Trojaner-Board
Seite 2 von 3 1 2 3
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   iStartSurf deinstallieren (https://www.trojaner-board.de/158218-istartsurf-deinstallieren.html)

Tinti 03.09.2014 08:05
Teil 2

Code:
(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-03 08:17 - 2014-09-02 11:49 - 00000000 ____D () C:\FRST
2014-09-03 07:54 - 2009-07-14 06:45 - 00015104 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-03 07:54 - 2009-07-14 06:45 - 00015104 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-03 07:53 - 2013-06-14 23:43 - 01758725 _____ () C:\Windows\WindowsUpdate.log
2014-09-03 07:47 - 2014-08-25 23:05 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d5b784a456c2a23342a325557.job
2014-09-03 07:47 - 2013-06-16 16:47 - 00000000 ____D () C:\Users\Martina\AppData\Local\Adobe
2014-09-03 07:46 - 2014-08-21 16:09 - 00000000 ____D () C:\ProgramData\TEMP
2014-09-03 07:46 - 2013-09-18 15:26 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-09-03 07:44 - 2009-07-14 06:51 - 00075101 _____ () C:\Windows\setupact.log
2014-09-02 21:44 - 2013-10-27 07:21 - 00000000 ____D () C:\Users\Martina\AppData\Local\CrashDumps
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedMaxPc
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\ProgramData\SpeedMaxPc
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\Program Files (x86)\SpeedMaxPc
2014-09-02 14:02 - 2013-08-09 13:39 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Skype
2014-09-02 10:40 - 2014-09-02 09:52 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Nico Mak Computing
2014-09-02 08:45 - 2014-09-02 07:07 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-09-02 07:15 - 2014-08-21 16:08 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\istartsurf
2014-09-02 07:09 - 2014-09-02 07:09 - 00000000 _____ () C:\autoexec.bat
2014-09-02 07:08 - 2014-09-02 07:08 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-09-01 22:35 - 2013-06-15 03:18 - 00323572 _____ () C:\Windows\PFRO.log
2014-09-01 22:21 - 2014-08-21 16:12 - 00000000 ____D () C:\Program Files (x86)\FLVPlayer
2014-09-01 22:20 - 2014-08-21 16:15 - 00000000 ____D () C:\Program Files (x86)\TheGoPhoto.it V10
2014-09-01 22:20 - 2014-08-21 16:13 - 00000000 ____D () C:\Program Files (x86)\TheHDvid-Codec V10
2014-09-01 21:49 - 2014-08-30 16:16 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-09-01 14:33 - 2014-09-01 14:33 - 00003073 _____ () C:\AdwCleaner[R17].txt
2014-09-01 11:43 - 2013-11-29 17:31 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-09-01 11:18 - 2009-07-14 19:58 - 00699666 _____ () C:\Windows\system32\perfh007.dat
2014-09-01 11:18 - 2009-07-14 19:58 - 00149774 _____ () C:\Windows\system32\perfc007.dat
2014-09-01 11:18 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-31 20:35 - 2013-06-15 00:30 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\vlc
2014-08-31 19:56 - 2014-08-16 10:48 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\dvdcss
2014-08-31 18:21 - 2014-08-31 18:21 - 00003050 _____ () C:\AdwCleaner[S14].txt
2014-08-31 18:21 - 2014-08-31 18:21 - 00002951 _____ () C:\AdwCleaner[R16].txt
2014-08-30 20:38 - 2014-08-30 20:38 - 00110730 _____ () C:\AdwCleaner[S13].txt
2014-08-30 20:37 - 2014-08-30 20:37 - 00110629 _____ () C:\AdwCleaner[R15].txt
2014-08-30 19:11 - 2014-08-30 16:25 - 00000000 ____D () C:\Users\Martina\.birdfont
2014-08-30 16:25 - 2013-06-14 23:48 - 00000000 ____D () C:\Users\Martina
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Birdfont
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Program Files (x86)\Birdfont
2014-08-30 16:18 - 2014-08-30 16:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InetStat
2014-08-30 16:17 - 2014-08-30 16:16 - 00000000 _____ () C:\END
2014-08-30 16:16 - 2014-08-30 16:16 - 00000000 ____D () C:\Users\Martina\AppData\Local\SearchProtect
2014-08-29 20:07 - 2009-07-14 06:45 - 05101376 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-27 20:00 - 2014-08-27 20:00 - 00003072 _____ () C:\AdwCleaner[S12].txt
2014-08-27 20:00 - 2014-08-27 20:00 - 00003003 _____ () C:\AdwCleaner[R14].txt
2014-08-23 21:29 - 2014-08-23 12:40 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d2d37505a2a6c55326c342341.job
2014-08-23 10:00 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files (x86)\YouTube Accelerator
2014-08-23 04:07 - 2014-08-28 21:00 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 03:45 - 2014-08-28 21:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-23 02:59 - 2014-08-28 21:00 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-22 18:23 - 2014-08-22 18:23 - 00000000 ____D () C:\ProgramData\374311380
2014-08-21 16:15 - 2014-08-21 16:15 - 00004492 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-11.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001818 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-1.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001700 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5_user.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001680 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001410 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-2.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00000896 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore1cfbd4a5e77343e.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001826 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-1.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001704 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5_user.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001684 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001414 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-2.job
2014-08-21 16:14 - 2014-08-21 16:13 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-08-21 16:13 - 2014-08-21 16:13 - 00004494 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-11.job
2014-08-21 16:13 - 2014-08-21 16:13 - 00000000 ____D () C:\Users\Martina\AppData\Local\globalUpdate
2014-08-21 16:12 - 2014-08-21 16:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FLVPlayer
2014-08-21 16:10 - 2014-08-21 16:10 - 00000260 _____ () C:\Windows\Tasks\Launch 21752.job
2014-08-21 16:10 - 2014-08-21 16:10 - 00000000 ____D () C:\ProgramData\YTAHelper
2014-08-21 16:10 - 2014-08-21 16:10 - 00000000 ____D () C:\ProgramData\ShopperPro
2014-08-21 16:10 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files (x86)\YTAHelper
2014-08-21 16:10 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files (x86)\ShopperPro
2014-08-21 16:09 - 2014-08-21 16:09 - 00172032 _____ (Jin Hui E-mail: jinhui@jcomsoft.com Web: hxxp://www.jcomsoft.com) C:\Windows\SysWOW64\AniGIF.ocx
2014-08-21 16:09 - 2014-08-21 16:09 - 00001109 _____ () C:\Users\Martina\Desktop\YouTube Accelerator.lnk
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Users\Martina\AppData\Local\CrashRpt
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YouTube Accelerator
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files\Common Files\ShopperPro
2014-08-21 16:08 - 2014-08-21 16:08 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-08-21 16:08 - 2013-06-16 16:53 - 00002354 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-21 16:08 - 2013-06-15 00:32 - 00001358 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-08-21 16:08 - 2013-06-14 23:49 - 00001649 _____ () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\High-Logic FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Local\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\High-Logic FontCreator
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieUserList
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieSiteList
2014-08-20 21:09 - 2014-08-20 21:09 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\DesktopIconGoodgame
2014-08-20 21:09 - 2014-08-20 20:28 - 00000000 ____D () C:\Program Files (x86)\FontForge
2014-08-20 20:46 - 2014-08-20 20:30 - 00000000 ____D () C:\Users\Martina\AppData\Local\Abelssoft
2014-08-20 20:31 - 2014-08-20 20:31 - 00000366 _____ () C:\Windows\Tasks\Updater scan.job
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Abelssoft
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\ProgramData\XDMessagingv4
2014-08-20 20:30 - 2013-06-15 00:32 - 00113576 _____ () C:\Users\Martina\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-20 20:29 - 2014-08-20 20:29 - 00001013 _____ () C:\Users\Public\Desktop\CHIP Updater.lnk
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CHIP Updater
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\Program Files (x86)\CHIP Updater
2014-08-20 20:28 - 2014-08-20 20:28 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FontForge
2014-08-19 15:23 - 2014-08-19 15:23 - 00001100 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-19 15:23 - 2014-08-14 14:22 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-19 15:23 - 2013-08-18 13:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-08-19 15:22 - 2013-08-18 13:04 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-08-14 14:22 - 2013-08-18 13:04 - 00000000 ____D () C:\ProgramData\Avira
2014-08-14 08:08 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-14 07:52 - 2013-06-16 18:01 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-14 07:42 - 2013-08-14 20:07 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-14 07:36 - 2013-06-15 01:38 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-14 07:25 - 2014-05-07 03:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-11 09:18 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\tmp
2014-08-07 08:58 - 2014-08-07 08:58 - 00000000 ____D () C:\Users\Martina\restore
2014-08-07 04:06 - 2014-08-13 20:41 - 00529920 _____ (Microsoft Corporation) C:\WiScan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-09-2014
Ran by Martina (administrator) on NB01KRZBMA on 03-09-2014 08:17:04
Running from D:\Martina\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Fuyu LIMITED) C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(ShopperPro) C:\Program Files\Common Files\ShopperPro\spbiu.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(GOOBZO) C:\Program Files (x86)\YouTube Accelerator\YouTubeAcceleratorService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
() C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.486\jsdrv.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(globalUpdate) C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Farbar) D:\Martina\Desktop\FRST64 (1).exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [790176 2011-03-31] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [657056 2011-03-31] (Atheros Commnucations)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-09-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-14] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2237328 2013-11-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1273448 2012-04-03] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [449168 2012-03-26] (CANON INC.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [161584 2014-08-04] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SPDriver] => C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.486\jsdrv.exe [3211776 2014-08-07] ()
HKU\.DEFAULT\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-06-15] (Microsoft Corporation)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21446272 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [LiveSupport] => "C:\Program Files (x86)\LiveSupport\LiveSupport.exe" /noshow /log
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [GoobzoYouTubeAccelerator] => C:\Program Files (x86)\YouTube Accelerator\YouTubeAccelerator.exe [2227048 2014-08-21] (GOOBZO)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [SPDriver] => C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.486\jsdrv.exe [3211776 2014-08-07] ()
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-06-16] (Google Inc.)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\RunOnce: [Uninstall C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64"
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\RunOnce: [Uninstall C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64"
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: F - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {9f0476a4-d6a2-11e2-b1ce-90004eb858ed} - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {9f0476aa-d6a2-11e2-b1ce-90004eb858ed} - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {9f0476d6-d6a2-11e2-b1ce-90004eb858ed} - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {c3dde93d-99b1-11e3-9283-90004eb858ee} - F:\Startme.exe
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll [232408 2014-08-31] (Client Connect LTD)
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll [187352 2014-08-31] (Client Connect LTD)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\simplicheck.lnk
ShortcutTarget: simplicheck.lnk -> C:\Program Files (x86)\simplitec\simplicheck\simplicheck.exe (simplitec)
ShellIconOverlayIdentifiers:  AccExtIco1 -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers:  AccExtIco2 -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers:  AccExtIco3 -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.trovi.com/?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MBE1B69C2-1A5C-4CA3-9376-6B92DBDE9BCF&SearchSource=55&CUI=&UM=6&UP=SPAA41E917-BF56-450F-9DCA-0EBCA6938BAD&SSPV=
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x46388F1AA669CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://at.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-AT
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hp&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
URLSearchHook: HKCU - SearchHook Class - {D8278076-BC68-4484-9233-6E7F1628B56C} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\searchhook.dll (APN LLC.)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.istartsurf.com/?type=sc&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MBE1B69C2-1A5C-4CA3-9376-6B92DBDE9BCF&SearchSource=58&CUI=&UM=6&UP=SPAA41E917-BF56-450F-9DCA-0EBCA6938BAD&q={searchTerms}&SSPV=
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MBE1B69C2-1A5C-4CA3-9376-6B92DBDE9BCF&SearchSource=58&CUI=&UM=6&UP=SPAA41E917-BF56-450F-9DCA-0EBCA6938BAD&q={searchTerms}&SSPV=
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Avira SearchFree Toolbar -> {41564952-412D-5637-00A7-7A786E7484D7} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Shopper Pro -> {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} -> C:\ProgramData\ShopperPro\ShopperPro64.dll (Goobzo Ltd.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: DVDVideoSoft WebPageAdjuster Class -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO: YTAHelper -> {FCE3FA8B-BA81-467C-81D8-E43C00D1BC71} -> C:\ProgramData\YTAHelper\YTAHelper64.dll (Goobzo Ltd.)
BHO-x32: Avira SearchFree Toolbar -> {41564952-412D-5637-00A7-7A786E7484D7} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: No Name -> {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} ->  No File
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: FindRight -> {cf710881-c002-4ea4-860a-b6931b040948} -> C:\Program Files (x86)\FindRight\FindRightbho.dll (FindRight)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DVDVideoSoft WebPageAdjuster Class -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
BHO-x32: YTAHelper -> {FCE3FA8B-BA81-467C-81D8-E43C00D1BC71} -> C:\ProgramData\YTAHelper\YTAHelper.dll (Goobzo Ltd.)
Toolbar: HKLM - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
Toolbar: HKLM-x32 - mysearchdial Toolbar - {3004627E-F8E9-4E8B-909D-316753CBA923} - C:\Program Files (x86)\Mysearchdial\1.8.21.0\mysearchdialTlbr.dll No File
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default
FF NewTab: hxxp://www.istartsurf.com/newtab/?type=nt&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX
FF DefaultSearchEngine: istartsurf
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: istartsurf
FF Homepage: hxxp://www.istartsurf.com/?type=hp&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF SearchPlugin: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\bingp.xml
FF SearchPlugin: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\BrowserDefender.xml
FF SearchPlugin: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\delta.xml
FF SearchPlugin: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\Mysearchdial.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\istartsurf.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
FF Extension: TheHDvid-Codec V10 - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\43f13f31-cec7-4ac7-ad4a-18dfdaeae120@gmail.com [2014-08-21]
FF Extension: TheGoPhoto.it V10 - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\EWBNO58637124@CLP39222015.com [2014-08-21]
FF Extension: Fast Start - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\faststartff@gmail.com [2014-08-21]
FF Extension: Avira SearchFree Toolbar plus Web Protection - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\toolbar_AVIRA-V7@apn.ask.com [2013-08-18]
FF Extension: Youtube Accelerator Helper - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\{4C59F3E5-BBD0-4344-8DD2-30866FA0B31E} [2014-08-21]
FF Extension: Shopper-Pro - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\{746505DC-0E21-4667-97F8-72EA6BCF5EEF} [2014-08-21]
FF Extension: FindRight - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\firefox@myfindright.com.xpi [2014-02-18]
FF Extension: Avira SearchFree Toolbar plus Web Protection - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\toolbar_AVIRA-V7@apn.ask.com.xpi [2014-02-21]
FF HKLM-x32\...\Firefox\Extensions: [fiddlerhook@fiddler2.com] - C:\Program Files (x86)\Fiddler2\FiddlerHook
FF Extension: FiddlerHook - C:\Program Files (x86)\Fiddler2\FiddlerHook [2013-06-16]
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2013-07-13]
FF HKLM-x32\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\extensions\faststartff@gmail.com
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe hxxp://www.istartsurf.com/?type=sc&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX

Chrome:
=======
CHR StartupUrls: Default -> "https://www.google.at/?gws_rd=ssl#q=was+ist+it+surf%3F"
CHR DefaultSuggestURL: Default ->
CHR Profile: C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-31]
CHR Extension: (Google Drive) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-31]
CHR Extension: (YouTube) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-31]
CHR Extension: (Google-Suche) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-31]
CHR Extension: (DVDVideoSoft) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp [2013-07-14]
CHR Extension: (Google Wallet) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-27]
CHR Extension: (Google Mail) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-31]
CHR Extension: (Extutil) - C:\Users\Martina\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B [2014-08-31]
CHR Extension: (Managera) - C:\Users\Martina\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42 [2014-08-31]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2013-07-13]
CHR HKLM-x32\...\Chrome\Extension: [aaaaacalgebmfelllfiaoknifldpngjh] - C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7\CRX\ToolbarCR.crx [2014-02-21]
CHR StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe hxxp://www.istartsurf.com/?type=sc&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1021008 2014-08-14] (Avira Operations GmbH & Co. KG)
S4 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2014-02-13] () [File not signed]
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [146592 2011-03-31] (Atheros) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [75936 2011-03-31] (Atheros Commnucations) [File not signed]
S2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [149296 2014-08-04] (Avira Operations GmbH & Co. KG)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2356408 2014-06-19] (Microsoft Corporation)
R2 CltMngSvc; C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe [2998232 2014-08-31] (Client Connect LTD)
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-08-21] (globalUpdate) [File not signed]
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-08-21] (globalUpdate) [File not signed]
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] ()
R2 SPBIUpd; C:\Program Files\Common Files\ShopperPro\spbiu.exe [2346880 2014-08-07] (ShopperPro)
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [528896 2014-08-21] (Fuyu LIMITED) [File not signed]
R2 YouTubeAcceleratorService; C:\Program Files (x86)\YouTube Accelerator\YouTubeAcceleratorService.exe [1510248 2014-08-21] (GOOBZO)
S2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe -service [X]
S2 Wajam Internet Enhancer Service; C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\WajamInternetEnhancerService.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-07-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-10] (Avira Operations GmbH & Co. KG)
R3 SPBIUpdd; C:\Program Files\Common Files\ShopperPro\spbiw.sys [41856 2014-08-07] ()
R2 SPDRIVER_1.37.0.486; C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.486\jsdrv.sys [52584 2014-08-07] ()
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
R3 SPPD; \??\C:\Windows\system32\drivers\SPPD.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedMaxPc
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\ProgramData\SpeedMaxPc
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\Program Files (x86)\SpeedMaxPc
2014-09-02 11:49 - 2014-09-03 08:17 - 00000000 ____D () C:\FRST
2014-09-02 09:52 - 2014-09-02 10:40 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Nico Mak Computing
2014-09-02 07:09 - 2014-09-02 07:09 - 00000000 _____ () C:\autoexec.bat
2014-09-02 07:08 - 2014-09-02 07:08 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-09-02 07:07 - 2014-09-02 08:45 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-09-01 14:33 - 2014-09-01 14:33 - 00003073 _____ () C:\AdwCleaner[R17].txt
2014-08-31 18:21 - 2014-08-31 18:21 - 00003050 _____ () C:\AdwCleaner[S14].txt
2014-08-31 18:21 - 2014-08-31 18:21 - 00002951 _____ () C:\AdwCleaner[R16].txt
2014-08-30 20:38 - 2014-08-30 20:38 - 00110730 _____ () C:\AdwCleaner[S13].txt
2014-08-30 20:37 - 2014-08-30 20:37 - 00110629 _____ () C:\AdwCleaner[R15].txt
2014-08-30 16:25 - 2014-08-30 19:11 - 00000000 ____D () C:\Users\Martina\.birdfont
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Birdfont
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Program Files (x86)\Birdfont
2014-08-30 16:18 - 2014-08-30 16:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InetStat
2014-08-30 16:16 - 2014-09-01 21:49 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-08-30 16:16 - 2014-08-30 16:17 - 00000000 _____ () C:\END
2014-08-30 16:16 - 2014-08-30 16:16 - 00000000 ____D () C:\Users\Martina\AppData\Local\SearchProtect
2014-08-28 21:00 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-28 21:00 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-28 21:00 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-27 20:00 - 2014-08-27 20:00 - 00003072 _____ () C:\AdwCleaner[S12].txt
2014-08-27 20:00 - 2014-08-27 20:00 - 00003003 _____ () C:\AdwCleaner[R14].txt
2014-08-25 23:05 - 2014-09-03 07:47 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d5b784a456c2a23342a325557.job
2014-08-23 12:40 - 2014-08-23 21:29 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d2d37505a2a6c55326c342341.job
2014-08-22 18:23 - 2014-08-22 18:23 - 00000000 ____D () C:\ProgramData\374311380
2014-08-21 16:15 - 2014-09-01 22:20 - 00000000 ____D () C:\Program Files (x86)\TheGoPhoto.it V10
2014-08-21 16:15 - 2014-08-21 16:15 - 00004492 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-11.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001818 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-1.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001700 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5_user.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001680 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001410 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-2.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00000896 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore1cfbd4a5e77343e.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001826 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-1.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001704 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5_user.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001684 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001414 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-2.job
2014-08-21 16:13 - 2014-09-01 22:20 - 00000000 ____D () C:\Program Files (x86)\TheHDvid-Codec V10
2014-08-21 16:13 - 2014-08-21 16:14 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-08-21 16:13 - 2014-08-21 16:13 - 00004494 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-11.job
2014-08-21 16:13 - 2014-08-21 16:13 - 00000000 ____D () C:\Users\Martina\AppData\Local\globalUpdate
2014-08-21 16:12 - 2014-09-01 22:21 - 00000000 ____D () C:\Program Files (x86)\FLVPlayer
2014-08-21 16:12 - 2014-08-21 16:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FLVPlayer
2014-08-21 16:10 - 2014-08-21 16:10 - 00000260 _____ () C:\Windows\Tasks\Launch 21752.job
2014-08-21 16:10 - 2014-08-21 16:10 - 00000000 ____D () C:\ProgramData\YTAHelper
2014-08-21 16:10 - 2014-08-21 16:10 - 00000000 ____D () C:\ProgramData\ShopperPro
2014-08-21 16:09 - 2014-09-03 07:46 - 00000000 ____D () C:\ProgramData\TEMP
2014-08-21 16:09 - 2014-08-23 10:00 - 00000000 ____D () C:\Program Files (x86)\YouTube Accelerator
2014-08-21 16:09 - 2014-08-21 16:10 - 00000000 ____D () C:\Program Files (x86)\YTAHelper
2014-08-21 16:09 - 2014-08-21 16:10 - 00000000 ____D () C:\Program Files (x86)\ShopperPro
2014-08-21 16:09 - 2014-08-21 16:09 - 00172032 _____ (Jin Hui E-mail: jinhui@jcomsoft.com Web: hxxp://www.jcomsoft.com) C:\Windows\SysWOW64\AniGIF.ocx
2014-08-21 16:09 - 2014-08-21 16:09 - 00001109 _____ () C:\Users\Martina\Desktop\YouTube Accelerator.lnk
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Users\Martina\AppData\Local\CrashRpt
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YouTube Accelerator
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files\Common Files\ShopperPro
2014-08-21 16:08 - 2014-09-02 07:15 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\istartsurf
2014-08-21 16:08 - 2014-08-21 16:08 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\High-Logic FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Local\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\High-Logic FontCreator
2014-08-21 09:48 - 2013-01-24 13:43 - 01415352 _____ (High-Logic B.V.) C:\Windows\SysWOW64\FontInstaller2.dll
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieUserList
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieSiteList
2014-08-20 21:09 - 2014-08-20 21:09 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\DesktopIconGoodgame
2014-08-20 20:31 - 2014-08-20 20:31 - 00000366 _____ () C:\Windows\Tasks\Updater scan.job
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Abelssoft
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\ProgramData\XDMessagingv4
2014-08-20 20:30 - 2014-08-20 20:46 - 00000000 ____D () C:\Users\Martina\AppData\Local\Abelssoft
2014-08-20 20:29 - 2014-08-20 20:29 - 00001013 _____ () C:\Users\Public\Desktop\CHIP Updater.lnk
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CHIP Updater
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\Program Files (x86)\CHIP Updater
2014-08-20 20:28 - 2014-08-20 21:09 - 00000000 ____D () C:\Program Files (x86)\FontForge
2014-08-20 20:28 - 2014-08-20 20:28 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FontForge
2014-08-19 15:23 - 2014-08-19 15:23 - 00001100 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-16 10:48 - 2014-08-31 19:56 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\dvdcss
2014-08-14 14:22 - 2014-08-19 15:23 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-14 07:27 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-14 07:27 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-14 07:27 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-14 07:27 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-14 07:27 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-14 07:27 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-14 07:26 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-14 07:26 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-13 20:44 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-13 20:44 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-08-13 20:44 - 2014-07-09 00:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-08-13 20:44 - 2014-07-09 00:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2014-08-13 20:44 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-13 20:44 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-13 20:44 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-13 20:44 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-13 20:44 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-13 20:44 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-13 20:44 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-13 20:43 - 2014-08-01 01:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-13 20:43 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-13 20:43 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-13 20:43 - 2014-07-25 16:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-13 20:43 - 2014-07-25 16:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-13 20:43 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-13 20:43 - 2014-07-25 15:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-13 20:43 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-13 20:43 - 2014-07-25 15:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-13 20:43 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-13 20:43 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-13 20:43 - 2014-07-25 15:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-13 20:43 - 2014-07-25 15:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-13 20:43 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-13 20:43 - 2014-07-25 15:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-13 20:43 - 2014-07-25 15:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-13 20:43 - 2014-07-25 15:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-13 20:43 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-13 20:43 - 2014-07-25 14:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-13 20:43 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-13 20:43 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-13 20:43 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-13 20:43 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-13 20:43 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-13 20:43 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-13 20:43 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-13 20:43 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-13 20:43 - 2014-07-25 14:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-13 20:43 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-13 20:43 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-13 20:43 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-13 20:43 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-13 20:43 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-13 20:43 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-13 20:43 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-13 20:43 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-13 20:43 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-13 20:43 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-13 20:43 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-13 20:43 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-13 20:43 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-13 20:43 - 2014-07-25 13:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-13 20:43 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-13 20:43 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-13 20:43 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-13 20:43 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-13 20:43 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-13 20:43 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-13 20:43 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-13 20:43 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-13 20:43 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-13 20:43 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-13 20:43 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-13 20:43 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-13 20:43 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-13 20:43 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-13 20:43 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-13 20:43 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-13 20:43 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-13 20:42 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-13 20:42 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-13 20:41 - 2014-08-07 04:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-13 20:41 - 2014-08-07 04:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-07 08:58 - 2014-08-07 08:58 - 00000000 ____D () C:\Users\Martina\restore
2014-08-06 12:12 - 2014-08-11 09:18 - 00000000 ____D () C:\ProgramData\tmp
2014-08-06 12:12 - 2014-08-06 14:31 - 00000000 ____D () C:\ProgramData\hps
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Fotoviewer.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Foto World.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hartlauer Foto World
2014-08-06 12:00 - 2014-08-06 12:00 - 00000000 ____D () C:\Program Files\Hartlauer Foto World

