LiveSupport\LiveSupport.exe" /noshow /log
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [GoobzoYouTubeAccelerator] => C:\Program Files (x86)\YouTube Accelerator\YouTubeAccelerator.exe [2227048 2014-08-21] (GOOBZO)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [SPDriver] => C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.486\jsdrv.exe [3211776 2014-08-07] ()
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-06-16] (Google Inc.)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\RunOnce: [Uninstall C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64"
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\RunOnce: [Uninstall C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64"
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: F - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {9f0476a4-d6a2-11e2-b1ce-90004eb858ed} - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {9f0476aa-d6a2-11e2-b1ce-90004eb858ed} - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {9f0476d6-d6a2-11e2-b1ce-90004eb858ed} - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {c3dde93d-99b1-11e3-9283-90004eb858ee} - F:\Startme.exe
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll [232408 2014-08-31] (Client Connect LTD)
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll [187352 2014-08-31] (Client Connect LTD)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\simplicheck.lnk
ShortcutTarget: simplicheck.lnk -> C:\Program Files (x86)\simplitec\simplicheck\simplicheck.exe (simplitec)
ShellIconOverlayIdentifiers:  AccExtIco1 -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers:  AccExtIco2 -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers:  AccExtIco3 -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.trovi.com/?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MBE1B69C2-1A5C-4CA3-9376-6B92DBDE9BCF&SearchSource=55&CUI=&UM=6&UP=SPAA41E917-BF56-450F-9DCA-0EBCA6938BAD&SSPV=
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x46388F1AA669CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://at.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-AT
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hp&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
URLSearchHook: HKCU - SearchHook Class - {D8278076-BC68-4484-9233-6E7F1628B56C} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\searchhook.dll (APN LLC.)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.istartsurf.com/?type=sc&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MBE1B69C2-1A5C-4CA3-9376-6B92DBDE9BCF&SearchSource=58&CUI=&UM=6&UP=SPAA41E917-BF56-450F-9DCA-0EBCA6938BAD&q={searchTerms}&SSPV=
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MBE1B69C2-1A5C-4CA3-9376-6B92DBDE9BCF&SearchSource=58&CUI=&UM=6&UP=SPAA41E917-BF56-450F-9DCA-0EBCA6938BAD&q={searchTerms}&SSPV=
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Avira SearchFree Toolbar -> {41564952-412D-5637-00A7-7A786E7484D7} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Shopper Pro -> {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} -> C:\ProgramData\ShopperPro\ShopperPro64.dll (Goobzo Ltd.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: DVDVideoSoft WebPageAdjuster Class -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO: YTAHelper -> {FCE3FA8B-BA81-467C-81D8-E43C00D1BC71} -> C:\ProgramData\YTAHelper\YTAHelper64.dll (Goobzo Ltd.)
BHO-x32: Avira SearchFree Toolbar -> {41564952-412D-5637-00A7-7A786E7484D7} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: No Name -> {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} ->  No File
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: FindRight -> {cf710881-c002-4ea4-860a-b6931b040948} -> C:\Program Files (x86)\FindRight\FindRightbho.dll (FindRight)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DVDVideoSoft WebPageAdjuster Class -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
BHO-x32: YTAHelper -> {FCE3FA8B-BA81-467C-81D8-E43C00D1BC71} -> C:\ProgramData\YTAHelper\YTAHelper.dll (Goobzo Ltd.)
Toolbar: HKLM - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
Toolbar: HKLM-x32 - mysearchdial Toolbar - {3004627E-F8E9-4E8B-909D-316753CBA923} - C:\Program Files (x86)\Mysearchdial\1.8.21.0\mysearchdialTlbr.dll No File
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default
FF NewTab: hxxp://www.istartsurf.com/newtab/?type=nt&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX
FF DefaultSearchEngine: istartsurf
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: istartsurf
FF Homepage: hxxp://www.istartsurf.com/?type=hp&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF SearchPlugin: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\bingp.xml
FF SearchPlugin: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\BrowserDefender.xml
FF SearchPlugin: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\delta.xml
FF SearchPlugin: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\Mysearchdial.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\istartsurf.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
FF Extension: TheHDvid-Codec V10 - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\43f13f31-cec7-4ac7-ad4a-18dfdaeae120@gmail.com [2014-08-21]
FF Extension: TheGoPhoto.it V10 - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\EWBNO58637124@CLP39222015.com [2014-08-21]
FF Extension: Fast Start - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\faststartff@gmail.com [2014-08-21]
FF Extension: Avira SearchFree Toolbar plus Web Protection - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\toolbar_AVIRA-V7@apn.ask.com [2013-08-18]
FF Extension: Youtube Accelerator Helper - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\{4C59F3E5-BBD0-4344-8DD2-30866FA0B31E} [2014-08-21]
FF Extension: Shopper-Pro - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\{746505DC-0E21-4667-97F8-72EA6BCF5EEF} [2014-08-21]
FF Extension: FindRight - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\firefox@myfindright.com.xpi [2014-02-18]
FF Extension: Avira SearchFree Toolbar plus Web Protection - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\toolbar_AVIRA-V7@apn.ask.com.xpi [2014-02-21]
FF HKLM-x32\...\Firefox\Extensions: [fiddlerhook@fiddler2.com] - C:\Program Files (x86)\Fiddler2\FiddlerHook
FF Extension: FiddlerHook - C:\Program Files (x86)\Fiddler2\FiddlerHook [2013-06-16]
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2013-07-13]
FF HKLM-x32\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\extensions\faststartff@gmail.com
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe hxxp://www.istartsurf.com/?type=sc&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX

Chrome:
=======
CHR StartupUrls: Default -> "https://www.google.at/?gws_rd=ssl#q=was+ist+it+surf%3F"
CHR DefaultSuggestURL: Default ->
CHR Profile: C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-31]
CHR Extension: (Google Drive) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-31]
CHR Extension: (YouTube) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-31]
CHR Extension: (Google-Suche) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-31]
CHR Extension: (DVDVideoSoft) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp [2013-07-14]
CHR Extension: (Google Wallet) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-27]
CHR Extension: (Google Mail) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-31]
CHR Extension: (Extutil) - C:\Users\Martina\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B [2014-08-31]
CHR Extension: (Managera) - C:\Users\Martina\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42 [2014-08-31]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2013-07-13]
CHR HKLM-x32\...\Chrome\Extension: [aaaaacalgebmfelllfiaoknifldpngjh] - C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7\CRX\ToolbarCR.crx [2014-02-21]
CHR StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe hxxp://www.istartsurf.com/?type=sc&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1021008 2014-08-14] (Avira Operations GmbH & Co. KG)
S4 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2014-02-13] () [File not signed]
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [146592 2011-03-31] (Atheros) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [75936 2011-03-31] (Atheros Commnucations) [File not signed]
S2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [149296 2014-08-04] (Avira Operations GmbH & Co. KG)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2356408 2014-06-19] (Microsoft Corporation)
R2 CltMngSvc; C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe [2998232 2014-08-31] (Client Connect LTD)
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-08-21] (globalUpdate) [File not signed]
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-08-21] (globalUpdate) [File not signed]
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] ()
R2 SPBIUpd; C:\Program Files\Common Files\ShopperPro\spbiu.exe [2346880 2014-08-07] (ShopperPro)
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [528896 2014-08-21] (Fuyu LIMITED) [File not signed]
R2 YouTubeAcceleratorService; C:\Program Files (x86)\YouTube Accelerator\YouTubeAcceleratorService.exe [1510248 2014-08-21] (GOOBZO)
S2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe -service [X]
S2 Wajam Internet Enhancer Service; C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\WajamInternetEnhancerService.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-07-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-10] (Avira Operations GmbH & Co. KG)
R3 SPBIUpdd; C:\Program Files\Common Files\ShopperPro\spbiw.sys [41856 2014-08-07] ()
R2 SPDRIVER_1.37.0.486; C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.486\jsdrv.sys [52584 2014-08-07] ()
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
R3 SPPD; \??\C:\Windows\system32\drivers\SPPD.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedMaxPc
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\ProgramData\SpeedMaxPc
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\Program Files (x86)\SpeedMaxPc
2014-09-02 11:49 - 2014-09-03 08:17 - 00000000 ____D () C:\FRST
2014-09-02 09:52 - 2014-09-02 10:40 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Nico Mak Computing
2014-09-02 07:09 - 2014-09-02 07:09 - 00000000 _____ () C:\autoexec.bat
2014-09-02 07:08 - 2014-09-02 07:08 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-09-02 07:07 - 2014-09-02 08:45 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-09-01 14:33 - 2014-09-01 14:33 - 00003073 _____ () C:\AdwCleaner[R17].txt
2014-08-31 18:21 - 2014-08-31 18:21 - 00003050 _____ () C:\AdwCleaner[S14].txt
2014-08-31 18:21 - 2014-08-31 18:21 - 00002951 _____ () C:\AdwCleaner[R16].txt
2014-08-30 20:38 - 2014-08-30 20:38 - 00110730 _____ () C:\AdwCleaner[S13].txt
2014-08-30 20:37 - 2014-08-30 20:37 - 00110629 _____ () C:\AdwCleaner[R15].txt
2014-08-30 16:25 - 2014-08-30 19:11 - 00000000 ____D () C:\Users\Martina\.birdfont
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Birdfont
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Program Files (x86)\Birdfont
2014-08-30 16:18 - 2014-08-30 16:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InetStat
2014-08-30 16:16 - 2014-09-01 21:49 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-08-30 16:16 - 2014-08-30 16:17 - 00000000 _____ () C:\END
2014-08-30 16:16 - 2014-08-30 16:16 - 00000000 ____D () C:\Users\Martina\AppData\Local\SearchProtect
2014-08-28 21:00 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-28 21:00 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-28 21:00 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-27 20:00 - 2014-08-27 20:00 - 00003072 _____ () C:\AdwCleaner[S12].txt
2014-08-27 20:00 - 2014-08-27 20:00 - 00003003 _____ () C:\AdwCleaner[R14].txt
2014-08-25 23:05 - 2014-09-03 07:47 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d5b784a456c2a23342a325557.job
2014-08-23 12:40 - 2014-08-23 21:29 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d2d37505a2a6c55326c342341.job
2014-08-22 18:23 - 2014-08-22 18:23 - 00000000 ____D () C:\ProgramData\374311380
2014-08-21 16:15 - 2014-09-01 22:20 - 00000000 ____D () C:\Program Files (x86)\TheGoPhoto.it V10
2014-08-21 16:15 - 2014-08-21 16:15 - 00004492 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-11.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001818 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-1.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001700 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5_user.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001680 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001410 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-2.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00000896 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore1cfbd4a5e77343e.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001826 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-1.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001704 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5_user.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001684 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001414 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-2.job
2014-08-21 16:13 - 2014-09-01 22:20 - 00000000 ____D () C:\Program Files (x86)\TheHDvid-Codec V10
2014-08-21 16:13 - 2014-08-21 16:14 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-08-21 16:13 - 2014-08-21 16:13 - 00004494 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-11.job
2014-08-21 16:13 - 2014-08-21 16:13 - 00000000 ____D () C:\Users\Martina\AppData\Local\globalUpdate
2014-08-21 16:12 - 2014-09-01 22:21 - 00000000 ____D () C:\Program Files (x86)\FLVPlayer
2014-08-21 16:12 - 2014-08-21 16:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FLVPlayer
2014-08-21 16:10 - 2014-08-21 16:10 - 00000260 _____ () C:\Windows\Tasks\Launch 21752.job
2014-08-21 16:10 - 2014-08-21 16:10 - 00000000 ____D () C:\ProgramData\YTAHelper
2014-08-21 16:10 - 2014-08-21 16:10 - 00000000 ____D () C:\ProgramData\ShopperPro
2014-08-21 16:09 - 2014-09-03 07:46 - 00000000 ____D () C:\ProgramData\TEMP
2014-08-21 16:09 - 2014-08-23 10:00 - 00000000 ____D () C:\Program Files (x86)\YouTube Accelerator
2014-08-21 16:09 - 2014-08-21 16:10 - 00000000 ____D () C:\Program Files (x86)\YTAHelper
2014-08-21 16:09 - 2014-08-21 16:10 - 00000000 ____D () C:\Program Files (x86)\ShopperPro
2014-08-21 16:09 - 2014-08-21 16:09 - 00172032 _____ (Jin Hui E-mail: jinhui@jcomsoft.com Web: hxxp://www.jcomsoft.com) C:\Windows\SysWOW64\AniGIF.ocx
2014-08-21 16:09 - 2014-08-21 16:09 - 00001109 _____ () C:\Users\Martina\Desktop\YouTube Accelerator.lnk
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Users\Martina\AppData\Local\CrashRpt
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YouTube Accelerator
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files\Common Files\ShopperPro
2014-08-21 16:08 - 2014-09-02 07:15 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\istartsurf
2014-08-21 16:08 - 2014-08-21 16:08 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\High-Logic FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Local\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\High-Logic FontCreator
2014-08-21 09:48 - 2013-01-24 13:43 - 01415352 _____ (High-Logic B.V.) C:\Windows\SysWOW64\FontInstaller2.dll
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieUserList
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieSiteList
2014-08-20 21:09 - 2014-08-20 21:09 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\DesktopIconGoodgame
2014-08-20 20:31 - 2014-08-20 20:31 - 00000366 _____ () C:\Windows\Tasks\Updater scan.job
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Abelssoft
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\ProgramData\XDMessagingv4
2014-08-20 20:30 - 2014-08-20 20:46 - 00000000 ____D () C:\Users\Martina\AppData\Local\Abelssoft
2014-08-20 20:29 - 2014-08-20 20:29 - 00001013 _____ () C:\Users\Public\Desktop\CHIP Updater.lnk
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CHIP Updater
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\Program Files (x86)\CHIP Updater
2014-08-20 20:28 - 2014-08-20 21:09 - 00000000 ____D () C:\Program Files (x86)\FontForge
2014-08-20 20:28 - 2014-08-20 20:28 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FontForge
2014-08-19 15:23 - 2014-08-19 15:23 - 00001100 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-16 10:48 - 2014-08-31 19:56 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\dvdcss
2014-08-14 14:22 - 2014-08-19 15:23 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-14 07:27 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-14 07:27 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-14 07:27 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-14 07:27 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-14 07:27 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-14 07:27 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-14 07:26 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-14 07:26 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-13 20:44 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-13 20:44 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-08-13 20:44 - 2014-07-09 00:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-08-13 20:44 - 2014-07-09 00:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2014-08-13 20:44 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-13 20:44 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-13 20:44 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-13 20:44 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-13 20:44 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-13 20:44 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-13 20:44 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-13 20:43 - 2014-08-01 01:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-13 20:43 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-13 20:43 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-13 20:43 - 2014-07-25 16:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-13 20:43 - 2014-07-25 16:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-13 20:43 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-13 20:43 - 2014-07-25 15:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-13 20:43 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-13 20:43 - 2014-07-25 15:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-13 20:43 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-13 20:43 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-13 20:43 - 2014-07-25 15:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-13 20:43 - 2014-07-25 15:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-13 20:43 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-13 20:43 - 2014-07-25 15:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-13 20:43 - 2014-07-25 15:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-13 20:43 - 2014-07-25 15:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-13 20:43 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-13 20:43 - 2014-07-25 14:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-13 20:43 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-13 20:43 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-13 20:43 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-13 20:43 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-13 20:43 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-13 20:43 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-13 20:43 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-13 20:43 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-13 20:43 - 2014-07-25 14:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-13 20:43 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-13 20:43 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-13 20:43 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-13 20:43 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-13 20:43 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-13 20:43 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-13 20:43 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-13 20:43 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-13 20:43 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-13 20:43 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-13 20:43 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-13 20:43 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-13 20:43 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-13 20:43 - 2014-07-25 13:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-13 20:43 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-13 20:43 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-13 20:43 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-13 20:43 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-13 20:43 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-13 20:43 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-13 20:43 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-13 20:43 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-13 20:43 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-13 20:43 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-13 20:43 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-13 20:43 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-13 20:43 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-13 20:43 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-13 20:43 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-13 20:43 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-13 20:43 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-13 20:42 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-13 20:42 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-13 20:41 - 2014-08-07 04:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-13 20:41 - 2014-08-07 04:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-07 08:58 - 2014-08-07 08:58 - 00000000 ____D () C:\Users\Martina\restore
2014-08-06 12:12 - 2014-08-11 09:18 - 00000000 ____D () C:\ProgramData\tmp
2014-08-06 12:12 - 2014-08-06 14:31 - 00000000 ____D () C:\ProgramData\hps
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Fotoviewer.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Foto World.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hartlauer Foto World
2014-08-06 12:00 - 2014-08-06 12:00 - 00000000 ____D () C:\Program Files\Hartlauer Foto World

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-03 08:17 - 2014-09-02 11:49 - 00000000 ____D () C:\FRST
2014-09-03 07:54 - 2009-07-14 06:45 - 00015104 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-03 07:54 - 2009-07-14 06:45 - 00015104 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-03 07:53 - 2013-06-14 23:43 - 01758725 _____ () C:\Windows\WindowsUpdate.log
2014-09-03 07:47 - 2014-08-25 23:05 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d5b784a456c2a23342a325557.job
2014-09-03 07:47 - 2013-06-16 16:47 - 00000000 ____D () C:\Users\Martina\AppData\Local\Adobe
2014-09-03 07:46 - 2014-08-21 16:09 - 00000000 ____D () C:\ProgramData\TEMP
2014-09-03 07:46 - 2013-09-18 15:26 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-09-03 07:44 - 2009-07-14 06:51 - 00075101 _____ () C:\Windows\setupact.log
2014-09-02 21:44 - 2013-10-27 07:21 - 00000000 ____D () C:\Users\Martina\AppData\Local\CrashDumps
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedMaxPc
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\ProgramData\SpeedMaxPc
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\Program Files (x86)\SpeedMaxPc
2014-09-02 14:02 - 2013-08-09 13:39 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Skype
2014-09-02 10:40 - 2014-09-02 09:52 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Nico Mak Computing
2014-09-02 08:45 - 2014-09-02 07:07 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-09-02 07:15 - 2014-08-21 16:08 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\istartsurf
2014-09-02 07:09 - 2014-09-02 07:09 - 00000000 _____ () C:\autoexec.bat
2014-09-02 07:08 - 2014-09-02 07:08 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-09-01 22:35 - 2013-06-15 03:18 - 00323572 _____ () C:\Windows\PFRO.log
2014-09-01 22:21 - 2014-08-21 16:12 - 00000000 ____D () C:\Program Files (x86)\FLVPlayer
2014-09-01 22:20 - 2014-08-21 16:15 - 00000000 ____D () C:\Program Files (x86)\TheGoPhoto.it V10
2014-09-01 22:20 - 2014-08-21 16:13 - 00000000 ____D () C:\Program Files (x86)\TheHDvid-Codec V10
2014-09-01 21:49 - 2014-08-30 16:16 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-09-01 14:33 - 2014-09-01 14:33 - 00003073 _____ () C:\AdwCleaner[R17].txt
2014-09-01 11:43 - 2013-11-29 17:31 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-09-01 11:18 - 2009-07-14 19:58 - 00699666 _____ () C:\Windows\system32\perfh007.dat
2014-09-01 11:18 - 2009-07-14 19:58 - 00149774 _____ () C:\Windows\system32\perfc007.dat
2014-09-01 11:18 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-31 20:35 - 2013-06-15 00:30 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\vlc
2014-08-31 19:56 - 2014-08-16 10:48 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\dvdcss
2014-08-31 18:21 - 2014-08-31 18:21 - 00003050 _____ () C:\AdwCleaner[S14].txt
2014-08-31 18:21 - 2014-08-31 18:21 - 00002951 _____ () C:\AdwCleaner[R16].txt
2014-08-30 20:38 - 2014-08-30 20:38 - 00110730 _____ () C:\AdwCleaner[S13].txt
2014-08-30 20:37 - 2014-08-30 20:37 - 00110629 _____ () C:\AdwCleaner[R15].txt
2014-08-30 19:11 - 2014-08-30 16:25 - 00000000 ____D () C:\Users\Martina\.birdfont
2014-08-30 16:25 - 2013-06-14 23:48 - 00000000 ____D () C:\Users\Martina
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Birdfont
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Program Files (x86)\Birdfont
2014-08-30 16:18 - 2014-08-30 16:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InetStat
2014-08-30 16:17 - 2014-08-30 16:16 - 00000000 _____ () C:\END
2014-08-30 16:16 - 2014-08-30 16:16 - 00000000 ____D () C:\Users\Martina\AppData\Local\SearchProtect
2014-08-29 20:07 - 2009-07-14 06:45 - 05101376 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-27 20:00 - 2014-08-27 20:00 - 00003072 _____ () C:\AdwCleaner[S12].txt
2014-08-27 20:00 - 2014-08-27 20:00 - 00003003 _____ () C:\AdwCleaner[R14].txt
2014-08-23 21:29 - 2014-08-23 12:40 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d2d37505a2a6c55326c342341.job
2014-08-23 10:00 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files (x86)\YouTube Accelerator
2014-08-23 04:07 - 2014-08-28 21:00 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 03:45 - 2014-08-28 21:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-23 02:59 - 2014-08-28 21:00 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-22 18:23 - 2014-08-22 18:23 - 00000000 ____D () C:\ProgramData\374311380
2014-08-21 16:15 - 2014-08-21 16:15 - 00004492 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-11.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001818 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-1.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001700 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5_user.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001680 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001410 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-2.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00000896 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore1cfbd4a5e77343e.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001826 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-1.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001704 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5_user.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001684 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001414 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-2.job
2014-08-21 16:14 - 2014-08-21 16:13 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-08-21 16:13 - 2014-08-21 16:13 - 00004494 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-11.job
2014-08-21 16:13 - 2014-08-21 16:13 - 00000000 ____D () C:\Users\Martina\AppData\Local\globalUpdate
2014-08-21 16:12 - 2014-08-21 16:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FLVPlayer
2014-08-21 16:10 - 2014-08-21 16:10 - 00000260 _____ () C:\Windows\Tasks\Launch 21752.job
2014-08-21 16:10 - 2014-08-21 16:10 - 00000000 ____D () C:\ProgramData\YTAHelper
2014-08-21 16:10 - 2014-08-21 16:10 - 00000000 ____D () C:\ProgramData\ShopperPro
2014-08-21 16:10 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files (x86)\YTAHelper
2014-08-21 16:10 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files (x86)\ShopperPro
2014-08-21 16:09 - 2014-08-21 16:09 - 00172032 _____ (Jin Hui E-mail: jinhui@jcomsoft.com Web: hxxp://www.jcomsoft.com) C:\Windows\SysWOW64\AniGIF.ocx
2014-08-21 16:09 - 2014-08-21 16:09 - 00001109 _____ () C:\Users\Martina\Desktop\YouTube Accelerator.lnk
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Users\Martina\AppData\Local\CrashRpt
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YouTube Accelerator
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files\Common Files\ShopperPro
2014-08-21 16:08 - 2014-08-21 16:08 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-08-21 16:08 - 2013-06-16 16:53 - 00002354 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-21 16:08 - 2013-06-15 00:32 - 00001358 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-08-21 16:08 - 2013-06-14 23:49 - 00001649 _____ () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\High-Logic FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Local\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\High-Logic FontCreator
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieUserList
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieSiteList
2014-08-20 21:09 - 2014-08-20 21:09 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\DesktopIconGoodgame
2014-08-20 21:09 - 2014-08-20 20:28 - 00000000 ____D () C:\Program Files (x86)\FontForge
2014-08-20 20:46 - 2014-08-20 20:30 - 00000000 ____D () C:\Users\Martina\AppData\Local\Abelssoft
2014-08-20 20:31 - 2014-08-20 20:31 - 00000366 _____ () C:\Windows\Tasks\Updater scan.job
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Abelssoft
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\ProgramData\XDMessagingv4
2014-08-20 20:30 - 2013-06-15 00:32 - 00113576 _____ () C:\Users\Martina\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-20 20:29 - 2014-08-20 20:29 - 00001013 _____ () C:\Users\Public\Desktop\CHIP Updater.lnk
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CHIP Updater
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\Program Files (x86)\CHIP Updater
2014-08-20 20:28 - 2014-08-20 20:28 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FontForge
2014-08-19 15:23 - 2014-08-19 15:23 - 00001100 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-19 15:23 - 2014-08-14 14:22 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-19 15:23 - 2013-08-18 13:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-08-19 15:22 - 2013-08-18 13:04 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-08-14 14:22 - 2013-08-18 13:04 - 00000000 ____D () C:\ProgramData\Avira
2014-08-14 08:08 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-14 07:52 - 2013-06-16 18:01 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-14 07:42 - 2013-08-14 20:07 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-14 07:36 - 2013-06-15 01:38 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-14 07:25 - 2014-05-07 03:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-11 09:18 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\tmp
2014-08-07 08:58 - 2014-08-07 08:58 - 00000000 ____D () C:\Users\Martina\restore
2014-08-07 04:06 - 2014-08-13 20:41 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-07 04:01 - 2014-08-13 20:41 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-06 14:31 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\hps
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Fotoviewer.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Foto World.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hartlauer Foto World
2014-08-06 12:00 - 2014-08-06 12:00 - 00000000 ____D () C:\Program Files\Hartlauer Foto World