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-03 08:17 - 2014-09-02 11:49 - 00000000 ____D () C:\FRST
2014-09-03 07:54 - 2009-07-14 06:45 - 00015104 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-03 07:54 - 2009-07-14 06:45 - 00015104 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-03 07:53 - 2013-06-14 23:43 - 01758725 _____ () C:\Windows\WindowsUpdate.log
2014-09-03 07:47 - 2014-08-25 23:05 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d5b784a456c2a23342a325557.job
2014-09-03 07:47 - 2013-06-16 16:47 - 00000000 ____D () C:\Users\Martina\AppData\Local\Adobe
2014-09-03 07:46 - 2014-08-21 16:09 - 00000000 ____D () C:\ProgramData\TEMP
2014-09-03 07:46 - 2013-09-18 15:26 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-09-03 07:44 - 2009-07-14 06:51 - 00075101 _____ () C:\Windows\setupact.log
2014-09-02 21:44 - 2013-10-27 07:21 - 00000000 ____D () C:\Users\Martina\AppData\Local\CrashDumps
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedMaxPc
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\ProgramData\SpeedMaxPc
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\Program Files (x86)\SpeedMaxPc
2014-09-02 14:02 - 2013-08-09 13:39 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Skype
2014-09-02 10:40 - 2014-09-02 09:52 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Nico Mak Computing
2014-09-02 08:45 - 2014-09-02 07:07 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-09-02 07:15 - 2014-08-21 16:08 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\istartsurf
2014-09-02 07:09 - 2014-09-02 07:09 - 00000000 _____ () C:\autoexec.bat
2014-09-02 07:08 - 2014-09-02 07:08 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-09-01 22:35 - 2013-06-15 03:18 - 00323572 _____ () C:\Windows\PFRO.log
2014-09-01 22:21 - 2014-08-21 16:12 - 00000000 ____D () C:\Program Files (x86)\FLVPlayer
2014-09-01 22:20 - 2014-08-21 16:15 - 00000000 ____D () C:\Program Files (x86)\TheGoPhoto.it V10
2014-09-01 22:20 - 2014-08-21 16:13 - 00000000 ____D () C:\Program Files (x86)\TheHDvid-Codec V10
2014-09-01 21:49 - 2014-08-30 16:16 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-09-01 14:33 - 2014-09-01 14:33 - 00003073 _____ () C:\AdwCleaner[R17].txt
2014-09-01 11:43 - 2013-11-29 17:31 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-09-01 11:18 - 2009-07-14 19:58 - 00699666 _____ () C:\Windows\system32\perfh007.dat
2014-09-01 11:18 - 2009-07-14 19:58 - 00149774 _____ () C:\Windows\system32\perfc007.dat
2014-09-01 11:18 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-31 20:35 - 2013-06-15 00:30 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\vlc
2014-08-31 19:56 - 2014-08-16 10:48 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\dvdcss
2014-08-31 18:21 - 2014-08-31 18:21 - 00003050 _____ () C:\AdwCleaner[S14].txt
2014-08-31 18:21 - 2014-08-31 18:21 - 00002951 _____ () C:\AdwCleaner[R16].txt
2014-08-30 20:38 - 2014-08-30 20:38 - 00110730 _____ () C:\AdwCleaner[S13].txt
2014-08-30 20:37 - 2014-08-30 20:37 - 00110629 _____ () C:\AdwCleaner[R15].txt
2014-08-30 19:11 - 2014-08-30 16:25 - 00000000 ____D () C:\Users\Martina\.birdfont
2014-08-30 16:25 - 2013-06-14 23:48 - 00000000 ____D () C:\Users\Martina
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Birdfont
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Program Files (x86)\Birdfont
2014-08-30 16:18 - 2014-08-30 16:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InetStat
2014-08-30 16:17 - 2014-08-30 16:16 - 00000000 _____ () C:\END
2014-08-30 16:16 - 2014-08-30 16:16 - 00000000 ____D () C:\Users\Martina\AppData\Local\SearchProtect
2014-08-29 20:07 - 2009-07-14 06:45 - 05101376 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-27 20:00 - 2014-08-27 20:00 - 00003072 _____ () C:\AdwCleaner[S12].txt
2014-08-27 20:00 - 2014-08-27 20:00 - 00003003 _____ () C:\AdwCleaner[R14].txt
2014-08-23 21:29 - 2014-08-23 12:40 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d2d37505a2a6c55326c342341.job
2014-08-23 10:00 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files (x86)\YouTube Accelerator
2014-08-23 04:07 - 2014-08-28 21:00 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 03:45 - 2014-08-28 21:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-23 02:59 - 2014-08-28 21:00 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-22 18:23 - 2014-08-22 18:23 - 00000000 ____D () C:\ProgramData\374311380
2014-08-21 16:15 - 2014-08-21 16:15 - 00004492 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-11.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001818 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-1.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001700 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5_user.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001680 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001410 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-2.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00000896 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore1cfbd4a5e77343e.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001826 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-1.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001704 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5_user.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001684 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001414 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-2.job
2014-08-21 16:14 - 2014-08-21 16:13 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-08-21 16:13 - 2014-08-21 16:13 - 00004494 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-11.job
2014-08-21 16:13 - 2014-08-21 16:13 - 00000000 ____D () C:\Users\Martina\AppData\Local\globalUpdate
2014-08-21 16:12 - 2014-08-21 16:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FLVPlayer
2014-08-21 16:10 - 2014-08-21 16:10 - 00000260 _____ () C:\Windows\Tasks\Launch 21752.job
2014-08-21 16:10 - 2014-08-21 16:10 - 00000000 ____D () C:\ProgramData\YTAHelper
2014-08-21 16:10 - 2014-08-21 16:10 - 00000000 ____D () C:\ProgramData\ShopperPro
2014-08-21 16:10 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files (x86)\YTAHelper
2014-08-21 16:10 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files (x86)\ShopperPro
2014-08-21 16:09 - 2014-08-21 16:09 - 00172032 _____ (Jin Hui E-mail: jinhui@jcomsoft.com Web: hxxp://www.jcomsoft.com) C:\Windows\SysWOW64\AniGIF.ocx
2014-08-21 16:09 - 2014-08-21 16:09 - 00001109 _____ () C:\Users\Martina\Desktop\YouTube Accelerator.lnk
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Users\Martina\AppData\Local\CrashRpt
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YouTube Accelerator
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files\Common Files\ShopperPro
2014-08-21 16:08 - 2014-08-21 16:08 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-08-21 16:08 - 2013-06-16 16:53 - 00002354 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-21 16:08 - 2013-06-15 00:32 - 00001358 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-08-21 16:08 - 2013-06-14 23:49 - 00001649 _____ () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\High-Logic FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Local\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\High-Logic FontCreator
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieUserList
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieSiteList
2014-08-20 21:09 - 2014-08-20 21:09 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\DesktopIconGoodgame
2014-08-20 21:09 - 2014-08-20 20:28 - 00000000 ____D () C:\Program Files (x86)\FontForge
2014-08-20 20:46 - 2014-08-20 20:30 - 00000000 ____D () C:\Users\Martina\AppData\Local\Abelssoft
2014-08-20 20:31 - 2014-08-20 20:31 - 00000366 _____ () C:\Windows\Tasks\Updater scan.job
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Abelssoft
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\ProgramData\XDMessagingv4
2014-08-20 20:30 - 2013-06-15 00:32 - 00113576 _____ () C:\Users\Martina\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-20 20:29 - 2014-08-20 20:29 - 00001013 _____ () C:\Users\Public\Desktop\CHIP Updater.lnk
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CHIP Updater
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\Program Files (x86)\CHIP Updater
2014-08-20 20:28 - 2014-08-20 20:28 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FontForge
2014-08-19 15:23 - 2014-08-19 15:23 - 00001100 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-19 15:23 - 2014-08-14 14:22 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-19 15:23 - 2013-08-18 13:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-08-19 15:22 - 2013-08-18 13:04 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-08-14 14:22 - 2013-08-18 13:04 - 00000000 ____D () C:\ProgramData\Avira
2014-08-14 08:08 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-14 07:52 - 2013-06-16 18:01 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-14 07:42 - 2013-08-14 20:07 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-14 07:36 - 2013-06-15 01:38 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-14 07:25 - 2014-05-07 03:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-11 09:18 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\tmp
2014-08-07 08:58 - 2014-08-07 08:58 - 00000000 ____D () C:\Users\Martina\restore
2014-08-07 04:06 - 2014-08-13 20:41 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-07 04:01 - 2014-08-13 20:41 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-06 14:31 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\hps
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Fotoviewer.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Foto World.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hartlauer Foto World
2014-08-06 12:00 - 2014-08-06 12:00 - 00000000 ____D () C:\Program Files\Hartlauer Foto World

Some content of TEMP:
====================
C:\Users\Martina\AppData\Local\Temp\avgnt.exe

Tinti 03.09.2014 08:06
Teil 3

Code:
C:\Users\Martina\AppData\Local\Temp\SHSetup.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2013-08-29 06:40

==================== End Of Log ============================
FRST Logfile:

       
Code:

       
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-09-2014
Ran by Martina (administrator) on NB01KRZBMA on 03-09-2014 08:17:04
Running from D:\Martina\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Fuyu LIMITED) C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(ShopperPro) C:\Program Files\Common Files\ShopperPro\spbiu.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(GOOBZO) C:\Program Files (x86)\YouTube Accelerator\YouTubeAcceleratorService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
() C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.486\jsdrv.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(globalUpdate) C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Farbar) D:\Martina\Desktop\FRST64 (1).exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [790176 2011-03-31] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [657056 2011-03-31] (Atheros Commnucations)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-09-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-14] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2237328 2013-11-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1273448 2012-04-03] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [449168 2012-03-26] (CANON INC.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [161584 2014-08-04] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SPDriver] => C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.486\jsdrv.exe [3211776 2014-08-07] ()
HKU\.DEFAULT\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-06-15] (Microsoft Corporation)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21446272 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [LiveSupport] => "C:\Program Files (x86)\LiveSupport\LiveSupport.exe" /noshow /log
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [GoobzoYouTubeAccelerator] => C:\Program Files (x86)\YouTube Accelerator\YouTubeAccelerator.exe [2227048 2014-08-21] (GOOBZO)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [SPDriver] => C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.486\jsdrv.exe [3211776 2014-08-07] ()
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-06-16] (Google Inc.)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\RunOnce: [Uninstall C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64"
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\RunOnce: [Uninstall C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64"
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: F - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {9f0476a4-d6a2-11e2-b1ce-90004eb858ed} - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {9f0476aa-d6a2-11e2-b1ce-90004eb858ed} - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {9f0476d6-d6a2-11e2-b1ce-90004eb858ed} - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {c3dde93d-99b1-11e3-9283-90004eb858ee} - F:\Startme.exe
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll [232408 2014-08-31] (Client Connect LTD)
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll [187352 2014-08-31] (Client Connect LTD)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\simplicheck.lnk
ShortcutTarget: simplicheck.lnk -> C:\Program Files (x86)\simplitec\simplicheck\simplicheck.exe (simplitec)
ShellIconOverlayIdentifiers:  AccExtIco1 -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers:  AccExtIco2 -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers:  AccExtIco3 -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.trovi.com/?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MBE1B69C2-1A5C-4CA3-9376-6B92DBDE9BCF&SearchSource=55&CUI=&UM=6&UP=SPAA41E917-BF56-450F-9DCA-0EBCA6938BAD&SSPV=
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x46388F1AA669CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://at.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-AT
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hp&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
URLSearchHook: HKCU - SearchHook Class - {D8278076-BC68-4484-9233-6E7F1628B56C} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\searchhook.dll (APN LLC.)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.istartsurf.com/?type=sc&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MBE1B69C2-1A5C-4CA3-9376-6B92DBDE9BCF&SearchSource=58&CUI=&UM=6&UP=SPAA41E917-BF56-450F-9DCA-0EBCA6938BAD&q={searchTerms}&SSPV=
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MBE1B69C2-1A5C-4CA3-9376-6B92DBDE9BCF&SearchSource=58&CUI=&UM=6&UP=SPAA41E917-BF56-450F-9DCA-0EBCA6938BAD&q={searchTerms}&SSPV=
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Avira SearchFree Toolbar -> {41564952-412D-5637-00A7-7A786E7484D7} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Shopper Pro -> {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} -> C:\ProgramData\ShopperPro\ShopperPro64.dll (Goobzo Ltd.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: DVDVideoSoft WebPageAdjuster Class -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO: YTAHelper -> {FCE3FA8B-BA81-467C-81D8-E43C00D1BC71} -> C:\ProgramData\YTAHelper\YTAHelper64.dll (Goobzo Ltd.)
BHO-x32: Avira SearchFree Toolbar -> {41564952-412D-5637-00A7-7A786E7484D7} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: No Name -> {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} ->  No File
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: FindRight -> {cf710881-c002-4ea4-860a-b6931b040948} -> C:\Program Files (x86)\FindRight\FindRightbho.dll (FindRight)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DVDVideoSoft WebPageAdjuster Class -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
BHO-x32: YTAHelper -> {FCE3FA8B-BA81-467C-81D8-E43C00D1BC71} -> C:\ProgramData\YTAHelper\YTAHelper.dll (Goobzo Ltd.)
Toolbar: HKLM - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
Toolbar: HKLM-x32 - mysearchdial Toolbar - {3004627E-F8E9-4E8B-909D-316753CBA923} - C:\Program Files (x86)\Mysearchdial\1.8.21.0\mysearchdialTlbr.dll No File
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default
FF NewTab: hxxp://www.istartsurf.com/newtab/?type=nt&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX
FF DefaultSearchEngine: istartsurf
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: istartsurf
FF Homepage: hxxp://www.istartsurf.com/?type=hp&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF SearchPlugin: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\bingp.xml
FF SearchPlugin: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\BrowserDefender.xml
FF SearchPlugin: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\delta.xml
FF SearchPlugin: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\Mysearchdial.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\istartsurf.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
FF Extension: TheHDvid-Codec V10 - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\43f13f31-cec7-4ac7-ad4a-18dfdaeae120@gmail.com [2014-08-21]
FF Extension: TheGoPhoto.it V10 - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\EWBNO58637124@CLP39222015.com [2014-08-21]
FF Extension: Fast Start - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\faststartff@gmail.com [2014-08-21]
FF Extension: Avira SearchFree Toolbar plus Web Protection - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\toolbar_AVIRA-V7@apn.ask.com [2013-08-18]
FF Extension: Youtube Accelerator Helper - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\{4C59F3E5-BBD0-4344-8DD2-30866FA0B31E} [2014-08-21]
FF Extension: Shopper-Pro - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\{746505DC-0E21-4667-97F8-72EA6BCF5EEF} [2014-08-21]
FF Extension: FindRight - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\firefox@myfindright.com.xpi [2014-02-18]
FF Extension: Avira SearchFree Toolbar plus Web Protection - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\toolbar_AVIRA-V7@apn.ask.com.xpi [2014-02-21]
FF HKLM-x32\...\Firefox\Extensions: [fiddlerhook@fiddler2.com] - C:\Program Files (x86)\Fiddler2\FiddlerHook
FF Extension: FiddlerHook - C:\Program Files (x86)\Fiddler2\FiddlerHook [2013-06-16]
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2013-07-13]
FF HKLM-x32\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\extensions\faststartff@gmail.com
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe hxxp://www.istartsurf.com/?type=sc&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX

Chrome:
=======
CHR StartupUrls: Default -> "https://www.google.at/?gws_rd=ssl#q=was+ist+it+surf%3F"
CHR DefaultSuggestURL: Default ->
CHR Profile: C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-31]
CHR Extension: (Google Drive) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-31]
CHR Extension: (YouTube) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-31]
CHR Extension: (Google-Suche) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-31]
CHR Extension: (DVDVideoSoft) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp [2013-07-14]
CHR Extension: (Google Wallet) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-27]
CHR Extension: (Google Mail) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-31]
CHR Extension: (Extutil) - C:\Users\Martina\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B [2014-08-31]
CHR Extension: (Managera) - C:\Users\Martina\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42 [2014-08-31]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2013-07-13]
CHR HKLM-x32\...\Chrome\Extension: [aaaaacalgebmfelllfiaoknifldpngjh] - C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7\CRX\ToolbarCR.crx [2014-02-21]
CHR StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe hxxp://www.istartsurf.com/?type=sc&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1021008 2014-08-14] (Avira Operations GmbH & Co. KG)
S4 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2014-02-13] () [File not signed]
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [146592 2011-03-31] (Atheros) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [75936 2011-03-31] (Atheros Commnucations) [File not signed]
S2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [149296 2014-08-04] (Avira Operations GmbH & Co. KG)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2356408 2014-06-19] (Microsoft Corporation)
R2 CltMngSvc; C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe [2998232 2014-08-31] (Client Connect LTD)
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-08-21] (globalUpdate) [File not signed]
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-08-21] (globalUpdate) [File not signed]
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] ()
R2 SPBIUpd; C:\Program Files\Common Files\ShopperPro\spbiu.exe [2346880 2014-08-07] (ShopperPro)
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [528896 2014-08-21] (Fuyu LIMITED) [File not signed]
R2 YouTubeAcceleratorService; C:\Program Files (x86)\YouTube Accelerator\YouTubeAcceleratorService.exe [1510248 2014-08-21] (GOOBZO)
S2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe -service [X]
S2 Wajam Internet Enhancer Service; C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\WajamInternetEnhancerService.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-07-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-10] (Avira Operations GmbH & Co. KG)
R3 SPBIUpdd; C:\Program Files\Common Files\ShopperPro\spbiw.sys [41856 2014-08-07] ()
R2 SPDRIVER_1.37.0.486; C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.486\jsdrv.sys [52584 2014-08-07] ()
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
R3 SPPD; \??\C:\Windows\system32\drivers\SPPD.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedMaxPc
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\ProgramData\SpeedMaxPc
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\Program Files (x86)\SpeedMaxPc
2014-09-02 11:49 - 2014-09-03 08:17 - 00000000 ____D () C:\FRST
2014-09-02 09:52 - 2014-09-02 10:40 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Nico Mak Computing
2014-09-02 07:09 - 2014-09-02 07:09 - 00000000 _____ () C:\autoexec.bat
2014-09-02 07:08 - 2014-09-02 07:08 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-09-02 07:07 - 2014-09-02 08:45 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-09-01 14:33 - 2014-09-01 14:33 - 00003073 _____ () C:\AdwCleaner[R17].txt
2014-08-31 18:21 - 2014-08-31 18:21 - 00003050 _____ () C:\AdwCleaner[S14].txt
2014-08-31 18:21 - 2014-08-31 18:21 - 00002951 _____ () C:\AdwCleaner[R16].txt
2014-08-30 20:38 - 2014-08-30 20:38 - 00110730 _____ () C:\AdwCleaner[S13].txt
2014-08-30 20:37 - 2014-08-30 20:37 - 00110629 _____ () C:\AdwCleaner[R15].txt
2014-08-30 16:25 - 2014-08-30 19:11 - 00000000 ____D () C:\Users\Martina\.birdfont
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Birdfont
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Program Files (x86)\Birdfont
2014-08-30 16:18 - 2014-08-30 16:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InetStat
2014-08-30 16:16 - 2014-09-01 21:49 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-08-30 16:16 - 2014-08-30 16:17 - 00000000 _____ () C:\END
2014-08-30 16:16 - 2014-08-30 16:16 - 00000000 ____D () C:\Users\Martina\AppData\Local\SearchProtect
2014-08-28 21:00 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-28 21:00 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-28 21:00 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-27 20:00 - 2014-08-27 20:00 - 00003072 _____ () C:\AdwCleaner[S12].txt
2014-08-27 20:00 - 2014-08-27 20:00 - 00003003 _____ () C:\AdwCleaner[R14].txt
2014-08-25 23:05 - 2014-09-03 07:47 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d5b784a456c2a23342a325557.job
2014-08-23 12:40 - 2014-08-23 21:29 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d2d37505a2a6c55326c342341.job
2014-08-22 18:23 - 2014-08-22 18:23 - 00000000 ____D () C:\ProgramData\374311380
2014-08-21 16:15 - 2014-09-01 22:20 - 00000000 ____D () C:\Program Files (x86)\TheGoPhoto.it V10
2014-08-21 16:15 - 2014-08-21 16:15 - 00004492 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-11.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001818 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-1.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001700 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5_user.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001680 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001410 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-2.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00000896 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore1cfbd4a5e77343e.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001826 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-1.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001704 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5_user.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001684 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001414 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-2.job
2014-08-21 16:13 - 2014-09-01 22:20 - 00000000 ____D () C:\Program Files (x86)\TheHDvid-Codec V10
2014-08-21 16:13 - 2014-08-21 16:14 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-08-21 16:13 - 2014-08-21 16:13 - 00004494 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-11.job
2014-08-21 16:13 - 2014-08-21 16:13 - 00000000 ____D () C:\Users\Martina\AppData\Local\globalUpdate
2014-08-21 16:12 - 2014-09-01 22:21 - 00000000 ____D () C:\Program Files (x86)\FLVPlayer
2014-08-21 16:12 - 2014-08-21 16:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FLVPlayer
2014-08-21 16:10 - 2014-08-21 16:10 - 00000260 _____ () C:\Windows\Tasks\Launch 21752.job
2014-08-21 16:10 - 2014-08-21 16:10 - 00000000 ____D () C:\ProgramData\YTAHelper
2014-08-21 16:10 - 2014-08-21 16:10 - 00000000 ____D () C:\ProgramData\ShopperPro
2014-08-21 16:09 - 2014-09-03 07:46 - 00000000 ____D () C:\ProgramData\TEMP
2014-08-21 16:09 - 2014-08-23 10:00 - 00000000 ____D () C:\Program Files (x86)\YouTube Accelerator
2014-08-21 16:09 - 2014-08-21 16:10 - 00000000 ____D () C:\Program Files (x86)\YTAHelper
2014-08-21 16:09 - 2014-08-21 16:10 - 00000000 ____D () C:\Program Files (x86)\ShopperPro
2014-08-21 16:09 - 2014-08-21 16:09 - 00172032 _____ (Jin Hui E-mail: jinhui@jcomsoft.com Web: hxxp://www.jcomsoft.com) C:\Windows\SysWOW64\AniGIF.ocx
2014-08-21 16:09 - 2014-08-21 16:09 - 00001109 _____ () C:\Users\Martina\Desktop\YouTube Accelerator.lnk
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Users\Martina\AppData\Local\CrashRpt
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YouTube Accelerator
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files\Common Files\ShopperPro
2014-08-21 16:08 - 2014-09-02 07:15 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\istartsurf
2014-08-21 16:08 - 2014-08-21 16:08 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\High-Logic FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Local\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\High-Logic FontCreator
2014-08-21 09:48 - 2013-01-24 13:43 - 01415352 _____ (High-Logic B.V.) C:\Windows\SysWOW64\FontInstaller2.dll
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieUserList
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieSiteList
2014-08-20 21:09 - 2014-08-20 21:09 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\DesktopIconGoodgame
2014-08-20 20:31 - 2014-08-20 20:31 - 00000366 _____ () C:\Windows\Tasks\Updater scan.job
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Abelssoft
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\ProgramData\XDMessagingv4
2014-08-20 20:30 - 2014-08-20 20:46 - 00000000 ____D () C:\Users\Martina\AppData\Local\Abelssoft
2014-08-20 20:29 - 2014-08-20 20:29 - 00001013 _____ () C:\Users\Public\Desktop\CHIP Updater.lnk
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CHIP Updater
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\Program Files (x86)\CHIP Updater
2014-08-20 20:28 - 2014-08-20 21:09 - 00000000 ____D () C:\Program Files (x86)\FontForge
2014-08-20 20:28 - 2014-08-20 20:28 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FontForge
2014-08-19 15:23 - 2014-08-19 15:23 - 00001100 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-16 10:48 - 2014-08-31 19:56 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\dvdcss
2014-08-14 14:22 - 2014-08-19 15:23 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-14 07:27 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-14 07:27 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-14 07:27 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-14 07:27 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-14 07:27 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-14 07:27 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-14 07:26 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-14 07:26 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-13 20:44 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-13 20:44 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-08-13 20:44 - 2014-07-09 00:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-08-13 20:44 - 2014-07-09 00:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2014-08-13 20:44 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-13 20:44 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-13 20:44 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-13 20:44 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-13 20:44 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-13 20:44 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-13 20:44 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-13 20:43 - 2014-08-01 01:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-13 20:43 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-13 20:43 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-13 20:43 - 2014-07-25 16:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-13 20:43 - 2014-07-25 16:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-13 20:43 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-13 20:43 - 2014-07-25 15:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-13 20:43 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-13 20:43 - 2014-07-25 15:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-13 20:43 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-13 20:43 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-13 20:43 - 2014-07-25 15:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-13 20:43 - 2014-07-25 15:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-13 20:43 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-13 20:43 - 2014-07-25 15:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-13 20:43 - 2014-07-25 15:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-13 20:43 - 2014-07-25 15:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-13 20:43 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-13 20:43 - 2014-07-25 14:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-13 20:43 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-13 20:43 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-13 20:43 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-13 20:43 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-13 20:43 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-13 20:43 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-13 20:43 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-13 20:43 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-13 20:43 - 2014-07-25 14:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-13 20:43 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-13 20:43 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-13 20:43 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-13 20:43 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-13 20:43 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-13 20:43 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-13 20:43 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-13 20:43 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-13 20:43 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-13 20:43 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-13 20:43 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-13 20:43 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-13 20:43 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-13 20:43 - 2014-07-25 13:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-13 20:43 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-13 20:43 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-13 20:43 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-13 20:43 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-13 20:43 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-13 20:43 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-13 20:43 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-13 20:43 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-13 20:43 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-13 20:43 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-13 20:43 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-13 20:43 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-13 20:43 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-13 20:43 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-13 20:43 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-13 20:43 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-13 20:43 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-13 20:42 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-13 20:42 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-13 20:41 - 2014-08-07 04:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-13 20:41 - 2014-08-07 04:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-07 08:58 - 2014-08-07 08:58 - 00000000 ____D () C:\Users\Martina\restore
2014-08-06 12:12 - 2014-08-11 09:18 - 00000000 ____D () C:\ProgramData\tmp
2014-08-06 12:12 - 2014-08-06 14:31 - 00000000 ____D () C:\ProgramData\hps
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Fotoviewer.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Foto World.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hartlauer Foto World
2014-08-06 12:00 - 2014-08-06 12:00 - 00000000 ____D () C:\Program Files\Hartlauer Foto World

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-03 08:17 - 2014-09-02 11:49 - 00000000 ____D () C:\FRST
2014-09-03 07:54 - 2009-07-14 06:45 - 00015104 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-03 07:54 - 2009-07-14 06:45 - 00015104 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-03 07:53 - 2013-06-14 23:43 - 01758725 _____ () C:\Windows\WindowsUpdate.log
2014-09-03 07:47 - 2014-08-25 23:05 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d5b784a456c2a23342a325557.job
2014-09-03 07:47 - 2013-06-16 16:47 - 00000000 ____D () C:\Users\Martina\AppData\Local\Adobe
2014-09-03 07:46 - 2014-08-21 16:09 - 00000000 ____D () C:\ProgramData\TEMP
2014-09-03 07:46 - 2013-09-18 15:26 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-09-03 07:44 - 2009-07-14 06:51 - 00075101 _____ () C:\Windows\setupact.log
2014-09-02 21:44 - 2013-10-27 07:21 - 00000000 ____D () C:\Users\Martina\AppData\Local\CrashDumps
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedMaxPc
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\ProgramData\SpeedMaxPc
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\Program Files (x86)\SpeedMaxPc
2014-09-02 14:02 - 2013-08-09 13:39 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Skype
2014-09-02 10:40 - 2014-09-02 09:52 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Nico Mak Computing
2014-09-02 08:45 - 2014-09-02 07:07 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-09-02 07:15 - 2014-08-21 16:08 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\istartsurf
2014-09-02 07:09 - 2014-09-02 07:09 - 00000000 _____ () C:\autoexec.bat
2014-09-02 07:08 - 2014-09-02 07:08 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-09-01 22:35 - 2013-06-15 03:18 - 00323572 _____ () C:\Windows\PFRO.log
2014-09-01 22:21 - 2014-08-21 16:12 - 00000000 ____D () C:\Program Files (x86)\FLVPlayer
2014-09-01 22:20 - 2014-08-21 16:15 - 00000000 ____D () C:\Program Files (x86)\TheGoPhoto.it V10
2014-09-01 22:20 - 2014-08-21 16:13 - 00000000 ____D () C:\Program Files (x86)\TheHDvid-Codec V10
2014-09-01 21:49 - 2014-08-30 16:16 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-09-01 14:33 - 2014-09-01 14:33 - 00003073 _____ () C:\AdwCleaner[R17].txt
2014-09-01 11:43 - 2013-11-29 17:31 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-09-01 11:18 - 2009-07-14 19:58 - 00699666 _____ () C:\Windows\system32\perfh007.dat
2014-09-01 11:18 - 2009-07-14 19:58 - 00149774 _____ () C:\Windows\system32\perfc007.dat
2014-09-01 11:18 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-31 20:35 - 2013-06-15 00:30 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\vlc
2014-08-31 19:56 - 2014-08-16 10:48 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\dvdcss
2014-08-31 18:21 - 2014-08-31 18:21 - 00003050 _____ () C:\AdwCleaner[S14].txt
2014-08-31 18:21 - 2014-08-31 18:21 - 00002951 _____ () C:\AdwCleaner[R16].txt
2014-08-30 20:38 - 2014-08-30 20:38 - 00110730 _____ () C:\AdwCleaner[S13].txt
2014-08-30 20:37 - 2014-08-30 20:37 - 00110629 _____ () C:\AdwCleaner[R15].txt
2014-08-30 19:11 - 2014-08-30 16:25 - 00000000 ____D () C:\Users\Martina\.birdfont
2014-08-30 16:25 - 2013-06-14 23:48 - 00000000 ____D () C:\Users\Martina
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Birdfont
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Program Files (x86)\Birdfont
2014-08-30 16:18 - 2014-08-30 16:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InetStat
2014-08-30 16:17 - 2014-08-30 16:16 - 00000000 _____ () C:\END
2014-08-30 16:16 - 2014-08-30 16:16 - 00000000 ____D () C:\Users\Martina\AppData\Local\SearchProtect
2014-08-29 20:07 - 2009-07-14 06:45 - 05101376 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-27 20:00 - 2014-08-27 20:00 - 00003072 _____ () C:\AdwCleaner[S12].txt
2014-08-27 20:00 - 2014-08-27 20:00 - 00003003 _____ () C:\AdwCleaner[R14].txt
2014-08-23 21:29 - 2014-08-23 12:40 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d2d37505a2a6c55326c342341.job
2014-08-23 10:00 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files (x86)\YouTube Accelerator
2014-08-23 04:07 - 2014-08-28 21:00 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 03:45 - 2014-08-28 21:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-23 02:59 - 2014-08-28 21:00 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-22 18:23 - 2014-08-22 18:23 - 00000000 ____D () C:\ProgramData\374311380
2014-08-21 16:15 - 2014-08-21 16:15 - 00004492 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-11.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001818 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-1.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001700 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5_user.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001680 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001410 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-2.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00000896 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore1cfbd4a5e77343e.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001826 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-1.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001704 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5_user.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001684 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001414 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-2.job
2014-08-21 16:14 - 2014-08-21 16:13 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-08-21 16:13 - 2014-08-21 16:13 - 00004494 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-11.job
2014-08-21 16:13 - 2014-08-21 16:13 - 00000000 ____D () C:\Users\Martina\AppData\Local\globalUpdate
2014-08-21 16:12 - 2014-08-21 16:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FLVPlayer
2014-08-21 16:10 - 2014-08-21 16:10 - 00000260 _____ () C:\Windows\Tasks\Launch 21752.job
2014-08-21 16:10 - 2014-08-21 16:10 - 00000000 ____D () C:\ProgramData\YTAHelper
2014-08-21 16:10 - 2014-08-21 16:10 - 00000000 ____D () C:\ProgramData\ShopperPro
2014-08-21 16:10 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files (x86)\YTAHelper
2014-08-21 16:10 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files (x86)\ShopperPro
2014-08-21 16:09 - 2014-08-21 16:09 - 00172032 _____ (Jin Hui E-mail: jinhui@jcomsoft.com Web: hxxp://www.jcomsoft.com) C:\Windows\SysWOW64\AniGIF.ocx
2014-08-21 16:09 - 2014-08-21 16:09 - 00001109 _____ () C:\Users\Martina\Desktop\YouTube Accelerator.lnk
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Users\Martina\AppData\Local\CrashRpt
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YouTube Accelerator
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files\Common Files\ShopperPro
2014-08-21 16:08 - 2014-08-21 16:08 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-08-21 16:08 - 2013-06-16 16:53 - 00002354 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-21 16:08 - 2013-06-15 00:32 - 00001358 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-08-21 16:08 - 2013-06-14 23:49 - 00001649 _____ () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\High-Logic FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Local\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\High-Logic FontCreator
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieUserList
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieSiteList
2014-08-20 21:09 - 2014-08-20 21:09 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\DesktopIconGoodgame
2014-08-20 21:09 - 2014-08-20 20:28 - 00000000 ____D () C:\Program Files (x86)\FontForge
2014-08-20 20:46 - 2014-08-20 20:30 - 00000000 ____D () C:\Users\Martina\AppData\Local\Abelssoft
2014-08-20 20:31 - 2014-08-20 20:31 - 00000366 _____ () C:\Windows\Tasks\Updater scan.job
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Abelssoft
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\ProgramData\XDMessagingv4
2014-08-20 20:30 - 2013-06-15 00:32 - 00113576 _____ () C:\Users\Martina\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-20 20:29 - 2014-08-20 20:29 - 00001013 _____ () C:\Users\Public\Desktop\CHIP Updater.lnk
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CHIP Updater
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\Program Files (x86)\CHIP Updater
2014-08-20 20:28 - 2014-08-20 20:28 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FontForge
2014-08-19 15:23 - 2014-08-19 15:23 - 00001100 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-19 15:23 - 2014-08-14 14:22 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-19 15:23 - 2013-08-18 13:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-08-19 15:22 - 2013-08-18 13:04 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-08-14 14:22 - 2013-08-18 13:04 - 00000000 ____D () C:\ProgramData\Avira
2014-08-14 08:08 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-14 07:52 - 2013-06-16 18:01 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-14 07:42 - 2013-08-14 20:07 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-14 07:36 - 2013-06-15 01:38 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-14 07:25 - 2014-05-07 03:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-11 09:18 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\tmp
2014-08-07 08:58 - 2014-08-07 08:58 - 00000000 ____D () C:\Users\Martina\restore
2014-08-07 04:06 - 2014-08-13 20:41 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-07 04:01 - 2014-08-13 20:41 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-06 14:31 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\hps
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Fotoviewer.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Foto World.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hartlauer Foto World
2014-08-06 12:00 - 2014-08-06 12:00 - 00000000 ____D () C:\Program Files\Hartlauer Foto World

Some content of TEMP:
====================
C:\Users\Martina\AppData\Local\Temp\avgnt.exe
C:\Users\Martina\AppData\Local\Temp\SHSetup.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2013-08-29 06:40

==================== End Of Log ============================

--- --- ---
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-09-2014
Ran by Martina (administrator) on NB01KRZBMA on 03-09-2014 08:17:04
Running from D:\Martina\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Fuyu LIMITED) C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(ShopperPro) C:\Program Files\Common Files\ShopperPro\spbiu.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(GOOBZO) C:\Program Files (x86)\YouTube Accelerator\YouTubeAcceleratorService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
() C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.486\jsdrv.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(globalUpdate) C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Farbar) D:\Martina\Desktop\FRST64 (1).exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [790176 2011-03-31] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [657056 2011-03-31] (Atheros Commnucations)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-09-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-14] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2237328 2013-11-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1273448 2012-04-03] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [449168 2012-03-26] (CANON INC.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [161584 2014-08-04] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SPDriver] => C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.486\jsdrv.exe [3211776 2014-08-07] ()
HKU\.DEFAULT\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-06-15] (Microsoft Corporation)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21446272 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [LiveSupport] => "C:\Program Files (x86)\LiveSupport\LiveSupport.exe" /noshow /log
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [GoobzoYouTubeAccelerator] => C:\Program Files (x86)\YouTube Accelerator\YouTubeAccelerator.exe [2227048 2014-08-21] (GOOBZO)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [SPDriver] => C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.486\jsdrv.exe [3211776 2014-08-07] ()
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-06-16] (Google Inc.)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\RunOnce: [Uninstall C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64"
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\RunOnce: [Uninstall C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64"
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: F - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {9f0476a4-d6a2-11e2-b1ce-90004eb858ed} - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {9f0476aa-d6a2-11e2-b1ce-90004eb858ed} - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {9f0476d6-d6a2-11e2-b1ce-90004eb858ed} - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {c3dde93d-99b1-11e3-9283-90004eb858ee} - F:\Startme.exe
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll [232408 2014-08-31] (Client Connect LTD)
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll [187352 2014-08-31] (Client Connect LTD)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\simplicheck.lnk
ShortcutTarget: simplicheck.lnk -> C:\Program Files (x86)\simplitec\simplicheck\simplicheck.exe (simplitec)
ShellIconOverlayIdentifiers:  AccExtIco1 -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers:  AccExtIco2 -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers:  AccExtIco3 -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.trovi.com/?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MBE1B69C2-1A5C-4CA3-9376-6B92DBDE9BCF&SearchSource=55&CUI=&UM=6&UP=SPAA41E917-BF56-450F-9DCA-0EBCA6938BAD&SSPV=
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x46388F1AA669CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://at.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-AT
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hp&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
URLSearchHook: HKCU - SearchHook Class - {D8278076-BC68-4484-9233-6E7F1628B56C} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\searchhook.dll (APN LLC.)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.istartsurf.com/?type=sc&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MBE1B69C2-1A5C-4CA3-9376-6B92DBDE9BCF&SearchSource=58&CUI=&UM=6&UP=SPAA41E917-BF56-450F-9DCA-0EBCA6938BAD&q={searchTerms}&SSPV=
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MBE1B69C2-1A5C-4CA3-9376-6B92DBDE9BCF&SearchSource=58&CUI=&UM=6&UP=SPAA41E917-BF56-450F-9DCA-0EBCA6938BAD&q={searchTerms}&SSPV=
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Avira SearchFree Toolbar -> {41564952-412D-5637-00A7-7A786E7484D7} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Shopper Pro -> {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} -> C:\ProgramData\ShopperPro\ShopperPro64.dll (Goobzo Ltd.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: DVDVideoSoft WebPageAdjuster Class -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO: YTAHelper -> {FCE3FA8B-BA81-467C-81D8-E43C00D1BC71} -> C:\ProgramData\YTAHelper\YTAHelper64.dll (Goobzo Ltd.)
BHO-x32: Avira SearchFree Toolbar -> {41564952-412D-5637-00A7-7A786E7484D7} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: No Name -> {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} ->  No File
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: FindRight -> {cf710881-c002-4ea4-860a-b6931b040948} -> C:\Program Files (x86)\FindRight\FindRightbho.dll (FindRight)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DVDVideoSoft WebPageAdjuster Class -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
BHO-x32: YTAHelper -> {FCE3FA8B-BA81-467C-81D8-E43C00D1BC71} -> C:\ProgramData\YTAHelper\YTAHelper.dll (Goobzo Ltd.)
Toolbar: HKLM - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
Toolbar: HKLM-x32 - mysearchdial Toolbar - {3004627E-F8E9-4E8B-909D-316753CBA923} - C:\Program Files (x86)\Mysearchdial\1.8.21.0\mysearchdialTlbr.dll No File
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default
FF NewTab: hxxp://www.istartsurf.com/newtab/?type=nt&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX
FF DefaultSearchEngine: istartsurf
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: istartsurf
FF Homepage: hxxp://www.istartsurf.com/?type=hp&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF SearchPlugin: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\bingp.xml
FF SearchPlugin: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\BrowserDefender.xml
FF SearchPlugin: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\delta.xml
FF SearchPlugin: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\Mysearchdial.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\istartsurf.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
FF Extension: TheHDvid-Codec V10 - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\43f13f31-cec7-4ac7-ad4a-18dfdaeae120@gmail.com [2014-08-21]
FF Extension: TheGoPhoto.it V10 - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\EWBNO58637124@CLP39222015.com [2014-08-21]
FF Extension: Fast Start - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\faststartff@gmail.com [2014-08-21]
FF Extension: Avira SearchFree Toolbar plus Web Protection - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\toolbar_AVIRA-V7@apn.ask.com [2013-08-18]
FF Extension: Youtube Accelerator Helper - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\{4C59F3E5-BBD0-4344-8DD2-30866FA0B31E} [2014-08-21]
FF Extension: Shopper-Pro - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\{746505DC-0E21-4667-97F8-72EA6BCF5EEF} [2014-08-21]
FF Extension: FindRight - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\firefox@myfindright.com.xpi [2014-02-18]
FF Extension: Avira SearchFree Toolbar plus Web Protection - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\toolbar_AVIRA-V7@apn.ask.com.xpi [2014-02-21]
FF HKLM-x32\...\Firefox\Extensions: [fiddlerhook@fiddler2.com] - C:\Program Files (x86)\Fiddler2\FiddlerHook
FF Extension: FiddlerHook - C:\Program Files (x86)\Fiddler2\FiddlerHook [2013-06-16]
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2013-07-13]
FF HKLM-x32\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\extensions\faststartff@gmail.com
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe hxxp://www.istartsurf.com/?type=sc&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX

Chrome:
=======
CHR StartupUrls: Default -> "https://www.google.at/?gws_rd=ssl#q=was+ist+it+surf%3F"
CHR DefaultSuggestURL: Default ->
CHR Profile: C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-31]
CHR Extension: (Google Drive) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-31]
CHR Extension: (YouTube) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-31]
CHR Extension: (Google-Suche) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-31]
CHR Extension: (DVDVideoSoft) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp [2013-07-14]
CHR Extension: (Google Wallet) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-27]
CHR Extension: (Google Mail) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-31]
CHR Extension: (Extutil) - C:\Users\Martina\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B [2014-08-31]
CHR Extension: (Managera) - C:\Users\Martina\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42 [2014-08-31]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2013-07-13]
CHR HKLM-x32\...\Chrome\Extension: [aaaaacalgebmfelllfiaoknifldpngjh] - C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7\CRX\ToolbarCR.crx [2014-02-21]
CHR StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe hxxp://www.istartsurf.com/?type=sc&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1021008 2014-08-14] (Avira Operations GmbH & Co. KG)
S4 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2014-02-13] () [File not signed]
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [146592 2011-03-31] (Atheros) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [75936 2011-03-31] (Atheros Commnucations) [File not signed]
S2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [149296 2014-08-04] (Avira Operations GmbH & Co. KG)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2356408 2014-06-19] (Microsoft Corporation)
R2 CltMngSvc; C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe [2998232 2014-08-31] (Client Connect LTD)
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-08-21] (globalUpdate) [File not signed]
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-08-21] (globalUpdate) [File not signed]
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] ()
R2 SPBIUpd; C:\Program Files\Common Files\ShopperPro\spbiu.exe [2346880 2014-08-07] (ShopperPro)
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [528896 2014-08-21] (Fuyu LIMITED) [File not signed]
R2 YouTubeAcceleratorService; C:\Program Files (x86)\YouTube Accelerator\YouTubeAcceleratorService.exe [1510248 2014-08-21] (GOOBZO)
S2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe -service [X]
S2 Wajam Internet Enhancer Service; C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\WajamInternetEnhancerService.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-07-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-10] (Avira Operations GmbH & Co. KG)
R3 SPBIUpdd; C:\Program Files\Common Files\ShopperPro\spbiw.sys [41856 2014-08-07] ()
R2 SPDRIVER_1.37.0.486; C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.486\jsdrv.sys [52584 2014-08-07] ()
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
R3 SPPD; \??\C:\Windows\system32\drivers\SPPD.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

Tinti 03.09.2014 08:07
Teil 4

[CODE]==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedMaxPc
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\ProgramData\SpeedMaxPc
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\Program Files (x86)\SpeedMaxPc
2014-09-02 11:49 - 2014-09-03 08:17 - 00000000 ____D () C:\FRST
2014-09-02 09:52 - 2014-09-02 10:40 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Nico Mak Computing
2014-09-02 07:09 - 2014-09-02 07:09 - 00000000 _____ () C:\autoexec.bat
2014-09-02 07:08 - 2014-09-02 07:08 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-09-02 07:07 - 2014-09-02 08:45 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-09-01 14:33 - 2014-09-01 14:33 - 00003073 _____ () C:\AdwCleaner[R17].txt
2014-08-31 18:21 - 2014-08-31 18:21 - 00003050 _____ () C:\AdwCleaner[S14].txt
2014-08-31 18:21 - 2014-08-31 18:21 - 00002951 _____ () C:\AdwCleaner[R16].txt
2014-08-30 20:38 - 2014-08-30 20:38 - 00110730 _____ () C:\AdwCleaner[S13].txt
2014-08-30 20:37 - 2014-08-30 20:37 - 00110629 _____ () C:\AdwCleaner[R15].txt
2014-08-30 16:25 - 2014-08-30 19:11 - 00000000 ____D () C:\Users\Martina\.birdfont
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Birdfont
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Program Files (x86)\Birdfont
2014-08-30 16:18 - 2014-08-30 16:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InetStat
2014-08-30 16:16 - 2014-09-01 21:49 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-08-30 16:16 - 2014-08-30 16:17 - 00000000 _____ () C:\END
2014-08-30 16:16 - 2014-08-30 16:16 - 00000000 ____D () C:\Users\Martina\AppData\Local\SearchProtect
2014-08-28 21:00 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-28 21:00 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-28 21:00 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-27 20:00 - 2014-08-27 20:00 - 00003072 _____ () C:\AdwCleaner[S12].txt
2014-08-27 20:00 - 2014-08-27 20:00 - 00003003 _____ () C:\AdwCleaner[R14].txt
2014-08-25 23:05 - 2014-09-03 07:47 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d5b784a456c2a23342a325557.job
2014-08-23 12:40 - 2014-08-23 21:29 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d2d37505a2a6c55326c342341.job
2014-08-22 18:23 - 2014-08-22 18:23 - 00000000 ____D () C:\ProgramData\374311380
2014-08-21 16:15 - 2014-09-01 22:20 - 00000000 ____D () C:\Program Files (x86)\TheGoPhoto.it V10
2014-08-21 16:15 - 2014-08-21 16:15 - 00004492 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-11.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001818 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-1.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001700 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5_user.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001680 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001410 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-2.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00000896 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore1cfbd4a5e77343e.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001826 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-1.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001704 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5_user.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001684 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001414 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-2.job
2014-08-21 16:13 - 2014-09-01 22:20 - 00000000 ____D () C:\Program Files (x86)\TheHDvid-Codec V10
2014-08-21 16:13 - 2014-08-21 16:14 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-08-21 16:13 - 2014-08-21 16:13 - 00004494 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-11.job
2014-08-21 16:13 - 2014-08-21 16:13 - 00000000 ____D () C:\Users\Martina\AppData\Local\globalUpdate
2014-08-21 16:12 - 2014-09-01 22:21 - 00000000 ____D () C:\Program Files (x86)\FLVPlayer
2014-08-21 16:12 - 2014-08-21 16:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FLVPlayer
2014-08-21 16:10 - 2014-08-21 16:10 - 00000260 _____ () C:\Windows\Tasks\Launch 21752.job
2014-08-21 16:10 - 2014-08-21 16:10 - 00000000 ____D () C:\ProgramData\YTAHelper
2014-08-21 16:10 - 2014-08-21 16:10 - 00000000 ____D () C:\ProgramData\ShopperPro
2014-08-21 16:09 - 2014-09-03 07:46 - 00000000 ____D () C:\ProgramData\TEMP
2014-08-21 16:09 - 2014-08-23 10:00 - 00000000 ____D () C:\Program Files (x86)\YouTube Accelerator
2014-08-21 16:09 - 2014-08-21 16:10 - 00000000 ____D () C:\Program Files (x86)\YTAHelper
2014-08-21 16:09 - 2014-08-21 16:10 - 00000000 ____D () C:\Program Files (x86)\ShopperPro
2014-08-21 16:09 - 2014-08-21 16:09 - 00172032 _____ (Jin Hui E-mail: jinhui@jcomsoft.com Web: hxxp://www.jcomsoft.com) C:\Windows\SysWOW64\AniGIF.ocx
2014-08-21 16:09 - 2014-08-21 16:09 - 00001109 _____ () C:\Users\Martina\Desktop\YouTube Accelerator.lnk
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Users\Martina\AppData\Local\CrashRpt
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YouTube Accelerator
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files\Common Files\ShopperPro
2014-08-21 16:08 - 2014-09-02 07:15 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\istartsurf
2014-08-21 16:08 - 2014-08-21 16:08 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\High-Logic FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Local\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\High-Logic FontCreator
2014-08-21 09:48 - 2013-01-24 13:43 - 01415352 _____ (High-Logic B.V.) C:\Windows\SysWOW64\FontInstaller2.dll
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieUserList
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieSiteList
2014-08-20 21:09 - 2014-08-20 21:09 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\DesktopIconGoodgame
2014-08-20 20:31 - 2014-08-20 20:31 - 00000366 _____ () C:\Windows\Tasks\Updater scan.job
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Abelssoft
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\ProgramData\XDMessagingv4
2014-08-20 20:30 - 2014-08-20 20:46 - 00000000 ____D () C:\Users\Martina\AppData\Local\Abelssoft
2014-08-20 20:29 - 2014-08-20 20:29 - 00001013 _____ () C:\Users\Public\Desktop\CHIP Updater.lnk
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CHIP Updater
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\Program Files (x86)\CHIP Updater
2014-08-20 20:28 - 2014-08-20 21:09 - 00000000 ____D () C:\Program Files (x86)\FontForge
2014-08-20 20:28 - 2014-08-20 20:28 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FontForge
2014-08-19 15:23 - 2014-08-19 15:23 - 00001100 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-16 10:48 - 2014-08-31 19:56 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\dvdcss
2014-08-14 14:22 - 2014-08-19 15:23 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-14 07:27 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-14 07:27 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-14 07:27 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-14 07:27 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-14 07:27 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-14 07:27 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-14 07:26 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-14 07:26 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-13 20:44 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-13 20:44 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-08-13 20:44 - 2014-07-09 00:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-08-13 20:44 - 2014-07-09 00:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2014-08-13 20:44 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-13 20:44 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-13 20:44 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-13 20:44 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-13 20:44 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-13 20:44 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-13 20:44 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-13 20:43 - 2014-08-01 01:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-13 20:43 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-13 20:43 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-13 20:43 - 2014-07-25 16:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-13 20:43 - 2014-07-25 16:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-13 20:43 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-13 20:43 - 2014-07-25 15:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-13 20:43 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-13 20:43 - 2014-07-25 15:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-13 20:43 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-13 20:43 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-13 20:43 - 2014-07-25 15:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-13 20:43 - 2014-07-25 15:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-13 20:43 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-13 20:43 - 2014-07-25 15:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-13 20:43 - 2014-07-25 15:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-13 20:43 - 2014-07-25 15:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-13 20:43 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-13 20:43 - 2014-07-25 14:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-13 20:43 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-13 20:43 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-13 20:43 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-13 20:43 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-13 20:43 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-13 20:43 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-13 20:43 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-13 20:43 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-13 20:43 - 2014-07-25 14:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-13 20:43 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-13 20:43 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-13 20:43 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-13 20:43 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-13 20:43 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-13 20:43 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-13 20:43 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-13 20:43 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-13 20:43 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-13 20:43 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-13 20:43 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-13 20:43 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-13 20:43 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-13 20:43 - 2014-07-25 13:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-13 20:43 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-13 20:43 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-13 20:43 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-13 20:43 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-13 20:43 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-13 20:43 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-13 20:43 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-13 20:43 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-13 20:43 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-13 20:43 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-13 20:43 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-13 20:43 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-13 20:43 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-13 20:43 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-13 20:43 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-13 20:43 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-13 20:43 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-13 20:42 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-13 20:42 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-13 20:41 - 2014-08-07 04:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-13 20:41 - 2014-08-07 04:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-07 08:58 - 2014-08-07 08:58 - 00000000 ____D () C:\Users\Martina\restore
2014-08-06 12:12 - 2014-08-11 09:18 - 00000000 ____D () C:\ProgramData\tmp
2014-08-06 12:12 - 2014-08-06 14:31 - 00000000 ____D () C:\ProgramData\hps
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Fotoviewer.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Foto World.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hartlauer Foto World
2014-08-06 12:00 - 2014-08-06 12:00 - 00000000 ____D () C:\Program Files\Hartlauer Foto World