Some content of TEMP:
====================
C:\Users\Martina\AppData\Local\Temp\avgnt.exe

Tinti 03.09.2014 08:06
Teil 3

Code:
C:\Users\Martina\AppData\Local\Temp\SHSetup.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2013-08-29 06:40

==================== End Of Log ============================
FRST Logfile:

       
Code:

       
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-09-2014
Ran by Martina (administrator) on NB01KRZBMA on 03-09-2014 08:17:04
Running from D:\Martina\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Fuyu LIMITED) C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(ShopperPro) C:\Program Files\Common Files\ShopperPro\spbiu.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(GOOBZO) C:\Program Files (x86)\YouTube Accelerator\YouTubeAcceleratorService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
() C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.486\jsdrv.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(globalUpdate) C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Farbar) D:\Martina\Desktop\FRST64 (1).exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [790176 2011-03-31] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [657056 2011-03-31] (Atheros Commnucations)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-09-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-14] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2237328 2013-11-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1273448 2012-04-03] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [449168 2012-03-26] (CANON INC.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [161584 2014-08-04] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SPDriver] => C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.486\jsdrv.exe [3211776 2014-08-07] ()
HKU\.DEFAULT\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-06-15] (Microsoft Corporation)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21446272 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [LiveSupport] => "C:\Program Files (x86)\LiveSupport\LiveSupport.exe" /noshow /log
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [GoobzoYouTubeAccelerator] => C:\Program Files (x86)\YouTube Accelerator\YouTubeAccelerator.exe [2227048 2014-08-21] (GOOBZO)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [SPDriver] => C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.486\jsdrv.exe [3211776 2014-08-07] ()
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-06-16] (Google Inc.)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\RunOnce: [Uninstall C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64"
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\RunOnce: [Uninstall C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64"
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: F - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {9f0476a4-d6a2-11e2-b1ce-90004eb858ed} - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {9f0476aa-d6a2-11e2-b1ce-90004eb858ed} - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {9f0476d6-d6a2-11e2-b1ce-90004eb858ed} - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {c3dde93d-99b1-11e3-9283-90004eb858ee} - F:\Startme.exe
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll [232408 2014-08-31] (Client Connect LTD)
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll [187352 2014-08-31] (Client Connect LTD)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\simplicheck.lnk
ShortcutTarget: simplicheck.lnk -> C:\Program Files (x86)\simplitec\simplicheck\simplicheck.exe (simplitec)
ShellIconOverlayIdentifiers:  AccExtIco1 -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers:  AccExtIco2 -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers:  AccExtIco3 -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.trovi.com/?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MBE1B69C2-1A5C-4CA3-9376-6B92DBDE9BCF&SearchSource=55&CUI=&UM=6&UP=SPAA41E917-BF56-450F-9DCA-0EBCA6938BAD&SSPV=
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x46388F1AA669CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://at.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-AT
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hp&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
URLSearchHook: HKCU - SearchHook Class - {D8278076-BC68-4484-9233-6E7F1628B56C} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\searchhook.dll (APN LLC.)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.istartsurf.com/?type=sc&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MBE1B69C2-1A5C-4CA3-9376-6B92DBDE9BCF&SearchSource=58&CUI=&UM=6&UP=SPAA41E917-BF56-450F-9DCA-0EBCA6938BAD&q={searchTerms}&SSPV=
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MBE1B69C2-1A5C-4CA3-9376-6B92DBDE9BCF&SearchSource=58&CUI=&UM=6&UP=SPAA41E917-BF56-450F-9DCA-0EBCA6938BAD&q={searchTerms}&SSPV=
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Avira SearchFree Toolbar -> {41564952-412D-5637-00A7-7A786E7484D7} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Shopper Pro -> {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} -> C:\ProgramData\ShopperPro\ShopperPro64.dll (Goobzo Ltd.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: DVDVideoSoft WebPageAdjuster Class -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO: YTAHelper -> {FCE3FA8B-BA81-467C-81D8-E43C00D1BC71} -> C:\ProgramData\YTAHelper\YTAHelper64.dll (Goobzo Ltd.)
BHO-x32: Avira SearchFree Toolbar -> {41564952-412D-5637-00A7-7A786E7484D7} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: No Name -> {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} ->  No File
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: FindRight -> {cf710881-c002-4ea4-860a-b6931b040948} -> C:\Program Files (x86)\FindRight\FindRightbho.dll (FindRight)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DVDVideoSoft WebPageAdjuster Class -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
BHO-x32: YTAHelper -> {FCE3FA8B-BA81-467C-81D8-E43C00D1BC71} -> C:\ProgramData\YTAHelper\YTAHelper.dll (Goobzo Ltd.)
Toolbar: HKLM - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
Toolbar: HKLM-x32 - mysearchdial Toolbar - {3004627E-F8E9-4E8B-909D-316753CBA923} - C:\Program Files (x86)\Mysearchdial\1.8.21.0\mysearchdialTlbr.dll No File
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default
FF NewTab: hxxp://www.istartsurf.com/newtab/?type=nt&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX
FF DefaultSearchEngine: istartsurf
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: istartsurf
FF Homepage: hxxp://www.istartsurf.com/?type=hp&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF SearchPlugin: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\bingp.xml
FF SearchPlugin: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\BrowserDefender.xml
FF SearchPlugin: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\delta.xml
FF SearchPlugin: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\Mysearchdial.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\istartsurf.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
FF Extension: TheHDvid-Codec V10 - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\43f13f31-cec7-4ac7-ad4a-18dfdaeae120@gmail.com [2014-08-21]
FF Extension: TheGoPhoto.it V10 - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\EWBNO58637124@CLP39222015.com [2014-08-21]
FF Extension: Fast Start - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\faststartff@gmail.com [2014-08-21]
FF Extension: Avira SearchFree Toolbar plus Web Protection - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\toolbar_AVIRA-V7@apn.ask.com [2013-08-18]
FF Extension: Youtube Accelerator Helper - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\{4C59F3E5-BBD0-4344-8DD2-30866FA0B31E} [2014-08-21]
FF Extension: Shopper-Pro - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\{746505DC-0E21-4667-97F8-72EA6BCF5EEF} [2014-08-21]
FF Extension: FindRight - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\firefox@myfindright.com.xpi [2014-02-18]
FF Extension: Avira SearchFree Toolbar plus Web Protection - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\toolbar_AVIRA-V7@apn.ask.com.xpi [2014-02-21]
FF HKLM-x32\...\Firefox\Extensions: [fiddlerhook@fiddler2.com] - C:\Program Files (x86)\Fiddler2\FiddlerHook
FF Extension: FiddlerHook - C:\Program Files (x86)\Fiddler2\FiddlerHook [2013-06-16]
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2013-07-13]
FF HKLM-x32\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\extensions\faststartff@gmail.com
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe hxxp://www.istartsurf.com/?type=sc&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX

Chrome:
=======
CHR StartupUrls: Default -> "https://www.google.at/?gws_rd=ssl#q=was+ist+it+surf%3F"
CHR DefaultSuggestURL: Default ->
CHR Profile: C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-31]
CHR Extension: (Google Drive) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-31]
CHR Extension: (YouTube) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-31]
CHR Extension: (Google-Suche) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-31]
CHR Extension: (DVDVideoSoft) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp [2013-07-14]
CHR Extension: (Google Wallet) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-27]
CHR Extension: (Google Mail) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-31]
CHR Extension: (Extutil) - C:\Users\Martina\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B [2014-08-31]
CHR Extension: (Managera) - C:\Users\Martina\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42 [2014-08-31]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2013-07-13]
CHR HKLM-x32\...\Chrome\Extension: [aaaaacalgebmfelllfiaoknifldpngjh] - C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7\CRX\ToolbarCR.crx [2014-02-21]
CHR StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe hxxp://www.istartsurf.com/?type=sc&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1021008 2014-08-14] (Avira Operations GmbH & Co. KG)
S4 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2014-02-13] () [File not signed]
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [146592 2011-03-31] (Atheros) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [75936 2011-03-31] (Atheros Commnucations) [File not signed]
S2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [149296 2014-08-04] (Avira Operations GmbH & Co. KG)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2356408 2014-06-19] (Microsoft Corporation)
R2 CltMngSvc; C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe [2998232 2014-08-31] (Client Connect LTD)
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-08-21] (globalUpdate) [File not signed]
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-08-21] (globalUpdate) [File not signed]
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] ()
R2 SPBIUpd; C:\Program Files\Common Files\ShopperPro\spbiu.exe [2346880 2014-08-07] (ShopperPro)
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [528896 2014-08-21] (Fuyu LIMITED) [File not signed]
R2 YouTubeAcceleratorService; C:\Program Files (x86)\YouTube Accelerator\YouTubeAcceleratorService.exe [1510248 2014-08-21] (GOOBZO)
S2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe -service [X]
S2 Wajam Internet Enhancer Service; C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\WajamInternetEnhancerService.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-07-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-10] (Avira Operations GmbH & Co. KG)
R3 SPBIUpdd; C:\Program Files\Common Files\ShopperPro\spbiw.sys [41856 2014-08-07] ()
R2 SPDRIVER_1.37.0.486; C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.486\jsdrv.sys [52584 2014-08-07] ()
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
R3 SPPD; \??\C:\Windows\system32\drivers\SPPD.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedMaxPc
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\ProgramData\SpeedMaxPc
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\Program Files (x86)\SpeedMaxPc
2014-09-02 11:49 - 2014-09-03 08:17 - 00000000 ____D () C:\FRST
2014-09-02 09:52 - 2014-09-02 10:40 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Nico Mak Computing
2014-09-02 07:09 - 2014-09-02 07:09 - 00000000 _____ () C:\autoexec.bat
2014-09-02 07:08 - 2014-09-02 07:08 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-09-02 07:07 - 2014-09-02 08:45 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-09-01 14:33 - 2014-09-01 14:33 - 00003073 _____ () C:\AdwCleaner[R17].txt
2014-08-31 18:21 - 2014-08-31 18:21 - 00003050 _____ () C:\AdwCleaner[S14].txt
2014-08-31 18:21 - 2014-08-31 18:21 - 00002951 _____ () C:\AdwCleaner[R16].txt
2014-08-30 20:38 - 2014-08-30 20:38 - 00110730 _____ () C:\AdwCleaner[S13].txt
2014-08-30 20:37 - 2014-08-30 20:37 - 00110629 _____ () C:\AdwCleaner[R15].txt
2014-08-30 16:25 - 2014-08-30 19:11 - 00000000 ____D () C:\Users\Martina\.birdfont
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Birdfont
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Program Files (x86)\Birdfont
2014-08-30 16:18 - 2014-08-30 16:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InetStat
2014-08-30 16:16 - 2014-09-01 21:49 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-08-30 16:16 - 2014-08-30 16:17 - 00000000 _____ () C:\END
2014-08-30 16:16 - 2014-08-30 16:16 - 00000000 ____D () C:\Users\Martina\AppData\Local\SearchProtect
2014-08-28 21:00 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-28 21:00 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-28 21:00 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-27 20:00 - 2014-08-27 20:00 - 00003072 _____ () C:\AdwCleaner[S12].txt
2014-08-27 20:00 - 2014-08-27 20:00 - 00003003 _____ () C:\AdwCleaner[R14].txt
2014-08-25 23:05 - 2014-09-03 07:47 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d5b784a456c2a23342a325557.job
2014-08-23 12:40 - 2014-08-23 21:29 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d2d37505a2a6c55326c342341.job
2014-08-22 18:23 - 2014-08-22 18:23 - 00000000 ____D () C:\ProgramData\374311380
2014-08-21 16:15 - 2014-09-01 22:20 - 00000000 ____D () C:\Program Files (x86)\TheGoPhoto.it V10
2014-08-21 16:15 - 2014-08-21 16:15 - 00004492 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-11.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001818 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-1.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001700 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5_user.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001680 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001410 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-2.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00000896 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore1cfbd4a5e77343e.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001826 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-1.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001704 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5_user.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001684 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001414 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-2.job
2014-08-21 16:13 - 2014-09-01 22:20 - 00000000 ____D () C:\Program Files (x86)\TheHDvid-Codec V10
2014-08-21 16:13 - 2014-08-21 16:14 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-08-21 16:13 - 2014-08-21 16:13 - 00004494 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-11.job
2014-08-21 16:13 - 2014-08-21 16:13 - 00000000 ____D () C:\Users\Martina\AppData\Local\globalUpdate
2014-08-21 16:12 - 2014-09-01 22:21 - 00000000 ____D () C:\Program Files (x86)\FLVPlayer
2014-08-21 16:12 - 2014-08-21 16:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FLVPlayer
2014-08-21 16:10 - 2014-08-21 16:10 - 00000260 _____ () C:\Windows\Tasks\Launch 21752.job
2014-08-21 16:10 - 2014-08-21 16:10 - 00000000 ____D () C:\ProgramData\YTAHelper
2014-08-21 16:10 - 2014-08-21 16:10 - 00000000 ____D () C:\ProgramData\ShopperPro
2014-08-21 16:09 - 2014-09-03 07:46 - 00000000 ____D () C:\ProgramData\TEMP
2014-08-21 16:09 - 2014-08-23 10:00 - 00000000 ____D () C:\Program Files (x86)\YouTube Accelerator
2014-08-21 16:09 - 2014-08-21 16:10 - 00000000 ____D () C:\Program Files (x86)\YTAHelper
2014-08-21 16:09 - 2014-08-21 16:10 - 00000000 ____D () C:\Program Files (x86)\ShopperPro
2014-08-21 16:09 - 2014-08-21 16:09 - 00172032 _____ (Jin Hui E-mail: jinhui@jcomsoft.com Web: hxxp://www.jcomsoft.com) C:\Windows\SysWOW64\AniGIF.ocx
2014-08-21 16:09 - 2014-08-21 16:09 - 00001109 _____ () C:\Users\Martina\Desktop\YouTube Accelerator.lnk
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Users\Martina\AppData\Local\CrashRpt
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YouTube Accelerator
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files\Common Files\ShopperPro
2014-08-21 16:08 - 2014-09-02 07:15 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\istartsurf
2014-08-21 16:08 - 2014-08-21 16:08 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\High-Logic FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Local\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\High-Logic FontCreator
2014-08-21 09:48 - 2013-01-24 13:43 - 01415352 _____ (High-Logic B.V.) C:\Windows\SysWOW64\FontInstaller2.dll
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieUserList
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieSiteList
2014-08-20 21:09 - 2014-08-20 21:09 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\DesktopIconGoodgame
2014-08-20 20:31 - 2014-08-20 20:31 - 00000366 _____ () C:\Windows\Tasks\Updater scan.job
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Abelssoft
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\ProgramData\XDMessagingv4
2014-08-20 20:30 - 2014-08-20 20:46 - 00000000 ____D () C:\Users\Martina\AppData\Local\Abelssoft
2014-08-20 20:29 - 2014-08-20 20:29 - 00001013 _____ () C:\Users\Public\Desktop\CHIP Updater.lnk
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CHIP Updater
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\Program Files (x86)\CHIP Updater
2014-08-20 20:28 - 2014-08-20 21:09 - 00000000 ____D () C:\Program Files (x86)\FontForge
2014-08-20 20:28 - 2014-08-20 20:28 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FontForge
2014-08-19 15:23 - 2014-08-19 15:23 - 00001100 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-16 10:48 - 2014-08-31 19:56 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\dvdcss
2014-08-14 14:22 - 2014-08-19 15:23 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-14 07:27 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-14 07:27 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-14 07:27 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-14 07:27 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-14 07:27 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-14 07:27 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-14 07:26 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-14 07:26 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-13 20:44 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-13 20:44 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-08-13 20:44 - 2014-07-09 00:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-08-13 20:44 - 2014-07-09 00:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2014-08-13 20:44 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-13 20:44 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-13 20:44 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-13 20:44 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-13 20:44 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-13 20:44 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-13 20:44 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-13 20:43 - 2014-08-01 01:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-13 20:43 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-13 20:43 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-13 20:43 - 2014-07-25 16:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-13 20:43 - 2014-07-25 16:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-13 20:43 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-13 20:43 - 2014-07-25 15:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-13 20:43 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-13 20:43 - 2014-07-25 15:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-13 20:43 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-13 20:43 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-13 20:43 - 2014-07-25 15:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-13 20:43 - 2014-07-25 15:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-13 20:43 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-13 20:43 - 2014-07-25 15:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-13 20:43 - 2014-07-25 15:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-13 20:43 - 2014-07-25 15:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-13 20:43 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-13 20:43 - 2014-07-25 14:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-13 20:43 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-13 20:43 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-13 20:43 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-13 20:43 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-13 20:43 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-13 20:43 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-13 20:43 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-13 20:43 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-13 20:43 - 2014-07-25 14:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-13 20:43 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-13 20:43 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-13 20:43 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-13 20:43 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-13 20:43 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-13 20:43 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-13 20:43 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-13 20:43 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-13 20:43 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-13 20:43 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-13 20:43 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-13 20:43 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-13 20:43 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-13 20:43 - 2014-07-25 13:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-13 20:43 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-13 20:43 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-13 20:43 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-13 20:43 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-13 20:43 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-13 20:43 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-13 20:43 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-13 20:43 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-13 20:43 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-13 20:43 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-13 20:43 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-13 20:43 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-13 20:43 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-13 20:43 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-13 20:43 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-13 20:43 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-13 20:43 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-13 20:42 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-13 20:42 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-13 20:41 - 2014-08-07 04:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-13 20:41 - 2014-08-07 04:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-07 08:58 - 2014-08-07 08:58 - 00000000 ____D () C:\Users\Martina\restore
2014-08-06 12:12 - 2014-08-11 09:18 - 00000000 ____D () C:\ProgramData\tmp
2014-08-06 12:12 - 2014-08-06 14:31 - 00000000 ____D () C:\ProgramData\hps
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Fotoviewer.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Foto World.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hartlauer Foto World
2014-08-06 12:00 - 2014-08-06 12:00 - 00000000 ____D () C:\Program Files\Hartlauer Foto World

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-03 08:17 - 2014-09-02 11:49 - 00000000 ____D () C:\FRST
2014-09-03 07:54 - 2009-07-14 06:45 - 00015104 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-03 07:54 - 2009-07-14 06:45 - 00015104 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-03 07:53 - 2013-06-14 23:43 - 01758725 _____ () C:\Windows\WindowsUpdate.log
2014-09-03 07:47 - 2014-08-25 23:05 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d5b784a456c2a23342a325557.job
2014-09-03 07:47 - 2013-06-16 16:47 - 00000000 ____D () C:\Users\Martina\AppData\Local\Adobe
2014-09-03 07:46 - 2014-08-21 16:09 - 00000000 ____D () C:\ProgramData\TEMP
2014-09-03 07:46 - 2013-09-18 15:26 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-09-03 07:44 - 2009-07-14 06:51 - 00075101 _____ () C:\Windows\setupact.log
2014-09-02 21:44 - 2013-10-27 07:21 - 00000000 ____D () C:\Users\Martina\AppData\Local\CrashDumps
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedMaxPc
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\ProgramData\SpeedMaxPc
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\Program Files (x86)\SpeedMaxPc
2014-09-02 14:02 - 2013-08-09 13:39 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Skype
2014-09-02 10:40 - 2014-09-02 09:52 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Nico Mak Computing
2014-09-02 08:45 - 2014-09-02 07:07 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-09-02 07:15 - 2014-08-21 16:08 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\istartsurf
2014-09-02 07:09 - 2014-09-02 07:09 - 00000000 _____ () C:\autoexec.bat
2014-09-02 07:08 - 2014-09-02 07:08 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-09-01 22:35 - 2013-06-15 03:18 - 00323572 _____ () C:\Windows\PFRO.log
2014-09-01 22:21 - 2014-08-21 16:12 - 00000000 ____D () C:\Program Files (x86)\FLVPlayer
2014-09-01 22:20 - 2014-08-21 16:15 - 00000000 ____D () C:\Program Files (x86)\TheGoPhoto.it V10
2014-09-01 22:20 - 2014-08-21 16:13 - 00000000 ____D () C:\Program Files (x86)\TheHDvid-Codec V10
2014-09-01 21:49 - 2014-08-30 16:16 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-09-01 14:33 - 2014-09-01 14:33 - 00003073 _____ () C:\AdwCleaner[R17].txt
2014-09-01 11:43 - 2013-11-29 17:31 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-09-01 11:18 - 2009-07-14 19:58 - 00699666 _____ () C:\Windows\system32\perfh007.dat
2014-09-01 11:18 - 2009-07-14 19:58 - 00149774 _____ () C:\Windows\system32\perfc007.dat
2014-09-01 11:18 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-31 20:35 - 2013-06-15 00:30 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\vlc
2014-08-31 19:56 - 2014-08-16 10:48 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\dvdcss
2014-08-31 18:21 - 2014-08-31 18:21 - 00003050 _____ () C:\AdwCleaner[S14].txt
2014-08-31 18:21 - 2014-08-31 18:21 - 00002951 _____ () C:\AdwCleaner[R16].txt
2014-08-30 20:38 - 2014-08-30 20:38 - 00110730 _____ () C:\AdwCleaner[S13].txt
2014-08-30 20:37 - 2014-08-30 20:37 - 00110629 _____ () C:\AdwCleaner[R15].txt
2014-08-30 19:11 - 2014-08-30 16:25 - 00000000 ____D () C:\Users\Martina\.birdfont
2014-08-30 16:25 - 2013-06-14 23:48 - 00000000 ____D () C:\Users\Martina
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Birdfont
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Program Files (x86)\Birdfont
2014-08-30 16:18 - 2014-08-30 16:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InetStat
2014-08-30 16:17 - 2014-08-30 16:16 - 00000000 _____ () C:\END
2014-08-30 16:16 - 2014-08-30 16:16 - 00000000 ____D () C:\Users\Martina\AppData\Local\SearchProtect
2014-08-29 20:07 - 2009-07-14 06:45 - 05101376 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-27 20:00 - 2014-08-27 20:00 - 00003072 _____ () C:\AdwCleaner[S12].txt
2014-08-27 20:00 - 2014-08-27 20:00 - 00003003 _____ () C:\AdwCleaner[R14].txt
2014-08-23 21:29 - 2014-08-23 12:40 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d2d37505a2a6c55326c342341.job
2014-08-23 10:00 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files (x86)\YouTube Accelerator
2014-08-23 04:07 - 2014-08-28 21:00 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 03:45 - 2014-08-28 21:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-23 02:59 - 2014-08-28 21:00 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-22 18:23 - 2014-08-22 18:23 - 00000000 ____D () C:\ProgramData\374311380
2014-08-21 16:15 - 2014-08-21 16:15 - 00004492 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-11.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001818 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-1.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001700 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5_user.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001680 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001410 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-2.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00000896 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore1cfbd4a5e77343e.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001826 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-1.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001704 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5_user.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001684 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001414 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-2.job
2014-08-21 16:14 - 2014-08-21 16:13 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-08-21 16:13 - 2014-08-21 16:13 - 00004494 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-11.job
2014-08-21 16:13 - 2014-08-21 16:13 - 00000000 ____D () C:\Users\Martina\AppData\Local\globalUpdate
2014-08-21 16:12 - 2014-08-21 16:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FLVPlayer
2014-08-21 16:10 - 2014-08-21 16:10 - 00000260 _____ () C:\Windows\Tasks\Launch 21752.job
2014-08-21 16:10 - 2014-08-21 16:10 - 00000000 ____D () C:\ProgramData\YTAHelper
2014-08-21 16:10 - 2014-08-21 16:10 - 00000000 ____D () C:\ProgramData\ShopperPro
2014-08-21 16:10 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files (x86)\YTAHelper
2014-08-21 16:10 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files (x86)\ShopperPro
2014-08-21 16:09 - 2014-08-21 16:09 - 00172032 _____ (Jin Hui E-mail: jinhui@jcomsoft.com Web: hxxp://www.jcomsoft.com) C:\Windows\SysWOW64\AniGIF.ocx
2014-08-21 16:09 - 2014-08-21 16:09 - 00001109 _____ () C:\Users\Martina\Desktop\YouTube Accelerator.lnk
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Users\Martina\AppData\Local\CrashRpt
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YouTube Accelerator
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files\Common Files\ShopperPro
2014-08-21 16:08 - 2014-08-21 16:08 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-08-21 16:08 - 2013-06-16 16:53 - 00002354 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-21 16:08 - 2013-06-15 00:32 - 00001358 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-08-21 16:08 - 2013-06-14 23:49 - 00001649 _____ () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\High-Logic FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Local\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\High-Logic FontCreator
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieUserList
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieSiteList
2014-08-20 21:09 - 2014-08-20 21:09 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\DesktopIconGoodgame
2014-08-20 21:09 - 2014-08-20 20:28 - 00000000 ____D () C:\Program Files (x86)\FontForge
2014-08-20 20:46 - 2014-08-20 20:30 - 00000000 ____D () C:\Users\Martina\AppData\Local\Abelssoft
2014-08-20 20:31 - 2014-08-20 20:31 - 00000366 _____ () C:\Windows\Tasks\Updater scan.job
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Abelssoft
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\ProgramData\XDMessagingv4
2014-08-20 20:30 - 2013-06-15 00:32 - 00113576 _____ () C:\Users\Martina\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-20 20:29 - 2014-08-20 20:29 - 00001013 _____ () C:\Users\Public\Desktop\CHIP Updater.lnk
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CHIP Updater
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\Program Files (x86)\CHIP Updater
2014-08-20 20:28 - 2014-08-20 20:28 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FontForge
2014-08-19 15:23 - 2014-08-19 15:23 - 00001100 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-19 15:23 - 2014-08-14 14:22 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-19 15:23 - 2013-08-18 13:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-08-19 15:22 - 2013-08-18 13:04 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-08-14 14:22 - 2013-08-18 13:04 - 00000000 ____D () C:\ProgramData\Avira
2014-08-14 08:08 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-14 07:52 - 2013-06-16 18:01 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-14 07:42 - 2013-08-14 20:07 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-14 07:36 - 2013-06-15 01:38 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-14 07:25 - 2014-05-07 03:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-11 09:18 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\tmp
2014-08-07 08:58 - 2014-08-07 08:58 - 00000000 ____D () C:\Users\Martina\restore
2014-08-07 04:06 - 2014-08-13 20:41 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-07 04:01 - 2014-08-13 20:41 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-06 14:31 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\hps
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Fotoviewer.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Foto World.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hartlauer Foto World
2014-08-06 12:00 - 2014-08-06 12:00 - 00000000 ____D () C:\Program Files\Hartlauer Foto World

Some content of TEMP:
====================
C:\Users\Martina\AppData\Local\Temp\avgnt.exe
C:\Users\Martina\AppData\Local\Temp\SHSetup.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2013-08-29 06:40

==================== End Of Log ============================

--- --- ---
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-09-2014
Ran by Martina (administrator) on NB01KRZBMA on 03-09-2014 08:17:04
Running from D:\Martina\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Fuyu LIMITED) C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(ShopperPro) C:\Program Files\Common Files\ShopperPro\spbiu.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(GOOBZO) C:\Program Files (x86)\YouTube Accelerator\YouTubeAcceleratorService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
() C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.486\jsdrv.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(globalUpdate) C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Farbar) D:\Martina\Desktop\FRST64 (1).exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [790176 2011-03-31] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [657056 2011-03-31] (Atheros Commnucations)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-09-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-14] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2237328 2013-11-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1273448 2012-04-03] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [449168 2012-03-26] (CANON INC.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [161584 2014-08-04] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SPDriver] => C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.486\jsdrv.exe [3211776 2014-08-07] ()
HKU\.DEFAULT\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-06-15] (Microsoft Corporation)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21446272 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [LiveSupport] => "C:\Program Files (x86)\LiveSupport\LiveSupport.exe" /noshow /log
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [GoobzoYouTubeAccelerator] => C:\Program Files (x86)\YouTube Accelerator\YouTubeAccelerator.exe [2227048 2014-08-21] (GOOBZO)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [SPDriver] => C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.486\jsdrv.exe [3211776 2014-08-07] ()
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-06-16] (Google Inc.)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\RunOnce: [Uninstall C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64"
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\RunOnce: [Uninstall C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64"
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: F - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {9f0476a4-d6a2-11e2-b1ce-90004eb858ed} - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {9f0476aa-d6a2-11e2-b1ce-90004eb858ed} - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {9f0476d6-d6a2-11e2-b1ce-90004eb858ed} - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {c3dde93d-99b1-11e3-9283-90004eb858ee} - F:\Startme.exe
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll [232408 2014-08-31] (Client Connect LTD)
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll [187352 2014-08-31] (Client Connect LTD)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\simplicheck.lnk
ShortcutTarget: simplicheck.lnk -> C:\Program Files (x86)\simplitec\simplicheck\simplicheck.exe (simplitec)
ShellIconOverlayIdentifiers:  AccExtIco1 -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers:  AccExtIco2 -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers:  AccExtIco3 -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.trovi.com/?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MBE1B69C2-1A5C-4CA3-9376-6B92DBDE9BCF&SearchSource=55&CUI=&UM=6&UP=SPAA41E917-BF56-450F-9DCA-0EBCA6938BAD&SSPV=
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x46388F1AA669CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://at.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-AT
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hp&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
URLSearchHook: HKCU - SearchHook Class - {D8278076-BC68-4484-9233-6E7F1628B56C} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\searchhook.dll (APN LLC.)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.istartsurf.com/?type=sc&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MBE1B69C2-1A5C-4CA3-9376-6B92DBDE9BCF&SearchSource=58&CUI=&UM=6&UP=SPAA41E917-BF56-450F-9DCA-0EBCA6938BAD&q={searchTerms}&SSPV=
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MBE1B69C2-1A5C-4CA3-9376-6B92DBDE9BCF&SearchSource=58&CUI=&UM=6&UP=SPAA41E917-BF56-450F-9DCA-0EBCA6938BAD&q={searchTerms}&SSPV=
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Avira SearchFree Toolbar -> {41564952-412D-5637-00A7-7A786E7484D7} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Shopper Pro -> {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} -> C:\ProgramData\ShopperPro\ShopperPro64.dll (Goobzo Ltd.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: DVDVideoSoft WebPageAdjuster Class -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO: YTAHelper -> {FCE3FA8B-BA81-467C-81D8-E43C00D1BC71} -> C:\ProgramData\YTAHelper\YTAHelper64.dll (Goobzo Ltd.)
BHO-x32: Avira SearchFree Toolbar -> {41564952-412D-5637-00A7-7A786E7484D7} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: No Name -> {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} ->  No File
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: FindRight -> {cf710881-c002-4ea4-860a-b6931b040948} -> C:\Program Files (x86)\FindRight\FindRightbho.dll (FindRight)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DVDVideoSoft WebPageAdjuster Class -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
BHO-x32: YTAHelper -> {FCE3FA8B-BA81-467C-81D8-E43C00D1BC71} -> C:\ProgramData\YTAHelper\YTAHelper.dll (Goobzo Ltd.)
Toolbar: HKLM - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
Toolbar: HKLM-x32 - mysearchdial Toolbar - {3004627E-F8E9-4E8B-909D-316753CBA923} - C:\Program Files (x86)\Mysearchdial\1.8.21.0\mysearchdialTlbr.dll No File
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default
FF NewTab: hxxp://www.istartsurf.com/newtab/?type=nt&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX
FF DefaultSearchEngine: istartsurf
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: istartsurf
FF Homepage: hxxp://www.istartsurf.com/?type=hp&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF SearchPlugin: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\bingp.xml
FF SearchPlugin: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\BrowserDefender.xml
FF SearchPlugin: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\delta.xml
FF SearchPlugin: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\Mysearchdial.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\istartsurf.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
FF Extension: TheHDvid-Codec V10 - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\43f13f31-cec7-4ac7-ad4a-18dfdaeae120@gmail.com [2014-08-21]
FF Extension: TheGoPhoto.it V10 - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\EWBNO58637124@CLP39222015.com [2014-08-21]
FF Extension: Fast Start - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\faststartff@gmail.com [2014-08-21]
FF Extension: Avira SearchFree Toolbar plus Web Protection - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\toolbar_AVIRA-V7@apn.ask.com [2013-08-18]
FF Extension: Youtube Accelerator Helper - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\{4C59F3E5-BBD0-4344-8DD2-30866FA0B31E} [2014-08-21]
FF Extension: Shopper-Pro - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\{746505DC-0E21-4667-97F8-72EA6BCF5EEF} [2014-08-21]
FF Extension: FindRight - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\firefox@myfindright.com.xpi [2014-02-18]
FF Extension: Avira SearchFree Toolbar plus Web Protection - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\toolbar_AVIRA-V7@apn.ask.com.xpi [2014-02-21]
FF HKLM-x32\...\Firefox\Extensions: [fiddlerhook@fiddler2.com] - C:\Program Files (x86)\Fiddler2\FiddlerHook
FF Extension: FiddlerHook - C:\Program Files (x86)\Fiddler2\FiddlerHook [2013-06-16]
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2013-07-13]
FF HKLM-x32\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\extensions\faststartff@gmail.com
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe hxxp://www.istartsurf.com/?type=sc&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX

Chrome:
=======
CHR StartupUrls: Default -> "https://www.google.at/?gws_rd=ssl#q=was+ist+it+surf%3F"
CHR DefaultSuggestURL: Default ->
CHR Profile: C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-31]
CHR Extension: (Google Drive) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-31]
CHR Extension: (YouTube) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-31]
CHR Extension: (Google-Suche) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-31]
CHR Extension: (DVDVideoSoft) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp [2013-07-14]
CHR Extension: (Google Wallet) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-27]
CHR Extension: (Google Mail) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-31]
CHR Extension: (Extutil) - C:\Users\Martina\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B [2014-08-31]
CHR Extension: (Managera) - C:\Users\Martina\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42 [2014-08-31]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2013-07-13]
CHR HKLM-x32\...\Chrome\Extension: [aaaaacalgebmfelllfiaoknifldpngjh] - C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7\CRX\ToolbarCR.crx [2014-02-21]
CHR StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe hxxp://www.istartsurf.com/?type=sc&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1021008 2014-08-14] (Avira Operations GmbH & Co. KG)
S4 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2014-02-13] () [File not signed]
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [146592 2011-03-31] (Atheros) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [75936 2011-03-31] (Atheros Commnucations) [File not signed]
S2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [149296 2014-08-04] (Avira Operations GmbH & Co. KG)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2356408 2014-06-19] (Microsoft Corporation)
R2 CltMngSvc; C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe [2998232 2014-08-31] (Client Connect LTD)
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-08-21] (globalUpdate) [File not signed]
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-08-21] (globalUpdate) [File not signed]
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] ()
R2 SPBIUpd; C:\Program Files\Common Files\ShopperPro\spbiu.exe [2346880 2014-08-07] (ShopperPro)
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [528896 2014-08-21] (Fuyu LIMITED) [File not signed]
R2 YouTubeAcceleratorService; C:\Program Files (x86)\YouTube Accelerator\YouTubeAcceleratorService.exe [1510248 2014-08-21] (GOOBZO)
S2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe -service [X]
S2 Wajam Internet Enhancer Service; C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\WajamInternetEnhancerService.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-07-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-10] (Avira Operations GmbH & Co. KG)
R3 SPBIUpdd; C:\Program Files\Common Files\ShopperPro\spbiw.sys [41856 2014-08-07] ()
R2 SPDRIVER_1.37.0.486; C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.486\jsdrv.sys [52584 2014-08-07] ()
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
R3 SPPD; \??\C:\Windows\system32\drivers\SPPD.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

Tinti 03.09.2014 08:07
Teil 4

[CODE]==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedMaxPc
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\ProgramData\SpeedMaxPc
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\Program Files (x86)\SpeedMaxPc
2014-09-02 11:49 - 2014-09-03 08:17 - 00000000 ____D () C:\FRST
2014-09-02 09:52 - 2014-09-02 10:40 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Nico Mak Computing
2014-09-02 07:09 - 2014-09-02 07:09 - 00000000 _____ () C:\autoexec.bat
2014-09-02 07:08 - 2014-09-02 07:08 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-09-02 07:07 - 2014-09-02 08:45 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-09-01 14:33 - 2014-09-01 14:33 - 00003073 _____ () C:\AdwCleaner[R17].txt
2014-08-31 18:21 - 2014-08-31 18:21 - 00003050 _____ () C:\AdwCleaner[S14].txt
2014-08-31 18:21 - 2014-08-31 18:21 - 00002951 _____ () C:\AdwCleaner[R16].txt
2014-08-30 20:38 - 2014-08-30 20:38 - 00110730 _____ () C:\AdwCleaner[S13].txt
2014-08-30 20:37 - 2014-08-30 20:37 - 00110629 _____ () C:\AdwCleaner[R15].txt
2014-08-30 16:25 - 2014-08-30 19:11 - 00000000 ____D () C:\Users\Martina\.birdfont
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Birdfont
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Program Files (x86)\Birdfont
2014-08-30 16:18 - 2014-08-30 16:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InetStat
2014-08-30 16:16 - 2014-09-01 21:49 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-08-30 16:16 - 2014-08-30 16:17 - 00000000 _____ () C:\END
2014-08-30 16:16 - 2014-08-30 16:16 - 00000000 ____D () C:\Users\Martina\AppData\Local\SearchProtect
2014-08-28 21:00 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-28 21:00 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-28 21:00 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-27 20:00 - 2014-08-27 20:00 - 00003072 _____ () C:\AdwCleaner[S12].txt
2014-08-27 20:00 - 2014-08-27 20:00 - 00003003 _____ () C:\AdwCleaner[R14].txt
2014-08-25 23:05 - 2014-09-03 07:47 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d5b784a456c2a23342a325557.job
2014-08-23 12:40 - 2014-08-23 21:29 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d2d37505a2a6c55326c342341.job
2014-08-22 18:23 - 2014-08-22 18:23 - 00000000 ____D () C:\ProgramData\374311380
2014-08-21 16:15 - 2014-09-01 22:20 - 00000000 ____D () C:\Program Files (x86)\TheGoPhoto.it V10
2014-08-21 16:15 - 2014-08-21 16:15 - 00004492 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-11.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001818 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-1.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001700 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5_user.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001680 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001410 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-2.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00000896 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore1cfbd4a5e77343e.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001826 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-1.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001704 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5_user.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001684 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001414 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-2.job
2014-08-21 16:13 - 2014-09-01 22:20 - 00000000 ____D () C:\Program Files (x86)\TheHDvid-Codec V10
2014-08-21 16:13 - 2014-08-21 16:14 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-08-21 16:13 - 2014-08-21 16:13 - 00004494 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-11.job
2014-08-21 16:13 - 2014-08-21 16:13 - 00000000 ____D () C:\Users\Martina\AppData\Local\globalUpdate
2014-08-21 16:12 - 2014-09-01 22:21 - 00000000 ____D () C:\Program Files (x86)\FLVPlayer
2014-08-21 16:12 - 2014-08-21 16:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FLVPlayer
2014-08-21 16:10 - 2014-08-21 16:10 - 00000260 _____ () C:\Windows\Tasks\Launch 21752.job
2014-08-21 16:10 - 2014-08-21 16:10 - 00000000 ____D () C:\ProgramData\YTAHelper
2014-08-21 16:10 - 2014-08-21 16:10 - 00000000 ____D () C:\ProgramData\ShopperPro
2014-08-21 16:09 - 2014-09-03 07:46 - 00000000 ____D () C:\ProgramData\TEMP
2014-08-21 16:09 - 2014-08-23 10:00 - 00000000 ____D () C:\Program Files (x86)\YouTube Accelerator
2014-08-21 16:09 - 2014-08-21 16:10 - 00000000 ____D () C:\Program Files (x86)\YTAHelper
2014-08-21 16:09 - 2014-08-21 16:10 - 00000000 ____D () C:\Program Files (x86)\ShopperPro
2014-08-21 16:09 - 2014-08-21 16:09 - 00172032 _____ (Jin Hui E-mail: jinhui@jcomsoft.com Web: hxxp://www.jcomsoft.com) C:\Windows\SysWOW64\AniGIF.ocx
2014-08-21 16:09 - 2014-08-21 16:09 - 00001109 _____ () C:\Users\Martina\Desktop\YouTube Accelerator.lnk
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Users\Martina\AppData\Local\CrashRpt
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YouTube Accelerator
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files\Common Files\ShopperPro
2014-08-21 16:08 - 2014-09-02 07:15 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\istartsurf
2014-08-21 16:08 - 2014-08-21 16:08 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\High-Logic FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Local\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\High-Logic FontCreator
2014-08-21 09:48 - 2013-01-24 13:43 - 01415352 _____ (High-Logic B.V.) C:\Windows\SysWOW64\FontInstaller2.dll
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieUserList
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieSiteList
2014-08-20 21:09 - 2014-08-20 21:09 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\DesktopIconGoodgame
2014-08-20 20:31 - 2014-08-20 20:31 - 00000366 _____ () C:\Windows\Tasks\Updater scan.job
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Abelssoft
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\ProgramData\XDMessagingv4
2014-08-20 20:30 - 2014-08-20 20:46 - 00000000 ____D () C:\Users\Martina\AppData\Local\Abelssoft
2014-08-20 20:29 - 2014-08-20 20:29 - 00001013 _____ () C:\Users\Public\Desktop\CHIP Updater.lnk
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CHIP Updater
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\Program Files (x86)\CHIP Updater
2014-08-20 20:28 - 2014-08-20 21:09 - 00000000 ____D () C:\Program Files (x86)\FontForge
2014-08-20 20:28 - 2014-08-20 20:28 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FontForge
2014-08-19 15:23 - 2014-08-19 15:23 - 00001100 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-16 10:48 - 2014-08-31 19:56 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\dvdcss
2014-08-14 14:22 - 2014-08-19 15:23 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-14 07:27 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-14 07:27 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-14 07:27 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-14 07:27 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-14 07:27 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-14 07:27 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-14 07:26 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-14 07:26 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-13 20:44 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-13 20:44 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-08-13 20:44 - 2014-07-09 00:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-08-13 20:44 - 2014-07-09 00:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2014-08-13 20:44 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-13 20:44 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-13 20:44 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-13 20:44 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-13 20:44 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-13 20:44 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-13 20:44 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-13 20:43 - 2014-08-01 01:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-13 20:43 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-13 20:43 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-13 20:43 - 2014-07-25 16:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-13 20:43 - 2014-07-25 16:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-13 20:43 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-13 20:43 - 2014-07-25 15:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-13 20:43 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-13 20:43 - 2014-07-25 15:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-13 20:43 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-13 20:43 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-13 20:43 - 2014-07-25 15:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-13 20:43 - 2014-07-25 15:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-13 20:43 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-13 20:43 - 2014-07-25 15:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-13 20:43 - 2014-07-25 15:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-13 20:43 - 2014-07-25 15:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-13 20:43 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-13 20:43 - 2014-07-25 14:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-13 20:43 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-13 20:43 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-13 20:43 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-13 20:43 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-13 20:43 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-13 20:43 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-13 20:43 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-13 20:43 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-13 20:43 - 2014-07-25 14:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-13 20:43 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-13 20:43 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-13 20:43 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-13 20:43 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-13 20:43 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-13 20:43 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-13 20:43 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-13 20:43 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-13 20:43 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-13 20:43 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-13 20:43 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-13 20:43 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-13 20:43 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-13 20:43 - 2014-07-25 13:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-13 20:43 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-13 20:43 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-13 20:43 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-13 20:43 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-13 20:43 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-13 20:43 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-13 20:43 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-13 20:43 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-13 20:43 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-13 20:43 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-13 20:43 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-13 20:43 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-13 20:43 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-13 20:43 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-13 20:43 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-13 20:43 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-13 20:43 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-13 20:42 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-13 20:42 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-13 20:41 - 2014-08-07 04:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-13 20:41 - 2014-08-07 04:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-07 08:58 - 2014-08-07 08:58 - 00000000 ____D () C:\Users\Martina\restore
2014-08-06 12:12 - 2014-08-11 09:18 - 00000000 ____D () C:\ProgramData\tmp
2014-08-06 12:12 - 2014-08-06 14:31 - 00000000 ____D () C:\ProgramData\hps
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Fotoviewer.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Foto World.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hartlauer Foto World
2014-08-06 12:00 - 2014-08-06 12:00 - 00000000 ____D () C:\Program Files\Hartlauer Foto World

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-03 08:17 - 2014-09-02 11:49 - 00000000 ____D () C:\FRST
2014-09-03 07:54 - 2009-07-14 06:45 - 00015104 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-03 07:54 - 2009-07-14 06:45 - 00015104 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-03 07:53 - 2013-06-14 23:43 - 01758725 _____ () C:\Windows\WindowsUpdate.log
2014-09-03 07:47 - 2014-08-25 23:05 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d5b784a456c2a23342a325557.job
2014-09-03 07:47 - 2013-06-16 16:47 - 00000000 ____D () C:\Users\Martina\AppData\Local\Adobe
2014-09-03 07:46 - 2014-08-21 16:09 - 00000000 ____D () C:\ProgramData\TEMP
2014-09-03 07:46 - 2013-09-18 15:26 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-09-03 07:44 - 2009-07-14 06:51 - 00075101 _____ () C:\Windows\setupact.log
2014-09-02 21:44 - 2013-10-27 07:21 - 00000000 ____D () C:\Users\Martina\AppData\Local\CrashDumps
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedMaxPc
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\ProgramData\SpeedMaxPc
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\Program Files (x86)\SpeedMaxPc
2014-09-02 14:02 - 2013-08-09 13:39 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Skype
2014-09-02 10:40 - 2014-09-02 09:52 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Nico Mak Computing
2014-09-02 08:45 - 2014-09-02 07:07 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-09-02 07:15 - 2014-08-21 16:08 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\istartsurf
2014-09-02 07:09 - 2014-09-02 07:09 - 00000000 _____ () C:\autoexec.bat
2014-09-02 07:08 - 2014-09-02 07:08 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-09-01 22:35 - 2013-06-15 03:18 - 00323572 _____ () C:\Windows\PFRO.log
2014-09-01 22:21 - 2014-08-21 16:12 - 00000000 ____D () C:\Program Files (x86)\FLVPlayer
2014-09-01 22:20 - 2014-08-21 16:15 - 00000000 ____D () C:\Program Files (x86)\TheGoPhoto.it V10
2014-09-01 22:20 - 2014-08-21 16:13 - 00000000 ____D () C:\Program Files (x86)\TheHDvid-Codec V10
2014-09-01 21:49 - 2014-08-30 16:16 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-09-01 14:33 - 2014-09-01 14:33 - 00003073 _____ () C:\AdwCleaner[R17].txt
2014-09-01 11:43 - 2013-11-29 17:31 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-09-01 11:18 - 2009-07-14 19:58 - 00699666 _____ () C:\Windows\system32\perfh007.dat
2014-09-01 11:18 - 2009-07-14 19:58 - 00149774 _____ () C:\Windows\system32\perfc007.dat
2014-09-01 11:18 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-31 20:35 - 2013-06-15 00:30 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\vlc
2014-08-31 19:56 - 2014-08-16 10:48 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\dvdcss
2014-08-31 18:21 - 2014-08-31 18:21 - 00003050 _____ () C:\AdwCleaner[S14].txt
2014-08-31 18:21 - 2014-08-31 18:21 - 00002951 _____ () C:\AdwCleaner[R16].txt
2014-08-30 20:38 - 2014-08-30 20:38 - 00110730 _____ () C:\AdwCleaner[S13].txt
2014-08-30 20:37 - 2014-08-30 20:37 - 00110629 _____ () C:\AdwCleaner[R15].txt
2014-08-30 19:11 - 2014-08-30 16:25 - 00000000 ____D () C:\Users\Martina\.birdfont
2014-08-30 16:25 - 2013-06-14 23:48 - 00000000 ____D () C:\Users\Martina
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Birdfont
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Program Files (x86)\Birdfont
2014-08-30 16:18 - 2014-08-30 16:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InetStat
2014-08-30 16:17 - 2014-08-30 16:16 - 00000000 _____ () C:\END
2014-08-30 16:16 - 2014-08-30 16:16 - 00000000 ____D () C:\Users\Martina\AppData\Local\SearchProtect
2014-08-29 20:07 - 2009-07-14 06:45 - 05101376 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-27 20:00 - 2014-08-27 20:00 - 00003072 _____ () C:\AdwCleaner[S12].txt
2014-08-27 20:00 - 2014-08-27 20:00 - 00003003 _____ () C:\AdwCleaner[R14].txt
2014-08-23 21:29 - 2014-08-23 12:40 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d2d37505a2a6c55326c342341.job
2014-08-23 10:00 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files (x86)\YouTube Accelerator
2014-08-23 04:07 - 2014-08-28 21:00 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 03:45 - 2014-08-28 21:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-23 02:59 - 2014-08-28 21:00 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-22 18:23 - 2014-08-22 18:23 - 00000000 ____D () C:\ProgramData\374311380
2014-08-21 16:15 - 2014-08-21 16:15 - 00004492 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-11.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001818 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-1.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001700 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5_user.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001680 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001410 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-2.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00000896 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore1cfbd4a5e77343e.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001826 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-1.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001704 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5_user.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001684 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001414 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-2.job
2014-08-21 16:14 - 2014-08-21 16:13 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-08-21 16:13 - 2014-08-21 16:13 - 00004494 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-11.job
2014-08-21 16:13 - 2014-08-21 16:13 - 00000000 ____D () C:\Users\Martina\AppData\Local\globalUpdate
2014-08-21 16:12 - 2014-08-21 16:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FLVPlayer
2014-08-21 16:10 - 2014-08-21 16:10 - 00000260 _____ () C:\Windows\Tasks\Launch 21752.job
2014-08-21 16:10 - 2014-08-21 16:10 - 00000000 ____D () C:\ProgramData\YTAHelper
2014-08-21 16:10 - 2014-08-21 16:10 - 00000000 ____D () C:\ProgramData\ShopperPro
2014-08-21 16:10 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files (x86)\YTAHelper
2014-08-21 16:10 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files (x86)\ShopperPro
2014-08-21 16:09 - 2014-08-21 16:09 - 00172032 _____ (Jin Hui E-mail: jinhui@jcomsoft.com Web: hxxp://www.jcomsoft.com) C:\Windows\SysWOW64\AniGIF.ocx
2014-08-21 16:09 - 2014-08-21 16:09 - 00001109 _____ () C:\Users\Martina\Desktop\YouTube Accelerator.lnk
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Users\Martina\AppData\Local\CrashRpt
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YouTube Accelerator
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files\Common Files\ShopperPro
2014-08-21 16:08 - 2014-08-21 16:08 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-08-21 16:08 - 2013-06-16 16:53 - 00002354 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-21 16:08 - 2013-06-15 00:32 - 00001358 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-08-21 16:08 - 2013-06-14 23:49 - 00001649 _____ () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\High-Logic FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Local\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\High-Logic FontCreator
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieUserList
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieSiteList
2014-08-20 21:09 - 2014-08-20 21:09 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\DesktopIconGoodgame
2014-08-20 21:09 - 2014-08-20 20:28 - 00000000 ____D () C:\Program Files (x86)\FontForge
2014-08-20 20:46 - 2014-08-20 20:30 - 00000000 ____D () C:\Users\Martina\AppData\Local\Abelssoft
2014-08-20 20:31 - 2014-08-20 20:31 - 00000366 _____ () C:\Windows\Tasks\Updater scan.job
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Abelssoft
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\ProgramData\XDMessagingv4
2014-08-20 20:30 - 2013-06-15 00:32 - 00113576 _____ () C:\Users\Martina\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-20 20:29 - 2014-08-20 20:29 - 00001013 _____ () C:\Users\Public\Desktop\CHIP Updater.lnk
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CHIP Updater
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\Program Files (x86)\CHIP Updater
2014-08-20 20:28 - 2014-08-20 20:28 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FontForge
2014-08-19 15:23 - 2014-08-19 15:23 - 00001100 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-19 15:23 - 2014-08-14 14:22 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-19 15:23 - 2013-08-18 13:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-08-19 15:22 - 2013-08-18 13:04 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-08-14 14:22 - 2013-08-18 13:04 - 00000000 ____D () C:\ProgramData\Avira
2014-08-14 08:08 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-14 07:52 - 2013-06-16 18:01 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-14 07:42 - 2013-08-14 20:07 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-14 07:36 - 2013-06-15 01:38 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-14 07:25 - 2014-05-07 03:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-11 09:18 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\tmp
2014-08-07 08:58 - 2014-08-07 08:58 - 00000000 ____D () C:\Users\Martina\restore
2014-08-07 04:06 - 2014-08-13 20:41 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-07 04:01 - 2014-08-13 20:41 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-06 14:31 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\hps
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Fotoviewer.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Foto World.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hartlauer Foto World
2014-08-06 12:00 - 2014-08-06 12:00 - 00000000 ____D () C:\Program Files\Hartlauer Foto World