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-03 08:17 - 2014-09-02 11:49 - 00000000 ____D () C:\FRST
2014-09-03 07:54 - 2009-07-14 06:45 - 00015104 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-03 07:54 - 2009-07-14 06:45 - 00015104 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-03 07:53 - 2013-06-14 23:43 - 01758725 _____ () C:\Windows\WindowsUpdate.log
2014-09-03 07:47 - 2014-08-25 23:05 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d5b784a456c2a23342a325557.job
2014-09-03 07:47 - 2013-06-16 16:47 - 00000000 ____D () C:\Users\Martina\AppData\Local\Adobe
2014-09-03 07:46 - 2014-08-21 16:09 - 00000000 ____D () C:\ProgramData\TEMP
2014-09-03 07:46 - 2013-09-18 15:26 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-09-03 07:44 - 2009-07-14 06:51 - 00075101 _____ () C:\Windows\setupact.log
2014-09-02 21:44 - 2013-10-27 07:21 - 00000000 ____D () C:\Users\Martina\AppData\Local\CrashDumps
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedMaxPc
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\ProgramData\SpeedMaxPc
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\Program Files (x86)\SpeedMaxPc
2014-09-02 14:02 - 2013-08-09 13:39 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Skype
2014-09-02 10:40 - 2014-09-02 09:52 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Nico Mak Computing
2014-09-02 08:45 - 2014-09-02 07:07 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-09-02 07:15 - 2014-08-21 16:08 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\istartsurf
2014-09-02 07:09 - 2014-09-02 07:09 - 00000000 _____ () C:\autoexec.bat
2014-09-02 07:08 - 2014-09-02 07:08 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-09-01 22:35 - 2013-06-15 03:18 - 00323572 _____ () C:\Windows\PFRO.log
2014-09-01 22:21 - 2014-08-21 16:12 - 00000000 ____D () C:\Program Files (x86)\FLVPlayer
2014-09-01 22:20 - 2014-08-21 16:15 - 00000000 ____D () C:\Program Files (x86)\TheGoPhoto.it V10
2014-09-01 22:20 - 2014-08-21 16:13 - 00000000 ____D () C:\Program Files (x86)\TheHDvid-Codec V10
2014-09-01 21:49 - 2014-08-30 16:16 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-09-01 14:33 - 2014-09-01 14:33 - 00003073 _____ () C:\AdwCleaner[R17].txt
2014-09-01 11:43 - 2013-11-29 17:31 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-09-01 11:18 - 2009-07-14 19:58 - 00699666 _____ () C:\Windows\system32\perfh007.dat
2014-09-01 11:18 - 2009-07-14 19:58 - 00149774 _____ () C:\Windows\system32\perfc007.dat
2014-09-01 11:18 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-31 20:35 - 2013-06-15 00:30 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\vlc
2014-08-31 19:56 - 2014-08-16 10:48 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\dvdcss
2014-08-31 18:21 - 2014-08-31 18:21 - 00003050 _____ () C:\AdwCleaner[S14].txt
2014-08-31 18:21 - 2014-08-31 18:21 - 00002951 _____ () C:\AdwCleaner[R16].txt
2014-08-30 20:38 - 2014-08-30 20:38 - 00110730 _____ () C:\AdwCleaner[S13].txt
2014-08-30 20:37 - 2014-08-30 20:37 - 00110629 _____ () C:\AdwCleaner[R15].txt
2014-08-30 19:11 - 2014-08-30 16:25 - 00000000 ____D () C:\Users\Martina\.birdfont
2014-08-30 16:25 - 2013-06-14 23:48 - 00000000 ____D () C:\Users\Martina
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Birdfont
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Program Files (x86)\Birdfont
2014-08-30 16:18 - 2014-08-30 16:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InetStat
2014-08-30 16:17 - 2014-08-30 16:16 - 00000000 _____ () C:\END
2014-08-30 16:16 - 2014-08-30 16:16 - 00000000 ____D () C:\Users\Martina\AppData\Local\SearchProtect
2014-08-29 20:07 - 2009-07-14 06:45 - 05101376 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-27 20:00 - 2014-08-27 20:00 - 00003072 _____ () C:\AdwCleaner[S12].txt
2014-08-27 20:00 - 2014-08-27 20:00 - 00003003 _____ () C:\AdwCleaner[R14].txt
2014-08-23 21:29 - 2014-08-23 12:40 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d2d37505a2a6c55326c342341.job
2014-08-23 10:00 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files (x86)\YouTube Accelerator
2014-08-23 04:07 - 2014-08-28 21:00 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 03:45 - 2014-08-28 21:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-23 02:59 - 2014-08-28 21:00 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-22 18:23 - 2014-08-22 18:23 - 00000000 ____D () C:\ProgramData\374311380
2014-08-21 16:15 - 2014-08-21 16:15 - 00004492 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-11.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001818 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-1.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001700 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5_user.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001680 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001410 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-2.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00000896 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore1cfbd4a5e77343e.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001826 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-1.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001704 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5_user.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001684 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001414 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-2.job
2014-08-21 16:14 - 2014-08-21 16:13 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-08-21 16:13 - 2014-08-21 16:13 - 00004494 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-11.job
2014-08-21 16:13 - 2014-08-21 16:13 - 00000000 ____D () C:\Users\Martina\AppData\Local\globalUpdate
2014-08-21 16:12 - 2014-08-21 16:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FLVPlayer
2014-08-21 16:10 - 2014-08-21 16:10 - 00000260 _____ () C:\Windows\Tasks\Launch 21752.job
2014-08-21 16:10 - 2014-08-21 16:10 - 00000000 ____D () C:\ProgramData\YTAHelper
2014-08-21 16:10 - 2014-08-21 16:10 - 00000000 ____D () C:\ProgramData\ShopperPro
2014-08-21 16:10 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files (x86)\YTAHelper
2014-08-21 16:10 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files (x86)\ShopperPro
2014-08-21 16:09 - 2014-08-21 16:09 - 00172032 _____ (Jin Hui E-mail: jinhui@jcomsoft.com Web: hxxp://www.jcomsoft.com) C:\Windows\SysWOW64\AniGIF.ocx
2014-08-21 16:09 - 2014-08-21 16:09 - 00001109 _____ () C:\Users\Martina\Desktop\YouTube Accelerator.lnk
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Users\Martina\AppData\Local\CrashRpt
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YouTube Accelerator
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files\Common Files\ShopperPro
2014-08-21 16:08 - 2014-08-21 16:08 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-08-21 16:08 - 2013-06-16 16:53 - 00002354 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-21 16:08 - 2013-06-15 00:32 - 00001358 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-08-21 16:08 - 2013-06-14 23:49 - 00001649 _____ () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\High-Logic FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Local\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\High-Logic FontCreator
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieUserList
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieSiteList
2014-08-20 21:09 - 2014-08-20 21:09 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\DesktopIconGoodgame
2014-08-20 21:09 - 2014-08-20 20:28 - 00000000 ____D () C:\Program Files (x86)\FontForge
2014-08-20 20:46 - 2014-08-20 20:30 - 00000000 ____D () C:\Users\Martina\AppData\Local\Abelssoft
2014-08-20 20:31 - 2014-08-20 20:31 - 00000366 _____ () C:\Windows\Tasks\Updater scan.job
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Abelssoft
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\ProgramData\XDMessagingv4
2014-08-20 20:30 - 2013-06-15 00:32 - 00113576 _____ () C:\Users\Martina\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-20 20:29 - 2014-08-20 20:29 - 00001013 _____ () C:\Users\Public\Desktop\CHIP Updater.lnk
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CHIP Updater
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\Program Files (x86)\CHIP Updater
2014-08-20 20:28 - 2014-08-20 20:28 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FontForge
2014-08-19 15:23 - 2014-08-19 15:23 - 00001100 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-19 15:23 - 2014-08-14 14:22 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-19 15:23 - 2013-08-18 13:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-08-19 15:22 - 2013-08-18 13:04 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-08-14 14:22 - 2013-08-18 13:04 - 00000000 ____D () C:\ProgramData\Avira
2014-08-14 08:08 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-14 07:52 - 2013-06-16 18:01 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-14 07:42 - 2013-08-14 20:07 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-14 07:36 - 2013-06-15 01:38 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-14 07:25 - 2014-05-07 03:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-11 09:18 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\tmp
2014-08-07 08:58 - 2014-08-07 08:58 - 00000000 ____D () C:\Users\Martina\restore
2014-08-07 04:06 - 2014-08-13 20:41 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-07 04:01 - 2014-08-13 20:41 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-06 14:31 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\hps
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Fotoviewer.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Foto World.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hartlauer Foto World
2014-08-06 12:00 - 2014-08-06 12:00 - 00000000 ____D () C:\Program Files\Hartlauer Foto World

Some content of TEMP:
====================
C:\Users\Martina\AppData\Local\Temp\avgnt.exe
C:\Users\Martina\AppData\Local\Temp\SHSetup.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2013-08-29 06:40

==================== End Of Log ============================ndows\system32\aepdu.dll
2014-08-07 04:01 - 2014-08-13 20:41 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-06 14:31 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\hps
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Fotoviewer.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Foto World.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hartlauer Foto World
2014-08-06 12:00 - 2014-08-06 12:00 - 00000000 ____D () C:\Program Files\Hartlauer Foto World

Some content of TEMP:
====================
C:\Users\Martina\AppData\Local\Temp\avgnt.exe
C:\Users\Martina\AppData\Local\Temp\SHSetup.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2013-08-29 06:40

==================== End Of Log ============================
FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-09-2014
Ran by Martina (administrator) on NB01KRZBMA on 03-09-2014 08:21:16
Running from D:\Martina\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Fuyu LIMITED) C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(ShopperPro) C:\Program Files\Common Files\ShopperPro\spbiu.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(GOOBZO) C:\Program Files (x86)\YouTube Accelerator\YouTubeAcceleratorService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
() C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.486\jsdrv.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(globalUpdate) C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) D:\Martina\Desktop\FRST64 (1).exe
(Farbar) D:\Martina\Desktop\FRST64 (1).exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [790176 2011-03-31] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [657056 2011-03-31] (Atheros Commnucations)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-09-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-14] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2237328 2013-11-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1273448 2012-04-03] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [449168 2012-03-26] (CANON INC.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [161584 2014-08-04] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SPDriver] => C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.486\jsdrv.exe [3211776 2014-08-07] ()
HKU\.DEFAULT\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-06-15] (Microsoft Corporation)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21446272 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [LiveSupport] => "C:\Program Files (x86)\LiveSupport\LiveSupport.exe" /noshow /log
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [GoobzoYouTubeAccelerator] => C:\Program Files (x86)\YouTube Accelerator\YouTubeAccelerator.exe [2227048 2014-08-21] (GOOBZO)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [SPDriver] => C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.486\jsdrv.exe [3211776 2014-08-07] ()
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-06-16] (Google Inc.)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\RunOnce: [Uninstall C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64"
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\RunOnce: [Uninstall C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64"
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: F - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {9f0476a4-d6a2-11e2-b1ce-90004eb858ed} - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {9f0476aa-d6a2-11e2-b1ce-90004eb858ed} - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {9f0476d6-d6a2-11e2-b1ce-90004eb858ed} - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {c3dde93d-99b1-11e3-9283-90004eb858ee} - F:\Startme.exe
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll [232408 2014-08-31] (Client Connect LTD)
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll [187352 2014-08-31] (Client Connect LTD)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\simplicheck.lnk
ShortcutTarget: simplicheck.lnk -> C:\Program Files (x86)\simplitec\simplicheck\simplicheck.exe (simplitec)
ShellIconOverlayIdentifiers:  AccExtIco1 -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers:  AccExtIco2 -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers:  AccExtIco3 -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.trovi.com/?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MBE1B69C2-1A5C-4CA3-9376-6B92DBDE9BCF&SearchSource=55&CUI=&UM=6&UP=SPAA41E917-BF56-450F-9DCA-0EBCA6938BAD&SSPV=
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x46388F1AA669CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://at.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-AT
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hp&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
URLSearchHook: HKCU - SearchHook Class - {D8278076-BC68-4484-9233-6E7F1628B56C} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\searchhook.dll (APN LLC.)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.istartsurf.com/?type=sc&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MBE1B69C2-1A5C-4CA3-9376-6B92DBDE9BCF&SearchSource=58&CUI=&UM=6&UP=SPAA41E917-BF56-450F-9DCA-0EBCA6938BAD&q={searchTerms}&SSPV=
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MBE1B69C2-1A5C-4CA3-9376-6B92DBDE9BCF&SearchSource=58&CUI=&UM=6&UP=SPAA41E917-BF56-450F-9DCA-0EBCA6938BAD&q={searchTerms}&SSPV=
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Avira SearchFree Toolbar -> {41564952-412D-5637-00A7-7A786E7484D7} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Shopper Pro -> {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} -> C:\ProgramData\ShopperPro\ShopperPro64.dll (Goobzo Ltd.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: DVDVideoSoft WebPageAdjuster Class -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO: YTAHelper -> {FCE3FA8B-BA81-467C-81D8-E43C00D1BC71} -> C:\ProgramData\YTAHelper\YTAHelper64.dll (Goobzo Ltd.)
BHO-x32: Avira SearchFree Toolbar -> {41564952-412D-5637-00A7-7A786E7484D7} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: No Name -> {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} ->  No File
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: FindRight -> {cf710881-c002-4ea4-860a-b6931b040948} -> C:\Program Files (x86)\FindRight\FindRightbho.dll (FindRight)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DVDVideoSoft WebPageAdjuster Class -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
BHO-x32: YTAHelper -> {FCE3FA8B-BA81-467C-81D8-E43C00D1BC71} -> C:\ProgramData\YTAHelper\YTAHelper.dll (Goobzo Ltd.)
Toolbar: HKLM - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
Toolbar: HKLM-x32 - mysearchdial Toolbar - {3004627E-F8E9-4E8B-909D-316753CBA923} - C:\Program Files (x86)\Mysearchdial\1.8.21.0\mysearchdialTlbr.dll No File
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default
FF NewTab: hxxp://www.istartsurf.com/newtab/?type=nt&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX
FF DefaultSearchEngine: istartsurf
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: istartsurf
FF Homepage: hxxp://www.istartsurf.com/?type=hp&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF SearchPlugin: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\bingp.xml
FF SearchPlugin: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\BrowserDefender.xml
FF SearchPlugin: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\delta.xml
FF SearchPlugin: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\Mysearchdial.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\istartsurf.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
FF Extension: TheHDvid-Codec V10 - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\43f13f31-cec7-4ac7-ad4a-18dfdaeae120@gmail.com [2014-08-21]
FF Extension: TheGoPhoto.it V10 - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\EWBNO58637124@CLP39222015.com [2014-08-21]
FF Extension: Fast Start - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\faststartff@gmail.com [2014-08-21]
FF Extension: Avira SearchFree Toolbar plus Web Protection - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\toolbar_AVIRA-V7@apn.ask.com [2013-08-18]
FF Extension: Youtube Accelerator Helper - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\{4C59F3E5-BBD0-4344-8DD2-30866FA0B31E} [2014-08-21]
FF Extension: Shopper-Pro - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\{746505DC-0E21-4667-97F8-72EA6BCF5EEF} [2014-08-21]
FF Extension: FindRight - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\firefox@myfindright.com.xpi [2014-02-18]
FF Extension: Avira SearchFree Toolbar plus Web Protection - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\toolbar_AVIRA-V7@apn.ask.com.xpi [2014-02-21]
FF HKLM-x32\...\Firefox\Extensions: [fiddlerhook@fiddler2.com] - C:\Program Files (x86)\Fiddler2\FiddlerHook
FF Extension: FiddlerHook - C:\Program Files (x86)\Fiddler2\FiddlerHook [2013-06-16]
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2013-07-13]
FF HKLM-x32\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\extensions\faststartff@gmail.com
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe hxxp://www.istartsurf.com/?type=sc&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX

Chrome:
=======
CHR StartupUrls: Default -> "https://www.google.at/?gws_rd=ssl#q=was+ist+it+surf%3F"
CHR DefaultSuggestURL: Default ->
CHR Profile: C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-31]
CHR Extension: (Google Drive) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-31]
CHR Extension: (YouTube) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-31]
CHR Extension: (Google-Suche) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-31]
CHR Extension: (DVDVideoSoft) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp [2013-07-14]
CHR Extension: (Google Wallet) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-27]
CHR Extension: (Google Mail) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-31]
CHR Extension: (Extutil) - C:\Users\Martina\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B [2014-08-31]
CHR Extension: (Managera) - C:\Users\Martina\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42 [2014-08-31]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2013-07-13]
CHR HKLM-x32\...\Chrome\Extension: [aaaaacalgebmfelllfiaoknifldpngjh] - C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7\CRX\ToolbarCR.crx [2014-02-21]
CHR StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe hxxp://www.istartsurf.com/?type=sc&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX

==================== Services (Whitelisted) =================
Teil 5

Code:
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1021008 2014-08-14] (Avira Operations GmbH & Co. KG)
S4 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2014-02-13] () [File not signed]
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [146592 2011-03-31] (Atheros) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [75936 2011-03-31] (Atheros Commnucations) [File not signed]
S2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [149296 2014-08-04] (Avira Operations GmbH & Co. KG)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2356408 2014-06-19] (Microsoft Corporation)
R2 CltMngSvc; C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe [2998232 2014-08-31] (Client Connect LTD)
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-08-21] (globalUpdate) [File not signed]
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-08-21] (globalUpdate) [File not signed]
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] ()
R2 SPBIUpd; C:\Program Files\Common Files\ShopperPro\spbiu.exe [2346880 2014-08-07] (ShopperPro)
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [528896 2014-08-21] (Fuyu LIMITED) [File not signed]
R2 YouTubeAcceleratorService; C:\Program Files (x86)\YouTube Accelerator\YouTubeAcceleratorService.exe [1510248 2014-08-21] (GOOBZO)
S2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe -service [X]
S2 Wajam Internet Enhancer Service; C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\WajamInternetEnhancerService.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-07-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-10] (Avira Operations GmbH & Co. KG)
R3 SPBIUpdd; C:\Program Files\Common Files\ShopperPro\spbiw.sys [41856 2014-08-07] ()
R2 SPDRIVER_1.37.0.486; C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.486\jsdrv.sys [52584 2014-08-07] ()
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
R3 SPPD; \??\C:\Windows\system32\drivers\SPPD.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedMaxPc
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\ProgramData\SpeedMaxPc
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\Program Files (x86)\SpeedMaxPc
2014-09-02 11:49 - 2014-09-03 08:21 - 00000000 ____D () C:\FRST
2014-09-02 09:52 - 2014-09-02 10:40 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Nico Mak Computing
2014-09-02 07:09 - 2014-09-02 07:09 - 00000000 _____ () C:\autoexec.bat
2014-09-02 07:08 - 2014-09-02 07:08 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-09-02 07:07 - 2014-09-02 08:45 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-09-01 14:33 - 2014-09-01 14:33 - 00003073 _____ () C:\AdwCleaner[R17].txt
2014-08-31 18:21 - 2014-08-31 18:21 - 00003050 _____ () C:\AdwCleaner[S14].txt
2014-08-31 18:21 - 2014-08-31 18:21 - 00002951 _____ () C:\AdwCleaner[R16].txt
2014-08-30 20:38 - 2014-08-30 20:38 - 00110730 _____ () C:\AdwCleaner[S13].txt
2014-08-30 20:37 - 2014-08-30 20:37 - 00110629 _____ () C:\AdwCleaner[R15].txt
2014-08-30 16:25 - 2014-08-30 19:11 - 00000000 ____D () C:\Users\Martina\.birdfont
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Birdfont
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Program Files (x86)\Birdfont
2014-08-30 16:18 - 2014-08-30 16:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InetStat
2014-08-30 16:16 - 2014-09-01 21:49 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-08-30 16:16 - 2014-08-30 16:17 - 00000000 _____ () C:\END
2014-08-30 16:16 - 2014-08-30 16:16 - 00000000 ____D () C:\Users\Martina\AppData\Local\SearchProtect
2014-08-28 21:00 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-28 21:00 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-28 21:00 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-27 20:00 - 2014-08-27 20:00 - 00003072 _____ () C:\AdwCleaner[S12].txt
2014-08-27 20:00 - 2014-08-27 20:00 - 00003003 _____ () C:\AdwCleaner[R14].txt
2014-08-25 23:05 - 2014-09-03 07:47 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d5b784a456c2a23342a325557.job
2014-08-23 12:40 - 2014-08-23 21:29 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d2d37505a2a6c55326c342341.job
2014-08-22 18:23 - 2014-08-22 18:23 - 00000000 ____D () C:\ProgramData\374311380
2014-08-21 16:15 - 2014-09-01 22:20 - 00000000 ____D () C:\Program Files (x86)\TheGoPhoto.it V10
2014-08-21 16:15 - 2014-08-21 16:15 - 00004492 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-11.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001818 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-1.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001700 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5_user.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001680 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001410 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-2.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00000896 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore1cfbd4a5e77343e.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001826 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-1.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001704 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5_user.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001684 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001414 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-2.job
2014-08-21 16:13 - 2014-09-01 22:20 - 00000000 ____D () C:\Program Files (x86)\TheHDvid-Codec V10
2014-08-21 16:13 - 2014-08-21 16:14 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-08-21 16:13 - 2014-08-21 16:13 - 00004494 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-11.job
2014-08-21 16:13 - 2014-08-21 16:13 - 00000000 ____D () C:\Users\Martina\AppData\Local\globalUpdate
2014-08-21 16:12 - 2014-09-01 22:21 - 00000000 ____D () C:\Program Files (x86)\FLVPlayer
2014-08-21 16:12 - 2014-08-21 16:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FLVPlayer
2014-08-21 16:10 - 2014-08-21 16:10 - 00000260 _____ () C:\Windows\Tasks\Launch 21752.job
2014-08-21 16:10 - 2014-08-21 16:10 - 00000000 ____D () C:\ProgramData\YTAHelper
2014-08-21 16:10 - 2014-08-21 16:10 - 00000000 ____D () C:\ProgramData\ShopperPro
2014-08-21 16:09 - 2014-09-03 07:46 - 00000000 ____D () C:\ProgramData\TEMP
2014-08-21 16:09 - 2014-08-23 10:00 - 00000000 ____D () C:\Program Files (x86)\YouTube Accelerator
2014-08-21 16:09 - 2014-08-21 16:10 - 00000000 ____D () C:\Program Files (x86)\YTAHelper
2014-08-21 16:09 - 2014-08-21 16:10 - 00000000 ____D () C:\Program Files (x86)\ShopperPro
2014-08-21 16:09 - 2014-08-21 16:09 - 00172032 _____ (Jin Hui E-mail: jinhui@jcomsoft.com Web: hxxp://www.jcomsoft.com) C:\Windows\SysWOW64\AniGIF.ocx
2014-08-21 16:09 - 2014-08-21 16:09 - 00001109 _____ () C:\Users\Martina\Desktop\YouTube Accelerator.lnk
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Users\Martina\AppData\Local\CrashRpt
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YouTube Accelerator
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files\Common Files\ShopperPro
2014-08-21 16:08 - 2014-09-02 07:15 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\istartsurf
2014-08-21 16:08 - 2014-08-21 16:08 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\High-Logic FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Local\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\High-Logic FontCreator
2014-08-21 09:48 - 2013-01-24 13:43 - 01415352 _____ (High-Logic B.V.) C:\Windows\SysWOW64\FontInstaller2.dll
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieUserList
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieSiteList
2014-08-20 21:09 - 2014-08-20 21:09 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\DesktopIconGoodgame
2014-08-20 20:31 - 2014-08-20 20:31 - 00000366 _____ () C:\Windows\Tasks\Updater scan.job
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Abelssoft
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\ProgramData\XDMessagingv4
2014-08-20 20:30 - 2014-08-20 20:46 - 00000000 ____D () C:\Users\Martina\AppData\Local\Abelssoft
2014-08-20 20:29 - 2014-08-20 20:29 - 00001013 _____ () C:\Users\Public\Desktop\CHIP Updater.lnk
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CHIP Updater
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\Program Files (x86)\CHIP Updater
2014-08-20 20:28 - 2014-08-20 21:09 - 00000000 ____D () C:\Program Files (x86)\FontForge
2014-08-20 20:28 - 2014-08-20 20:28 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FontForge
2014-08-19 15:23 - 2014-08-19 15:23 - 00001100 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-16 10:48 - 2014-08-31 19:56 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\dvdcss
2014-08-14 14:22 - 2014-08-19 15:23 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-14 07:27 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-14 07:27 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-14 07:27 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-14 07:27 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-14 07:27 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-14 07:27 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-14 07:26 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-14 07:26 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-13 20:44 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-13 20:44 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-08-13 20:44 - 2014-07-09 00:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-08-13 20:44 - 2014-07-09 00:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2014-08-13 20:44 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-13 20:44 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-13 20:44 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-13 20:44 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-13 20:44 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-13 20:44 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-13 20:44 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-13 20:43 - 2014-08-01 01:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-13 20:43 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-13 20:43 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-13 20:43 - 2014-07-25 16:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-13 20:43 - 2014-07-25 16:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-13 20:43 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-13 20:43 - 2014-07-25 15:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-13 20:43 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-13 20:43 - 2014-07-25 15:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-13 20:43 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-13 20:43 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-13 20:43 - 2014-07-25 15:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-13 20:43 - 2014-07-25 15:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-13 20:43 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-13 20:43 - 2014-07-25 15:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-13 20:43 - 2014-07-25 15:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-13 20:43 - 2014-07-25 15:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-13 20:43 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-13 20:43 - 2014-07-25 14:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-13 20:43 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-13 20:43 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-13 20:43 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-13 20:43 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-13 20:43 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-13 20:43 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-13 20:43 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-13 20:43 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-13 20:43 - 2014-07-25 14:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-13 20:43 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-13 20:43 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-13 20:43 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-13 20:43 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-13 20:43 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-13 20:43 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-13 20:43 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-13 20:43 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-13 20:43 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-13 20:43 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-13 20:43 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-13 20:43 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-13 20:43 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-13 20:43 - 2014-07-25 13:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-13 20:43 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-13 20:43 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-13 20:43 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-13 20:43 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-13 20:43 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-13 20:43 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-13 20:43 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-13 20:43 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-13 20:43 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-13 20:43 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-13 20:43 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-13 20:43 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-13 20:43 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-13 20:43 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-13 20:43 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-13 20:43 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-13 20:43 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-13 20:42 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-13 20:42 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-13 20:41 - 2014-08-07 04:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-13 20:41 - 2014-08-07 04:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-07 08:58 - 2014-08-07 08:58 - 00000000 ____D () C:\Users\Martina\restore
2014-08-06 12:12 - 2014-08-11 09:18 - 00000000 ____D () C:\ProgramData\tmp
2014-08-06 12:12 - 2014-08-06 14:31 - 00000000 ____D () C:\ProgramData\hps
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Fotoviewer.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Foto World.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hartlauer Foto World
2014-08-06 12:00 - 2014-08-06 12:00 - 00000000 ____D () C:\Program Files\Hartlauer Foto World