Some content of TEMP:
====================
C:\Users\Martina\AppData\Local\Temp\avgnt.exe
C:\Users\Martina\AppData\Local\Temp\SHSetup.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2013-08-29 06:40

==================== End Of Log ============================ndows\system32\aepdu.dll
2014-08-07 04:01 - 2014-08-13 20:41 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-06 14:31 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\hps
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Fotoviewer.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Foto World.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hartlauer Foto World
2014-08-06 12:00 - 2014-08-06 12:00 - 00000000 ____D () C:\Program Files\Hartlauer Foto World

Some content of TEMP:
====================
C:\Users\Martina\AppData\Local\Temp\avgnt.exe
C:\Users\Martina\AppData\Local\Temp\SHSetup.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2013-08-29 06:40

==================== End Of Log ============================
FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-09-2014
Ran by Martina (administrator) on NB01KRZBMA on 03-09-2014 08:21:16
Running from D:\Martina\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Fuyu LIMITED) C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(ShopperPro) C:\Program Files\Common Files\ShopperPro\spbiu.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(GOOBZO) C:\Program Files (x86)\YouTube Accelerator\YouTubeAcceleratorService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
() C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.486\jsdrv.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(globalUpdate) C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) D:\Martina\Desktop\FRST64 (1).exe
(Farbar) D:\Martina\Desktop\FRST64 (1).exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [790176 2011-03-31] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [657056 2011-03-31] (Atheros Commnucations)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-09-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-14] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2237328 2013-11-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1273448 2012-04-03] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [449168 2012-03-26] (CANON INC.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [161584 2014-08-04] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SPDriver] => C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.486\jsdrv.exe [3211776 2014-08-07] ()
HKU\.DEFAULT\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-06-15] (Microsoft Corporation)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21446272 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [LiveSupport] => "C:\Program Files (x86)\LiveSupport\LiveSupport.exe" /noshow /log
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [GoobzoYouTubeAccelerator] => C:\Program Files (x86)\YouTube Accelerator\YouTubeAccelerator.exe [2227048 2014-08-21] (GOOBZO)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [SPDriver] => C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.486\jsdrv.exe [3211776 2014-08-07] ()
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-06-16] (Google Inc.)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\RunOnce: [Uninstall C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64"
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\RunOnce: [Uninstall C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64"
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: F - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {9f0476a4-d6a2-11e2-b1ce-90004eb858ed} - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {9f0476aa-d6a2-11e2-b1ce-90004eb858ed} - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {9f0476d6-d6a2-11e2-b1ce-90004eb858ed} - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {c3dde93d-99b1-11e3-9283-90004eb858ee} - F:\Startme.exe
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll [232408 2014-08-31] (Client Connect LTD)
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll [187352 2014-08-31] (Client Connect LTD)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\simplicheck.lnk
ShortcutTarget: simplicheck.lnk -> C:\Program Files (x86)\simplitec\simplicheck\simplicheck.exe (simplitec)
ShellIconOverlayIdentifiers:  AccExtIco1 -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers:  AccExtIco2 -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers:  AccExtIco3 -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.trovi.com/?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MBE1B69C2-1A5C-4CA3-9376-6B92DBDE9BCF&SearchSource=55&CUI=&UM=6&UP=SPAA41E917-BF56-450F-9DCA-0EBCA6938BAD&SSPV=
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x46388F1AA669CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://at.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-AT
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hp&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
URLSearchHook: HKCU - SearchHook Class - {D8278076-BC68-4484-9233-6E7F1628B56C} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\searchhook.dll (APN LLC.)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.istartsurf.com/?type=sc&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MBE1B69C2-1A5C-4CA3-9376-6B92DBDE9BCF&SearchSource=58&CUI=&UM=6&UP=SPAA41E917-BF56-450F-9DCA-0EBCA6938BAD&q={searchTerms}&SSPV=
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MBE1B69C2-1A5C-4CA3-9376-6B92DBDE9BCF&SearchSource=58&CUI=&UM=6&UP=SPAA41E917-BF56-450F-9DCA-0EBCA6938BAD&q={searchTerms}&SSPV=
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Avira SearchFree Toolbar -> {41564952-412D-5637-00A7-7A786E7484D7} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Shopper Pro -> {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} -> C:\ProgramData\ShopperPro\ShopperPro64.dll (Goobzo Ltd.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: DVDVideoSoft WebPageAdjuster Class -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO: YTAHelper -> {FCE3FA8B-BA81-467C-81D8-E43C00D1BC71} -> C:\ProgramData\YTAHelper\YTAHelper64.dll (Goobzo Ltd.)
BHO-x32: Avira SearchFree Toolbar -> {41564952-412D-5637-00A7-7A786E7484D7} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: No Name -> {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} ->  No File
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: FindRight -> {cf710881-c002-4ea4-860a-b6931b040948} -> C:\Program Files (x86)\FindRight\FindRightbho.dll (FindRight)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DVDVideoSoft WebPageAdjuster Class -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
BHO-x32: YTAHelper -> {FCE3FA8B-BA81-467C-81D8-E43C00D1BC71} -> C:\ProgramData\YTAHelper\YTAHelper.dll (Goobzo Ltd.)
Toolbar: HKLM - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
Toolbar: HKLM-x32 - mysearchdial Toolbar - {3004627E-F8E9-4E8B-909D-316753CBA923} - C:\Program Files (x86)\Mysearchdial\1.8.21.0\mysearchdialTlbr.dll No File
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default
FF NewTab: hxxp://www.istartsurf.com/newtab/?type=nt&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX
FF DefaultSearchEngine: istartsurf
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: istartsurf
FF Homepage: hxxp://www.istartsurf.com/?type=hp&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF SearchPlugin: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\bingp.xml
FF SearchPlugin: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\BrowserDefender.xml
FF SearchPlugin: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\delta.xml
FF SearchPlugin: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\Mysearchdial.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\istartsurf.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
FF Extension: TheHDvid-Codec V10 - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\43f13f31-cec7-4ac7-ad4a-18dfdaeae120@gmail.com [2014-08-21]
FF Extension: TheGoPhoto.it V10 - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\EWBNO58637124@CLP39222015.com [2014-08-21]
FF Extension: Fast Start - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\faststartff@gmail.com [2014-08-21]
FF Extension: Avira SearchFree Toolbar plus Web Protection - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\toolbar_AVIRA-V7@apn.ask.com [2013-08-18]
FF Extension: Youtube Accelerator Helper - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\{4C59F3E5-BBD0-4344-8DD2-30866FA0B31E} [2014-08-21]
FF Extension: Shopper-Pro - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\{746505DC-0E21-4667-97F8-72EA6BCF5EEF} [2014-08-21]
FF Extension: FindRight - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\firefox@myfindright.com.xpi [2014-02-18]
FF Extension: Avira SearchFree Toolbar plus Web Protection - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\toolbar_AVIRA-V7@apn.ask.com.xpi [2014-02-21]
FF HKLM-x32\...\Firefox\Extensions: [fiddlerhook@fiddler2.com] - C:\Program Files (x86)\Fiddler2\FiddlerHook
FF Extension: FiddlerHook - C:\Program Files (x86)\Fiddler2\FiddlerHook [2013-06-16]
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2013-07-13]
FF HKLM-x32\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\extensions\faststartff@gmail.com
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe hxxp://www.istartsurf.com/?type=sc&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX

Chrome:
=======
CHR StartupUrls: Default -> "https://www.google.at/?gws_rd=ssl#q=was+ist+it+surf%3F"
CHR DefaultSuggestURL: Default ->
CHR Profile: C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-31]
CHR Extension: (Google Drive) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-31]
CHR Extension: (YouTube) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-31]
CHR Extension: (Google-Suche) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-31]
CHR Extension: (DVDVideoSoft) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp [2013-07-14]
CHR Extension: (Google Wallet) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-27]
CHR Extension: (Google Mail) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-31]
CHR Extension: (Extutil) - C:\Users\Martina\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B [2014-08-31]
CHR Extension: (Managera) - C:\Users\Martina\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42 [2014-08-31]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2013-07-13]
CHR HKLM-x32\...\Chrome\Extension: [aaaaacalgebmfelllfiaoknifldpngjh] - C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7\CRX\ToolbarCR.crx [2014-02-21]
CHR StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe hxxp://www.istartsurf.com/?type=sc&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX

==================== Services (Whitelisted) =================
Teil 5

Code:
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1021008 2014-08-14] (Avira Operations GmbH & Co. KG)
S4 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2014-02-13] () [File not signed]
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [146592 2011-03-31] (Atheros) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [75936 2011-03-31] (Atheros Commnucations) [File not signed]
S2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [149296 2014-08-04] (Avira Operations GmbH & Co. KG)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2356408 2014-06-19] (Microsoft Corporation)
R2 CltMngSvc; C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe [2998232 2014-08-31] (Client Connect LTD)
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-08-21] (globalUpdate) [File not signed]
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-08-21] (globalUpdate) [File not signed]
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] ()
R2 SPBIUpd; C:\Program Files\Common Files\ShopperPro\spbiu.exe [2346880 2014-08-07] (ShopperPro)
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [528896 2014-08-21] (Fuyu LIMITED) [File not signed]
R2 YouTubeAcceleratorService; C:\Program Files (x86)\YouTube Accelerator\YouTubeAcceleratorService.exe [1510248 2014-08-21] (GOOBZO)
S2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe -service [X]
S2 Wajam Internet Enhancer Service; C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\WajamInternetEnhancerService.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-07-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-10] (Avira Operations GmbH & Co. KG)
R3 SPBIUpdd; C:\Program Files\Common Files\ShopperPro\spbiw.sys [41856 2014-08-07] ()
R2 SPDRIVER_1.37.0.486; C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.486\jsdrv.sys [52584 2014-08-07] ()
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
R3 SPPD; \??\C:\Windows\system32\drivers\SPPD.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedMaxPc
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\ProgramData\SpeedMaxPc
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\Program Files (x86)\SpeedMaxPc
2014-09-02 11:49 - 2014-09-03 08:21 - 00000000 ____D () C:\FRST
2014-09-02 09:52 - 2014-09-02 10:40 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Nico Mak Computing
2014-09-02 07:09 - 2014-09-02 07:09 - 00000000 _____ () C:\autoexec.bat
2014-09-02 07:08 - 2014-09-02 07:08 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-09-02 07:07 - 2014-09-02 08:45 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-09-01 14:33 - 2014-09-01 14:33 - 00003073 _____ () C:\AdwCleaner[R17].txt
2014-08-31 18:21 - 2014-08-31 18:21 - 00003050 _____ () C:\AdwCleaner[S14].txt
2014-08-31 18:21 - 2014-08-31 18:21 - 00002951 _____ () C:\AdwCleaner[R16].txt
2014-08-30 20:38 - 2014-08-30 20:38 - 00110730 _____ () C:\AdwCleaner[S13].txt
2014-08-30 20:37 - 2014-08-30 20:37 - 00110629 _____ () C:\AdwCleaner[R15].txt
2014-08-30 16:25 - 2014-08-30 19:11 - 00000000 ____D () C:\Users\Martina\.birdfont
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Birdfont
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Program Files (x86)\Birdfont
2014-08-30 16:18 - 2014-08-30 16:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InetStat
2014-08-30 16:16 - 2014-09-01 21:49 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-08-30 16:16 - 2014-08-30 16:17 - 00000000 _____ () C:\END
2014-08-30 16:16 - 2014-08-30 16:16 - 00000000 ____D () C:\Users\Martina\AppData\Local\SearchProtect
2014-08-28 21:00 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-28 21:00 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-28 21:00 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-27 20:00 - 2014-08-27 20:00 - 00003072 _____ () C:\AdwCleaner[S12].txt
2014-08-27 20:00 - 2014-08-27 20:00 - 00003003 _____ () C:\AdwCleaner[R14].txt
2014-08-25 23:05 - 2014-09-03 07:47 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d5b784a456c2a23342a325557.job
2014-08-23 12:40 - 2014-08-23 21:29 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d2d37505a2a6c55326c342341.job
2014-08-22 18:23 - 2014-08-22 18:23 - 00000000 ____D () C:\ProgramData\374311380
2014-08-21 16:15 - 2014-09-01 22:20 - 00000000 ____D () C:\Program Files (x86)\TheGoPhoto.it V10
2014-08-21 16:15 - 2014-08-21 16:15 - 00004492 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-11.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001818 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-1.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001700 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5_user.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001680 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001410 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-2.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00000896 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore1cfbd4a5e77343e.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001826 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-1.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001704 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5_user.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001684 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001414 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-2.job
2014-08-21 16:13 - 2014-09-01 22:20 - 00000000 ____D () C:\Program Files (x86)\TheHDvid-Codec V10
2014-08-21 16:13 - 2014-08-21 16:14 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-08-21 16:13 - 2014-08-21 16:13 - 00004494 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-11.job
2014-08-21 16:13 - 2014-08-21 16:13 - 00000000 ____D () C:\Users\Martina\AppData\Local\globalUpdate
2014-08-21 16:12 - 2014-09-01 22:21 - 00000000 ____D () C:\Program Files (x86)\FLVPlayer
2014-08-21 16:12 - 2014-08-21 16:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FLVPlayer
2014-08-21 16:10 - 2014-08-21 16:10 - 00000260 _____ () C:\Windows\Tasks\Launch 21752.job
2014-08-21 16:10 - 2014-08-21 16:10 - 00000000 ____D () C:\ProgramData\YTAHelper
2014-08-21 16:10 - 2014-08-21 16:10 - 00000000 ____D () C:\ProgramData\ShopperPro
2014-08-21 16:09 - 2014-09-03 07:46 - 00000000 ____D () C:\ProgramData\TEMP
2014-08-21 16:09 - 2014-08-23 10:00 - 00000000 ____D () C:\Program Files (x86)\YouTube Accelerator
2014-08-21 16:09 - 2014-08-21 16:10 - 00000000 ____D () C:\Program Files (x86)\YTAHelper
2014-08-21 16:09 - 2014-08-21 16:10 - 00000000 ____D () C:\Program Files (x86)\ShopperPro
2014-08-21 16:09 - 2014-08-21 16:09 - 00172032 _____ (Jin Hui E-mail: jinhui@jcomsoft.com Web: hxxp://www.jcomsoft.com) C:\Windows\SysWOW64\AniGIF.ocx
2014-08-21 16:09 - 2014-08-21 16:09 - 00001109 _____ () C:\Users\Martina\Desktop\YouTube Accelerator.lnk
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Users\Martina\AppData\Local\CrashRpt
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YouTube Accelerator
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files\Common Files\ShopperPro
2014-08-21 16:08 - 2014-09-02 07:15 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\istartsurf
2014-08-21 16:08 - 2014-08-21 16:08 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\High-Logic FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Local\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\High-Logic FontCreator
2014-08-21 09:48 - 2013-01-24 13:43 - 01415352 _____ (High-Logic B.V.) C:\Windows\SysWOW64\FontInstaller2.dll
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieUserList
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieSiteList
2014-08-20 21:09 - 2014-08-20 21:09 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\DesktopIconGoodgame
2014-08-20 20:31 - 2014-08-20 20:31 - 00000366 _____ () C:\Windows\Tasks\Updater scan.job
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Abelssoft
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\ProgramData\XDMessagingv4
2014-08-20 20:30 - 2014-08-20 20:46 - 00000000 ____D () C:\Users\Martina\AppData\Local\Abelssoft
2014-08-20 20:29 - 2014-08-20 20:29 - 00001013 _____ () C:\Users\Public\Desktop\CHIP Updater.lnk
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CHIP Updater
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\Program Files (x86)\CHIP Updater
2014-08-20 20:28 - 2014-08-20 21:09 - 00000000 ____D () C:\Program Files (x86)\FontForge
2014-08-20 20:28 - 2014-08-20 20:28 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FontForge
2014-08-19 15:23 - 2014-08-19 15:23 - 00001100 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-16 10:48 - 2014-08-31 19:56 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\dvdcss
2014-08-14 14:22 - 2014-08-19 15:23 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-14 07:27 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-14 07:27 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-14 07:27 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-14 07:27 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-14 07:27 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-14 07:27 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-14 07:26 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-14 07:26 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-13 20:44 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-13 20:44 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-08-13 20:44 - 2014-07-09 00:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-08-13 20:44 - 2014-07-09 00:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2014-08-13 20:44 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-13 20:44 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-13 20:44 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-13 20:44 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-13 20:44 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-13 20:44 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-13 20:44 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-13 20:43 - 2014-08-01 01:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-13 20:43 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-13 20:43 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-13 20:43 - 2014-07-25 16:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-13 20:43 - 2014-07-25 16:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-13 20:43 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-13 20:43 - 2014-07-25 15:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-13 20:43 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-13 20:43 - 2014-07-25 15:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-13 20:43 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-13 20:43 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-13 20:43 - 2014-07-25 15:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-13 20:43 - 2014-07-25 15:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-13 20:43 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-13 20:43 - 2014-07-25 15:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-13 20:43 - 2014-07-25 15:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-13 20:43 - 2014-07-25 15:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-13 20:43 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-13 20:43 - 2014-07-25 14:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-13 20:43 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-13 20:43 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-13 20:43 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-13 20:43 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-13 20:43 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-13 20:43 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-13 20:43 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-13 20:43 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-13 20:43 - 2014-07-25 14:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-13 20:43 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-13 20:43 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-13 20:43 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-13 20:43 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-13 20:43 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-13 20:43 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-13 20:43 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-13 20:43 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-13 20:43 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-13 20:43 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-13 20:43 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-13 20:43 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-13 20:43 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-13 20:43 - 2014-07-25 13:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-13 20:43 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-13 20:43 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-13 20:43 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-13 20:43 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-13 20:43 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-13 20:43 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-13 20:43 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-13 20:43 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-13 20:43 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-13 20:43 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-13 20:43 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-13 20:43 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-13 20:43 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-13 20:43 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-13 20:43 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-13 20:43 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-13 20:43 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-13 20:42 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-13 20:42 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-13 20:41 - 2014-08-07 04:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-13 20:41 - 2014-08-07 04:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-07 08:58 - 2014-08-07 08:58 - 00000000 ____D () C:\Users\Martina\restore
2014-08-06 12:12 - 2014-08-11 09:18 - 00000000 ____D () C:\ProgramData\tmp
2014-08-06 12:12 - 2014-08-06 14:31 - 00000000 ____D () C:\ProgramData\hps
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Fotoviewer.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Foto World.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hartlauer Foto World
2014-08-06 12:00 - 2014-08-06 12:00 - 00000000 ____D () C:\Program Files\Hartlauer Foto World

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-03 08:21 - 2014-09-02 11:49 - 00000000 ____D () C:\FRST
2014-09-03 07:54 - 2009-07-14 06:45 - 00015104 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-03 07:54 - 2009-07-14 06:45 - 00015104 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-03 07:53 - 2013-06-14 23:43 - 01758725 _____ () C:\Windows\WindowsUpdate.log
2014-09-03 07:47 - 2014-08-25 23:05 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d5b784a456c2a23342a325557.job
2014-09-03 07:47 - 2013-06-16 16:47 - 00000000 ____D () C:\Users\Martina\AppData\Local\Adobe
2014-09-03 07:46 - 2014-08-21 16:09 - 00000000 ____D () C:\ProgramData\TEMP
2014-09-03 07:46 - 2013-09-18 15:26 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-09-03 07:44 - 2009-07-14 06:51 - 00075101 _____ () C:\Windows\setupact.log
2014-09-02 21:44 - 2013-10-27 07:21 - 00000000 ____D () C:\Users\Martina\AppData\Local\CrashDumps
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedMaxPc
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\ProgramData\SpeedMaxPc
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\Program Files (x86)\SpeedMaxPc
2014-09-02 14:02 - 2013-08-09 13:39 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Skype
2014-09-02 10:40 - 2014-09-02 09:52 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Nico Mak Computing
2014-09-02 08:45 - 2014-09-02 07:07 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-09-02 07:15 - 2014-08-21 16:08 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\istartsurf
2014-09-02 07:09 - 2014-09-02 07:09 - 00000000 _____ () C:\autoexec.bat
2014-09-02 07:08 - 2014-09-02 07:08 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-09-01 22:35 - 2013-06-15 03:18 - 00323572 _____ () C:\Windows\PFRO.log
2014-09-01 22:21 - 2014-08-21 16:12 - 00000000 ____D () C:\Program Files (x86)\FLVPlayer
2014-09-01 22:20 - 2014-08-21 16:15 - 00000000 ____D () C:\Program Files (x86)\TheGoPhoto.it V10
2014-09-01 22:20 - 2014-08-21 16:13 - 00000000 ____D () C:\Program Files (x86)\TheHDvid-Codec V10
2014-09-01 21:49 - 2014-08-30 16:16 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-09-01 14:33 - 2014-09-01 14:33 - 00003073 _____ () C:\AdwCleaner[R17].txt
2014-09-01 11:43 - 2013-11-29 17:31 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-09-01 11:18 - 2009-07-14 19:58 - 00699666 _____ () C:\Windows\system32\perfh007.dat
2014-09-01 11:18 - 2009-07-14 19:58 - 00149774 _____ () C:\Windows\system32\perfc007.dat
2014-09-01 11:18 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-31 20:35 - 2013-06-15 00:30 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\vlc
2014-08-31 19:56 - 2014-08-16 10:48 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\dvdcss
2014-08-31 18:21 - 2014-08-31 18:21 - 00003050 _____ () C:\AdwCleaner[S14].txt
2014-08-31 18:21 - 2014-08-31 18:21 - 00002951 _____ () C:\AdwCleaner[R16].txt
2014-08-30 20:38 - 2014-08-30 20:38 - 00110730 _____ () C:\AdwCleaner[S13].txt
2014-08-30 20:37 - 2014-08-30 20:37 - 00110629 _____ () C:\AdwCleaner[R15].txt
2014-08-30 19:11 - 2014-08-30 16:25 - 00000000 ____D () C:\Users\Martina\.birdfont
2014-08-30 16:25 - 2013-06-14 23:48 - 00000000 ____D () C:\Users\Martina
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Birdfont
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Program Files (x86)\Birdfont
2014-08-30 16:18 - 2014-08-30 16:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InetStat
2014-08-30 16:17 - 2014-08-30 16:16 - 00000000 _____ () C:\END
2014-08-30 16:16 - 2014-08-30 16:16 - 00000000 ____D () C:\Users\Martina\AppData\Local\SearchProtect
2014-08-29 20:07 - 2009-07-14 06:45 - 05101376 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-27 20:00 - 2014-08-27 20:00 - 00003072 _____ () C:\AdwCleaner[S12].txt
2014-08-27 20:00 - 2014-08-27 20:00 - 00003003 _____ () C:\AdwCleaner[R14].txt
2014-08-23 21:29 - 2014-08-23 12:40 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d2d37505a2a6c55326c342341.job
2014-08-23 10:00 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files (x86)\YouTube Accelerator
2014-08-23 04:07 - 2014-08-28 21:00 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 03:45 - 2014-08-28 21:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-23 02:59 - 2014-08-28 21:00 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-22 18:23 - 2014-08-22 18:23 - 00000000 ____D () C:\ProgramData\374311380
2014-08-21 16:15 - 2014-08-21 16:15 - 00004492 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-11.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001818 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-1.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001700 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5_user.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001680 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001410 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-2.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00000896 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore1cfbd4a5e77343e.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001826 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-1.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001704 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5_user.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001684 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001414 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-2.job
2014-08-21 16:14 - 2014-08-21 16:13 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-08-21 16:13 - 2014-08-21 16:13 - 00004494 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-11.job
2014-08-21 16:13 - 2014-08-21 16:13 - 00000000 ____D () C:\Users\Martina\AppData\Local\globalUpdate
2014-08-21 16:12 - 2014-08-21 16:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FLVPlayer
2014-08-21 16:10 - 2014-08-21 16:10 - 00000260 _____ () C:\Windows\Tasks\Launch 21752.job
2014-08-21 16:10 - 2014-08-21 16:10 - 00000000 ____D () C:\ProgramData\YTAHelper
2014-08-21 16:10 - 2014-08-21 16:10 - 00000000 ____D () C:\ProgramData\ShopperPro
2014-08-21 16:10 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files (x86)\YTAHelper
2014-08-21 16:10 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files (x86)\ShopperPro
2014-08-21 16:09 - 2014-08-21 16:09 - 00172032 _____ (Jin Hui E-mail: jinhui@jcomsoft.com Web: hxxp://www.jcomsoft.com) C:\Windows\SysWOW64\AniGIF.ocx
2014-08-21 16:09 - 2014-08-21 16:09 - 00001109 _____ () C:\Users\Martina\Desktop\YouTube Accelerator.lnk
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Users\Martina\AppData\Local\CrashRpt
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YouTube Accelerator
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files\Common Files\ShopperPro
2014-08-21 16:08 - 2014-08-21 16:08 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-08-21 16:08 - 2013-06-16 16:53 - 00002354 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-21 16:08 - 2013-06-15 00:32 - 00001358 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-08-21 16:08 - 2013-06-14 23:49 - 00001649 _____ () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\High-Logic FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Local\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\High-Logic FontCreator
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieUserList
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieSiteList
2014-08-20 21:09 - 2014-08-20 21:09 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\DesktopIconGoodgame
2014-08-20 21:09 - 2014-08-20 20:28 - 00000000 ____D () C:\Program Files (x86)\FontForge
2014-08-20 20:46 - 2014-08-20 20:30 - 00000000 ____D () C:\Users\Martina\AppData\Local\Abelssoft
2014-08-20 20:31 - 2014-08-20 20:31 - 00000366 _____ () C:\Windows\Tasks\Updater scan.job
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Abelssoft
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\ProgramData\XDMessagingv4
2014-08-20 20:30 - 2013-06-15 00:32 - 00113576 _____ () C:\Users\Martina\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-20 20:29 - 2014-08-20 20:29 - 00001013 _____ () C:\Users\Public\Desktop\CHIP Updater.lnk
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CHIP Updater
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\Program Files (x86)\CHIP Updater
2014-08-20 20:28 - 2014-08-20 20:28 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FontForge
2014-08-19 15:23 - 2014-08-19 15:23 - 00001100 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-19 15:23 - 2014-08-14 14:22 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-19 15:23 - 2013-08-18 13:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-08-19 15:22 - 2013-08-18 13:04 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-08-14 14:22 - 2013-08-18 13:04 - 00000000 ____D () C:\ProgramData\Avira
2014-08-14 08:08 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-14 07:52 - 2013-06-16 18:01 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-14 07:42 - 2013-08-14 20:07 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-14 07:36 - 2013-06-15 01:38 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-14 07:25 - 2014-05-07 03:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-11 09:18 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\tmp
2014-08-07 08:58 - 2014-08-07 08:58 - 00000000 ____D () C:\Users\Martina\restore
2014-08-07 04:06 - 2014-08-13 20:41 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-07 04:01 - 2014-08-13 20:41 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-06 14:31 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\hps
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Fotoviewer.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Foto World.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hartlauer Foto World
2014-08-06 12:00 - 2014-08-06 12:00 - 00000000 ____D () C:\Program Files\Hartlauer Foto World

Some content of TEMP:
====================
C:\Users\Martina\AppData\Local\Temp\avgnt.exe
C:\Users\Martina\AppData\Local\Temp\SHSetup.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2013-08-29 06:40

==================== End Of Log ============================
--- --- ---

M-K-D-B 03.09.2014 08:20
Servus,



Wir beginnen so:




Schritt 1
  • Lade dir bitte die folgendes Programm auf deinen Desktop: SpyHunterKiller.exe
  • Starte das Tool und klicke Weiter.
  • Sobald das Tool fertig ist, klicke auf Ende, um das Programm zu beenden.






Schritt 2
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).





Schritt 3
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.






Schritt 4

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.







Schritt 5
  • Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Scan.
  • FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.






Bitte poste mit deiner nächsten Antwort
  • die Logdatei von AdwCleaner,
  • die Logdatei von JRT,
  • die Logdatei von MBAM,
  • die beiden neuen Logdateien von FRST.

Tinti 03.09.2014 14:45
Hallo,

ich kann Schritt 1 nicht ausführen weil steht dass auf das folgende Gerät bzw. Programm nicht zugegriffen werden kann.

Lg

Code:
# AdwCleaner v3.309 - Bericht erstellt am 03/09/2014 um 15:28:56
# Aktualisiert 02/09/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Martina - NB01KRZBMA
# Gestartet von : D:\Martina\Desktop\adwcleaner_3.309.exe
# Option : Löschen

***** [ Dienste ] *****

Dienst Gelöscht : CltMngSvc
[#] Dienst Gelöscht : globalUpdate
[#] Dienst Gelöscht : globalUpdatem
[#] Dienst Gelöscht : IePluginServices
Dienst Gelöscht : SPBIUpd
[#] Dienst Gelöscht : SPBIUpdd
[#] Dienst Gelöscht : Wajam Internet Enhancer Service
Dienst Gelöscht : WindowsMangerProtect

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\374311380
Ordner Gelöscht : C:\ProgramData\NCH Software
Ordner Gelöscht : C:\ProgramData\ShopperPro
Ordner Gelöscht : C:\ProgramData\SpeedMaxPc
Ordner Gelöscht : C:\ProgramData\WindowsMangerProtect
Ordner Gelöscht : C:\ProgramData\YTAHelper
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlvPlayer
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InetStat
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YouTube Accelerator
Ordner Gelöscht : C:\Program Files (x86)\FindRight
Ordner Gelöscht : C:\Program Files (x86)\FlvPlayer
[!] Ordner Gelöscht : C:\Program Files (x86)\globalUpdate
Ordner Gelöscht : C:\Program Files (x86)\NCH Software
Ordner Gelöscht : C:\Program Files (x86)\SearchProtect
Ordner Gelöscht : C:\Program Files (x86)\ShopperPro
Ordner Gelöscht : C:\Program Files (x86)\SpeedMaxPc
Ordner Gelöscht : C:\Program Files (x86)\YouTube Accelerator
Ordner Gelöscht : C:\Program Files (x86)\YTAHelper
Ordner Gelöscht : C:\Program Files (x86)\Common Files\SpeedMaxPc
[/!\] Nicht Gelöscht ( Junction ) : C:\Program Files\Gemeinsame Dateien
Ordner Gelöscht : C:\Users\Martina\AppData\Local\globalUpdate
Ordner Gelöscht : C:\Users\Martina\AppData\Local\SearchProtect
Ordner Gelöscht : C:\Users\Martina\AppData\LocalLow\Goobzo
Ordner Gelöscht : C:\Users\Martina\AppData\Roaming\dvdvideosoftiehelpers
Ordner Gelöscht : C:\Users\Martina\AppData\Roaming\istartsurf
Ordner Gelöscht : C:\Users\Martina\AppData\Roaming\NCH Software
Ordner Gelöscht : C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedMaxPc
Ordner Gelöscht : D:\Martina\Documents\Optimizer Pro
Ordner Gelöscht : C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\{746505DC-0E21-4667-97F8-72EA6BCF5EEF}
Ordner Gelöscht : C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\faststartff@gmail.com
Ordner Gelöscht : C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp
Datei Gelöscht : C:\END
Datei Gelöscht : C:\Users\Public\Desktop\simplicheck.lnk
Datei Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\simplicheck.lnk
Datei Gelöscht : C:\Users\Martina\AppData\Roaming\LiveSupport.exe_log.txt
Datei Gelöscht : C:\Users\Martina\AppData\Roaming\regsvr32.exe_log.txt
Datei Gelöscht : D:\Martina\Desktop\SpeedMaxPc.lnk
Datei Gelöscht : C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\invalidprefs.js
Datei Gelöscht : C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\bingp.xml
Datei Gelöscht : C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\BrowserDefender.xml
Datei Gelöscht : C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\delta.xml
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\searchplugins\istartsurf.xml
Datei Gelöscht : C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\Mysearchdial.xml
Datei Gelöscht : C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data
Datei Gelöscht : C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences
Datei Gelöscht : C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
Datei Gelöscht : C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal

***** [ Tasks ] *****

Task Gelöscht : BrowserDefendert
Task Gelöscht : EPUpdater

***** [ Verknüpfungen ] *****

Verknüpfung Desinfiziert : C:\Users\Public\Desktop\Google Chrome.lnk
Verknüpfung Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
Verknüpfung Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Verknüpfung Desinfiziert : C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Verknüpfung Desinfiziert : C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Chrome App Launcher.lnk
Verknüpfung Desinfiziert : C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\Google Keep.lnk
Verknüpfung Desinfiziert : C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Verknüpfung Desinfiziert : C:\Users\Martina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
Verknüpfung Desinfiziert : C:\Users\Martina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Verknüpfung Desinfiziert : C:\Users\Martina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk

***** [ Registrierungsdatenbank ] *****

Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{ACAA314B-EEBA-48E4-AD47-84E31C44796C}]
Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [faststartff@gmail.com]
Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp
Schlüssel Gelöscht : HKCU\Software\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.superfish.com
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [livesupport]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\ShopperPro.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\driverscanner
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\FindRight_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\FindRight_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\WajamInternetEnhancer_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\WajamInternetEnhancer_RASMANCS
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SPDriver]
Schlüssel Gelöscht : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Schlüssel Gelöscht : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Schlüssel Gelöscht : HKCU\Software\5957d88db46eeb43
Schlüssel Gelöscht : HKLM\SOFTWARE\5957d88db46eeb43
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{58FDA6AF-67D8-4198-B7CD-94B17532C8D5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3004627E-F8E9-4E8B-909D-316753CBA923}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4ED063C9-4A0B-4B44-A9DC-23AFF424A0D3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C358B3D0-B911-41E3-A276-E7D43A6BA56D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D40753C7-8A59-4C1F-BE88-C300F4624D5B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622332213}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622332215}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0400EBCA-042C-4000-AA89-9713FBEDB671}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0BD19251-4B4B-4B94-AB16-617106245BB7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3281114F-BCAB-45E3-80D9-A6CD64D4E636}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{44533FCB-F9FB-436A-8B6B-CF637B2D465A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{44B29DDD-CF7A-454A-A275-A322A398D93F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A4DE94DB-DF03-45A3-8A5D-D1B7464B242D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{AA0F50A8-2618-4AE4-A779-9F7378555A8F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B2DB115C-8278-4947-9A07-57B53D1C4215}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B97FC455-DB33-431D-84DB-6F1514110BD5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C67281E0-78F5-4E49-9FAE-4B1B2ADAF17B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E72E9312-0367-4216-BFC7-21485FA8390B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F6CCB6C9-127E-44AE-8552-B94356F39FFE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FFD25630-2734-4AE9-88E6-21BF6525F3FE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655335513}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655335515}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666336613}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666336615}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440644334413}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440644334415}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3004627E-F8E9-4E8B-909D-316753CBA923}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3004627E-F8E9-4E8B-909D-316753CBA923}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{219046AE-358F-4CF1-B1FD-2B4DE83642A8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{3004627E-F8E9-4E8B-909D-316753CBA923}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622332213}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622332215}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655335513}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655335515}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666336613}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666336615}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Daten Wiederhergestellt : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Daten Wiederhergestellt : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command
Daten Wiederhergestellt : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command
Schlüssel Gelöscht : HKCU\Software\1ClickDownload
Schlüssel Gelöscht : HKCU\Software\BABSOLUTION
Schlüssel Gelöscht : HKCU\Software\FindRight
Schlüssel Gelöscht : HKCU\Software\GlobalUpdate
Schlüssel Gelöscht : HKCU\Software\Goobzo
Schlüssel Gelöscht : HKCU\Software\InetStat
Schlüssel Gelöscht : HKCU\Software\InstallCore
Schlüssel Gelöscht : HKCU\Software\mysearchdial
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\Optimizer Pro
Schlüssel Gelöscht : HKCU\Software\SpeedMaxPC
Schlüssel Gelöscht : HKCU\Software\SupHpUISoft
Schlüssel Gelöscht : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Schlüssel Gelöscht : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Schlüssel Gelöscht : HKLM\SOFTWARE\FindRight
Schlüssel Gelöscht : HKLM\SOFTWARE\GlobalUpdate
Schlüssel Gelöscht : HKLM\SOFTWARE\Goobzo
Schlüssel Gelöscht : HKLM\SOFTWARE\InstallCore
Schlüssel Gelöscht : HKLM\SOFTWARE\istartsurfSoftware
Schlüssel Gelöscht : HKLM\SOFTWARE\SearchProtect
Schlüssel Gelöscht : HKLM\SOFTWARE\simplitec
Schlüssel Gelöscht : HKLM\SOFTWARE\SpeedMaxPC
Schlüssel Gelöscht : HKLM\SOFTWARE\SupDp
Schlüssel Gelöscht : HKLM\SOFTWARE\supWindowsMangerProtect
Schlüssel Gelöscht : HKLM\SOFTWARE\Uniblue
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownload
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\istartsurf uninstall
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\mysearchdial
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WindowsMangerProtect
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FindRight
Daten Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll
Daten Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\499E8534DA7E759419D2048CB780D3D5
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5DCE3C04E576AD15F972B67D0725120C
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\62255E52F19EC97429A42D59D49024FA
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\930D9472A978D7A4EB16BF4DECB173B7
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AEB93799E8B47D14CA356E4343D632A4
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BAE7C2A75DF08824E9CEFDE20F655BD9

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17239

Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]

-\\ Mozilla Firefox v13.0.1 (de)

[ Datei : C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\prefs.js ]

Zeile gelöscht : user_pref("browser.newtab.url", "hxxp://www.istartsurf.com/newtab/?type=nt&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX");
Zeile gelöscht : user_pref("browser.search.defaultenginename", "istartsurf");
Zeile gelöscht : user_pref("browser.search.selectedEngine", "istartsurf");
Zeile gelöscht : user_pref("browser.startup.homepage", "hxxp://www.istartsurf.com/?type=hp&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX");

-\\ Google Chrome v36.0.1985.143

[ Datei : C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gelöscht [Search Provider] : hxxp://www1.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=2A6D90004EB858ED&affID=121563&tsp=4942
Gelöscht [Search Provider] : hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=aw0202ch&cd=2XzuyEtN2Y1L1Qzu0BtBtDtDyE0E0BzzyDzz0E0DtD0ByBtBtN0D0Tzu0CyBzzzztN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=1134954845&ir=
Gelöscht [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MBE1B69C2-1A5C-4CA3-9376-6B92DBDE9BCF&SearchSource=58&CUI=&UM=6&UP=SPAA41E917-BF56-450F-9DCA-0EBCA6938BAD&q={searchTerms}&SSPV=
Gelöscht [Extension] : booedmolknjekdopkepjjeckmjkdpfgl
Gelöscht [Extension] : flpcjncodpafbgdpnkljologafpionhb
Gelöscht [Extension] : nikpibnbobmbdbheedjfogjlikpgpnhp

*************************

AdwCleaner[R0].txt - [27292 octets] - [03/09/2014 15:13:29]
AdwCleaner[R1].txt - [27353 octets] - [03/09/2014 15:25:13]
AdwCleaner[S0].txt - [23904 octets] - [03/09/2014 15:28:56]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [23965 octets] ##########

M-K-D-B 03.09.2014 14:53
Servus,



ok, dann weiter mit den anderen Schritte bitte. :)

Tinti 03.09.2014 15:29
Anhang 69203

M-K-D-B 03.09.2014 16:28
Das ist nicht die Logdatei des Suchlaufs, diese bitte noch nachreichen.

Nun weiter mit JRT und FRST wie beschrieben.

Tinti 03.09.2014 16:33
FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-09-2014
Ran by Martina (administrator) on NB01KRZBMA on 03-09-2014 16:25:50
Running from D:\Martina\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Farbar) D:\Martina\Desktop\FRST64 (1).exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [790176 2011-03-31] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [657056 2011-03-31] (Atheros Commnucations)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-09-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-14] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2237328 2013-11-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1273448 2012-04-03] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [449168 2012-03-26] (CANON INC.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [161584 2014-08-04] (Avira Operations GmbH & Co. KG)
HKU\.DEFAULT\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-06-15] (Microsoft Corporation)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21446272 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [GoobzoYouTubeAccelerator] => "C:\Program Files (x86)\YouTube Accelerator\YouTubeAccelerator.exe" /startup
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-06-16] (Google Inc.)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\RunOnce: [Uninstall C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64"
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\RunOnce: [Uninstall C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64"
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: F - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {9f0476a4-d6a2-11e2-b1ce-90004eb858ed} - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {9f0476aa-d6a2-11e2-b1ce-90004eb858ed} - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {9f0476d6-d6a2-11e2-b1ce-90004eb858ed} - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {c3dde93d-99b1-11e3-9283-90004eb858ee} - F:\Startme.exe
ShellIconOverlayIdentifiers:  AccExtIco1 -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers:  AccExtIco2 -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers:  AccExtIco3 -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x46388F1AA669CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://at.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-AT
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
URLSearchHook: HKCU - SearchHook Class - {D8278076-BC68-4484-9233-6E7F1628B56C} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\searchhook.dll (APN LLC.)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Avira SearchFree Toolbar -> {41564952-412D-5637-00A7-7A786E7484D7} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: YTAHelper -> {FCE3FA8B-BA81-467C-81D8-E43C00D1BC71} -> C:\ProgramData\YTAHelper\YTAHelper64.dll No File
BHO-x32: Avira SearchFree Toolbar -> {41564952-412D-5637-00A7-7A786E7484D7} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: YTAHelper -> {FCE3FA8B-BA81-467C-81D8-E43C00D1BC71} -> C:\ProgramData\YTAHelper\YTAHelper.dll No File
Toolbar: HKLM - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default
FF SearchEngineOrder.3: Bing
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
FF Extension: Avira SearchFree Toolbar plus Web Protection - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\toolbar_AVIRA-V7@apn.ask.com [2013-08-18]
FF Extension: Youtube Accelerator Helper - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\{4C59F3E5-BBD0-4344-8DD2-30866FA0B31E} [2014-08-21]
FF Extension: Avira SearchFree Toolbar plus Web Protection - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\toolbar_AVIRA-V7@apn.ask.com.xpi [2014-02-21]
FF HKLM-x32\...\Firefox\Extensions: [fiddlerhook@fiddler2.com] - C:\Program Files (x86)\Fiddler2\FiddlerHook
FF Extension: FiddlerHook - C:\Program Files (x86)\Fiddler2\FiddlerHook [2013-06-16]

Chrome:
=======
CHR HomePage: Default ->
CHR StartupUrls: Default -> "https://www.google.at/?gws_rd=ssl#q=was+ist+it+surf%3F"
CHR DefaultSuggestURL: Default ->
CHR Profile: C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-31]
CHR Extension: (Google Drive) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-31]
CHR Extension: (YouTube) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-31]
CHR Extension: (Google-Suche) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-31]
CHR Extension: (Google Wallet) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-27]
CHR Extension: (Google Mail) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-31]
CHR HKLM-x32\...\Chrome\Extension: [aaaaacalgebmfelllfiaoknifldpngjh] - C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7\CRX\ToolbarCR.crx [2014-02-21]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1021008 2014-08-14] (Avira Operations GmbH & Co. KG)
S4 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2014-02-13] () [File not signed]
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [146592 2011-03-31] (Atheros) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [75936 2011-03-31] (Atheros Commnucations) [File not signed]
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [149296 2014-08-04] (Avira Operations GmbH & Co. KG)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2356408 2014-06-19] (Microsoft Corporation)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] ()
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S2 YouTubeAcceleratorService; C:\PROGRA~2\YOUTUB~1\YouTubeAcceleratorService.exe -start -scm [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-07-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-10] (Avira Operations GmbH & Co. KG)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-09-03] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-03 16:19 - 2014-09-03 16:19 - 00000000 ____D () C:\mbam.txt
2014-09-03 15:46 - 2014-09-03 16:14 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-03 15:46 - 2014-09-03 15:46 - 00001065 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-09-03 15:46 - 2014-09-03 15:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-03 15:46 - 2014-09-03 15:46 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-03 15:46 - 2014-09-03 15:46 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-09-03 15:46 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-09-03 15:46 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-09-03 15:46 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-09-03 15:14 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-09-03 15:11 - 2014-09-03 15:29 - 00000000 ____D () C:\AdwCleaner
2014-09-02 11:49 - 2014-09-03 16:25 - 00000000 ____D () C:\FRST
2014-09-02 09:52 - 2014-09-02 10:40 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Nico Mak Computing
2014-09-02 07:09 - 2014-09-02 07:09 - 00000000 _____ () C:\autoexec.bat
2014-09-02 07:08 - 2014-09-02 07:08 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-09-02 07:07 - 2014-09-02 08:45 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-09-01 14:33 - 2014-09-01 14:33 - 00003073 _____ () C:\AdwCleaner[R17].txt
2014-08-31 18:21 - 2014-08-31 18:21 - 00003050 _____ () C:\AdwCleaner[S14].txt
2014-08-31 18:21 - 2014-08-31 18:21 - 00002951 _____ () C:\AdwCleaner[R16].txt
2014-08-30 20:38 - 2014-08-30 20:38 - 00110730 _____ () C:\AdwCleaner[S13].txt
2014-08-30 20:37 - 2014-08-30 20:37 - 00110629 _____ () C:\AdwCleaner[R15].txt
2014-08-30 16:25 - 2014-08-30 19:11 - 00000000 ____D () C:\Users\Martina\.birdfont
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Birdfont
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Program Files (x86)\Birdfont
2014-08-28 21:00 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-28 21:00 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-28 21:00 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-27 20:00 - 2014-08-27 20:00 - 00003072 _____ () C:\AdwCleaner[S12].txt
2014-08-27 20:00 - 2014-08-27 20:00 - 00003003 _____ () C:\AdwCleaner[R14].txt
2014-08-25 23:05 - 2014-09-03 14:45 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d5b784a456c2a23342a325557.job
2014-08-23 12:40 - 2014-08-23 21:29 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d2d37505a2a6c55326c342341.job
2014-08-21 16:10 - 2014-08-21 16:10 - 00000260 _____ () C:\Windows\Tasks\Launch 21752.job
2014-08-21 16:09 - 2014-09-03 07:46 - 00000000 ____D () C:\ProgramData\TEMP
2014-08-21 16:09 - 2014-08-21 16:09 - 00172032 _____ (Jin Hui E-mail: jinhui@jcomsoft.com Web: hxxp://www.jcomsoft.com) C:\Windows\SysWOW64\AniGIF.ocx
2014-08-21 16:09 - 2014-08-21 16:09 - 00001109 _____ () C:\Users\Martina\Desktop\YouTube Accelerator.lnk
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Users\Martina\AppData\Local\CrashRpt
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\High-Logic FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Local\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\High-Logic FontCreator
2014-08-21 09:48 - 2013-01-24 13:43 - 01415352 _____ (High-Logic B.V.) C:\Windows\SysWOW64\FontInstaller2.dll
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieUserList
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieSiteList
2014-08-20 21:09 - 2014-08-20 21:09 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\DesktopIconGoodgame
2014-08-20 20:31 - 2014-08-20 20:31 - 00000366 _____ () C:\Windows\Tasks\Updater scan.job
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Abelssoft
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\ProgramData\XDMessagingv4
2014-08-20 20:30 - 2014-08-20 20:46 - 00000000 ____D () C:\Users\Martina\AppData\Local\Abelssoft
2014-08-20 20:29 - 2014-08-20 20:29 - 00001013 _____ () C:\Users\Public\Desktop\CHIP Updater.lnk
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CHIP Updater
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\Program Files (x86)\CHIP Updater
2014-08-20 20:28 - 2014-08-20 21:09 - 00000000 ____D () C:\Program Files (x86)\FontForge
2014-08-20 20:28 - 2014-08-20 20:28 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FontForge
2014-08-19 15:23 - 2014-08-19 15:23 - 00001100 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-16 10:48 - 2014-08-31 19:56 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\dvdcss
2014-08-14 14:22 - 2014-08-19 15:23 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-14 07:27 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-14 07:27 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-14 07:27 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-14 07:27 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-14 07:27 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-14 07:27 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-14 07:26 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-14 07:26 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-13 20:44 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-13 20:44 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-08-13 20:44 - 2014-07-09 00:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-08-13 20:44 - 2014-07-09 00:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2014-08-13 20:44 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-13 20:44 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-13 20:44 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-13 20:44 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-13 20:44 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-13 20:44 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-13 20:44 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-13 20:43 - 2014-08-01 01:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-13 20:43 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-13 20:43 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-13 20:43 - 2014-07-25 16:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-13 20:43 - 2014-07-25 16:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-13 20:43 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-13 20:43 - 2014-07-25 15:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-13 20:43 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-13 20:43 - 2014-07-25 15:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-13 20:43 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-13 20:43 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-13 20:43 - 2014-07-25 15:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-13 20:43 - 2014-07-25 15:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-13 20:43 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-13 20:43 - 2014-07-25 15:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-13 20:43 - 2014-07-25 15:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-13 20:43 - 2014-07-25 15:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-13 20:43 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-13 20:43 - 2014-07-25 14:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-13 20:43 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-13 20:43 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-13 20:43 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-13 20:43 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-13 20:43 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-13 20:43 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-13 20:43 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-13 20:43 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-13 20:43 - 2014-07-25 14:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-13 20:43 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-13 20:43 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-13 20:43 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-13 20:43 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-13 20:43 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-13 20:43 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-13 20:43 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-13 20:43 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-13 20:43 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-13 20:43 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-13 20:43 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-13 20:43 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-13 20:43 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-13 20:43 - 2014-07-25 13:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-13 20:43 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-13 20:43 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-13 20:43 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-13 20:43 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-13 20:43 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-13 20:43 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-13 20:43 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-13 20:43 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-13 20:43 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-13 20:43 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-13 20:43 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-13 20:43 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-13 20:43 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-13 20:43 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-13 20:43 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-13 20:43 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-13 20:43 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-13 20:42 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-13 20:42 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-13 20:41 - 2014-08-07 04:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-13 20:41 - 2014-08-07 04:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-07 08:58 - 2014-08-07 08:58 - 00000000 ____D () C:\Users\Martina\restore
2014-08-06 12:12 - 2014-08-11 09:18 - 00000000 ____D () C:\ProgramData\tmp
2014-08-06 12:12 - 2014-08-06 14:31 - 00000000 ____D () C:\ProgramData\hps
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Fotoviewer.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Foto World.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hartlauer Foto World
2014-08-06 12:00 - 2014-08-06 12:00 - 00000000 ____D () C:\Program Files\Hartlauer Foto World