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-03 08:21 - 2014-09-02 11:49 - 00000000 ____D () C:\FRST
2014-09-03 07:54 - 2009-07-14 06:45 - 00015104 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-03 07:54 - 2009-07-14 06:45 - 00015104 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-03 07:53 - 2013-06-14 23:43 - 01758725 _____ () C:\Windows\WindowsUpdate.log
2014-09-03 07:47 - 2014-08-25 23:05 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d5b784a456c2a23342a325557.job
2014-09-03 07:47 - 2013-06-16 16:47 - 00000000 ____D () C:\Users\Martina\AppData\Local\Adobe
2014-09-03 07:46 - 2014-08-21 16:09 - 00000000 ____D () C:\ProgramData\TEMP
2014-09-03 07:46 - 2013-09-18 15:26 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-09-03 07:44 - 2009-07-14 06:51 - 00075101 _____ () C:\Windows\setupact.log
2014-09-02 21:44 - 2013-10-27 07:21 - 00000000 ____D () C:\Users\Martina\AppData\Local\CrashDumps
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedMaxPc
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\ProgramData\SpeedMaxPc
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\Program Files (x86)\SpeedMaxPc
2014-09-02 14:02 - 2013-08-09 13:39 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Skype
2014-09-02 10:40 - 2014-09-02 09:52 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Nico Mak Computing
2014-09-02 08:45 - 2014-09-02 07:07 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-09-02 07:15 - 2014-08-21 16:08 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\istartsurf
2014-09-02 07:09 - 2014-09-02 07:09 - 00000000 _____ () C:\autoexec.bat
2014-09-02 07:08 - 2014-09-02 07:08 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-09-01 22:35 - 2013-06-15 03:18 - 00323572 _____ () C:\Windows\PFRO.log
2014-09-01 22:21 - 2014-08-21 16:12 - 00000000 ____D () C:\Program Files (x86)\FLVPlayer
2014-09-01 22:20 - 2014-08-21 16:15 - 00000000 ____D () C:\Program Files (x86)\TheGoPhoto.it V10
2014-09-01 22:20 - 2014-08-21 16:13 - 00000000 ____D () C:\Program Files (x86)\TheHDvid-Codec V10
2014-09-01 21:49 - 2014-08-30 16:16 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-09-01 14:33 - 2014-09-01 14:33 - 00003073 _____ () C:\AdwCleaner[R17].txt
2014-09-01 11:43 - 2013-11-29 17:31 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-09-01 11:18 - 2009-07-14 19:58 - 00699666 _____ () C:\Windows\system32\perfh007.dat
2014-09-01 11:18 - 2009-07-14 19:58 - 00149774 _____ () C:\Windows\system32\perfc007.dat
2014-09-01 11:18 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-31 20:35 - 2013-06-15 00:30 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\vlc
2014-08-31 19:56 - 2014-08-16 10:48 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\dvdcss
2014-08-31 18:21 - 2014-08-31 18:21 - 00003050 _____ () C:\AdwCleaner[S14].txt
2014-08-31 18:21 - 2014-08-31 18:21 - 00002951 _____ () C:\AdwCleaner[R16].txt
2014-08-30 20:38 - 2014-08-30 20:38 - 00110730 _____ () C:\AdwCleaner[S13].txt
2014-08-30 20:37 - 2014-08-30 20:37 - 00110629 _____ () C:\AdwCleaner[R15].txt
2014-08-30 19:11 - 2014-08-30 16:25 - 00000000 ____D () C:\Users\Martina\.birdfont
2014-08-30 16:25 - 2013-06-14 23:48 - 00000000 ____D () C:\Users\Martina
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Birdfont
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Program Files (x86)\Birdfont
2014-08-30 16:18 - 2014-08-30 16:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InetStat
2014-08-30 16:17 - 2014-08-30 16:16 - 00000000 _____ () C:\END
2014-08-30 16:16 - 2014-08-30 16:16 - 00000000 ____D () C:\Users\Martina\AppData\Local\SearchProtect
2014-08-29 20:07 - 2009-07-14 06:45 - 05101376 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-27 20:00 - 2014-08-27 20:00 - 00003072 _____ () C:\AdwCleaner[S12].txt
2014-08-27 20:00 - 2014-08-27 20:00 - 00003003 _____ () C:\AdwCleaner[R14].txt
2014-08-23 21:29 - 2014-08-23 12:40 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d2d37505a2a6c55326c342341.job
2014-08-23 10:00 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files (x86)\YouTube Accelerator
2014-08-23 04:07 - 2014-08-28 21:00 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 03:45 - 2014-08-28 21:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-23 02:59 - 2014-08-28 21:00 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-22 18:23 - 2014-08-22 18:23 - 00000000 ____D () C:\ProgramData\374311380
2014-08-21 16:15 - 2014-08-21 16:15 - 00004492 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-11.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001818 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-1.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001700 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5_user.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001680 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001410 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-2.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00000896 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore1cfbd4a5e77343e.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001826 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-1.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001704 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5_user.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001684 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001414 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-2.job
2014-08-21 16:14 - 2014-08-21 16:13 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-08-21 16:13 - 2014-08-21 16:13 - 00004494 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-11.job
2014-08-21 16:13 - 2014-08-21 16:13 - 00000000 ____D () C:\Users\Martina\AppData\Local\globalUpdate
2014-08-21 16:12 - 2014-08-21 16:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FLVPlayer
2014-08-21 16:10 - 2014-08-21 16:10 - 00000260 _____ () C:\Windows\Tasks\Launch 21752.job
2014-08-21 16:10 - 2014-08-21 16:10 - 00000000 ____D () C:\ProgramData\YTAHelper
2014-08-21 16:10 - 2014-08-21 16:10 - 00000000 ____D () C:\ProgramData\ShopperPro
2014-08-21 16:10 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files (x86)\YTAHelper
2014-08-21 16:10 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files (x86)\ShopperPro
2014-08-21 16:09 - 2014-08-21 16:09 - 00172032 _____ (Jin Hui E-mail: jinhui@jcomsoft.com Web: hxxp://www.jcomsoft.com) C:\Windows\SysWOW64\AniGIF.ocx
2014-08-21 16:09 - 2014-08-21 16:09 - 00001109 _____ () C:\Users\Martina\Desktop\YouTube Accelerator.lnk
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Users\Martina\AppData\Local\CrashRpt
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YouTube Accelerator
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files\Common Files\ShopperPro
2014-08-21 16:08 - 2014-08-21 16:08 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-08-21 16:08 - 2013-06-16 16:53 - 00002354 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-21 16:08 - 2013-06-15 00:32 - 00001358 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-08-21 16:08 - 2013-06-14 23:49 - 00001649 _____ () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\High-Logic FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Local\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\High-Logic FontCreator
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieUserList
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieSiteList
2014-08-20 21:09 - 2014-08-20 21:09 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\DesktopIconGoodgame
2014-08-20 21:09 - 2014-08-20 20:28 - 00000000 ____D () C:\Program Files (x86)\FontForge
2014-08-20 20:46 - 2014-08-20 20:30 - 00000000 ____D () C:\Users\Martina\AppData\Local\Abelssoft
2014-08-20 20:31 - 2014-08-20 20:31 - 00000366 _____ () C:\Windows\Tasks\Updater scan.job
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Abelssoft
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\ProgramData\XDMessagingv4
2014-08-20 20:30 - 2013-06-15 00:32 - 00113576 _____ () C:\Users\Martina\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-20 20:29 - 2014-08-20 20:29 - 00001013 _____ () C:\Users\Public\Desktop\CHIP Updater.lnk
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CHIP Updater
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\Program Files (x86)\CHIP Updater
2014-08-20 20:28 - 2014-08-20 20:28 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FontForge
2014-08-19 15:23 - 2014-08-19 15:23 - 00001100 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-19 15:23 - 2014-08-14 14:22 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-19 15:23 - 2013-08-18 13:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-08-19 15:22 - 2013-08-18 13:04 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-08-14 14:22 - 2013-08-18 13:04 - 00000000 ____D () C:\ProgramData\Avira
2014-08-14 08:08 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-14 07:52 - 2013-06-16 18:01 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-14 07:42 - 2013-08-14 20:07 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-14 07:36 - 2013-06-15 01:38 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-14 07:25 - 2014-05-07 03:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-11 09:18 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\tmp
2014-08-07 08:58 - 2014-08-07 08:58 - 00000000 ____D () C:\Users\Martina\restore
2014-08-07 04:06 - 2014-08-13 20:41 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-07 04:01 - 2014-08-13 20:41 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-06 14:31 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\hps
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Fotoviewer.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Foto World.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hartlauer Foto World
2014-08-06 12:00 - 2014-08-06 12:00 - 00000000 ____D () C:\Program Files\Hartlauer Foto World

Some content of TEMP:
====================
C:\Users\Martina\AppData\Local\Temp\avgnt.exe
C:\Users\Martina\AppData\Local\Temp\SHSetup.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2013-08-29 06:40

==================== End Of Log ============================
--- --- ---

M-K-D-B 03.09.2014 08:20
Servus,



Wir beginnen so:




Schritt 1
  • Lade dir bitte die folgendes Programm auf deinen Desktop: SpyHunterKiller.exe
  • Starte das Tool und klicke Weiter.
  • Sobald das Tool fertig ist, klicke auf Ende, um das Programm zu beenden.






Schritt 2
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).





Schritt 3
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.






Schritt 4

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.







Schritt 5
  • Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Scan.
  • FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.






Bitte poste mit deiner nächsten Antwort
  • die Logdatei von AdwCleaner,
  • die Logdatei von JRT,
  • die Logdatei von MBAM,
  • die beiden neuen Logdateien von FRST.

Tinti 03.09.2014 14:45
Hallo,

ich kann Schritt 1 nicht ausführen weil steht dass auf das folgende Gerät bzw. Programm nicht zugegriffen werden kann.

Lg

Code:
# AdwCleaner v3.309 - Bericht erstellt am 03/09/2014 um 15:28:56
# Aktualisiert 02/09/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Martina - NB01KRZBMA
# Gestartet von : D:\Martina\Desktop\adwcleaner_3.309.exe
# Option : Löschen

***** [ Dienste ] *****

Dienst Gelöscht : CltMngSvc
[#] Dienst Gelöscht : globalUpdate
[#] Dienst Gelöscht : globalUpdatem
[#] Dienst Gelöscht : IePluginServices
Dienst Gelöscht : SPBIUpd
[#] Dienst Gelöscht : SPBIUpdd
[#] Dienst Gelöscht : Wajam Internet Enhancer Service
Dienst Gelöscht : WindowsMangerProtect

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\374311380
Ordner Gelöscht : C:\ProgramData\NCH Software
Ordner Gelöscht : C:\ProgramData\ShopperPro
Ordner Gelöscht : C:\ProgramData\SpeedMaxPc
Ordner Gelöscht : C:\ProgramData\WindowsMangerProtect
Ordner Gelöscht : C:\ProgramData\YTAHelper
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlvPlayer
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InetStat
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YouTube Accelerator
Ordner Gelöscht : C:\Program Files (x86)\FindRight
Ordner Gelöscht : C:\Program Files (x86)\FlvPlayer
[!] Ordner Gelöscht : C:\Program Files (x86)\globalUpdate
Ordner Gelöscht : C:\Program Files (x86)\NCH Software
Ordner Gelöscht : C:\Program Files (x86)\SearchProtect
Ordner Gelöscht : C:\Program Files (x86)\ShopperPro
Ordner Gelöscht : C:\Program Files (x86)\SpeedMaxPc
Ordner Gelöscht : C:\Program Files (x86)\YouTube Accelerator
Ordner Gelöscht : C:\Program Files (x86)\YTAHelper
Ordner Gelöscht : C:\Program Files (x86)\Common Files\SpeedMaxPc
[/!\] Nicht Gelöscht ( Junction ) : C:\Program Files\Gemeinsame Dateien
Ordner Gelöscht : C:\Users\Martina\AppData\Local\globalUpdate
Ordner Gelöscht : C:\Users\Martina\AppData\Local\SearchProtect
Ordner Gelöscht : C:\Users\Martina\AppData\LocalLow\Goobzo
Ordner Gelöscht : C:\Users\Martina\AppData\Roaming\dvdvideosoftiehelpers
Ordner Gelöscht : C:\Users\Martina\AppData\Roaming\istartsurf
Ordner Gelöscht : C:\Users\Martina\AppData\Roaming\NCH Software
Ordner Gelöscht : C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedMaxPc
Ordner Gelöscht : D:\Martina\Documents\Optimizer Pro
Ordner Gelöscht : C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\{746505DC-0E21-4667-97F8-72EA6BCF5EEF}
Ordner Gelöscht : C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\faststartff@gmail.com
Ordner Gelöscht : C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp
Datei Gelöscht : C:\END
Datei Gelöscht : C:\Users\Public\Desktop\simplicheck.lnk
Datei Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\simplicheck.lnk
Datei Gelöscht : C:\Users\Martina\AppData\Roaming\LiveSupport.exe_log.txt
Datei Gelöscht : C:\Users\Martina\AppData\Roaming\regsvr32.exe_log.txt
Datei Gelöscht : D:\Martina\Desktop\SpeedMaxPc.lnk
Datei Gelöscht : C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\invalidprefs.js
Datei Gelöscht : C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\bingp.xml
Datei Gelöscht : C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\BrowserDefender.xml
Datei Gelöscht : C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\delta.xml
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\searchplugins\istartsurf.xml
Datei Gelöscht : C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\Mysearchdial.xml
Datei Gelöscht : C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data
Datei Gelöscht : C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences
Datei Gelöscht : C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
Datei Gelöscht : C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal

***** [ Tasks ] *****

Task Gelöscht : BrowserDefendert
Task Gelöscht : EPUpdater

***** [ Verknüpfungen ] *****

Verknüpfung Desinfiziert : C:\Users\Public\Desktop\Google Chrome.lnk
Verknüpfung Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
Verknüpfung Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Verknüpfung Desinfiziert : C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Verknüpfung Desinfiziert : C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Chrome App Launcher.lnk
Verknüpfung Desinfiziert : C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\Google Keep.lnk
Verknüpfung Desinfiziert : C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Verknüpfung Desinfiziert : C:\Users\Martina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
Verknüpfung Desinfiziert : C:\Users\Martina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Verknüpfung Desinfiziert : C:\Users\Martina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk

***** [ Registrierungsdatenbank ] *****

Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{ACAA314B-EEBA-48E4-AD47-84E31C44796C}]
Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [faststartff@gmail.com]
Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp
Schlüssel Gelöscht : HKCU\Software\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.superfish.com
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [livesupport]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\ShopperPro.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\driverscanner
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\FindRight_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\FindRight_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\WajamInternetEnhancer_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\WajamInternetEnhancer_RASMANCS
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SPDriver]
Schlüssel Gelöscht : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Schlüssel Gelöscht : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Schlüssel Gelöscht : HKCU\Software\5957d88db46eeb43
Schlüssel Gelöscht : HKLM\SOFTWARE\5957d88db46eeb43
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{58FDA6AF-67D8-4198-B7CD-94B17532C8D5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3004627E-F8E9-4E8B-909D-316753CBA923}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4ED063C9-4A0B-4B44-A9DC-23AFF424A0D3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C358B3D0-B911-41E3-A276-E7D43A6BA56D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D40753C7-8A59-4C1F-BE88-C300F4624D5B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622332213}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622332215}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0400EBCA-042C-4000-AA89-9713FBEDB671}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0BD19251-4B4B-4B94-AB16-617106245BB7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3281114F-BCAB-45E3-80D9-A6CD64D4E636}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{44533FCB-F9FB-436A-8B6B-CF637B2D465A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{44B29DDD-CF7A-454A-A275-A322A398D93F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A4DE94DB-DF03-45A3-8A5D-D1B7464B242D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{AA0F50A8-2618-4AE4-A779-9F7378555A8F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B2DB115C-8278-4947-9A07-57B53D1C4215}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B97FC455-DB33-431D-84DB-6F1514110BD5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C67281E0-78F5-4E49-9FAE-4B1B2ADAF17B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E72E9312-0367-4216-BFC7-21485FA8390B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F6CCB6C9-127E-44AE-8552-B94356F39FFE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FFD25630-2734-4AE9-88E6-21BF6525F3FE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655335513}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655335515}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666336613}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666336615}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440644334413}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440644334415}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3004627E-F8E9-4E8B-909D-316753CBA923}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3004627E-F8E9-4E8B-909D-316753CBA923}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{219046AE-358F-4CF1-B1FD-2B4DE83642A8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{3004627E-F8E9-4E8B-909D-316753CBA923}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622332213}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622332215}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655335513}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655335515}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666336613}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666336615}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Daten Wiederhergestellt : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Daten Wiederhergestellt : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command
Daten Wiederhergestellt : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command
Schlüssel Gelöscht : HKCU\Software\1ClickDownload
Schlüssel Gelöscht : HKCU\Software\BABSOLUTION
Schlüssel Gelöscht : HKCU\Software\FindRight
Schlüssel Gelöscht : HKCU\Software\GlobalUpdate
Schlüssel Gelöscht : HKCU\Software\Goobzo
Schlüssel Gelöscht : HKCU\Software\InetStat
Schlüssel Gelöscht : HKCU\Software\InstallCore
Schlüssel Gelöscht : HKCU\Software\mysearchdial
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\Optimizer Pro
Schlüssel Gelöscht : HKCU\Software\SpeedMaxPC
Schlüssel Gelöscht : HKCU\Software\SupHpUISoft
Schlüssel Gelöscht : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Schlüssel Gelöscht : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Schlüssel Gelöscht : HKLM\SOFTWARE\FindRight
Schlüssel Gelöscht : HKLM\SOFTWARE\GlobalUpdate
Schlüssel Gelöscht : HKLM\SOFTWARE\Goobzo
Schlüssel Gelöscht : HKLM\SOFTWARE\InstallCore
Schlüssel Gelöscht : HKLM\SOFTWARE\istartsurfSoftware
Schlüssel Gelöscht : HKLM\SOFTWARE\SearchProtect
Schlüssel Gelöscht : HKLM\SOFTWARE\simplitec
Schlüssel Gelöscht : HKLM\SOFTWARE\SpeedMaxPC
Schlüssel Gelöscht : HKLM\SOFTWARE\SupDp
Schlüssel Gelöscht : HKLM\SOFTWARE\supWindowsMangerProtect
Schlüssel Gelöscht : HKLM\SOFTWARE\Uniblue
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownload
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\istartsurf uninstall
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\mysearchdial
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WindowsMangerProtect
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FindRight
Daten Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll
Daten Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\499E8534DA7E759419D2048CB780D3D5
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5DCE3C04E576AD15F972B67D0725120C
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\62255E52F19EC97429A42D59D49024FA
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\930D9472A978D7A4EB16BF4DECB173B7
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AEB93799E8B47D14CA356E4343D632A4
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BAE7C2A75DF08824E9CEFDE20F655BD9

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17239

Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]

-\\ Mozilla Firefox v13.0.1 (de)

[ Datei : C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\prefs.js ]

Zeile gelöscht : user_pref("browser.newtab.url", "hxxp://www.istartsurf.com/newtab/?type=nt&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX");
Zeile gelöscht : user_pref("browser.search.defaultenginename", "istartsurf");
Zeile gelöscht : user_pref("browser.search.selectedEngine", "istartsurf");
Zeile gelöscht : user_pref("browser.startup.homepage", "hxxp://www.istartsurf.com/?type=hp&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX");

-\\ Google Chrome v36.0.1985.143

[ Datei : C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gelöscht [Search Provider] : hxxp://www1.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=2A6D90004EB858ED&affID=121563&tsp=4942
Gelöscht [Search Provider] : hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=aw0202ch&cd=2XzuyEtN2Y1L1Qzu0BtBtDtDyE0E0BzzyDzz0E0DtD0ByBtBtN0D0Tzu0CyBzzzztN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=1134954845&ir=
Gelöscht [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MBE1B69C2-1A5C-4CA3-9376-6B92DBDE9BCF&SearchSource=58&CUI=&UM=6&UP=SPAA41E917-BF56-450F-9DCA-0EBCA6938BAD&q={searchTerms}&SSPV=
Gelöscht [Extension] : booedmolknjekdopkepjjeckmjkdpfgl
Gelöscht [Extension] : flpcjncodpafbgdpnkljologafpionhb
Gelöscht [Extension] : nikpibnbobmbdbheedjfogjlikpgpnhp

*************************

AdwCleaner[R0].txt - [27292 octets] - [03/09/2014 15:13:29]
AdwCleaner[R1].txt - [27353 octets] - [03/09/2014 15:25:13]
AdwCleaner[S0].txt - [23904 octets] - [03/09/2014 15:28:56]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [23965 octets] ##########

M-K-D-B 03.09.2014 14:53
Servus,



ok, dann weiter mit den anderen Schritte bitte. :)

Tinti 03.09.2014 15:29
Anhang 69203

M-K-D-B 03.09.2014 16:28
Das ist nicht die Logdatei des Suchlaufs, diese bitte noch nachreichen.

Nun weiter mit JRT und FRST wie beschrieben.