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-03 16:25 - 2014-09-02 11:49 - 00000000 ____D () C:\FRST
2014-09-03 16:19 - 2014-09-03 16:19 - 00000000 ____D () C:\mbam.txt
2014-09-03 16:19 - 2009-07-14 06:45 - 00015104 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-03 16:19 - 2009-07-14 06:45 - 00015104 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-03 16:14 - 2014-09-03 15:46 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-03 16:12 - 2013-08-09 13:39 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Skype
2014-09-03 16:10 - 2013-09-18 15:26 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-09-03 16:10 - 2009-07-14 06:51 - 00075213 _____ () C:\Windows\setupact.log
2014-09-03 16:09 - 2013-06-15 03:18 - 00439506 _____ () C:\Windows\PFRO.log
2014-09-03 16:09 - 2013-06-14 23:43 - 01774922 _____ () C:\Windows\WindowsUpdate.log
2014-09-03 16:09 - 2009-07-14 05:20 - 00000000 __RSD () C:\Windows\Media
2014-09-03 15:46 - 2014-09-03 15:46 - 00001065 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-09-03 15:46 - 2014-09-03 15:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-03 15:46 - 2014-09-03 15:46 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-03 15:46 - 2014-09-03 15:46 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-09-03 15:29 - 2014-09-03 15:11 - 00000000 ____D () C:\AdwCleaner
2014-09-03 15:29 - 2014-02-20 18:27 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-09-03 15:29 - 2013-06-16 16:53 - 00001241 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-03 15:29 - 2013-06-16 16:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-09-03 15:29 - 2013-06-15 00:32 - 00001024 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-09-03 15:29 - 2013-06-14 23:49 - 00001002 _____ () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-09-03 14:45 - 2014-08-25 23:05 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d5b784a456c2a23342a325557.job
2014-09-03 07:47 - 2013-06-16 16:47 - 00000000 ____D () C:\Users\Martina\AppData\Local\Adobe
2014-09-03 07:46 - 2014-08-21 16:09 - 00000000 ____D () C:\ProgramData\TEMP
2014-09-02 21:44 - 2013-10-27 07:21 - 00000000 ____D () C:\Users\Martina\AppData\Local\CrashDumps
2014-09-02 10:40 - 2014-09-02 09:52 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Nico Mak Computing
2014-09-02 08:45 - 2014-09-02 07:07 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-09-02 07:09 - 2014-09-02 07:09 - 00000000 _____ () C:\autoexec.bat
2014-09-02 07:08 - 2014-09-02 07:08 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-09-01 14:33 - 2014-09-01 14:33 - 00003073 _____ () C:\AdwCleaner[R17].txt
2014-09-01 11:43 - 2013-11-29 17:31 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-09-01 11:18 - 2009-07-14 19:58 - 00699666 _____ () C:\Windows\system32\perfh007.dat
2014-09-01 11:18 - 2009-07-14 19:58 - 00149774 _____ () C:\Windows\system32\perfc007.dat
2014-09-01 11:18 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-31 20:35 - 2013-06-15 00:30 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\vlc
2014-08-31 19:56 - 2014-08-16 10:48 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\dvdcss
2014-08-31 18:21 - 2014-08-31 18:21 - 00003050 _____ () C:\AdwCleaner[S14].txt
2014-08-31 18:21 - 2014-08-31 18:21 - 00002951 _____ () C:\AdwCleaner[R16].txt
2014-08-30 20:38 - 2014-08-30 20:38 - 00110730 _____ () C:\AdwCleaner[S13].txt
2014-08-30 20:37 - 2014-08-30 20:37 - 00110629 _____ () C:\AdwCleaner[R15].txt
2014-08-30 19:11 - 2014-08-30 16:25 - 00000000 ____D () C:\Users\Martina\.birdfont
2014-08-30 16:25 - 2013-06-14 23:48 - 00000000 ____D () C:\Users\Martina
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Birdfont
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Program Files (x86)\Birdfont
2014-08-29 20:07 - 2009-07-14 06:45 - 05101376 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-27 20:00 - 2014-08-27 20:00 - 00003072 _____ () C:\AdwCleaner[S12].txt
2014-08-27 20:00 - 2014-08-27 20:00 - 00003003 _____ () C:\AdwCleaner[R14].txt
2014-08-23 21:29 - 2014-08-23 12:40 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d2d37505a2a6c55326c342341.job
2014-08-23 04:07 - 2014-08-28 21:00 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 03:45 - 2014-08-28 21:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-23 02:59 - 2014-08-28 21:00 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-21 16:10 - 2014-08-21 16:10 - 00000260 _____ () C:\Windows\Tasks\Launch 21752.job
2014-08-21 16:09 - 2014-08-21 16:09 - 00172032 _____ (Jin Hui E-mail: jinhui@jcomsoft.com Web: hxxp://www.jcomsoft.com) C:\Windows\SysWOW64\AniGIF.ocx
2014-08-21 16:09 - 2014-08-21 16:09 - 00001109 _____ () C:\Users\Martina\Desktop\YouTube Accelerator.lnk
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Users\Martina\AppData\Local\CrashRpt
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\High-Logic FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Local\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\High-Logic FontCreator
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieUserList
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieSiteList
2014-08-20 21:09 - 2014-08-20 21:09 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\DesktopIconGoodgame
2014-08-20 21:09 - 2014-08-20 20:28 - 00000000 ____D () C:\Program Files (x86)\FontForge
2014-08-20 20:46 - 2014-08-20 20:30 - 00000000 ____D () C:\Users\Martina\AppData\Local\Abelssoft
2014-08-20 20:31 - 2014-08-20 20:31 - 00000366 _____ () C:\Windows\Tasks\Updater scan.job
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Abelssoft
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\ProgramData\XDMessagingv4
2014-08-20 20:30 - 2013-06-15 00:32 - 00113576 _____ () C:\Users\Martina\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-20 20:29 - 2014-08-20 20:29 - 00001013 _____ () C:\Users\Public\Desktop\CHIP Updater.lnk
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CHIP Updater
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\Program Files (x86)\CHIP Updater
2014-08-20 20:28 - 2014-08-20 20:28 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FontForge
2014-08-19 15:23 - 2014-08-19 15:23 - 00001100 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-19 15:23 - 2014-08-14 14:22 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-19 15:23 - 2013-08-18 13:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-08-19 15:22 - 2013-08-18 13:04 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-08-14 14:22 - 2013-08-18 13:04 - 00000000 ____D () C:\ProgramData\Avira
2014-08-14 08:08 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-14 07:52 - 2013-06-16 18:01 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-14 07:42 - 2013-08-14 20:07 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-14 07:36 - 2013-06-15 01:38 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-14 07:25 - 2014-05-07 03:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-11 09:18 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\tmp
2014-08-07 08:58 - 2014-08-07 08:58 - 00000000 ____D () C:\Users\Martina\restore
2014-08-07 04:06 - 2014-08-13 20:41 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-07 04:01 - 2014-08-13 20:41 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-06 14:31 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\hps
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Fotoviewer.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Foto World.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hartlauer Foto World
2014-08-06 12:00 - 2014-08-06 12:00 - 00000000 ____D () C:\Program Files\Hartlauer Foto World

Some content of TEMP:
====================
C:\Users\Martina\AppData\Local\Temp\avgnt.exe
C:\Users\Martina\AppData\Local\Temp\Quarantine.exe
C:\Users\Martina\AppData\Local\Temp\SHSetup.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2013-08-29 06:40

==================== End Of Log ============================
--- --- ---

--- --- ---


Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-09-2014
Ran by Martina at 2014-09-03 17:26:34
Running from D:\Martina\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.8.0.1430 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.8.0.1430 - Adobe Systems Incorporated) Hidden
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.2.1.260 - Adobe Systems Incorporated)
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.8.800.94 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Adobe® Content Viewer (HKLM-x32\...\com.adobe.dmp.contentviewer) (Version: 3.3.0 - Adobe Systems Incorporated)
Adobe® Content Viewer (x32 Version: 3.3.0 - Adobe Systems Incorporated) Hidden
Apple Application Support (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2F72F540-1F60-4266-9506-952B21D6640D}) (Version: 6.1.0.13 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros WiFi Driver Installation (HKLM-x32\...\{7D916FA5-DAE9-4A25-B089-655C70EAF607}) (Version: 3.0 - Atheros)
Avira (HKLM-x32\...\{e67154a7-9cc5-4167-b782-f3982bc6c70d}) (Version: 1.1.19.30000 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.19.30000 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.6.570 - Avira)
Avira SearchFree Toolbar (HKLM-x32\...\{41564952-412D-5637-00A7-A758B70C0A03}) (Version: 12.10.3.4487 - APN, LLC)
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.3.0.95 - Atheros Communications)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - ‪Canon Inc.‬)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version:  - ‪Canon Inc.‬)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.0.0 - Canon Inc.)
Canon MG4200 series Benutzerregistrierung (HKLM-x32\...\Canon MG4200 series Benutzerregistrierung) (Version:  - Canon Inc.‎)
Canon MG4200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG4200_series) (Version: 1.01 - Canon Inc.)
Canon MG4200 series On-screen Manual (HKLM-x32\...\Canon MG4200 series On-screen Manual) (Version: 7.5.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.0.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.0.0 - Canon Inc.)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.0.3661 - CDBurnerXP)
CHIP Updater (HKLM-x32\...\CHIP Updater_is1) (Version: 2.28 - Abelssoft)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{132D27B8-C656-44BD-8C16-73C54EA8A85F}) (Version:  - Microsoft)
Fiddler (HKLM-x32\...\Fiddler2) (Version: 2.4.4.5 - Telerik)
FontForge 2012-07-31 (HKLM-x32\...\FontForge) (Version: 2012-07-31 - )
Free YouTube to MP3 Converter version 3.12.5.628 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.5.628 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.143 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
Hartlauer Foto World (HKLM-x32\...\Hartlauer Foto World) (Version: 5.1.5 - CEWE Stiftung u Co. KGaA)
High-Logic FontCreator 8 (HKLM-x32\...\FontCreator8_is1) (Version:  - High-Logic B.V.)
iTunes (HKLM\...\{76FF0F03-B707-4332-B5D1-A56C8303514E}) (Version: 11.0.4.4 - Apple Inc.)
Java 7 Update 21 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217021FF}) (Version: 7.0.210 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.5 - Sun Microsystems, Inc.) Hidden
Leawo PowerPoint to Video Converter version 2.7.1.0 (HKLM-x32\...\{5D5CB188-F9B1-4103-B2AD-07FB33068377}_is1) (Version: 2.7.1.0 - Leawo Software)
MAGIX Foto Designer 7 (HKLM-x32\...\MAGIX_{2DCD52EE-1AE1-4128-9819-A79F7D09B6B3}) (Version: 7.0.1.1 - MAGIX AG)
MAGIX Foto Designer 7 (Version: 7.0.1.1 - MAGIX AG) Hidden
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 15.0.4631.1002 - Microsoft Corporation)
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4023.1211 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ Run Time  Lib Setup (HKLM-x32\...\{AAF4238F-7C29-451D-9925-C753271A5728}) (Version: 1.0.0 - Microsoft)
Mozilla Firefox 13.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 13.0.1 (x86 de)) (Version: 13.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 13.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NSIS Birdfont (HKLM-x32\...\Birdfont) (Version:  - )
NVIDIA 3D Vision Treiber 267.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 267.21 - NVIDIA Corporation)
NVIDIA Grafiktreiber 267.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 267.21 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.2.19.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.2.19.0 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.109.718 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.10.0514 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.10.0514 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.10.0514 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6721 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 267.21 (Version: 267.21 - NVIDIA Corporation) Hidden
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4623.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4631.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4623.1003 - Microsoft Corporation) Hidden
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.0 - pdfforge)
PhotoPad Foto-Editor (HKLM-x32\...\PhotoPad) (Version: 2.41 - NCH Software)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.92 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
Shopper-Pro (HKLM-x32\...\ShopperPro) (Version:  - )
simplitec simplicheck (HKLM-x32\...\{DF103EDA-7937-4966-8EFB-5EF5C38301F2}) (Version: 1.3.9.0 - simplitec GmbH)
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
SpeedMaxPc (HKLM-x32\...\{1341F917-C3E5-413E-A11C-AA58273843C4}) (Version: 3.1.6.0 - SpeedMaxPc)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Excel 2010 (KB2837600) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{4ACD847E-547D-493F-9A86-F73EAE1B5174}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2687502) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{7DE7DF97-82FE-4B3A-AB8D-1621F9CC464A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B0D672F7-883E-4279-8E75-D97A5445AB46}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUS_{EAD7BEF9-B28C-425F-B2C5-538CB27EF013}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUS_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUS_{40EC8FB1-5202-469D-9232-C28FB1C6FC64}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version:  - Microsoft)
VLC media player 2.0.5 (HKLM-x32\...\VLC media player) (Version: 2.0.5 - VideoLAN)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
XnView 1.99.5 (HKLM-x32\...\XnView_is1) (Version: 1.99.5 - Gougelet Pierre-e)
YouTube Accelerator (HKLM-x32\...\YouTube Accelerator) (Version: 3394(build_88) - Goobzo Ltd.)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2921778440-697364257-2174348754-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2921778440-697364257-2174348754-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2921778440-697364257-2174348754-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2921778440-697364257-2174348754-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2921778440-697364257-2174348754-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points  =========================

28-08-2014 21:18:18 Windows Update
02-09-2014 05:07:47 Installed SpyHunter
02-09-2014 05:15:58 Removed SpyHunter
02-09-2014 05:50:31 Installed SpyHunter
02-09-2014 06:43:19 Removed SpyHunter

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {136E99D8-6048-466C-A642-6ED03D639BE9} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2013\OneClick.exe
Task: {A9EB2394-AF1F-446F-BB25-754EC1B3C9B7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-15] (Google Inc.)
Task: {B78E6EA3-3BE7-484B-948E-4076ECF61197} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-15] (Google Inc.)
Task: {C72E5E18-FF2C-49F1-8FC2-B294810C7742} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-20] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AdobeAAMUpdater-1.0-NB01KRZBMA-Martina.job => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf8a54415c3b16.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Launch 21752.job => C:\Program Files (x86)\YouTube Accelerator\YouTubeAccelerator.exe
Task: C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d2d37505a2a6c55326c342341.job => C:\ProgramData\ShopperPro\spbihe.js" spbiu.exe <==== ATTENTION
Task: C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d5b784a456c2a23342a325557.job => C:\ProgramData\ShopperPro\spbihe.js" spbiu.exe <==== ATTENTION
Task: C:\Windows\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013.job => C:\Program Files (x86)\TuneUp Utilities 2013\OneClick.exe
Task: C:\Windows\Tasks\Updater scan.job => C:\Program Files (x86)\CHIP Updater\CHIPUpdater.exe

==================== Loaded Modules (whitelisted) =============

2013-10-16 19:02 - 2013-10-16 19:02 - 03358064 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2014-07-04 16:21 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-11-29 17:53 - 2012-03-28 14:49 - 00140456 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2013-10-16 19:01 - 2013-10-16 19:01 - 04624240 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2013-04-21 21:44 - 2013-04-21 21:44 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-04-21 21:44 - 2013-04-21 21:44 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2014-08-04 14:20 - 2014-08-04 14:20 - 00139056 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.NativeCore.dll
2014-08-04 14:20 - 2014-08-04 14:20 - 00067832 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.AvConnectorNative.dll
2014-08-14 14:22 - 2014-08-04 14:20 - 00052472 _____ () C:\Users\Martina\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
2013-10-17 17:45 - 2013-10-17 17:45 - 32726528 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\libcef.dll
2013-03-13 14:42 - 2013-06-05 15:21 - 00071560 _____ () C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\zlib1.dll
2014-08-16 10:33 - 2014-08-07 05:20 - 00718152 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\libglesv2.dll
2014-08-16 10:33 - 2014-08-07 05:20 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\libegl.dll
2014-08-16 10:33 - 2014-08-07 05:20 - 08537928 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\pdf.dll
2014-08-16 10:33 - 2014-08-07 05:20 - 00353096 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ppGoogleNaClPluginChrome.dll
2014-08-16 10:33 - 2014-08-07 05:20 - 01732936 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:56E2E879

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


==================== Faulty Device Manager Devices =============

Name: Atheros AR3011 Bluetooth(R) Adapter
Description: Atheros AR3011 Bluetooth(R) Adapter
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Atheros Communications
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Ethernet-Controller
Description: Ethernet-Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (09/03/2014 03:31:58 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x800706b5, Die Schnittstelle ist unbekannt.
.

Error: (09/03/2014 03:31:58 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x800706b5, Die Schnittstelle ist unbekannt.
]

Error: (09/03/2014 03:29:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_RpcSs, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc3c1
Name des fehlerhaften Moduls: RPCRT4.dll, Version: 6.1.7601.18532, Zeitstempel: 0x53c339ee
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000000bf27
ID des fehlerhaften Prozesses: 0x310
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_RpcSs0
Pfad der fehlerhaften Anwendung: svchost.exe_RpcSs1
Pfad des fehlerhaften Moduls: svchost.exe_RpcSs2
Berichtskennung: svchost.exe_RpcSs3

Error: (09/03/2014 09:56:49 AM) (Source: Office Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2014-09-03T09:50:49Z. Error Code: 0x80070032.

Error: (09/03/2014 07:43:34 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/03/2014 07:43:33 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15587620

Error: (09/03/2014 07:43:33 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15587620

Error: (09/03/2014 07:43:33 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/03/2014 07:43:32 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15586606

Error: (09/03/2014 07:43:32 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15586606


System errors:
=============
Error: (09/03/2014 04:10:34 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "YouTubeAcceleratorService" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (09/03/2014 03:33:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "YouTubeAcceleratorService" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (09/03/2014 03:33:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SPDRIVER_1.37.0.486" wurde aufgrund folgenden Fehlers nicht gestartet:
%%3

Error: (09/03/2014 03:29:50 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "WinHTTP-Web Proxy Auto-Discovery-Dienst" wurde mit folgendem dienstspezifischem Fehler beendet: %%0.

Error: (09/03/2014 03:29:49 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Remoteprozeduraufruf (RPC)" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Computers.

Error: (09/03/2014 03:29:49 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "RPC-Endpunktzuordnung" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (09/03/2014 07:46:53 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Avira Service Host erreicht.

Error: (09/03/2014 07:46:03 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Wajam Internet Enhancer Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (09/03/2014 07:45:09 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "IePlugin Services" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (09/03/2014 07:44:46 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎03.‎09.‎2014 um 07:43:25 unerwartet heruntergefahren.


Microsoft Office Sessions:
=========================
Error: (09/03/2014 03:31:58 PM) (Source: VSS) (EventID: 8193) (User: )
Description: CoCreateInstance0x800706b5, Die Schnittstelle ist unbekannt.

Error: (09/03/2014 03:31:58 PM) (Source: VSS) (EventID: 13) (User: )
Description: {4e14fba2-2e22-11d1-9964-00c04fbbb345}CEventSystem0x800706b5, Die Schnittstelle ist unbekannt.

Error: (09/03/2014 03:29:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: svchost.exe_RpcSs6.1.7600.163854a5bc3c1RPCRT4.dll6.1.7601.1853253c339eec0000005000000000000bf2731001cfc73a2ab20ee7C:\Windows\system32\svchost.exeC:\Windows\system32\RPCRT4.dll5e522420-336e-11e4-87f2-810b0bc3ec01

Error: (09/03/2014 09:56:49 AM) (Source: Office Software Protection Platform Service) (EventID: 16385) (User: )
Description: 0x800700322014-09-03T09:50:49Z

Error: (09/03/2014 07:43:34 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/03/2014 07:43:33 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15587620

Error: (09/03/2014 07:43:33 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15587620

Error: (09/03/2014 07:43:33 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/03/2014 07:43:32 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15586606

Error: (09/03/2014 07:43:32 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15586606


CodeIntegrity Errors:
===================================
  Date: 2013-08-03 00:31:49.584
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-08-03 00:31:49.581
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-08-03 00:31:49.578
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-08-03 00:31:49.555
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-08-03 00:31:49.551
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-08-03 00:31:49.545
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-08-01 10:10:32.741
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-08-01 10:10:32.739
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-08-01 10:10:32.736
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-08-01 10:10:32.718
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3-2310M CPU @ 2.10GHz
Percentage of memory in use: 47%
Total physical RAM: 4077.86 MB
Available physical RAM: 2152.59 MB
Total Pagefile: 8153.9 MB
Available Pagefile: 5727.11 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: (LWC) (Fixed) (Total:78.03 GB) (Free:30.89 GB) NTFS
Drive d: (DATEN) (Fixed) (Total:154.76 GB) (Free:137.32 GB) NTFS
Drive e: (SLEEPING_WITH_THE_ENEMY) (CDROM) (Total:4.43 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 26558982)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=78 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=154.8 GB) - (Type=07 NTFS)

==================== End Of Log ============================

M-K-D-B 03.09.2014 16:35
Suchlauf von MBAM und JRT bitte noch nachreichen, dann kann es weitergehen. :)

Tinti 03.09.2014 17:34
bei Malware findet er nichts mehr :-)

Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by Martina on 03.09.2014 at 17:49:57,59
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{41564952-412D-5637-00A7-7A786E7484D7}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2921778440-697364257-2174348754-1000\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{87EA3B72-62EE-4507-9E84-22DA985E963A}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\simplitec"
Successfully deleted: [Folder] "C:\Users\Martina\AppData\Roaming\simplitec"
Successfully deleted: [Folder] "C:\Program Files (x86)\simplitec"



~~~ FireFox

Successfully deleted: [File] C:\Users\Martina\AppData\Roaming\mozilla\firefox\profiles\8qahtb8s.default\extensions\toolbar_avira-v7@apn.ask.com.xpi
Successfully deleted: [Folder] C:\Users\Martina\AppData\Roaming\mozilla\firefox\profiles\8qahtb8s.default\extensions\toolbar_avira-v7@apn.ask.com



~~~ Chrome

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\aaaaacalgebmfelllfiaoknifldpngjh



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 03.09.2014 at 17:57:38,90
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
passt das jetzt so? ggg

M-K-D-B 04.09.2014 08:15
Gut gemacht. :)



So geht es weiter:




Schritt 1
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument


Code:
start
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [GoobzoYouTubeAccelerator] => "C:\Program Files (x86)\YouTube Accelerator\YouTubeAccelerator.exe" /startup
C:\Program Files (x86)\YouTube Accelerator
BHO: YTAHelper -> {FCE3FA8B-BA81-467C-81D8-E43C00D1BC71} -> C:\ProgramData\YTAHelper\YTAHelper64.dll No File
C:\ProgramData\YTAHelper
BHO-x32: YTAHelper -> {FCE3FA8B-BA81-467C-81D8-E43C00D1BC71} -> C:\ProgramData\YTAHelper\YTAHelper.dll No File
FF Extension: Youtube Accelerator Helper - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\{4C59F3E5-BBD0-4344-8DD2-30866FA0B31E} [2014-08-21]
S2 YouTubeAcceleratorService; C:\PROGRA~2\YOUTUB~1\YouTubeAcceleratorService.exe -start -scm [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
C:\Program Files\Enigma Software Group
C:\Users\Martina\AppData\Roaming\Nico Mak Computing
C:\Users\Martina\Desktop\YouTube Accelerator.lnk
Task: C:\Windows\Tasks\Launch 21752.job => C:\Program Files (x86)\YouTube Accelerator\YouTubeAccelerator.exe
Task: C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d2d37505a2a6c55326c342341.job => C:\ProgramData\ShopperPro\spbihe.js" spbiu.exe <==== ATTENTION
Task: C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d5b784a456c2a23342a325557.job => C:\ProgramData\ShopperPro\spbihe.js" spbiu.exe <==== ATTENTION
C:\ProgramData\ShopperPro
AlternateDataStreams: C:\ProgramData\TEMP:56E2E879
EmptyTemp:
end

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.






Schritt 2
Lade dir die passende Version von SystemLook vom folgenden Spiegel herunter und speichere das Tool auf dem Desktop:
SystemLook (32 bit) | SystemLook (64 bit)
  • Doppelklicke auf die SystemLook.exe, um das Tool zu starten.
  • Kopiere den Inhalt der folgenden Codebox in das Textfeld des Tools:

    Code:
    :folderfind
    *YouTubeAccelerator*
    *ShopperPro*
    *Shopper-Pro*
    *SpeedMaxPc*
    *simplitec*
    *InetStat*
    *Wajam*
    *FindRight*
    *FlvPlayer*
    *globalUpdate*
    *Goobzo*
    *istartsurf*

    :regfind
    YouTubeAccelerator
    ShopperPro
    Shopper-Pro
    SpeedMaxPc
    simplitec
    InetStat
    Wajam
    FindRight
    FlvPlayer
    globalUpdate
    Goobzo
    istartsurf
  • Klicke nun auf den Button Look, um den Scan zu starten.
  • Der Suchlauf kann einige Zeit dauern.
  • Wenn der Suchlauf beendet ist, wird sich dein Editor mit den Ergebnissen öffnen, poste diese in deinen Thread.
  • Die Ergebnisse werden auch auf dem Desktop als SystemLook.txt gespeichert.







Schritt 3
  • Starte die FRST.exe erneut. Setze einen Haken vor Addition und drücke auf Scan.
  • FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.





Bitte poste mit deiner nächsten Antwort
  • die Logdatei des FRST-Fix,
  • die Logdatei von SystemLook,
  • die beiden neuen Logdateien von FRST.

Tinti 04.09.2014 10:28
Bei Schritt 1 wird nichts erstellt. Ich habs aber richtig gemacht. :-)

M-K-D-B 04.09.2014 10:45
Zitat:
Zitat von Tinti (Beitrag 1353914)
Bei Schritt 1 wird nichts erstellt. Ich habs aber richtig gemacht. :-)
Wurde der Neustart durchgeführt?

Logdatei findet sich unter: D:\Martina\Desktop\fixlog.txt

Tinti 05.09.2014 07:05
Code:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 03-09-2014
Ran by Martina at 2014-09-04 11:15:30 Run:1
Running from D:\Martina\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
start
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [GoobzoYouTubeAccelerator] => "C:\Program Files (x86)\YouTube Accelerator\YouTubeAccelerator.exe" /startup
C:\Program Files (x86)\YouTube Accelerator
BHO: YTAHelper -> {FCE3FA8B-BA81-467C-81D8-E43C00D1BC71} -> C:\ProgramData\YTAHelper\YTAHelper64.dll No File
C:\ProgramData\YTAHelper
BHO-x32: YTAHelper -> {FCE3FA8B-BA81-467C-81D8-E43C00D1BC71} -> C:\ProgramData\YTAHelper\YTAHelper.dll No File
FF Extension: Youtube Accelerator Helper - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\{4C59F3E5-BBD0-4344-8DD2-30866FA0B31E} [2014-08-21]
S2 YouTubeAcceleratorService; C:\PROGRA~2\YOUTUB~1\YouTubeAcceleratorService.exe -start -scm [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
C:\Program Files\Enigma Software Group
C:\Users\Martina\AppData\Roaming\Nico Mak Computing
C:\Users\Martina\Desktop\YouTube Accelerator.lnk
Task: C:\Windows\Tasks\Launch 21752.job => C:\Program Files (x86)\YouTube Accelerator\YouTubeAccelerator.exe
Task: C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d2d37505a2a6c55326c342341.job => C:\ProgramData\ShopperPro\spbihe.js" spbiu.exe <==== ATTENTION
Task: C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d5b784a456c2a23342a325557.job => C:\ProgramData\ShopperPro\spbihe.js" spbiu.exe <==== ATTENTION
C:\ProgramData\ShopperPro
AlternateDataStreams: C:\ProgramData\TEMP:56E2E879
EmptyTemp:
end
       
*****************

HKU\S-1-5-21-2921778440-697364257-2174348754-1000\Software\Microsoft\Windows\CurrentVersion\Run\\GoobzoYouTubeAccelerator => value deleted successfully.
"C:\Program Files (x86)\YouTube Accelerator" => File/Directory not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCE3FA8B-BA81-467C-81D8-E43C00D1BC71}" => Key deleted successfully.
"HKCR\CLSID\{FCE3FA8B-BA81-467C-81D8-E43C00D1BC71}" => Key deleted successfully.
"C:\ProgramData\YTAHelper" => File/Directory not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCE3FA8B-BA81-467C-81D8-E43C00D1BC71}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{FCE3FA8B-BA81-467C-81D8-E43C00D1BC71}" => Key deleted successfully.
C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\{4C59F3E5-BBD0-4344-8DD2-30866FA0B31E} => Moved successfully.
YouTubeAcceleratorService => Service deleted successfully.
esgiguard => Service deleted successfully.
C:\Program Files\Enigma Software Group => Moved successfully.
C:\Users\Martina\AppData\Roaming\Nico Mak Computing => Moved successfully.
C:\Users\Martina\Desktop\YouTube Accelerator.lnk => Moved successfully.
C:\Windows\Tasks\Launch 21752.job => Moved successfully.
C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d2d37505a2a6c55326c342341.job => Moved successfully.
C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d5b784a456c2a23342a325557.job => Moved successfully.
"C:\ProgramData\ShopperPro" => File/Directory not found.
C:\ProgramData\TEMP => ":56E2E879" ADS removed successfully.
EmptyTemp: => Removed 286.6 MB temporary data.


The system needed a reboot.

==== End of Fixlog ====
Code:
SystemLook 30.07.11 by jpshortstuff
Log created at 07:45 on 05/09/2014 by Martina
Administrator - Elevation successful
WARNING: SystemLook running under WOW64. Use SystemLook_x64 for accurate results.

========== folderfind ==========

Searching for "*YouTubeAccelerator*"
No folders found.

Searching for "*ShopperPro*"
C:\AdwCleaner\Quarantine\C\Program Files (x86)\ShopperPro        d------        [13:29 03/09/2014]
C:\AdwCleaner\Quarantine\C\ProgramData\ShopperPro        d------        [13:29 03/09/2014]
C:\Users\Public\Documents\ShopperPro        d------        [14:09 21/08/2014]

Searching for "*Shopper-Pro*"
No folders found.

Searching for "*SpeedMaxPc*"
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SpeedMaxPc        d------        [13:29 03/09/2014]
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Common Files\SpeedMaxPc        d------        [13:29 03/09/2014]
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SpeedMaxPc\SpeedMaxPc        d------        [13:29 03/09/2014]
C:\AdwCleaner\Quarantine\C\ProgramData\SpeedMaxPc        d------        [13:29 03/09/2014]
C:\AdwCleaner\Quarantine\C\ProgramData\SpeedMaxPc\SpeedMaxPc        d------        [13:29 03/09/2014]
C:\AdwCleaner\Quarantine\C\ProgramData\SpeedMaxPc\UUS3\speedmaxpc        d------        [13:29 03/09/2014]
C:\AdwCleaner\Quarantine\C\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedMaxPc        d------        [13:29 03/09/2014]
C:\AdwCleaner\Quarantine\C\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedMaxPc\SpeedMaxPc        d------        [13:29 03/09/2014]

Searching for "*simplitec*"
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\simplitec        d------        [12:08 27/05/2014]
C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\simplitec        d------        [12:08 27/05/2014]

Searching for "*InetStat*"
C:\AdwCleaner\Quarantine\C\ProgramData\Microsoft\Windows\Start Menu\Programs\InetStat        d------        [13:29 03/09/2014]

Searching for "*Wajam*"
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_WajamInternetEnh_20e4428c1493712a4d3250b374adc03ff7ad47cb_0bc29433        d----c-        [18:08 29/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_WajamInternetEnh_20e4428c1493712a4d3250b374adc03ff7ad47cb_0cedc34e        d----c-        [08:41 30/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_WajamInternetEnh_20e4428c1493712a4d3250b374adc03ff7ad47cb_0d29de4d        d----c-        [17:16 30/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_WajamInternetEnh_20e4428c1493712a4d3250b374adc03ff7ad47cb_cab_0eb6163e        d----c-        [11:27 28/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_02eee0de        d----c-        [19:49 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_035d29a0        d----c-        [19:47 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_099dfac4        d----c-        [19:44 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_0ecb72b1        d----c-        [19:45 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_0ecddcc7        d----c-        [11:27 28/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_0ed21b8b        d----c-        [17:16 30/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_0ef20492        d----c-        [08:41 30/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_1124621e        d----c-        [19:46 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_1524203e        d----c-        [19:50 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_1bd6b903        d----c-        [19:49 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_1bd70935        d----c-        [19:49 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_1e6c89f8        d----c-        [19:46 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_1ec41259        d----c-        [19:46 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_1f3ec208        d----c-        [19:44 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_208901d5        d----c-        [19:47 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_20daea31        d----c-        [19:45 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_21cbc2b4        d----c-        [19:46 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_224ba8dd        d----c-        [19:50 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_2276190d        d----c-        [19:48 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_22b57984        d----c-        [19:47 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_240358fa        d----c-        [19:49 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_247a9a2e        d----c-        [19:44 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_249f80e4        d----c-        [19:50 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_24d0d9eb        d----c-        [19:47 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_259f9aca        d----c-        [19:45 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_25d5518a        d----c-        [19:47 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_25ddf123        d----c-        [19:48 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_25e3121b        d----c-        [19:45 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_25edc939        d----c-        [19:48 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_2607d0b8        d----c-        [19:50 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_262640d8        d----c-        [19:48 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_26383a53        d----c-        [19:46 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_263a4a69        d----c-        [19:44 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_2643f883        d----c-        [19:50 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_264a7253        d----c-        [19:44 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_264bea7f        d----c-        [19:46 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_269290fa        d----c-        [19:49 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_26ba22ae        d----c-        [19:44 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_26cda130        d----c-        [19:48 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_270e6910        d----c-        [19:48 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_2734b1f2        d----c-        [19:47 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_278b311f        d----c-        [19:49 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_cab_1e574700        d----c-        [19:45 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_WajamInternetEnh_20e4428c1493712a4d3250b374adc03ff7ad47cb_0bc29433        d----c-        [18:08 29/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_WajamInternetEnh_20e4428c1493712a4d3250b374adc03ff7ad47cb_0cedc34e        d----c-        [08:41 30/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_WajamInternetEnh_20e4428c1493712a4d3250b374adc03ff7ad47cb_0d29de4d        d----c-        [17:16 30/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_WajamInternetEnh_20e4428c1493712a4d3250b374adc03ff7ad47cb_cab_0eb6163e        d----c-        [11:27 28/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_02eee0de        d----c-        [19:49 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_035d29a0        d----c-        [19:47 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_099dfac4        d----c-        [19:44 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_0ecb72b1        d----c-        [19:45 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_0ecddcc7        d----c-        [11:27 28/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_0ed21b8b        d----c-        [17:16 30/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_0ef20492        d----c-        [08:41 30/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_1124621e        d----c-        [19:46 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_1524203e        d----c-        [19:50 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_1bd6b903        d----c-        [19:49 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_1bd70935        d----c-        [19:49 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_1e6c89f8        d----c-        [19:46 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_1ec41259        d----c-        [19:46 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_1f3ec208        d----c-        [19:44 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_208901d5        d----c-        [19:47 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_20daea31        d----c-        [19:45 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_21cbc2b4        d----c-        [19:46 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_224ba8dd        d----c-        [19:50 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_2276190d        d----c-        [19:48 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_22b57984        d----c-        [19:47 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_240358fa        d----c-        [19:49 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_247a9a2e        d----c-        [19:44 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_249f80e4        d----c-        [19:50 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_24d0d9eb        d----c-        [19:47 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_259f9aca        d----c-        [19:45 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_25d5518a        d----c-        [19:47 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_25ddf123        d----c-        [19:48 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_25e3121b        d----c-        [19:45 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_25edc939        d----c-        [19:48 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_2607d0b8        d----c-        [19:50 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_262640d8        d----c-        [19:48 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_26383a53        d----c-        [19:46 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_263a4a69        d----c-        [19:44 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_2643f883        d----c-        [19:50 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_264a7253        d----c-        [19:44 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_264bea7f        d----c-        [19:46 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_269290fa        d----c-        [19:49 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_26ba22ae        d----c-        [19:44 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_26cda130        d----c-        [19:48 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_270e6910        d----c-        [19:48 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_2734b1f2        d----c-        [19:47 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_278b311f        d----c-        [19:49 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_cab_1e574700        d----c-        [19:45 27/08/2014]

Searching for "*FindRight*"
C:\AdwCleaner\Quarantine\C\Program Files (x86)\FindRight        d------        [13:29 03/09/2014]

Searching for "*FlvPlayer*"
C:\AdwCleaner\Quarantine\C\Program Files (x86)\FlvPlayer        d------        [13:29 03/09/2014]
C:\AdwCleaner\Quarantine\C\ProgramData\Microsoft\Windows\Start Menu\Programs\FlvPlayer        d------        [13:29 03/09/2014]

Searching for "*globalUpdate*"
C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate        d------        [13:29 03/09/2014]

Searching for "*Goobzo*"
C:\Users\Public\Documents\GOOBZO        d------        [14:09 21/08/2014]

Searching for "*istartsurf*"
C:\AdwCleaner\Quarantine\C\Users\Martina\AppData\Roaming\istartsurf        d------        [13:29 03/09/2014]

========== regfind ==========

Searching for "YouTubeAccelerator"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\YouTube Accelerator]
"URLInfoAbout"="hxxp://www.youtubeaccelerator.com/support/"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\YouTube Accelerator]
"Contact"="support@youtubeaccelerator.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\YouTube Accelerator]
"HelpLink"="hxxp://www.youtubeaccelerator.com/about/"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\YouTube Accelerator]
"DisplayIcon"="C:\Program Files (x86)\YouTube Accelerator\YouTubeAccelerator.exe,-0"

Searching for "ShopperPro"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ShopperPro]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ShopperPro]
"UninstallString"="C:\Program Files (x86)\ShopperPro\SPremove.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ShopperPro]
"DisplayIcon"="C:\Program Files (x86)\ShopperPro\ShopperPro.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\ShopperPro.exe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\ShopperPro.exe]
@="C:\Program Files (x86)\ShopperPro\ShopperPro.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\ShopperPro]
[HKEY_LOCAL_MACHINE\SOFTWARE\ShopperPro]
"EXELOCATION"="C:\Program Files (x86)\ShopperPro"
[HKEY_LOCAL_MACHINE\SOFTWARE\ShopperPro]
"ChromeExtFile"="ShopperPro.crx"
[HKEY_LOCAL_MACHINE\SOFTWARE\ShopperPro]
"DBLOCATION"="C:\ProgramData\ShopperPro"
[HKEY_LOCAL_MACHINE\SOFTWARE\ShopperPro]
"CONFIGLOCATION"="C:\ProgramData\ShopperPro"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{03C0AC00-86DE-4B55-81BA-2E7CD61C51B1}]
@="IShopperProBHO"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{8FB1A663-2820-468B-95C4-5060A4C5F413}\1.0]
@="ShopperPro 1.0 Type Library"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{8FB1A663-2820-468B-95C4-5060A4C5F413}\1.0\0\win32]
@="C:\ProgramData\ShopperPro\ShopperPro64.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{03C0AC00-86DE-4B55-81BA-2E7CD61C51B1}]
@="IShopperProBHO"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{8FB1A663-2820-468B-95C4-5060A4C5F413}\1.0]
@="ShopperPro 1.0 Type Library"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{8FB1A663-2820-468B-95C4-5060A4C5F413}\1.0\0\win32]
@="C:\ProgramData\ShopperPro\ShopperPro64.dll"

Searching for "Shopper-Pro"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ShopperPro]
"DisplayName"="Shopper-Pro"

Searching for "SpeedMaxPc"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1341F917-C3E5-413E-A11C-AA58273843C4}]
"InstallLocation"="C:\Program Files (x86)\SpeedMaxPc\SpeedMaxPc"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1341F917-C3E5-413E-A11C-AA58273843C4}]
"DisplayName"="SpeedMaxPc"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1341F917-C3E5-413E-A11C-AA58273843C4}]
"DisplayIcon"="C:\Program Files (x86)\SpeedMaxPc\SpeedMaxPc\speedmaxpc.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1341F917-C3E5-413E-A11C-AA58273843C4}]
"UninstallString"="C:\Program Files (x86)\SpeedMaxPc\SpeedMaxPc\uninstall.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1341F917-C3E5-413E-A11C-AA58273843C4}]
"URLInfoAbout"="hxxp://www.SpeedMaxPc.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1341F917-C3E5-413E-A11C-AA58273843C4}]
"Publisher"="SpeedMaxPc"

Searching for "simplitec"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{DF103EDA-7937-4966-8EFB-5EF5C38301F2}]
"InstallLocation"="C:\Program Files (x86)\simplitec\simplicheck\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{DF103EDA-7937-4966-8EFB-5EF5C38301F2}]
"Publisher"="simplitec GmbH"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{DF103EDA-7937-4966-8EFB-5EF5C38301F2}]
"DisplayName"="simplitec simplicheck"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\ADE301FD73976694E8BFE55F3C38102F]
"ProductName"="simplitec simplicheck"

Searching for "InetStat"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\CabinetState]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Advanced\Folder\ShowFullPath]
"RegPath"="Software\Microsoft\Windows\CurrentVersion\Explorer\CabinetState"
[HKEY_USERS\S-1-5-21-2921778440-697364257-2174348754-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\CabinetState]

Searching for "Wajam"
No data found.

Searching for "FindRight"
No data found.

Searching for "FlvPlayer"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\db43ff0b_0]
@="{0.0.0.00000000}.{8eb66584-a5b4-48a7-866d-aee82a1737a7}|\Device\HarddiskVolume2\Program Files (x86)\FLVPlayer\FLVPlayer.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_USERS\S-1-5-21-2921778440-697364257-2174348754-1000\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\db43ff0b_0]
@="{0.0.0.00000000}.{8eb66584-a5b4-48a7-866d-aee82a1737a7}|\Device\HarddiskVolume2\Program Files (x86)\FLVPlayer\FLVPlayer.exe%b{00000000-0000-0000-0000-000000000000}"

Searching for "globalUpdate"
[HKEY_LOCAL_MACHINE\SOFTWARE\globalUpdate]

Searching for "Goobzo"
[HKEY_LOCAL_MACHINE\SOFTWARE\GOOBZO]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\YouTube Accelerator]
"Publisher"="Goobzo Ltd."
[HKEY_USERS\.DEFAULT\Software\GOOBZO]
[HKEY_USERS\S-1-5-18\Software\GOOBZO]

Searching for "istartsurf"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\DOMStorage\istartsurf.com]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\DOMStorage\www.istartsurf.com]
[HKEY_USERS\S-1-5-21-2921778440-697364257-2174348754-1000\Software\Microsoft\Internet Explorer\DOMStorage\istartsurf.com]
[HKEY_USERS\S-1-5-21-2921778440-697364257-2174348754-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.istartsurf.com]