Tinti 03.09.2014 16:33
FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-09-2014
Ran by Martina (administrator) on NB01KRZBMA on 03-09-2014 16:25:50
Running from D:\Martina\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Farbar) D:\Martina\Desktop\FRST64 (1).exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [790176 2011-03-31] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [657056 2011-03-31] (Atheros Commnucations)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-09-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-14] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2237328 2013-11-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1273448 2012-04-03] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [449168 2012-03-26] (CANON INC.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [161584 2014-08-04] (Avira Operations GmbH & Co. KG)
HKU\.DEFAULT\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-06-15] (Microsoft Corporation)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21446272 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [GoobzoYouTubeAccelerator] => "C:\Program Files (x86)\YouTube Accelerator\YouTubeAccelerator.exe" /startup
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-06-16] (Google Inc.)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\RunOnce: [Uninstall C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64"
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\RunOnce: [Uninstall C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64"
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: F - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {9f0476a4-d6a2-11e2-b1ce-90004eb858ed} - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {9f0476aa-d6a2-11e2-b1ce-90004eb858ed} - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {9f0476d6-d6a2-11e2-b1ce-90004eb858ed} - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {c3dde93d-99b1-11e3-9283-90004eb858ee} - F:\Startme.exe
ShellIconOverlayIdentifiers:  AccExtIco1 -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers:  AccExtIco2 -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers:  AccExtIco3 -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x46388F1AA669CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://at.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-AT
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
URLSearchHook: HKCU - SearchHook Class - {D8278076-BC68-4484-9233-6E7F1628B56C} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\searchhook.dll (APN LLC.)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Avira SearchFree Toolbar -> {41564952-412D-5637-00A7-7A786E7484D7} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: YTAHelper -> {FCE3FA8B-BA81-467C-81D8-E43C00D1BC71} -> C:\ProgramData\YTAHelper\YTAHelper64.dll No File
BHO-x32: Avira SearchFree Toolbar -> {41564952-412D-5637-00A7-7A786E7484D7} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: YTAHelper -> {FCE3FA8B-BA81-467C-81D8-E43C00D1BC71} -> C:\ProgramData\YTAHelper\YTAHelper.dll No File
Toolbar: HKLM - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default
FF SearchEngineOrder.3: Bing
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
FF Extension: Avira SearchFree Toolbar plus Web Protection - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\toolbar_AVIRA-V7@apn.ask.com [2013-08-18]
FF Extension: Youtube Accelerator Helper - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\{4C59F3E5-BBD0-4344-8DD2-30866FA0B31E} [2014-08-21]
FF Extension: Avira SearchFree Toolbar plus Web Protection - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\toolbar_AVIRA-V7@apn.ask.com.xpi [2014-02-21]
FF HKLM-x32\...\Firefox\Extensions: [fiddlerhook@fiddler2.com] - C:\Program Files (x86)\Fiddler2\FiddlerHook
FF Extension: FiddlerHook - C:\Program Files (x86)\Fiddler2\FiddlerHook [2013-06-16]

Chrome:
=======
CHR HomePage: Default ->
CHR StartupUrls: Default -> "https://www.google.at/?gws_rd=ssl#q=was+ist+it+surf%3F"
CHR DefaultSuggestURL: Default ->
CHR Profile: C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-31]
CHR Extension: (Google Drive) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-31]
CHR Extension: (YouTube) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-31]
CHR Extension: (Google-Suche) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-31]
CHR Extension: (Google Wallet) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-27]
CHR Extension: (Google Mail) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-31]
CHR HKLM-x32\...\Chrome\Extension: [aaaaacalgebmfelllfiaoknifldpngjh] - C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7\CRX\ToolbarCR.crx [2014-02-21]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1021008 2014-08-14] (Avira Operations GmbH & Co. KG)
S4 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2014-02-13] () [File not signed]
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [146592 2011-03-31] (Atheros) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [75936 2011-03-31] (Atheros Commnucations) [File not signed]
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [149296 2014-08-04] (Avira Operations GmbH & Co. KG)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2356408 2014-06-19] (Microsoft Corporation)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] ()
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S2 YouTubeAcceleratorService; C:\PROGRA~2\YOUTUB~1\YouTubeAcceleratorService.exe -start -scm [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-07-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-10] (Avira Operations GmbH & Co. KG)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-09-03] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-03 16:19 - 2014-09-03 16:19 - 00000000 ____D () C:\mbam.txt
2014-09-03 15:46 - 2014-09-03 16:14 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-03 15:46 - 2014-09-03 15:46 - 00001065 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-09-03 15:46 - 2014-09-03 15:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-03 15:46 - 2014-09-03 15:46 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-03 15:46 - 2014-09-03 15:46 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-09-03 15:46 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-09-03 15:46 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-09-03 15:46 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-09-03 15:14 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-09-03 15:11 - 2014-09-03 15:29 - 00000000 ____D () C:\AdwCleaner
2014-09-02 11:49 - 2014-09-03 16:25 - 00000000 ____D () C:\FRST
2014-09-02 09:52 - 2014-09-02 10:40 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Nico Mak Computing
2014-09-02 07:09 - 2014-09-02 07:09 - 00000000 _____ () C:\autoexec.bat
2014-09-02 07:08 - 2014-09-02 07:08 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-09-02 07:07 - 2014-09-02 08:45 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-09-01 14:33 - 2014-09-01 14:33 - 00003073 _____ () C:\AdwCleaner[R17].txt
2014-08-31 18:21 - 2014-08-31 18:21 - 00003050 _____ () C:\AdwCleaner[S14].txt
2014-08-31 18:21 - 2014-08-31 18:21 - 00002951 _____ () C:\AdwCleaner[R16].txt
2014-08-30 20:38 - 2014-08-30 20:38 - 00110730 _____ () C:\AdwCleaner[S13].txt
2014-08-30 20:37 - 2014-08-30 20:37 - 00110629 _____ () C:\AdwCleaner[R15].txt
2014-08-30 16:25 - 2014-08-30 19:11 - 00000000 ____D () C:\Users\Martina\.birdfont
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Birdfont
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Program Files (x86)\Birdfont
2014-08-28 21:00 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-28 21:00 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-28 21:00 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-27 20:00 - 2014-08-27 20:00 - 00003072 _____ () C:\AdwCleaner[S12].txt
2014-08-27 20:00 - 2014-08-27 20:00 - 00003003 _____ () C:\AdwCleaner[R14].txt
2014-08-25 23:05 - 2014-09-03 14:45 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d5b784a456c2a23342a325557.job
2014-08-23 12:40 - 2014-08-23 21:29 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d2d37505a2a6c55326c342341.job
2014-08-21 16:10 - 2014-08-21 16:10 - 00000260 _____ () C:\Windows\Tasks\Launch 21752.job
2014-08-21 16:09 - 2014-09-03 07:46 - 00000000 ____D () C:\ProgramData\TEMP
2014-08-21 16:09 - 2014-08-21 16:09 - 00172032 _____ (Jin Hui E-mail: jinhui@jcomsoft.com Web: hxxp://www.jcomsoft.com) C:\Windows\SysWOW64\AniGIF.ocx
2014-08-21 16:09 - 2014-08-21 16:09 - 00001109 _____ () C:\Users\Martina\Desktop\YouTube Accelerator.lnk
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Users\Martina\AppData\Local\CrashRpt
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\High-Logic FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Local\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\High-Logic FontCreator
2014-08-21 09:48 - 2013-01-24 13:43 - 01415352 _____ (High-Logic B.V.) C:\Windows\SysWOW64\FontInstaller2.dll
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieUserList
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieSiteList
2014-08-20 21:09 - 2014-08-20 21:09 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\DesktopIconGoodgame
2014-08-20 20:31 - 2014-08-20 20:31 - 00000366 _____ () C:\Windows\Tasks\Updater scan.job
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Abelssoft
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\ProgramData\XDMessagingv4
2014-08-20 20:30 - 2014-08-20 20:46 - 00000000 ____D () C:\Users\Martina\AppData\Local\Abelssoft
2014-08-20 20:29 - 2014-08-20 20:29 - 00001013 _____ () C:\Users\Public\Desktop\CHIP Updater.lnk
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CHIP Updater
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\Program Files (x86)\CHIP Updater
2014-08-20 20:28 - 2014-08-20 21:09 - 00000000 ____D () C:\Program Files (x86)\FontForge
2014-08-20 20:28 - 2014-08-20 20:28 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FontForge
2014-08-19 15:23 - 2014-08-19 15:23 - 00001100 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-16 10:48 - 2014-08-31 19:56 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\dvdcss
2014-08-14 14:22 - 2014-08-19 15:23 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-14 07:27 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-14 07:27 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-14 07:27 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-14 07:27 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-14 07:27 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-14 07:27 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-14 07:26 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-14 07:26 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-13 20:44 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-13 20:44 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-08-13 20:44 - 2014-07-09 00:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-08-13 20:44 - 2014-07-09 00:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2014-08-13 20:44 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-13 20:44 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-13 20:44 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-13 20:44 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-13 20:44 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-13 20:44 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-13 20:44 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-13 20:43 - 2014-08-01 01:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-13 20:43 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-13 20:43 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-13 20:43 - 2014-07-25 16:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-13 20:43 - 2014-07-25 16:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-13 20:43 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-13 20:43 - 2014-07-25 15:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-13 20:43 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-13 20:43 - 2014-07-25 15:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-13 20:43 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-13 20:43 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-13 20:43 - 2014-07-25 15:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-13 20:43 - 2014-07-25 15:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-13 20:43 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-13 20:43 - 2014-07-25 15:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-13 20:43 - 2014-07-25 15:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-13 20:43 - 2014-07-25 15:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-13 20:43 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-13 20:43 - 2014-07-25 14:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-13 20:43 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-13 20:43 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-13 20:43 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-13 20:43 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-13 20:43 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-13 20:43 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-13 20:43 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-13 20:43 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-13 20:43 - 2014-07-25 14:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-13 20:43 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-13 20:43 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-13 20:43 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-13 20:43 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-13 20:43 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-13 20:43 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-13 20:43 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-13 20:43 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-13 20:43 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-13 20:43 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-13 20:43 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-13 20:43 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-13 20:43 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-13 20:43 - 2014-07-25 13:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-13 20:43 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-13 20:43 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-13 20:43 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-13 20:43 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-13 20:43 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-13 20:43 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-13 20:43 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-13 20:43 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-13 20:43 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-13 20:43 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-13 20:43 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-13 20:43 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-13 20:43 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-13 20:43 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-13 20:43 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-13 20:43 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-13 20:43 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-13 20:42 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-13 20:42 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-13 20:41 - 2014-08-07 04:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-13 20:41 - 2014-08-07 04:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-07 08:58 - 2014-08-07 08:58 - 00000000 ____D () C:\Users\Martina\restore
2014-08-06 12:12 - 2014-08-11 09:18 - 00000000 ____D () C:\ProgramData\tmp
2014-08-06 12:12 - 2014-08-06 14:31 - 00000000 ____D () C:\ProgramData\hps
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Fotoviewer.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Foto World.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hartlauer Foto World
2014-08-06 12:00 - 2014-08-06 12:00 - 00000000 ____D () C:\Program Files\Hartlauer Foto World

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-03 16:25 - 2014-09-02 11:49 - 00000000 ____D () C:\FRST
2014-09-03 16:19 - 2014-09-03 16:19 - 00000000 ____D () C:\mbam.txt
2014-09-03 16:19 - 2009-07-14 06:45 - 00015104 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-03 16:19 - 2009-07-14 06:45 - 00015104 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-03 16:14 - 2014-09-03 15:46 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-03 16:12 - 2013-08-09 13:39 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Skype
2014-09-03 16:10 - 2013-09-18 15:26 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-09-03 16:10 - 2009-07-14 06:51 - 00075213 _____ () C:\Windows\setupact.log
2014-09-03 16:09 - 2013-06-15 03:18 - 00439506 _____ () C:\Windows\PFRO.log
2014-09-03 16:09 - 2013-06-14 23:43 - 01774922 _____ () C:\Windows\WindowsUpdate.log
2014-09-03 16:09 - 2009-07-14 05:20 - 00000000 __RSD () C:\Windows\Media
2014-09-03 15:46 - 2014-09-03 15:46 - 00001065 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-09-03 15:46 - 2014-09-03 15:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-03 15:46 - 2014-09-03 15:46 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-03 15:46 - 2014-09-03 15:46 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-09-03 15:29 - 2014-09-03 15:11 - 00000000 ____D () C:\AdwCleaner
2014-09-03 15:29 - 2014-02-20 18:27 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-09-03 15:29 - 2013-06-16 16:53 - 00001241 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-03 15:29 - 2013-06-16 16:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-09-03 15:29 - 2013-06-15 00:32 - 00001024 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-09-03 15:29 - 2013-06-14 23:49 - 00001002 _____ () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-09-03 14:45 - 2014-08-25 23:05 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d5b784a456c2a23342a325557.job
2014-09-03 07:47 - 2013-06-16 16:47 - 00000000 ____D () C:\Users\Martina\AppData\Local\Adobe
2014-09-03 07:46 - 2014-08-21 16:09 - 00000000 ____D () C:\ProgramData\TEMP
2014-09-02 21:44 - 2013-10-27 07:21 - 00000000 ____D () C:\Users\Martina\AppData\Local\CrashDumps
2014-09-02 10:40 - 2014-09-02 09:52 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Nico Mak Computing
2014-09-02 08:45 - 2014-09-02 07:07 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-09-02 07:09 - 2014-09-02 07:09 - 00000000 _____ () C:\autoexec.bat
2014-09-02 07:08 - 2014-09-02 07:08 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-09-01 14:33 - 2014-09-01 14:33 - 00003073 _____ () C:\AdwCleaner[R17].txt
2014-09-01 11:43 - 2013-11-29 17:31 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-09-01 11:18 - 2009-07-14 19:58 - 00699666 _____ () C:\Windows\system32\perfh007.dat
2014-09-01 11:18 - 2009-07-14 19:58 - 00149774 _____ () C:\Windows\system32\perfc007.dat
2014-09-01 11:18 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-31 20:35 - 2013-06-15 00:30 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\vlc
2014-08-31 19:56 - 2014-08-16 10:48 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\dvdcss
2014-08-31 18:21 - 2014-08-31 18:21 - 00003050 _____ () C:\AdwCleaner[S14].txt
2014-08-31 18:21 - 2014-08-31 18:21 - 00002951 _____ () C:\AdwCleaner[R16].txt
2014-08-30 20:38 - 2014-08-30 20:38 - 00110730 _____ () C:\AdwCleaner[S13].txt
2014-08-30 20:37 - 2014-08-30 20:37 - 00110629 _____ () C:\AdwCleaner[R15].txt
2014-08-30 19:11 - 2014-08-30 16:25 - 00000000 ____D () C:\Users\Martina\.birdfont
2014-08-30 16:25 - 2013-06-14 23:48 - 00000000 ____D () C:\Users\Martina
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Birdfont
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Program Files (x86)\Birdfont
2014-08-29 20:07 - 2009-07-14 06:45 - 05101376 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-27 20:00 - 2014-08-27 20:00 - 00003072 _____ () C:\AdwCleaner[S12].txt
2014-08-27 20:00 - 2014-08-27 20:00 - 00003003 _____ () C:\AdwCleaner[R14].txt
2014-08-23 21:29 - 2014-08-23 12:40 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d2d37505a2a6c55326c342341.job
2014-08-23 04:07 - 2014-08-28 21:00 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 03:45 - 2014-08-28 21:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-23 02:59 - 2014-08-28 21:00 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-21 16:10 - 2014-08-21 16:10 - 00000260 _____ () C:\Windows\Tasks\Launch 21752.job
2014-08-21 16:09 - 2014-08-21 16:09 - 00172032 _____ (Jin Hui E-mail: jinhui@jcomsoft.com Web: hxxp://www.jcomsoft.com) C:\Windows\SysWOW64\AniGIF.ocx
2014-08-21 16:09 - 2014-08-21 16:09 - 00001109 _____ () C:\Users\Martina\Desktop\YouTube Accelerator.lnk
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Users\Martina\AppData\Local\CrashRpt
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\High-Logic FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Local\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\High-Logic FontCreator
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieUserList
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieSiteList
2014-08-20 21:09 - 2014-08-20 21:09 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\DesktopIconGoodgame
2014-08-20 21:09 - 2014-08-20 20:28 - 00000000 ____D () C:\Program Files (x86)\FontForge
2014-08-20 20:46 - 2014-08-20 20:30 - 00000000 ____D () C:\Users\Martina\AppData\Local\Abelssoft
2014-08-20 20:31 - 2014-08-20 20:31 - 00000366 _____ () C:\Windows\Tasks\Updater scan.job
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Abelssoft
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\ProgramData\XDMessagingv4
2014-08-20 20:30 - 2013-06-15 00:32 - 00113576 _____ () C:\Users\Martina\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-20 20:29 - 2014-08-20 20:29 - 00001013 _____ () C:\Users\Public\Desktop\CHIP Updater.lnk
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CHIP Updater
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\Program Files (x86)\CHIP Updater
2014-08-20 20:28 - 2014-08-20 20:28 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FontForge
2014-08-19 15:23 - 2014-08-19 15:23 - 00001100 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-19 15:23 - 2014-08-14 14:22 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-19 15:23 - 2013-08-18 13:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-08-19 15:22 - 2013-08-18 13:04 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-08-14 14:22 - 2013-08-18 13:04 - 00000000 ____D () C:\ProgramData\Avira
2014-08-14 08:08 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-14 07:52 - 2013-06-16 18:01 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-14 07:42 - 2013-08-14 20:07 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-14 07:36 - 2013-06-15 01:38 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-14 07:25 - 2014-05-07 03:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-11 09:18 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\tmp
2014-08-07 08:58 - 2014-08-07 08:58 - 00000000 ____D () C:\Users\Martina\restore
2014-08-07 04:06 - 2014-08-13 20:41 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-07 04:01 - 2014-08-13 20:41 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-06 14:31 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\hps
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Fotoviewer.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Foto World.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hartlauer Foto World
2014-08-06 12:00 - 2014-08-06 12:00 - 00000000 ____D () C:\Program Files\Hartlauer Foto World

Some content of TEMP:
====================
C:\Users\Martina\AppData\Local\Temp\avgnt.exe
C:\Users\Martina\AppData\Local\Temp\Quarantine.exe
C:\Users\Martina\AppData\Local\Temp\SHSetup.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2013-08-29 06:40

==================== End Of Log ============================
--- --- ---

--- --- ---


Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-09-2014
Ran by Martina at 2014-09-03 17:26:34
Running from D:\Martina\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.8.0.1430 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.8.0.1430 - Adobe Systems Incorporated) Hidden
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.2.1.260 - Adobe Systems Incorporated)
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.8.800.94 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Adobe® Content Viewer (HKLM-x32\...\com.adobe.dmp.contentviewer) (Version: 3.3.0 - Adobe Systems Incorporated)
Adobe® Content Viewer (x32 Version: 3.3.0 - Adobe Systems Incorporated) Hidden
Apple Application Support (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2F72F540-1F60-4266-9506-952B21D6640D}) (Version: 6.1.0.13 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros WiFi Driver Installation (HKLM-x32\...\{7D916FA5-DAE9-4A25-B089-655C70EAF607}) (Version: 3.0 - Atheros)
Avira (HKLM-x32\...\{e67154a7-9cc5-4167-b782-f3982bc6c70d}) (Version: 1.1.19.30000 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.19.30000 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.6.570 - Avira)
Avira SearchFree Toolbar (HKLM-x32\...\{41564952-412D-5637-00A7-A758B70C0A03}) (Version: 12.10.3.4487 - APN, LLC)
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.3.0.95 - Atheros Communications)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - ‪Canon Inc.‬)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version:  - ‪Canon Inc.‬)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.0.0 - Canon Inc.)
Canon MG4200 series Benutzerregistrierung (HKLM-x32\...\Canon MG4200 series Benutzerregistrierung) (Version:  - Canon Inc.‎)
Canon MG4200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG4200_series) (Version: 1.01 - Canon Inc.)
Canon MG4200 series On-screen Manual (HKLM-x32\...\Canon MG4200 series On-screen Manual) (Version: 7.5.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.0.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.0.0 - Canon Inc.)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.0.3661 - CDBurnerXP)
CHIP Updater (HKLM-x32\...\CHIP Updater_is1) (Version: 2.28 - Abelssoft)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{132D27B8-C656-44BD-8C16-73C54EA8A85F}) (Version:  - Microsoft)
Fiddler (HKLM-x32\...\Fiddler2) (Version: 2.4.4.5 - Telerik)
FontForge 2012-07-31 (HKLM-x32\...\FontForge) (Version: 2012-07-31 - )
Free YouTube to MP3 Converter version 3.12.5.628 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.5.628 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.143 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
Hartlauer Foto World (HKLM-x32\...\Hartlauer Foto World) (Version: 5.1.5 - CEWE Stiftung u Co. KGaA)
High-Logic FontCreator 8 (HKLM-x32\...\FontCreator8_is1) (Version:  - High-Logic B.V.)
iTunes (HKLM\...\{76FF0F03-B707-4332-B5D1-A56C8303514E}) (Version: 11.0.4.4 - Apple Inc.)
Java 7 Update 21 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217021FF}) (Version: 7.0.210 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.5 - Sun Microsystems, Inc.) Hidden
Leawo PowerPoint to Video Converter version 2.7.1.0 (HKLM-x32\...\{5D5CB188-F9B1-4103-B2AD-07FB33068377}_is1) (Version: 2.7.1.0 - Leawo Software)
MAGIX Foto Designer 7 (HKLM-x32\...\MAGIX_{2DCD52EE-1AE1-4128-9819-A79F7D09B6B3}) (Version: 7.0.1.1 - MAGIX AG)
MAGIX Foto Designer 7 (Version: 7.0.1.1 - MAGIX AG) Hidden
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 15.0.4631.1002 - Microsoft Corporation)
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4023.1211 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ Run Time  Lib Setup (HKLM-x32\...\{AAF4238F-7C29-451D-9925-C753271A5728}) (Version: 1.0.0 - Microsoft)
Mozilla Firefox 13.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 13.0.1 (x86 de)) (Version: 13.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 13.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NSIS Birdfont (HKLM-x32\...\Birdfont) (Version:  - )
NVIDIA 3D Vision Treiber 267.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 267.21 - NVIDIA Corporation)
NVIDIA Grafiktreiber 267.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 267.21 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.2.19.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.2.19.0 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.109.718 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.10.0514 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.10.0514 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.10.0514 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6721 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 267.21 (Version: 267.21 - NVIDIA Corporation) Hidden
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4623.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4631.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4623.1003 - Microsoft Corporation) Hidden
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.0 - pdfforge)
PhotoPad Foto-Editor (HKLM-x32\...\PhotoPad) (Version: 2.41 - NCH Software)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.92 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
Shopper-Pro (HKLM-x32\...\ShopperPro) (Version:  - )
simplitec simplicheck (HKLM-x32\...\{DF103EDA-7937-4966-8EFB-5EF5C38301F2}) (Version: 1.3.9.0 - simplitec GmbH)
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
SpeedMaxPc (HKLM-x32\...\{1341F917-C3E5-413E-A11C-AA58273843C4}) (Version: 3.1.6.0 - SpeedMaxPc)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Excel 2010 (KB2837600) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{4ACD847E-547D-493F-9A86-F73EAE1B5174}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2687502) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{7DE7DF97-82FE-4B3A-AB8D-1621F9CC464A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B0D672F7-883E-4279-8E75-D97A5445AB46}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUS_{EAD7BEF9-B28C-425F-B2C5-538CB27EF013}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUS_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUS_{40EC8FB1-5202-469D-9232-C28FB1C6FC64}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version:  - Microsoft)
VLC media player 2.0.5 (HKLM-x32\...\VLC media player) (Version: 2.0.5 - VideoLAN)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
XnView 1.99.5 (HKLM-x32\...\XnView_is1) (Version: 1.99.5 - Gougelet Pierre-e)
YouTube Accelerator (HKLM-x32\...\YouTube Accelerator) (Version: 3394(build_88) - Goobzo Ltd.)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2921778440-697364257-2174348754-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2921778440-697364257-2174348754-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2921778440-697364257-2174348754-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2921778440-697364257-2174348754-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2921778440-697364257-2174348754-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points  =========================

28-08-2014 21:18:18 Windows Update
02-09-2014 05:07:47 Installed SpyHunter
02-09-2014 05:15:58 Removed SpyHunter
02-09-2014 05:50:31 Installed SpyHunter
02-09-2014 06:43:19 Removed SpyHunter

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {136E99D8-6048-466C-A642-6ED03D639BE9} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2013\OneClick.exe
Task: {A9EB2394-AF1F-446F-BB25-754EC1B3C9B7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-15] (Google Inc.)
Task: {B78E6EA3-3BE7-484B-948E-4076ECF61197} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-15] (Google Inc.)
Task: {C72E5E18-FF2C-49F1-8FC2-B294810C7742} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-20] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AdobeAAMUpdater-1.0-NB01KRZBMA-Martina.job => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf8a54415c3b16.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Launch 21752.job => C:\Program Files (x86)\YouTube Accelerator\YouTubeAccelerator.exe
Task: C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d2d37505a2a6c55326c342341.job => C:\ProgramData\ShopperPro\spbihe.js" spbiu.exe <==== ATTENTION
Task: C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d5b784a456c2a23342a325557.job => C:\ProgramData\ShopperPro\spbihe.js" spbiu.exe <==== ATTENTION
Task: C:\Windows\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013.job => C:\Program Files (x86)\TuneUp Utilities 2013\OneClick.exe
Task: C:\Windows\Tasks\Updater scan.job => C:\Program Files (x86)\CHIP Updater\CHIPUpdater.exe

==================== Loaded Modules (whitelisted) =============

2013-10-16 19:02 - 2013-10-16 19:02 - 03358064 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2014-07-04 16:21 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-11-29 17:53 - 2012-03-28 14:49 - 00140456 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2013-10-16 19:01 - 2013-10-16 19:01 - 04624240 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2013-04-21 21:44 - 2013-04-21 21:44 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-04-21 21:44 - 2013-04-21 21:44 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2014-08-04 14:20 - 2014-08-04 14:20 - 00139056 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.NativeCore.dll
2014-08-04 14:20 - 2014-08-04 14:20 - 00067832 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.AvConnectorNative.dll
2014-08-14 14:22 - 2014-08-04 14:20 - 00052472 _____ () C:\Users\Martina\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
2013-10-17 17:45 - 2013-10-17 17:45 - 32726528 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\libcef.dll
2013-03-13 14:42 - 2013-06-05 15:21 - 00071560 _____ () C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\zlib1.dll
2014-08-16 10:33 - 2014-08-07 05:20 - 00718152 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\libglesv2.dll
2014-08-16 10:33 - 2014-08-07 05:20 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\libegl.dll
2014-08-16 10:33 - 2014-08-07 05:20 - 08537928 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\pdf.dll
2014-08-16 10:33 - 2014-08-07 05:20 - 00353096 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ppGoogleNaClPluginChrome.dll
2014-08-16 10:33 - 2014-08-07 05:20 - 01732936 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:56E2E879

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


==================== Faulty Device Manager Devices =============

Name: Atheros AR3011 Bluetooth(R) Adapter
Description: Atheros AR3011 Bluetooth(R) Adapter
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Atheros Communications
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Ethernet-Controller
Description: Ethernet-Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (09/03/2014 03:31:58 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x800706b5, Die Schnittstelle ist unbekannt.
.

Error: (09/03/2014 03:31:58 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x800706b5, Die Schnittstelle ist unbekannt.
]

Error: (09/03/2014 03:29:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_RpcSs, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc3c1
Name des fehlerhaften Moduls: RPCRT4.dll, Version: 6.1.7601.18532, Zeitstempel: 0x53c339ee
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000000bf27
ID des fehlerhaften Prozesses: 0x310
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_RpcSs0
Pfad der fehlerhaften Anwendung: svchost.exe_RpcSs1
Pfad des fehlerhaften Moduls: svchost.exe_RpcSs2
Berichtskennung: svchost.exe_RpcSs3

Error: (09/03/2014 09:56:49 AM) (Source: Office Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2014-09-03T09:50:49Z. Error Code: 0x80070032.

Error: (09/03/2014 07:43:34 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/03/2014 07:43:33 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15587620

Error: (09/03/2014 07:43:33 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15587620

Error: (09/03/2014 07:43:33 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/03/2014 07:43:32 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15586606

Error: (09/03/2014 07:43:32 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15586606


System errors:
=============
Error: (09/03/2014 04:10:34 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "YouTubeAcceleratorService" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (09/03/2014 03:33:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "YouTubeAcceleratorService" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (09/03/2014 03:33:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SPDRIVER_1.37.0.486" wurde aufgrund folgenden Fehlers nicht gestartet:
%%3

Error: (09/03/2014 03:29:50 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "WinHTTP-Web Proxy Auto-Discovery-Dienst" wurde mit folgendem dienstspezifischem Fehler beendet: %%0.

Error: (09/03/2014 03:29:49 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Remoteprozeduraufruf (RPC)" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Computers.

Error: (09/03/2014 03:29:49 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "RPC-Endpunktzuordnung" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (09/03/2014 07:46:53 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Avira Service Host erreicht.

Error: (09/03/2014 07:46:03 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Wajam Internet Enhancer Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (09/03/2014 07:45:09 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "IePlugin Services" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (09/03/2014 07:44:46 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎03.‎09.‎2014 um 07:43:25 unerwartet heruntergefahren.


Microsoft Office Sessions:
=========================
Error: (09/03/2014 03:31:58 PM) (Source: VSS) (EventID: 8193) (User: )
Description: CoCreateInstance0x800706b5, Die Schnittstelle ist unbekannt.

Error: (09/03/2014 03:31:58 PM) (Source: VSS) (EventID: 13) (User: )
Description: {4e14fba2-2e22-11d1-9964-00c04fbbb345}CEventSystem0x800706b5, Die Schnittstelle ist unbekannt.

Error: (09/03/2014 03:29:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: svchost.exe_RpcSs6.1.7600.163854a5bc3c1RPCRT4.dll6.1.7601.1853253c339eec0000005000000000000bf2731001cfc73a2ab20ee7C:\Windows\system32\svchost.exeC:\Windows\system32\RPCRT4.dll5e522420-336e-11e4-87f2-810b0bc3ec01

Error: (09/03/2014 09:56:49 AM) (Source: Office Software Protection Platform Service) (EventID: 16385) (User: )
Description: 0x800700322014-09-03T09:50:49Z

Error: (09/03/2014 07:43:34 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/03/2014 07:43:33 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15587620

Error: (09/03/2014 07:43:33 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15587620

Error: (09/03/2014 07:43:33 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/03/2014 07:43:32 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15586606

Error: (09/03/2014 07:43:32 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15586606


CodeIntegrity Errors:
===================================
  Date: 2013-08-03 00:31:49.584
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-08-03 00:31:49.581
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-08-03 00:31:49.578
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-08-03 00:31:49.555
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-08-03 00:31:49.551
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-08-03 00:31:49.545
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-08-01 10:10:32.741
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-08-01 10:10:32.739
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-08-01 10:10:32.736
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-08-01 10:10:32.718
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3-2310M CPU @ 2.10GHz
Percentage of memory in use: 47%
Total physical RAM: 4077.86 MB
Available physical RAM: 2152.59 MB
Total Pagefile: 8153.9 MB
Available Pagefile: 5727.11 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: (LWC) (Fixed) (Total:78.03 GB) (Free:30.89 GB) NTFS
Drive d: (DATEN) (Fixed) (Total:154.76 GB) (Free:137.32 GB) NTFS
Drive e: (SLEEPING_WITH_THE_ENEMY) (CDROM) (Total:4.43 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 26558982)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=78 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=154.8 GB) - (Type=07 NTFS)

==================== End Of Log ============================

M-K-D-B 03.09.2014 16:35
Suchlauf von MBAM und JRT bitte noch nachreichen, dann kann es weitergehen. :)

Tinti 03.09.2014 17:34
bei Malware findet er nichts mehr :-)

Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by Martina on 03.09.2014 at 17:49:57,59
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{41564952-412D-5637-00A7-7A786E7484D7}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2921778440-697364257-2174348754-1000\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{87EA3B72-62EE-4507-9E84-22DA985E963A}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\simplitec"
Successfully deleted: [Folder] "C:\Users\Martina\AppData\Roaming\simplitec"
Successfully deleted: [Folder] "C:\Program Files (x86)\simplitec"



~~~ FireFox

Successfully deleted: [File] C:\Users\Martina\AppData\Roaming\mozilla\firefox\profiles\8qahtb8s.default\extensions\toolbar_avira-v7@apn.ask.com.xpi
Successfully deleted: [Folder] C:\Users\Martina\AppData\Roaming\mozilla\firefox\profiles\8qahtb8s.default\extensions\toolbar_avira-v7@apn.ask.com



~~~ Chrome

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\aaaaacalgebmfelllfiaoknifldpngjh



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 03.09.2014 at 17:57:38,90
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
passt das jetzt so? ggg

M-K-D-B 04.09.2014 08:15
Gut gemacht. :)



So geht es weiter:




Schritt 1
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument


Code:
start
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [GoobzoYouTubeAccelerator] => "C:\Program Files (x86)\YouTube Accelerator\YouTubeAccelerator.exe" /startup
C:\Program Files (x86)\YouTube Accelerator
BHO: YTAHelper -> {FCE3FA8B-BA81-467C-81D8-E43C00D1BC71} -> C:\ProgramData\YTAHelper\YTAHelper64.dll No File
C:\ProgramData\YTAHelper
BHO-x32: YTAHelper -> {FCE3FA8B-BA81-467C-81D8-E43C00D1BC71} -> C:\ProgramData\YTAHelper\YTAHelper.dll No File
FF Extension: Youtube Accelerator Helper - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\{4C59F3E5-BBD0-4344-8DD2-30866FA0B31E} [2014-08-21]
S2 YouTubeAcceleratorService; C:\PROGRA~2\YOUTUB~1\YouTubeAcceleratorService.exe -start -scm [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
C:\Program Files\Enigma Software Group
C:\Users\Martina\AppData\Roaming\Nico Mak Computing
C:\Users\Martina\Desktop\YouTube Accelerator.lnk
Task: C:\Windows\Tasks\Launch 21752.job => C:\Program Files (x86)\YouTube Accelerator\YouTubeAccelerator.exe
Task: C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d2d37505a2a6c55326c342341.job => C:\ProgramData\ShopperPro\spbihe.js" spbiu.exe <==== ATTENTION
Task: C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d5b784a456c2a23342a325557.job => C:\ProgramData\ShopperPro\spbihe.js" spbiu.exe <==== ATTENTION
C:\ProgramData\ShopperPro
AlternateDataStreams: C:\ProgramData\TEMP:56E2E879
EmptyTemp:
end

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.






Schritt 2
Lade dir die passende Version von SystemLook vom folgenden Spiegel herunter und speichere das Tool auf dem Desktop:
SystemLook (32 bit) | SystemLook (64 bit)
  • Doppelklicke auf die SystemLook.exe, um das Tool zu starten.
  • Kopiere den Inhalt der folgenden Codebox in das Textfeld des Tools:

    Code:
    :folderfind
    *YouTubeAccelerator*
    *ShopperPro*
    *Shopper-Pro*
    *SpeedMaxPc*
    *simplitec*
    *InetStat*
    *Wajam*
    *FindRight*
    *FlvPlayer*
    *globalUpdate*
    *Goobzo*
    *istartsurf*

    :regfind
    YouTubeAccelerator
    ShopperPro
    Shopper-Pro
    SpeedMaxPc
    simplitec
    InetStat
    Wajam
    FindRight
    FlvPlayer
    globalUpdate
    Goobzo
    istartsurf
  • Klicke nun auf den Button Look, um den Scan zu starten.
  • Der Suchlauf kann einige Zeit dauern.
  • Wenn der Suchlauf beendet ist, wird sich dein Editor mit den Ergebnissen öffnen, poste diese in deinen Thread.
  • Die Ergebnisse werden auch auf dem Desktop als SystemLook.txt gespeichert.







Schritt 3
  • Starte die FRST.exe erneut. Setze einen Haken vor Addition und drücke auf Scan.
  • FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.





Bitte poste mit deiner nächsten Antwort
  • die Logdatei des FRST-Fix,
  • die Logdatei von SystemLook,
  • die beiden neuen Logdateien von FRST.

Tinti 04.09.2014 10:28
Bei Schritt 1 wird nichts erstellt. Ich habs aber richtig gemacht. :-)

M-K-D-B 04.09.2014 10:45
Zitat:
Zitat von Tinti (Beitrag 1353914)
Bei Schritt 1 wird nichts erstellt. Ich habs aber richtig gemacht. :-)
Wurde der Neustart durchgeführt?

Logdatei findet sich unter: D:\Martina\Desktop\fixlog.txt

Tinti 05.09.2014 07:05
Code:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 03-09-2014
Ran by Martina at 2014-09-04 11:15:30 Run:1
Running from D:\Martina\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
start
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [GoobzoYouTubeAccelerator] => "C:\Program Files (x86)\YouTube Accelerator\YouTubeAccelerator.exe" /startup
C:\Program Files (x86)\YouTube Accelerator
BHO: YTAHelper -> {FCE3FA8B-BA81-467C-81D8-E43C00D1BC71} -> C:\ProgramData\YTAHelper\YTAHelper64.dll No File
C:\ProgramData\YTAHelper
BHO-x32: YTAHelper -> {FCE3FA8B-BA81-467C-81D8-E43C00D1BC71} -> C:\ProgramData\YTAHelper\YTAHelper.dll No File
FF Extension: Youtube Accelerator Helper - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\{4C59F3E5-BBD0-4344-8DD2-30866FA0B31E} [2014-08-21]
S2 YouTubeAcceleratorService; C:\PROGRA~2\YOUTUB~1\YouTubeAcceleratorService.exe -start -scm [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
C:\Program Files\Enigma Software Group
C:\Users\Martina\AppData\Roaming\Nico Mak Computing
C:\Users\Martina\Desktop\YouTube Accelerator.lnk
Task: C:\Windows\Tasks\Launch 21752.job => C:\Program Files (x86)\YouTube Accelerator\YouTubeAccelerator.exe
Task: C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d2d37505a2a6c55326c342341.job => C:\ProgramData\ShopperPro\spbihe.js" spbiu.exe <==== ATTENTION
Task: C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d5b784a456c2a23342a325557.job => C:\ProgramData\ShopperPro\spbihe.js" spbiu.exe <==== ATTENTION
C:\ProgramData\ShopperPro
AlternateDataStreams: C:\ProgramData\TEMP:56E2E879
EmptyTemp:
end
       
*****************

HKU\S-1-5-21-2921778440-697364257-2174348754-1000\Software\Microsoft\Windows\CurrentVersion\Run\\GoobzoYouTubeAccelerator => value deleted successfully.
"C:\Program Files (x86)\YouTube Accelerator" => File/Directory not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCE3FA8B-BA81-467C-81D8-E43C00D1BC71}" => Key deleted successfully.
"HKCR\CLSID\{FCE3FA8B-BA81-467C-81D8-E43C00D1BC71}" => Key deleted successfully.
"C:\ProgramData\YTAHelper" => File/Directory not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCE3FA8B-BA81-467C-81D8-E43C00D1BC71}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{FCE3FA8B-BA81-467C-81D8-E43C00D1BC71}" => Key deleted successfully.
C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\{4C59F3E5-BBD0-4344-8DD2-30866FA0B31E} => Moved successfully.
YouTubeAcceleratorService => Service deleted successfully.
esgiguard => Service deleted successfully.
C:\Program Files\Enigma Software Group => Moved successfully.
C:\Users\Martina\AppData\Roaming\Nico Mak Computing => Moved successfully.
C:\Users\Martina\Desktop\YouTube Accelerator.lnk => Moved successfully.
C:\Windows\Tasks\Launch 21752.job => Moved successfully.
C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d2d37505a2a6c55326c342341.job => Moved successfully.
C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d5b784a456c2a23342a325557.job => Moved successfully.
"C:\ProgramData\ShopperPro" => File/Directory not found.
C:\ProgramData\TEMP => ":56E2E879" ADS removed successfully.
EmptyTemp: => Removed 286.6 MB temporary data.


The system needed a reboot.

==== End of Fixlog ====
Code:
SystemLook 30.07.11 by jpshortstuff
Log created at 07:45 on 05/09/2014 by Martina
Administrator - Elevation successful
WARNING: SystemLook running under WOW64. Use SystemLook_x64 for accurate results.

========== folderfind ==========

Searching for "*YouTubeAccelerator*"
No folders found.

Searching for "*ShopperPro*"
C:\AdwCleaner\Quarantine\C\Program Files (x86)\ShopperPro        d------        [13:29 03/09/2014]
C:\AdwCleaner\Quarantine\C\ProgramData\ShopperPro        d------        [13:29 03/09/2014]
C:\Users\Public\Documents\ShopperPro        d------        [14:09 21/08/2014]

Searching for "*Shopper-Pro*"
No folders found.

Searching for "*SpeedMaxPc*"
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SpeedMaxPc        d------        [13:29 03/09/2014]
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Common Files\SpeedMaxPc        d------        [13:29 03/09/2014]
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SpeedMaxPc\SpeedMaxPc        d------        [13:29 03/09/2014]
C:\AdwCleaner\Quarantine\C\ProgramData\SpeedMaxPc        d------        [13:29 03/09/2014]
C:\AdwCleaner\Quarantine\C\ProgramData\SpeedMaxPc\SpeedMaxPc        d------        [13:29 03/09/2014]
C:\AdwCleaner\Quarantine\C\ProgramData\SpeedMaxPc\UUS3\speedmaxpc        d------        [13:29 03/09/2014]
C:\AdwCleaner\Quarantine\C\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedMaxPc        d------        [13:29 03/09/2014]
C:\AdwCleaner\Quarantine\C\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedMaxPc\SpeedMaxPc        d------        [13:29 03/09/2014]

Searching for "*simplitec*"
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\simplitec        d------        [12:08 27/05/2014]
C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\simplitec        d------        [12:08 27/05/2014]

Searching for "*InetStat*"
C:\AdwCleaner\Quarantine\C\ProgramData\Microsoft\Windows\Start Menu\Programs\InetStat        d------        [13:29 03/09/2014]

Searching for "*Wajam*"
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_WajamInternetEnh_20e4428c1493712a4d3250b374adc03ff7ad47cb_0bc29433        d----c-        [18:08 29/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_WajamInternetEnh_20e4428c1493712a4d3250b374adc03ff7ad47cb_0cedc34e        d----c-        [08:41 30/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_WajamInternetEnh_20e4428c1493712a4d3250b374adc03ff7ad47cb_0d29de4d        d----c-        [17:16 30/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_WajamInternetEnh_20e4428c1493712a4d3250b374adc03ff7ad47cb_cab_0eb6163e        d----c-        [11:27 28/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_02eee0de        d----c-        [19:49 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_035d29a0        d----c-        [19:47 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_099dfac4        d----c-        [19:44 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_0ecb72b1        d----c-        [19:45 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_0ecddcc7        d----c-        [11:27 28/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_0ed21b8b        d----c-        [17:16 30/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_0ef20492        d----c-        [08:41 30/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_1124621e        d----c-        [19:46 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_1524203e        d----c-        [19:50 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_1bd6b903        d----c-        [19:49 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_1bd70935        d----c-        [19:49 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_1e6c89f8        d----c-        [19:46 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_1ec41259        d----c-        [19:46 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_1f3ec208        d----c-        [19:44 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_208901d5        d----c-        [19:47 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_20daea31        d----c-        [19:45 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_21cbc2b4        d----c-        [19:46 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_224ba8dd        d----c-        [19:50 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_2276190d        d----c-        [19:48 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_22b57984        d----c-        [19:47 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_240358fa        d----c-        [19:49 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_247a9a2e        d----c-        [19:44 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_249f80e4        d----c-        [19:50 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_24d0d9eb        d----c-        [19:47 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_259f9aca        d----c-        [19:45 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_25d5518a        d----c-        [19:47 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_25ddf123        d----c-        [19:48 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_25e3121b        d----c-        [19:45 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_25edc939        d----c-        [19:48 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_2607d0b8        d----c-        [19:50 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_262640d8        d----c-        [19:48 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_26383a53        d----c-        [19:46 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_263a4a69        d----c-        [19:44 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_2643f883        d----c-        [19:50 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_264a7253        d----c-        [19:44 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_264bea7f        d----c-        [19:46 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_269290fa        d----c-        [19:49 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_26ba22ae        d----c-        [19:44 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_26cda130        d----c-        [19:48 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_270e6910        d----c-        [19:48 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_2734b1f2        d----c-        [19:47 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_278b311f        d----c-        [19:49 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_cab_1e574700        d----c-        [19:45 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_WajamInternetEnh_20e4428c1493712a4d3250b374adc03ff7ad47cb_0bc29433        d----c-        [18:08 29/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_WajamInternetEnh_20e4428c1493712a4d3250b374adc03ff7ad47cb_0cedc34e        d----c-        [08:41 30/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_WajamInternetEnh_20e4428c1493712a4d3250b374adc03ff7ad47cb_0d29de4d        d----c-        [17:16 30/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_WajamInternetEnh_20e4428c1493712a4d3250b374adc03ff7ad47cb_cab_0eb6163e        d----c-        [11:27 28/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_02eee0de        d----c-        [19:49 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_035d29a0        d----c-        [19:47 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_099dfac4        d----c-        [19:44 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_0ecb72b1        d----c-        [19:45 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_0ecddcc7        d----c-        [11:27 28/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_0ed21b8b        d----c-        [17:16 30/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_0ef20492        d----c-        [08:41 30/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_1124621e        d----c-        [19:46 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_1524203e        d----c-        [19:50 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_1bd6b903        d----c-        [19:49 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_1bd70935        d----c-        [19:49 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_1e6c89f8        d----c-        [19:46 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_1ec41259        d----c-        [19:46 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_1f3ec208        d----c-        [19:44 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_208901d5        d----c-        [19:47 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_20daea31        d----c-        [19:45 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_21cbc2b4        d----c-        [19:46 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_224ba8dd        d----c-        [19:50 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_2276190d        d----c-        [19:48 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_22b57984        d----c-        [19:47 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_240358fa        d----c-        [19:49 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_247a9a2e        d----c-        [19:44 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_249f80e4        d----c-        [19:50 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_24d0d9eb        d----c-        [19:47 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_259f9aca        d----c-        [19:45 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_25d5518a        d----c-        [19:47 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_25ddf123        d----c-        [19:48 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_25e3121b        d----c-        [19:45 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_25edc939        d----c-        [19:48 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_2607d0b8        d----c-        [19:50 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_262640d8        d----c-        [19:48 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_26383a53        d----c-        [19:46 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_263a4a69        d----c-        [19:44 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_2643f883        d----c-        [19:50 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_264a7253        d----c-        [19:44 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_264bea7f        d----c-        [19:46 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_269290fa        d----c-        [19:49 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_26ba22ae        d----c-        [19:44 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_26cda130        d----c-        [19:48 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_270e6910        d----c-        [19:48 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_2734b1f2        d----c-        [19:47 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_278b311f        d----c-        [19:49 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_cab_1e574700        d----c-        [19:45 27/08/2014]

Searching for "*FindRight*"
C:\AdwCleaner\Quarantine\C\Program Files (x86)\FindRight        d------        [13:29 03/09/2014]

Searching for "*FlvPlayer*"
C:\AdwCleaner\Quarantine\C\Program Files (x86)\FlvPlayer        d------        [13:29 03/09/2014]
C:\AdwCleaner\Quarantine\C\ProgramData\Microsoft\Windows\Start Menu\Programs\FlvPlayer        d------        [13:29 03/09/2014]

Searching for "*globalUpdate*"
C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate        d------        [13:29 03/09/2014]

Searching for "*Goobzo*"
C:\Users\Public\Documents\GOOBZO        d------        [14:09 21/08/2014]

Searching for "*istartsurf*"
C:\AdwCleaner\Quarantine\C\Users\Martina\AppData\Roaming\istartsurf        d------        [13:29 03/09/2014]

========== regfind ==========

Searching for "YouTubeAccelerator"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\YouTube Accelerator]
"URLInfoAbout"="hxxp://www.youtubeaccelerator.com/support/"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\YouTube Accelerator]
"Contact"="support@youtubeaccelerator.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\YouTube Accelerator]
"HelpLink"="hxxp://www.youtubeaccelerator.com/about/"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\YouTube Accelerator]
"DisplayIcon"="C:\Program Files (x86)\YouTube Accelerator\YouTubeAccelerator.exe,-0"

Searching for "ShopperPro"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ShopperPro]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ShopperPro]
"UninstallString"="C:\Program Files (x86)\ShopperPro\SPremove.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ShopperPro]
"DisplayIcon"="C:\Program Files (x86)\ShopperPro\ShopperPro.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\ShopperPro.exe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\ShopperPro.exe]
@="C:\Program Files (x86)\ShopperPro\ShopperPro.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\ShopperPro]
[HKEY_LOCAL_MACHINE\SOFTWARE\ShopperPro]
"EXELOCATION"="C:\Program Files (x86)\ShopperPro"
[HKEY_LOCAL_MACHINE\SOFTWARE\ShopperPro]
"ChromeExtFile"="ShopperPro.crx"
[HKEY_LOCAL_MACHINE\SOFTWARE\ShopperPro]
"DBLOCATION"="C:\ProgramData\ShopperPro"
[HKEY_LOCAL_MACHINE\SOFTWARE\ShopperPro]
"CONFIGLOCATION"="C:\ProgramData\ShopperPro"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{03C0AC00-86DE-4B55-81BA-2E7CD61C51B1}]
@="IShopperProBHO"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{8FB1A663-2820-468B-95C4-5060A4C5F413}\1.0]
@="ShopperPro 1.0 Type Library"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{8FB1A663-2820-468B-95C4-5060A4C5F413}\1.0\0\win32]
@="C:\ProgramData\ShopperPro\ShopperPro64.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{03C0AC00-86DE-4B55-81BA-2E7CD61C51B1}]
@="IShopperProBHO"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{8FB1A663-2820-468B-95C4-5060A4C5F413}\1.0]
@="ShopperPro 1.0 Type Library"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{8FB1A663-2820-468B-95C4-5060A4C5F413}\1.0\0\win32]
@="C:\ProgramData\ShopperPro\ShopperPro64.dll"

Searching for "Shopper-Pro"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ShopperPro]
"DisplayName"="Shopper-Pro"

Searching for "SpeedMaxPc"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1341F917-C3E5-413E-A11C-AA58273843C4}]
"InstallLocation"="C:\Program Files (x86)\SpeedMaxPc\SpeedMaxPc"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1341F917-C3E5-413E-A11C-AA58273843C4}]
"DisplayName"="SpeedMaxPc"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1341F917-C3E5-413E-A11C-AA58273843C4}]
"DisplayIcon"="C:\Program Files (x86)\SpeedMaxPc\SpeedMaxPc\speedmaxpc.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1341F917-C3E5-413E-A11C-AA58273843C4}]
"UninstallString"="C:\Program Files (x86)\SpeedMaxPc\SpeedMaxPc\uninstall.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1341F917-C3E5-413E-A11C-AA58273843C4}]
"URLInfoAbout"="hxxp://www.SpeedMaxPc.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1341F917-C3E5-413E-A11C-AA58273843C4}]
"Publisher"="SpeedMaxPc"

Searching for "simplitec"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{DF103EDA-7937-4966-8EFB-5EF5C38301F2}]
"InstallLocation"="C:\Program Files (x86)\simplitec\simplicheck\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{DF103EDA-7937-4966-8EFB-5EF5C38301F2}]
"Publisher"="simplitec GmbH"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{DF103EDA-7937-4966-8EFB-5EF5C38301F2}]
"DisplayName"="simplitec simplicheck"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\ADE301FD73976694E8BFE55F3C38102F]
"ProductName"="simplitec simplicheck"

Searching for "InetStat"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\CabinetState]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Advanced\Folder\ShowFullPath]
"RegPath"="Software\Microsoft\Windows\CurrentVersion\Explorer\CabinetState"
[HKEY_USERS\S-1-5-21-2921778440-697364257-2174348754-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\CabinetState]

Searching for "Wajam"
No data found.

Searching for "FindRight"
No data found.