-= EOF =-
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-09-2014
Ran by Martina at 2014-09-05 07:57:05
Running from D:\Martina\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.8.0.1430 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.8.0.1430 - Adobe Systems Incorporated) Hidden
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.2.1.260 - Adobe Systems Incorporated)
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.8.800.94 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Adobe® Content Viewer (HKLM-x32\...\com.adobe.dmp.contentviewer) (Version: 3.3.0 - Adobe Systems Incorporated)
Adobe® Content Viewer (x32 Version: 3.3.0 - Adobe Systems Incorporated) Hidden
Apple Application Support (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2F72F540-1F60-4266-9506-952B21D6640D}) (Version: 6.1.0.13 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros WiFi Driver Installation (HKLM-x32\...\{7D916FA5-DAE9-4A25-B089-655C70EAF607}) (Version: 3.0 - Atheros)
Avira (HKLM-x32\...\{e67154a7-9cc5-4167-b782-f3982bc6c70d}) (Version: 1.1.19.30000 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.19.30000 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.6.570 - Avira)
Avira SearchFree Toolbar (HKLM-x32\...\{41564952-412D-5637-00A7-A758B70C0A03}) (Version: 12.10.3.4487 - APN, LLC)
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.3.0.95 - Atheros Communications)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - ‪Canon Inc.‬)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version:  - ‪Canon Inc.‬)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.0.0 - Canon Inc.)
Canon MG4200 series Benutzerregistrierung (HKLM-x32\...\Canon MG4200 series Benutzerregistrierung) (Version:  - Canon Inc.‎)
Canon MG4200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG4200_series) (Version: 1.01 - Canon Inc.)
Canon MG4200 series On-screen Manual (HKLM-x32\...\Canon MG4200 series On-screen Manual) (Version: 7.5.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.0.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.0.0 - Canon Inc.)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.0.3661 - CDBurnerXP)
CHIP Updater (HKLM-x32\...\CHIP Updater_is1) (Version: 2.28 - Abelssoft)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{132D27B8-C656-44BD-8C16-73C54EA8A85F}) (Version:  - Microsoft)
Fiddler (HKLM-x32\...\Fiddler2) (Version: 2.4.4.5 - Telerik)
FontForge 2012-07-31 (HKLM-x32\...\FontForge) (Version: 2012-07-31 - )
Free YouTube to MP3 Converter version 3.12.5.628 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.5.628 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.103 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
Hartlauer Foto World (HKLM-x32\...\Hartlauer Foto World) (Version: 5.1.5 - CEWE Stiftung u Co. KGaA)
High-Logic FontCreator 8 (HKLM-x32\...\FontCreator8_is1) (Version:  - High-Logic B.V.)
iTunes (HKLM\...\{76FF0F03-B707-4332-B5D1-A56C8303514E}) (Version: 11.0.4.4 - Apple Inc.)
Java 7 Update 21 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217021FF}) (Version: 7.0.210 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.5 - Sun Microsystems, Inc.) Hidden
Leawo PowerPoint to Video Converter version 2.7.1.0 (HKLM-x32\...\{5D5CB188-F9B1-4103-B2AD-07FB33068377}_is1) (Version: 2.7.1.0 - Leawo Software)
MAGIX Foto Designer 7 (HKLM-x32\...\MAGIX_{2DCD52EE-1AE1-4128-9819-A79F7D09B6B3}) (Version: 7.0.1.1 - MAGIX AG)
MAGIX Foto Designer 7 (Version: 7.0.1.1 - MAGIX AG) Hidden
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 15.0.4631.1002 - Microsoft Corporation)
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4023.1211 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ Run Time  Lib Setup (HKLM-x32\...\{AAF4238F-7C29-451D-9925-C753271A5728}) (Version: 1.0.0 - Microsoft)
Mozilla Firefox 13.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 13.0.1 (x86 de)) (Version: 13.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 13.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NSIS Birdfont (HKLM-x32\...\Birdfont) (Version:  - )
NVIDIA 3D Vision Treiber 267.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 267.21 - NVIDIA Corporation)
NVIDIA Grafiktreiber 267.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 267.21 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.2.19.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.2.19.0 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.109.718 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.10.0514 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.10.0514 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.10.0514 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6721 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 267.21 (Version: 267.21 - NVIDIA Corporation) Hidden
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4623.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4631.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4623.1003 - Microsoft Corporation) Hidden
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.0 - pdfforge)
PhotoPad Foto-Editor (HKLM-x32\...\PhotoPad) (Version: 2.41 - NCH Software)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.92 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
Shopper-Pro (HKLM-x32\...\ShopperPro) (Version:  - )
simplitec simplicheck (HKLM-x32\...\{DF103EDA-7937-4966-8EFB-5EF5C38301F2}) (Version: 1.3.9.0 - simplitec GmbH)
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
SpeedMaxPc (HKLM-x32\...\{1341F917-C3E5-413E-A11C-AA58273843C4}) (Version: 3.1.6.0 - SpeedMaxPc)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Excel 2010 (KB2837600) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{4ACD847E-547D-493F-9A86-F73EAE1B5174}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2687502) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{7DE7DF97-82FE-4B3A-AB8D-1621F9CC464A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B0D672F7-883E-4279-8E75-D97A5445AB46}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUS_{EAD7BEF9-B28C-425F-B2C5-538CB27EF013}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUS_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUS_{40EC8FB1-5202-469D-9232-C28FB1C6FC64}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version:  - Microsoft)
VLC media player 2.0.5 (HKLM-x32\...\VLC media player) (Version: 2.0.5 - VideoLAN)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
XnView 1.99.5 (HKLM-x32\...\XnView_is1) (Version: 1.99.5 - Gougelet Pierre-e)
YouTube Accelerator (HKLM-x32\...\YouTube Accelerator) (Version: 3394(build_88) - Goobzo Ltd.)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2921778440-697364257-2174348754-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2921778440-697364257-2174348754-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2921778440-697364257-2174348754-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2921778440-697364257-2174348754-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2921778440-697364257-2174348754-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points  =========================

28-08-2014 21:18:18 Windows Update
02-09-2014 05:07:47 Installed SpyHunter
02-09-2014 05:15:58 Removed SpyHunter
02-09-2014 05:50:31 Installed SpyHunter
02-09-2014 06:43:19 Removed SpyHunter

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {136E99D8-6048-466C-A642-6ED03D639BE9} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2013\OneClick.exe
Task: {A9EB2394-AF1F-446F-BB25-754EC1B3C9B7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-15] (Google Inc.)
Task: {B78E6EA3-3BE7-484B-948E-4076ECF61197} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-15] (Google Inc.)
Task: {C72E5E18-FF2C-49F1-8FC2-B294810C7742} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-20] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AdobeAAMUpdater-1.0-NB01KRZBMA-Martina.job => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf8a54415c3b16.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013.job => C:\Program Files (x86)\TuneUp Utilities 2013\OneClick.exe
Task: C:\Windows\Tasks\Updater scan.job => C:\Program Files (x86)\CHIP Updater\CHIPUpdater.exe

==================== Loaded Modules (whitelisted) =============

2013-10-16 19:02 - 2013-10-16 19:02 - 03358064 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2014-07-04 16:21 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-11-29 17:53 - 2012-03-28 14:49 - 00140456 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2013-10-16 19:01 - 2013-10-16 19:01 - 04624240 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2014-09-05 07:42 - 2014-09-05 07:43 - 00139264 _____ () D:\Martina\Desktop\SystemLook.exe
2013-04-21 21:44 - 2013-04-21 21:44 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-04-21 21:44 - 2013-04-21 21:44 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2014-09-04 11:18 - 2014-08-04 14:20 - 00052472 _____ () C:\Users\Martina\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
2013-10-17 17:45 - 2013-10-17 17:45 - 32726528 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\libcef.dll
2013-03-13 14:42 - 2013-06-05 15:21 - 00071560 _____ () C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\zlib1.dll
2014-09-04 22:06 - 2014-08-30 04:49 - 01098056 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\libglesv2.dll
2014-09-04 22:06 - 2014-08-30 04:49 - 00174408 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\libegl.dll
2014-09-04 22:06 - 2014-08-30 04:49 - 08577864 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\pdf.dll
2014-09-04 22:06 - 2014-08-30 04:49 - 00331592 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\ppGoogleNaClPluginChrome.dll
2014-09-04 22:06 - 2014-08-30 04:49 - 01660232 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\ffmpegsumo.dll

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


==================== Faulty Device Manager Devices =============

Name: Atheros AR3011 Bluetooth(R) Adapter
Description: Atheros AR3011 Bluetooth(R) Adapter
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Atheros Communications
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Ethernet-Controller
Description: Ethernet-Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (09/04/2014 05:24:07 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9922

Error: (09/04/2014 05:24:07 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9922

Error: (09/04/2014 05:24:07 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/04/2014 07:54:43 AM) (Source: Office Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2014-09-04T07:48:43Z. Error Code: 0x80070032.

Error: (09/03/2014 06:30:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9984

Error: (09/03/2014 06:30:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9984

Error: (09/03/2014 06:30:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (09/05/2014 07:30:46 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Avira Service Host erreicht.

Error: (09/04/2014 11:20:11 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Avira Browser-Schutz" ist vom Dienst "Avira Echtzeit-Scanner" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1070

Error: (09/04/2014 11:19:45 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Avira Echtzeit-Scanner" wurde nicht richtig gestartet.

Error: (09/04/2014 07:40:45 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "YouTubeAcceleratorService" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (09/03/2014 08:52:45 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}


Microsoft Office Sessions:
=========================
Error: (09/04/2014 05:24:07 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9922

Error: (09/04/2014 05:24:07 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9922

Error: (09/04/2014 05:24:07 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/04/2014 07:54:43 AM) (Source: Office Software Protection Platform Service) (EventID: 16385) (User: )
Description: 0x800700322014-09-04T07:48:43Z

Error: (09/03/2014 06:30:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9984

Error: (09/03/2014 06:30:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9984

Error: (09/03/2014 06:30:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


CodeIntegrity Errors:
===================================
  Date: 2013-08-03 00:31:49.584
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-08-03 00:31:49.581
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-08-03 00:31:49.578
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-08-03 00:31:49.555
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-08-03 00:31:49.551
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-08-03 00:31:49.545
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-08-01 10:10:32.741
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-08-01 10:10:32.739
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-08-01 10:10:32.736
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-08-01 10:10:32.718
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3-2310M CPU @ 2.10GHz
Percentage of memory in use: 75%
Total physical RAM: 4077.86 MB
Available physical RAM: 1006.09 MB
Total Pagefile: 8153.9 MB
Available Pagefile: 4566.79 MB
Total Virtual: 8192 MB
Available Virtual: 8191.86 MB

==================== Drives ================================

Drive c: (LWC) (Fixed) (Total:78.03 GB) (Free:30.59 GB) NTFS
Drive d: (DATEN) (Fixed) (Total:154.76 GB) (Free:137.31 GB) NTFS
Drive e: (ECLIPSE_D1) (CDROM) (Total:6.8 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 26558982)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=78 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=154.8 GB) - (Type=07 NTFS)

==================== End Of Log ============================

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-09-2014
Ran by Martina (administrator) on NB01KRZBMA on 05-09-2014 07:54:55
Running from D:\Martina\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() D:\Martina\Desktop\SystemLook.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) D:\Martina\Desktop\FRST64 (1).exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [790176 2011-03-31] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [657056 2011-03-31] (Atheros Commnucations)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-09-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-14] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2237328 2013-11-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1273448 2012-04-03] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [449168 2012-03-26] (CANON INC.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [161584 2014-08-04] (Avira Operations GmbH & Co. KG)
HKU\.DEFAULT\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-06-15] (Microsoft Corporation)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21446272 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-06-16] (Google Inc.)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\RunOnce: [Uninstall C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64"
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\RunOnce: [Uninstall C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64"
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: F - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {9f0476a4-d6a2-11e2-b1ce-90004eb858ed} - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {9f0476aa-d6a2-11e2-b1ce-90004eb858ed} - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {9f0476d6-d6a2-11e2-b1ce-90004eb858ed} - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {c3dde93d-99b1-11e3-9283-90004eb858ee} - F:\Startme.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21446272 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-06-16] (Google Inc.)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [Uninstall C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64"
HKU\S-1-5-21-2921778440-697364257-2174348754-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [Uninstall C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64"
HKU\S-1-5-21-2921778440-697364257-2174348754-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: F - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {9f0476a4-d6a2-11e2-b1ce-90004eb858ed} - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {9f0476aa-d6a2-11e2-b1ce-90004eb858ed} - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {9f0476d6-d6a2-11e2-b1ce-90004eb858ed} - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {c3dde93d-99b1-11e3-9283-90004eb858ee} - F:\Startme.exe
ShellIconOverlayIdentifiers:  AccExtIco1 -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers:  AccExtIco2 -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers:  AccExtIco3 -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x46388F1AA669CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://at.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-AT
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
URLSearchHook: HKCU - SearchHook Class - {D8278076-BC68-4484-9233-6E7F1628B56C} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\searchhook.dll (APN LLC.)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Avira SearchFree Toolbar -> {41564952-412D-5637-00A7-7A786E7484D7} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: No Name -> {41564952-412D-5637-00A7-7A786E7484D7} ->  No File
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - No Name - {41564952-412D-5637-00A7-7A786E7484D7} -  No File
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default
FF SearchEngineOrder.3: Bing
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [fiddlerhook@fiddler2.com] - C:\Program Files (x86)\Fiddler2\FiddlerHook
FF Extension: FiddlerHook - C:\Program Files (x86)\Fiddler2\FiddlerHook [2013-06-16]

Chrome:
=======
CHR HomePage: Default ->
CHR StartupUrls: Default -> "https://www.google.at/?gws_rd=ssl#q=was+ist+it+surf%3F"
CHR DefaultSuggestURL: Default ->
CHR Profile: C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-31]
CHR Extension: (Google Drive) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-31]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-05]
CHR Extension: (YouTube) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-31]
CHR Extension: (Google-Suche) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-31]
CHR Extension: (Google Wallet) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-27]
CHR Extension: (Google Mail) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-31]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1021008 2014-08-14] (Avira Operations GmbH & Co. KG)
S4 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2014-02-13] () [File not signed]
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [146592 2011-03-31] (Atheros) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [75936 2011-03-31] (Atheros Commnucations) [File not signed]
S2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [149296 2014-08-04] (Avira Operations GmbH & Co. KG)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2356408 2014-06-19] (Microsoft Corporation)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] ()
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-07-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-10] (Avira Operations GmbH & Co. KG)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-09-05] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-03 17:57 - 2014-09-03 17:57 - 00001728 _____ () C:\Users\Martina\Desktop\JRT.txt
2014-09-03 17:48 - 2014-09-03 17:48 - 00000000 ____D () C:\Windows\ERUNT
2014-09-03 16:19 - 2014-09-03 16:19 - 00000000 ____D () C:\mbam.txt
2014-09-03 15:46 - 2014-09-05 07:54 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-03 15:46 - 2014-09-03 15:46 - 00001065 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-09-03 15:46 - 2014-09-03 15:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-03 15:46 - 2014-09-03 15:46 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-03 15:46 - 2014-09-03 15:46 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-09-03 15:46 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-09-03 15:46 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-09-03 15:46 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-09-03 15:14 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-09-03 15:11 - 2014-09-03 15:29 - 00000000 ____D () C:\AdwCleaner
2014-09-02 11:49 - 2014-09-05 07:55 - 00000000 ____D () C:\FRST
2014-09-02 07:09 - 2014-09-02 07:09 - 00000000 _____ () C:\autoexec.bat
2014-09-02 07:07 - 2014-09-02 08:45 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-09-01 14:33 - 2014-09-01 14:33 - 00003073 _____ () C:\AdwCleaner[R17].txt
2014-08-31 18:21 - 2014-08-31 18:21 - 00003050 _____ () C:\AdwCleaner[S14].txt
2014-08-31 18:21 - 2014-08-31 18:21 - 00002951 _____ () C:\AdwCleaner[R16].txt
2014-08-30 20:38 - 2014-08-30 20:38 - 00110730 _____ () C:\AdwCleaner[S13].txt
2014-08-30 20:37 - 2014-08-30 20:37 - 00110629 _____ () C:\AdwCleaner[R15].txt
2014-08-30 16:25 - 2014-08-30 19:11 - 00000000 ____D () C:\Users\Martina\.birdfont
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Birdfont
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Program Files (x86)\Birdfont
2014-08-28 21:00 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-28 21:00 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-28 21:00 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-27 20:00 - 2014-08-27 20:00 - 00003072 _____ () C:\AdwCleaner[S12].txt
2014-08-27 20:00 - 2014-08-27 20:00 - 00003003 _____ () C:\AdwCleaner[R14].txt
2014-08-21 16:09 - 2014-09-03 07:46 - 00000000 ____D () C:\ProgramData\TEMP
2014-08-21 16:09 - 2014-08-21 16:09 - 00172032 _____ (Jin Hui E-mail: jinhui@jcomsoft.com Web: hxxp://www.jcomsoft.com) C:\Windows\SysWOW64\AniGIF.ocx
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Users\Martina\AppData\Local\CrashRpt
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\High-Logic FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Local\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\High-Logic FontCreator
2014-08-21 09:48 - 2013-01-24 13:43 - 01415352 _____ (High-Logic B.V.) C:\Windows\SysWOW64\FontInstaller2.dll
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieUserList
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieSiteList
2014-08-20 21:09 - 2014-08-20 21:09 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\DesktopIconGoodgame
2014-08-20 20:31 - 2014-08-20 20:31 - 00000366 _____ () C:\Windows\Tasks\Updater scan.job
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Abelssoft
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\ProgramData\XDMessagingv4
2014-08-20 20:30 - 2014-08-20 20:46 - 00000000 ____D () C:\Users\Martina\AppData\Local\Abelssoft
2014-08-20 20:29 - 2014-08-20 20:29 - 00001013 _____ () C:\Users\Public\Desktop\CHIP Updater.lnk
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CHIP Updater
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\Program Files (x86)\CHIP Updater
2014-08-20 20:28 - 2014-08-20 21:09 - 00000000 ____D () C:\Program Files (x86)\FontForge
2014-08-20 20:28 - 2014-08-20 20:28 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FontForge
2014-08-19 15:23 - 2014-08-19 15:23 - 00001100 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-16 10:48 - 2014-08-31 19:56 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\dvdcss
2014-08-14 14:22 - 2014-08-19 15:23 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-14 07:27 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-14 07:27 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-14 07:27 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-14 07:27 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-14 07:27 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-14 07:27 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-14 07:26 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-14 07:26 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-13 20:44 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-13 20:44 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-08-13 20:44 - 2014-07-09 00:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-08-13 20:44 - 2014-07-09 00:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2014-08-13 20:44 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-13 20:44 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-13 20:44 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-13 20:44 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-13 20:44 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-13 20:44 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-13 20:44 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-13 20:43 - 2014-08-01 01:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-13 20:43 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-13 20:43 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-13 20:43 - 2014-07-25 16:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-13 20:43 - 2014-07-25 16:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-13 20:43 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-13 20:43 - 2014-07-25 15:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-13 20:43 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-13 20:43 - 2014-07-25 15:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-13 20:43 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-13 20:43 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-13 20:43 - 2014-07-25 15:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-13 20:43 - 2014-07-25 15:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-13 20:43 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-13 20:43 - 2014-07-25 15:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-13 20:43 - 2014-07-25 15:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-13 20:43 - 2014-07-25 15:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-13 20:43 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-13 20:43 - 2014-07-25 14:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-13 20:43 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-13 20:43 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-13 20:43 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-13 20:43 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-13 20:43 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-13 20:43 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-13 20:43 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-13 20:43 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-13 20:43 - 2014-07-25 14:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-13 20:43 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-13 20:43 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-13 20:43 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-13 20:43 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-13 20:43 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-13 20:43 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-13 20:43 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-13 20:43 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-13 20:43 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-13 20:43 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-13 20:43 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-13 20:43 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-13 20:43 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-13 20:43 - 2014-07-25 13:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-13 20:43 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-13 20:43 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-13 20:43 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-13 20:43 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-13 20:43 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-13 20:43 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-13 20:43 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-13 20:43 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-13 20:43 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-13 20:43 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-13 20:43 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-13 20:43 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-13 20:43 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-13 20:43 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-13 20:43 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-13 20:43 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-13 20:43 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-13 20:42 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-13 20:42 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-13 20:41 - 2014-08-07 04:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-13 20:41 - 2014-08-07 04:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-07 08:58 - 2014-08-07 08:58 - 00000000 ____D () C:\Users\Martina\restore
2014-08-06 12:12 - 2014-08-11 09:18 - 00000000 ____D () C:\ProgramData\tmp
2014-08-06 12:12 - 2014-08-06 14:31 - 00000000 ____D () C:\ProgramData\hps
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Fotoviewer.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Foto World.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hartlauer Foto World
2014-08-06 12:00 - 2014-08-06 12:00 - 00000000 ____D () C:\Program Files\Hartlauer Foto World

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-05 07:55 - 2014-09-02 11:49 - 00000000 ____D () C:\FRST
2014-09-05 07:54 - 2014-09-03 15:46 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-05 07:46 - 2013-06-14 23:43 - 01835901 _____ () C:\Windows\WindowsUpdate.log
2014-09-05 07:39 - 2009-07-14 06:45 - 00015104 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-05 07:39 - 2009-07-14 06:45 - 00015104 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-05 07:30 - 2013-09-18 15:26 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-09-05 07:29 - 2009-07-14 06:51 - 00075381 _____ () C:\Windows\setupact.log
2014-09-04 22:06 - 2013-06-16 16:53 - 00002138 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-04 17:23 - 2013-08-09 13:39 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Skype
2014-09-04 11:18 - 2013-06-16 16:47 - 00000000 ____D () C:\Users\Martina\AppData\Local\Adobe
2014-09-04 11:16 - 2013-06-15 03:18 - 00459860 _____ () C:\Windows\PFRO.log
2014-09-03 17:57 - 2014-09-03 17:57 - 00001728 _____ () C:\Users\Martina\Desktop\JRT.txt
2014-09-03 17:48 - 2014-09-03 17:48 - 00000000 ____D () C:\Windows\ERUNT
2014-09-03 16:19 - 2014-09-03 16:19 - 00000000 ____D () C:\mbam.txt
2014-09-03 16:09 - 2009-07-14 05:20 - 00000000 __RSD () C:\Windows\Media
2014-09-03 15:46 - 2014-09-03 15:46 - 00001065 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-09-03 15:46 - 2014-09-03 15:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-03 15:46 - 2014-09-03 15:46 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-03 15:46 - 2014-09-03 15:46 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-09-03 15:29 - 2014-09-03 15:11 - 00000000 ____D () C:\AdwCleaner
2014-09-03 15:29 - 2014-02-20 18:27 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-09-03 15:29 - 2013-06-16 16:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-09-03 15:29 - 2013-06-15 00:32 - 00001024 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-09-03 15:29 - 2013-06-14 23:49 - 00001002 _____ () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-09-03 07:46 - 2014-08-21 16:09 - 00000000 ____D () C:\ProgramData\TEMP
2014-09-02 21:44 - 2013-10-27 07:21 - 00000000 ____D () C:\Users\Martina\AppData\Local\CrashDumps
2014-09-02 08:45 - 2014-09-02 07:07 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-09-02 07:09 - 2014-09-02 07:09 - 00000000 _____ () C:\autoexec.bat
2014-09-01 14:33 - 2014-09-01 14:33 - 00003073 _____ () C:\AdwCleaner[R17].txt
2014-09-01 11:43 - 2013-11-29 17:31 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-09-01 11:18 - 2009-07-14 19:58 - 00699666 _____ () C:\Windows\system32\perfh007.dat
2014-09-01 11:18 - 2009-07-14 19:58 - 00149774 _____ () C:\Windows\system32\perfc007.dat
2014-09-01 11:18 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-31 20:35 - 2013-06-15 00:30 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\vlc
2014-08-31 19:56 - 2014-08-16 10:48 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\dvdcss
2014-08-31 18:21 - 2014-08-31 18:21 - 00003050 _____ () C:\AdwCleaner[S14].txt
2014-08-31 18:21 - 2014-08-31 18:21 - 00002951 _____ () C:\AdwCleaner[R16].txt
2014-08-30 20:38 - 2014-08-30 20:38 - 00110730 _____ () C:\AdwCleaner[S13].txt
2014-08-30 20:37 - 2014-08-30 20:37 - 00110629 _____ () C:\AdwCleaner[R15].txt
2014-08-30 19:11 - 2014-08-30 16:25 - 00000000 ____D () C:\Users\Martina\.birdfont
2014-08-30 16:25 - 2013-06-14 23:48 - 00000000 ____D () C:\Users\Martina
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Birdfont
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Program Files (x86)\Birdfont
2014-08-29 20:07 - 2009-07-14 06:45 - 05101376 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-27 20:00 - 2014-08-27 20:00 - 00003072 _____ () C:\AdwCleaner[S12].txt
2014-08-27 20:00 - 2014-08-27 20:00 - 00003003 _____ () C:\AdwCleaner[R14].txt
2014-08-23 04:07 - 2014-08-28 21:00 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 03:45 - 2014-08-28 21:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-23 02:59 - 2014-08-28 21:00 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-21 16:09 - 2014-08-21 16:09 - 00172032 _____ (Jin Hui E-mail: jinhui@jcomsoft.com Web: hxxp://www.jcomsoft.com) C:\Windows\SysWOW64\AniGIF.ocx
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Users\Martina\AppData\Local\CrashRpt
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\High-Logic FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Local\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\High-Logic FontCreator
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieUserList
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieSiteList
2014-08-20 21:09 - 2014-08-20 21:09 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\DesktopIconGoodgame
2014-08-20 21:09 - 2014-08-20 20:28 - 00000000 ____D () C:\Program Files (x86)\FontForge
2014-08-20 20:46 - 2014-08-20 20:30 - 00000000 ____D () C:\Users\Martina\AppData\Local\Abelssoft
2014-08-20 20:31 - 2014-08-20 20:31 - 00000366 _____ () C:\Windows\Tasks\Updater scan.job
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Abelssoft
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\ProgramData\XDMessagingv4
2014-08-20 20:30 - 2013-06-15 00:32 - 00113576 _____ () C:\Users\Martina\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-20 20:29 - 2014-08-20 20:29 - 00001013 _____ () C:\Users\Public\Desktop\CHIP Updater.lnk
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CHIP Updater
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\Program Files (x86)\CHIP Updater
2014-08-20 20:28 - 2014-08-20 20:28 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FontForge
2014-08-19 15:23 - 2014-08-19 15:23 - 00001100 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-19 15:23 - 2014-08-14 14:22 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-19 15:23 - 2013-08-18 13:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-08-19 15:22 - 2013-08-18 13:04 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-08-14 14:22 - 2013-08-18 13:04 - 00000000 ____D () C:\ProgramData\Avira
2014-08-14 08:08 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-14 07:52 - 2013-06-16 18:01 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-14 07:42 - 2013-08-14 20:07 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-14 07:36 - 2013-06-15 01:38 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-14 07:25 - 2014-05-07 03:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-11 09:18 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\tmp
2014-08-07 08:58 - 2014-08-07 08:58 - 00000000 ____D () C:\Users\Martina\restore
2014-08-07 04:06 - 2014-08-13 20:41 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-07 04:01 - 2014-08-13 20:41 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-06 14:31 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\hps
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Fotoviewer.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Foto World.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hartlauer Foto World
2014-08-06 12:00 - 2014-08-06 12:00 - 00000000 ____D () C:\Program Files\Hartlauer Foto World

Some content of TEMP:
====================
C:\Users\Martina\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2013-08-29 06:40

==================== End Of Log ============================
--- --- ---

--- --- ---


Alle Zeitangaben in WEZ +1. Es ist jetzt 00:33 Uhr.
Seite 2 von 3 1 2 3
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2026, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58