Searching for "FlvPlayer"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\db43ff0b_0]
@="{0.0.0.00000000}.{8eb66584-a5b4-48a7-866d-aee82a1737a7}|\Device\HarddiskVolume2\Program Files (x86)\FLVPlayer\FLVPlayer.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_USERS\S-1-5-21-2921778440-697364257-2174348754-1000\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\db43ff0b_0]
@="{0.0.0.00000000}.{8eb66584-a5b4-48a7-866d-aee82a1737a7}|\Device\HarddiskVolume2\Program Files (x86)\FLVPlayer\FLVPlayer.exe%b{00000000-0000-0000-0000-000000000000}"

Searching for "globalUpdate"
[HKEY_LOCAL_MACHINE\SOFTWARE\globalUpdate]

Searching for "Goobzo"
[HKEY_LOCAL_MACHINE\SOFTWARE\GOOBZO]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\YouTube Accelerator]
"Publisher"="Goobzo Ltd."
[HKEY_USERS\.DEFAULT\Software\GOOBZO]
[HKEY_USERS\S-1-5-18\Software\GOOBZO]

Searching for "istartsurf"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\DOMStorage\istartsurf.com]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\DOMStorage\www.istartsurf.com]
[HKEY_USERS\S-1-5-21-2921778440-697364257-2174348754-1000\Software\Microsoft\Internet Explorer\DOMStorage\istartsurf.com]
[HKEY_USERS\S-1-5-21-2921778440-697364257-2174348754-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.istartsurf.com]

-= EOF =-
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-09-2014
Ran by Martina at 2014-09-05 07:57:05
Running from D:\Martina\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.8.0.1430 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.8.0.1430 - Adobe Systems Incorporated) Hidden
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.2.1.260 - Adobe Systems Incorporated)
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.8.800.94 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Adobe® Content Viewer (HKLM-x32\...\com.adobe.dmp.contentviewer) (Version: 3.3.0 - Adobe Systems Incorporated)
Adobe® Content Viewer (x32 Version: 3.3.0 - Adobe Systems Incorporated) Hidden
Apple Application Support (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2F72F540-1F60-4266-9506-952B21D6640D}) (Version: 6.1.0.13 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros WiFi Driver Installation (HKLM-x32\...\{7D916FA5-DAE9-4A25-B089-655C70EAF607}) (Version: 3.0 - Atheros)
Avira (HKLM-x32\...\{e67154a7-9cc5-4167-b782-f3982bc6c70d}) (Version: 1.1.19.30000 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.19.30000 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.6.570 - Avira)
Avira SearchFree Toolbar (HKLM-x32\...\{41564952-412D-5637-00A7-A758B70C0A03}) (Version: 12.10.3.4487 - APN, LLC)
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.3.0.95 - Atheros Communications)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - ‪Canon Inc.‬)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version:  - ‪Canon Inc.‬)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.0.0 - Canon Inc.)
Canon MG4200 series Benutzerregistrierung (HKLM-x32\...\Canon MG4200 series Benutzerregistrierung) (Version:  - Canon Inc.‎)
Canon MG4200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG4200_series) (Version: 1.01 - Canon Inc.)
Canon MG4200 series On-screen Manual (HKLM-x32\...\Canon MG4200 series On-screen Manual) (Version: 7.5.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.0.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.0.0 - Canon Inc.)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.0.3661 - CDBurnerXP)
CHIP Updater (HKLM-x32\...\CHIP Updater_is1) (Version: 2.28 - Abelssoft)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{132D27B8-C656-44BD-8C16-73C54EA8A85F}) (Version:  - Microsoft)
Fiddler (HKLM-x32\...\Fiddler2) (Version: 2.4.4.5 - Telerik)
FontForge 2012-07-31 (HKLM-x32\...\FontForge) (Version: 2012-07-31 - )
Free YouTube to MP3 Converter version 3.12.5.628 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.5.628 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.103 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
Hartlauer Foto World (HKLM-x32\...\Hartlauer Foto World) (Version: 5.1.5 - CEWE Stiftung u Co. KGaA)
High-Logic FontCreator 8 (HKLM-x32\...\FontCreator8_is1) (Version:  - High-Logic B.V.)
iTunes (HKLM\...\{76FF0F03-B707-4332-B5D1-A56C8303514E}) (Version: 11.0.4.4 - Apple Inc.)
Java 7 Update 21 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217021FF}) (Version: 7.0.210 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.5 - Sun Microsystems, Inc.) Hidden
Leawo PowerPoint to Video Converter version 2.7.1.0 (HKLM-x32\...\{5D5CB188-F9B1-4103-B2AD-07FB33068377}_is1) (Version: 2.7.1.0 - Leawo Software)
MAGIX Foto Designer 7 (HKLM-x32\...\MAGIX_{2DCD52EE-1AE1-4128-9819-A79F7D09B6B3}) (Version: 7.0.1.1 - MAGIX AG)
MAGIX Foto Designer 7 (Version: 7.0.1.1 - MAGIX AG) Hidden
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 15.0.4631.1002 - Microsoft Corporation)
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4023.1211 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ Run Time  Lib Setup (HKLM-x32\...\{AAF4238F-7C29-451D-9925-C753271A5728}) (Version: 1.0.0 - Microsoft)
Mozilla Firefox 13.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 13.0.1 (x86 de)) (Version: 13.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 13.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NSIS Birdfont (HKLM-x32\...\Birdfont) (Version:  - )
NVIDIA 3D Vision Treiber 267.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 267.21 - NVIDIA Corporation)
NVIDIA Grafiktreiber 267.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 267.21 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.2.19.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.2.19.0 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.109.718 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.10.0514 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.10.0514 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.10.0514 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6721 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 267.21 (Version: 267.21 - NVIDIA Corporation) Hidden
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4623.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4631.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4623.1003 - Microsoft Corporation) Hidden
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.0 - pdfforge)
PhotoPad Foto-Editor (HKLM-x32\...\PhotoPad) (Version: 2.41 - NCH Software)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.92 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
Shopper-Pro (HKLM-x32\...\ShopperPro) (Version:  - )
simplitec simplicheck (HKLM-x32\...\{DF103EDA-7937-4966-8EFB-5EF5C38301F2}) (Version: 1.3.9.0 - simplitec GmbH)
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
SpeedMaxPc (HKLM-x32\...\{1341F917-C3E5-413E-A11C-AA58273843C4}) (Version: 3.1.6.0 - SpeedMaxPc)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Excel 2010 (KB2837600) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{4ACD847E-547D-493F-9A86-F73EAE1B5174}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2687502) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{7DE7DF97-82FE-4B3A-AB8D-1621F9CC464A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B0D672F7-883E-4279-8E75-D97A5445AB46}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUS_{EAD7BEF9-B28C-425F-B2C5-538CB27EF013}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUS_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUS_{40EC8FB1-5202-469D-9232-C28FB1C6FC64}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version:  - Microsoft)
VLC media player 2.0.5 (HKLM-x32\...\VLC media player) (Version: 2.0.5 - VideoLAN)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
XnView 1.99.5 (HKLM-x32\...\XnView_is1) (Version: 1.99.5 - Gougelet Pierre-e)
YouTube Accelerator (HKLM-x32\...\YouTube Accelerator) (Version: 3394(build_88) - Goobzo Ltd.)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2921778440-697364257-2174348754-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2921778440-697364257-2174348754-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2921778440-697364257-2174348754-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2921778440-697364257-2174348754-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2921778440-697364257-2174348754-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points  =========================

28-08-2014 21:18:18 Windows Update
02-09-2014 05:07:47 Installed SpyHunter
02-09-2014 05:15:58 Removed SpyHunter
02-09-2014 05:50:31 Installed SpyHunter
02-09-2014 06:43:19 Removed SpyHunter

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {136E99D8-6048-466C-A642-6ED03D639BE9} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2013\OneClick.exe
Task: {A9EB2394-AF1F-446F-BB25-754EC1B3C9B7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-15] (Google Inc.)
Task: {B78E6EA3-3BE7-484B-948E-4076ECF61197} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-15] (Google Inc.)
Task: {C72E5E18-FF2C-49F1-8FC2-B294810C7742} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-20] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AdobeAAMUpdater-1.0-NB01KRZBMA-Martina.job => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf8a54415c3b16.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013.job => C:\Program Files (x86)\TuneUp Utilities 2013\OneClick.exe
Task: C:\Windows\Tasks\Updater scan.job => C:\Program Files (x86)\CHIP Updater\CHIPUpdater.exe

==================== Loaded Modules (whitelisted) =============

2013-10-16 19:02 - 2013-10-16 19:02 - 03358064 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2014-07-04 16:21 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-11-29 17:53 - 2012-03-28 14:49 - 00140456 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2013-10-16 19:01 - 2013-10-16 19:01 - 04624240 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2014-09-05 07:42 - 2014-09-05 07:43 - 00139264 _____ () D:\Martina\Desktop\SystemLook.exe
2013-04-21 21:44 - 2013-04-21 21:44 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-04-21 21:44 - 2013-04-21 21:44 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2014-09-04 11:18 - 2014-08-04 14:20 - 00052472 _____ () C:\Users\Martina\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
2013-10-17 17:45 - 2013-10-17 17:45 - 32726528 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\libcef.dll
2013-03-13 14:42 - 2013-06-05 15:21 - 00071560 _____ () C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\zlib1.dll
2014-09-04 22:06 - 2014-08-30 04:49 - 01098056 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\libglesv2.dll
2014-09-04 22:06 - 2014-08-30 04:49 - 00174408 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\libegl.dll
2014-09-04 22:06 - 2014-08-30 04:49 - 08577864 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\pdf.dll
2014-09-04 22:06 - 2014-08-30 04:49 - 00331592 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\ppGoogleNaClPluginChrome.dll
2014-09-04 22:06 - 2014-08-30 04:49 - 01660232 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\ffmpegsumo.dll

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


==================== Faulty Device Manager Devices =============

Name: Atheros AR3011 Bluetooth(R) Adapter
Description: Atheros AR3011 Bluetooth(R) Adapter
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Atheros Communications
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Ethernet-Controller
Description: Ethernet-Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (09/04/2014 05:24:07 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9922

Error: (09/04/2014 05:24:07 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9922

Error: (09/04/2014 05:24:07 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/04/2014 07:54:43 AM) (Source: Office Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2014-09-04T07:48:43Z. Error Code: 0x80070032.

Error: (09/03/2014 06:30:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9984

Error: (09/03/2014 06:30:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9984

Error: (09/03/2014 06:30:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (09/05/2014 07:30:46 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Avira Service Host erreicht.

Error: (09/04/2014 11:20:11 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Avira Browser-Schutz" ist vom Dienst "Avira Echtzeit-Scanner" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1070

Error: (09/04/2014 11:19:45 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Avira Echtzeit-Scanner" wurde nicht richtig gestartet.

Error: (09/04/2014 07:40:45 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "YouTubeAcceleratorService" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (09/03/2014 08:52:45 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}


Microsoft Office Sessions:
=========================
Error: (09/04/2014 05:24:07 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9922

Error: (09/04/2014 05:24:07 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9922

Error: (09/04/2014 05:24:07 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/04/2014 07:54:43 AM) (Source: Office Software Protection Platform Service) (EventID: 16385) (User: )
Description: 0x800700322014-09-04T07:48:43Z

Error: (09/03/2014 06:30:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9984

Error: (09/03/2014 06:30:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9984

Error: (09/03/2014 06:30:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


CodeIntegrity Errors:
===================================
  Date: 2013-08-03 00:31:49.584
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-08-03 00:31:49.581
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-08-03 00:31:49.578
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-08-03 00:31:49.555
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-08-03 00:31:49.551
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-08-03 00:31:49.545
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-08-01 10:10:32.741
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-08-01 10:10:32.739
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-08-01 10:10:32.736
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-08-01 10:10:32.718
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3-2310M CPU @ 2.10GHz
Percentage of memory in use: 75%
Total physical RAM: 4077.86 MB
Available physical RAM: 1006.09 MB
Total Pagefile: 8153.9 MB
Available Pagefile: 4566.79 MB
Total Virtual: 8192 MB
Available Virtual: 8191.86 MB

==================== Drives ================================

Drive c: (LWC) (Fixed) (Total:78.03 GB) (Free:30.59 GB) NTFS
Drive d: (DATEN) (Fixed) (Total:154.76 GB) (Free:137.31 GB) NTFS
Drive e: (ECLIPSE_D1) (CDROM) (Total:6.8 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 26558982)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=78 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=154.8 GB) - (Type=07 NTFS)

==================== End Of Log ============================

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-09-2014
Ran by Martina (administrator) on NB01KRZBMA on 05-09-2014 07:54:55
Running from D:\Martina\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() D:\Martina\Desktop\SystemLook.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) D:\Martina\Desktop\FRST64 (1).exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [790176 2011-03-31] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [657056 2011-03-31] (Atheros Commnucations)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-09-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-14] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2237328 2013-11-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1273448 2012-04-03] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [449168 2012-03-26] (CANON INC.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [161584 2014-08-04] (Avira Operations GmbH & Co. KG)
HKU\.DEFAULT\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-06-15] (Microsoft Corporation)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21446272 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-06-16] (Google Inc.)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\RunOnce: [Uninstall C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64"
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\RunOnce: [Uninstall C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64"
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: F - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {9f0476a4-d6a2-11e2-b1ce-90004eb858ed} - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {9f0476aa-d6a2-11e2-b1ce-90004eb858ed} - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {9f0476d6-d6a2-11e2-b1ce-90004eb858ed} - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {c3dde93d-99b1-11e3-9283-90004eb858ee} - F:\Startme.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21446272 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-06-16] (Google Inc.)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [Uninstall C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64"
HKU\S-1-5-21-2921778440-697364257-2174348754-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [Uninstall C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64"
HKU\S-1-5-21-2921778440-697364257-2174348754-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: F - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {9f0476a4-d6a2-11e2-b1ce-90004eb858ed} - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {9f0476aa-d6a2-11e2-b1ce-90004eb858ed} - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {9f0476d6-d6a2-11e2-b1ce-90004eb858ed} - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {c3dde93d-99b1-11e3-9283-90004eb858ee} - F:\Startme.exe
ShellIconOverlayIdentifiers:  AccExtIco1 -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers:  AccExtIco2 -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers:  AccExtIco3 -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x46388F1AA669CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://at.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-AT
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
URLSearchHook: HKCU - SearchHook Class - {D8278076-BC68-4484-9233-6E7F1628B56C} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\searchhook.dll (APN LLC.)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Avira SearchFree Toolbar -> {41564952-412D-5637-00A7-7A786E7484D7} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: No Name -> {41564952-412D-5637-00A7-7A786E7484D7} ->  No File
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - No Name - {41564952-412D-5637-00A7-7A786E7484D7} -  No File
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default
FF SearchEngineOrder.3: Bing
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [fiddlerhook@fiddler2.com] - C:\Program Files (x86)\Fiddler2\FiddlerHook
FF Extension: FiddlerHook - C:\Program Files (x86)\Fiddler2\FiddlerHook [2013-06-16]

Chrome:
=======
CHR HomePage: Default ->
CHR StartupUrls: Default -> "https://www.google.at/?gws_rd=ssl#q=was+ist+it+surf%3F"
CHR DefaultSuggestURL: Default ->
CHR Profile: C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-31]
CHR Extension: (Google Drive) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-31]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-05]
CHR Extension: (YouTube) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-31]
CHR Extension: (Google-Suche) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-31]
CHR Extension: (Google Wallet) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-27]
CHR Extension: (Google Mail) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-31]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1021008 2014-08-14] (Avira Operations GmbH & Co. KG)
S4 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2014-02-13] () [File not signed]
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [146592 2011-03-31] (Atheros) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [75936 2011-03-31] (Atheros Commnucations) [File not signed]
S2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [149296 2014-08-04] (Avira Operations GmbH & Co. KG)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2356408 2014-06-19] (Microsoft Corporation)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] ()
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-07-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-10] (Avira Operations GmbH & Co. KG)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-09-05] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-03 17:57 - 2014-09-03 17:57 - 00001728 _____ () C:\Users\Martina\Desktop\JRT.txt
2014-09-03 17:48 - 2014-09-03 17:48 - 00000000 ____D () C:\Windows\ERUNT
2014-09-03 16:19 - 2014-09-03 16:19 - 00000000 ____D () C:\mbam.txt
2014-09-03 15:46 - 2014-09-05 07:54 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-03 15:46 - 2014-09-03 15:46 - 00001065 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-09-03 15:46 - 2014-09-03 15:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-03 15:46 - 2014-09-03 15:46 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-03 15:46 - 2014-09-03 15:46 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-09-03 15:46 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-09-03 15:46 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-09-03 15:46 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-09-03 15:14 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-09-03 15:11 - 2014-09-03 15:29 - 00000000 ____D () C:\AdwCleaner
2014-09-02 11:49 - 2014-09-05 07:55 - 00000000 ____D () C:\FRST
2014-09-02 07:09 - 2014-09-02 07:09 - 00000000 _____ () C:\autoexec.bat
2014-09-02 07:07 - 2014-09-02 08:45 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-09-01 14:33 - 2014-09-01 14:33 - 00003073 _____ () C:\AdwCleaner[R17].txt
2014-08-31 18:21 - 2014-08-31 18:21 - 00003050 _____ () C:\AdwCleaner[S14].txt
2014-08-31 18:21 - 2014-08-31 18:21 - 00002951 _____ () C:\AdwCleaner[R16].txt
2014-08-30 20:38 - 2014-08-30 20:38 - 00110730 _____ () C:\AdwCleaner[S13].txt
2014-08-30 20:37 - 2014-08-30 20:37 - 00110629 _____ () C:\AdwCleaner[R15].txt
2014-08-30 16:25 - 2014-08-30 19:11 - 00000000 ____D () C:\Users\Martina\.birdfont
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Birdfont
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Program Files (x86)\Birdfont
2014-08-28 21:00 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-28 21:00 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-28 21:00 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-27 20:00 - 2014-08-27 20:00 - 00003072 _____ () C:\AdwCleaner[S12].txt
2014-08-27 20:00 - 2014-08-27 20:00 - 00003003 _____ () C:\AdwCleaner[R14].txt
2014-08-21 16:09 - 2014-09-03 07:46 - 00000000 ____D () C:\ProgramData\TEMP
2014-08-21 16:09 - 2014-08-21 16:09 - 00172032 _____ (Jin Hui E-mail: jinhui@jcomsoft.com Web: hxxp://www.jcomsoft.com) C:\Windows\SysWOW64\AniGIF.ocx
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Users\Martina\AppData\Local\CrashRpt
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\High-Logic FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Local\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\High-Logic FontCreator
2014-08-21 09:48 - 2013-01-24 13:43 - 01415352 _____ (High-Logic B.V.) C:\Windows\SysWOW64\FontInstaller2.dll
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieUserList
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieSiteList
2014-08-20 21:09 - 2014-08-20 21:09 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\DesktopIconGoodgame
2014-08-20 20:31 - 2014-08-20 20:31 - 00000366 _____ () C:\Windows\Tasks\Updater scan.job
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Abelssoft
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\ProgramData\XDMessagingv4
2014-08-20 20:30 - 2014-08-20 20:46 - 00000000 ____D () C:\Users\Martina\AppData\Local\Abelssoft
2014-08-20 20:29 - 2014-08-20 20:29 - 00001013 _____ () C:\Users\Public\Desktop\CHIP Updater.lnk
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CHIP Updater
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\Program Files (x86)\CHIP Updater
2014-08-20 20:28 - 2014-08-20 21:09 - 00000000 ____D () C:\Program Files (x86)\FontForge
2014-08-20 20:28 - 2014-08-20 20:28 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FontForge
2014-08-19 15:23 - 2014-08-19 15:23 - 00001100 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-16 10:48 - 2014-08-31 19:56 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\dvdcss
2014-08-14 14:22 - 2014-08-19 15:23 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-14 07:27 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-14 07:27 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-14 07:27 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-14 07:27 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-14 07:27 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-14 07:27 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-14 07:26 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-14 07:26 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-13 20:44 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-13 20:44 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-08-13 20:44 - 2014-07-09 00:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-08-13 20:44 - 2014-07-09 00:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2014-08-13 20:44 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-13 20:44 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-13 20:44 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-13 20:44 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-13 20:44 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-13 20:44 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-13 20:44 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-13 20:43 - 2014-08-01 01:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-13 20:43 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-13 20:43 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-13 20:43 - 2014-07-25 16:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-13 20:43 - 2014-07-25 16:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-13 20:43 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-13 20:43 - 2014-07-25 15:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-13 20:43 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-13 20:43 - 2014-07-25 15:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-13 20:43 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-13 20:43 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-13 20:43 - 2014-07-25 15:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-13 20:43 - 2014-07-25 15:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-13 20:43 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-13 20:43 - 2014-07-25 15:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-13 20:43 - 2014-07-25 15:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-13 20:43 - 2014-07-25 15:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-13 20:43 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-13 20:43 - 2014-07-25 14:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-13 20:43 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-13 20:43 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-13 20:43 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-13 20:43 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-13 20:43 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-13 20:43 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-13 20:43 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-13 20:43 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-13 20:43 - 2014-07-25 14:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-13 20:43 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-13 20:43 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-13 20:43 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-13 20:43 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-13 20:43 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-13 20:43 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-13 20:43 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-13 20:43 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-13 20:43 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-13 20:43 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-13 20:43 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-13 20:43 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-13 20:43 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-13 20:43 - 2014-07-25 13:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-13 20:43 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-13 20:43 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-13 20:43 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-13 20:43 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-13 20:43 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-13 20:43 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-13 20:43 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-13 20:43 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-13 20:43 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-13 20:43 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-13 20:43 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-13 20:43 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-13 20:43 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-13 20:43 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-13 20:43 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-13 20:43 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-13 20:43 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-13 20:42 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-13 20:42 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-13 20:41 - 2014-08-07 04:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-13 20:41 - 2014-08-07 04:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-07 08:58 - 2014-08-07 08:58 - 00000000 ____D () C:\Users\Martina\restore
2014-08-06 12:12 - 2014-08-11 09:18 - 00000000 ____D () C:\ProgramData\tmp
2014-08-06 12:12 - 2014-08-06 14:31 - 00000000 ____D () C:\ProgramData\hps
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Fotoviewer.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Foto World.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hartlauer Foto World
2014-08-06 12:00 - 2014-08-06 12:00 - 00000000 ____D () C:\Program Files\Hartlauer Foto World

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-05 07:55 - 2014-09-02 11:49 - 00000000 ____D () C:\FRST
2014-09-05 07:54 - 2014-09-03 15:46 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-05 07:46 - 2013-06-14 23:43 - 01835901 _____ () C:\Windows\WindowsUpdate.log
2014-09-05 07:39 - 2009-07-14 06:45 - 00015104 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-05 07:39 - 2009-07-14 06:45 - 00015104 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-05 07:30 - 2013-09-18 15:26 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-09-05 07:29 - 2009-07-14 06:51 - 00075381 _____ () C:\Windows\setupact.log
2014-09-04 22:06 - 2013-06-16 16:53 - 00002138 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-04 17:23 - 2013-08-09 13:39 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Skype
2014-09-04 11:18 - 2013-06-16 16:47 - 00000000 ____D () C:\Users\Martina\AppData\Local\Adobe
2014-09-04 11:16 - 2013-06-15 03:18 - 00459860 _____ () C:\Windows\PFRO.log
2014-09-03 17:57 - 2014-09-03 17:57 - 00001728 _____ () C:\Users\Martina\Desktop\JRT.txt
2014-09-03 17:48 - 2014-09-03 17:48 - 00000000 ____D () C:\Windows\ERUNT
2014-09-03 16:19 - 2014-09-03 16:19 - 00000000 ____D () C:\mbam.txt
2014-09-03 16:09 - 2009-07-14 05:20 - 00000000 __RSD () C:\Windows\Media
2014-09-03 15:46 - 2014-09-03 15:46 - 00001065 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-09-03 15:46 - 2014-09-03 15:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-03 15:46 - 2014-09-03 15:46 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-03 15:46 - 2014-09-03 15:46 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-09-03 15:29 - 2014-09-03 15:11 - 00000000 ____D () C:\AdwCleaner
2014-09-03 15:29 - 2014-02-20 18:27 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-09-03 15:29 - 2013-06-16 16:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-09-03 15:29 - 2013-06-15 00:32 - 00001024 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-09-03 15:29 - 2013-06-14 23:49 - 00001002 _____ () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-09-03 07:46 - 2014-08-21 16:09 - 00000000 ____D () C:\ProgramData\TEMP
2014-09-02 21:44 - 2013-10-27 07:21 - 00000000 ____D () C:\Users\Martina\AppData\Local\CrashDumps
2014-09-02 08:45 - 2014-09-02 07:07 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-09-02 07:09 - 2014-09-02 07:09 - 00000000 _____ () C:\autoexec.bat
2014-09-01 14:33 - 2014-09-01 14:33 - 00003073 _____ () C:\AdwCleaner[R17].txt
2014-09-01 11:43 - 2013-11-29 17:31 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-09-01 11:18 - 2009-07-14 19:58 - 00699666 _____ () C:\Windows\system32\perfh007.dat
2014-09-01 11:18 - 2009-07-14 19:58 - 00149774 _____ () C:\Windows\system32\perfc007.dat
2014-09-01 11:18 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-31 20:35 - 2013-06-15 00:30 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\vlc
2014-08-31 19:56 - 2014-08-16 10:48 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\dvdcss
2014-08-31 18:21 - 2014-08-31 18:21 - 00003050 _____ () C:\AdwCleaner[S14].txt
2014-08-31 18:21 - 2014-08-31 18:21 - 00002951 _____ () C:\AdwCleaner[R16].txt
2014-08-30 20:38 - 2014-08-30 20:38 - 00110730 _____ () C:\AdwCleaner[S13].txt
2014-08-30 20:37 - 2014-08-30 20:37 - 00110629 _____ () C:\AdwCleaner[R15].txt
2014-08-30 19:11 - 2014-08-30 16:25 - 00000000 ____D () C:\Users\Martina\.birdfont
2014-08-30 16:25 - 2013-06-14 23:48 - 00000000 ____D () C:\Users\Martina
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Birdfont
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Program Files (x86)\Birdfont
2014-08-29 20:07 - 2009-07-14 06:45 - 05101376 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-27 20:00 - 2014-08-27 20:00 - 00003072 _____ () C:\AdwCleaner[S12].txt
2014-08-27 20:00 - 2014-08-27 20:00 - 00003003 _____ () C:\AdwCleaner[R14].txt
2014-08-23 04:07 - 2014-08-28 21:00 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 03:45 - 2014-08-28 21:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-23 02:59 - 2014-08-28 21:00 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-21 16:09 - 2014-08-21 16:09 - 00172032 _____ (Jin Hui E-mail: jinhui@jcomsoft.com Web: hxxp://www.jcomsoft.com) C:\Windows\SysWOW64\AniGIF.ocx
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Users\Martina\AppData\Local\CrashRpt
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\High-Logic FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Local\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\High-Logic FontCreator
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieUserList
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieSiteList
2014-08-20 21:09 - 2014-08-20 21:09 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\DesktopIconGoodgame
2014-08-20 21:09 - 2014-08-20 20:28 - 00000000 ____D () C:\Program Files (x86)\FontForge
2014-08-20 20:46 - 2014-08-20 20:30 - 00000000 ____D () C:\Users\Martina\AppData\Local\Abelssoft
2014-08-20 20:31 - 2014-08-20 20:31 - 00000366 _____ () C:\Windows\Tasks\Updater scan.job
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Abelssoft
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\ProgramData\XDMessagingv4
2014-08-20 20:30 - 2013-06-15 00:32 - 00113576 _____ () C:\Users\Martina\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-20 20:29 - 2014-08-20 20:29 - 00001013 _____ () C:\Users\Public\Desktop\CHIP Updater.lnk
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CHIP Updater
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\Program Files (x86)\CHIP Updater
2014-08-20 20:28 - 2014-08-20 20:28 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FontForge
2014-08-19 15:23 - 2014-08-19 15:23 - 00001100 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-19 15:23 - 2014-08-14 14:22 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-19 15:23 - 2013-08-18 13:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-08-19 15:22 - 2013-08-18 13:04 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-08-14 14:22 - 2013-08-18 13:04 - 00000000 ____D () C:\ProgramData\Avira
2014-08-14 08:08 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-14 07:52 - 2013-06-16 18:01 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-14 07:42 - 2013-08-14 20:07 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-14 07:36 - 2013-06-15 01:38 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-14 07:25 - 2014-05-07 03:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-11 09:18 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\tmp
2014-08-07 08:58 - 2014-08-07 08:58 - 00000000 ____D () C:\Users\Martina\restore
2014-08-07 04:06 - 2014-08-13 20:41 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-07 04:01 - 2014-08-13 20:41 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-06 14:31 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\hps
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Fotoviewer.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Foto World.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hartlauer Foto World
2014-08-06 12:00 - 2014-08-06 12:00 - 00000000 ____D () C:\Program Files\Hartlauer Foto World

Some content of TEMP:
====================
C:\Users\Martina\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2013-08-29 06:40

==================== End Of Log ============================
--- --- ---

--- --- ---


Alle Zeitangaben in WEZ +1. Es ist jetzt 10:03 Uhr.
Seite 2 von 3 1 2 3
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131