Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Ständig öffnen sich neue Internet-Fenster

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 07.06.2015, 20:00   #1
Don_Camillo
 
Ständig öffnen sich neue Internet-Fenster - Standard

Ständig öffnen sich neue Internet-Fenster



Hallo an das Forum. Ich hoffe, ihr könnt mir helfen. Auf meinem PC mit Windows 8 öffnen sich ständig neue Internet-Fenster, was sehr nervig ist. Ich habe mir mal FRST runtergeladen und habe damit gescannt. Hier die LOG-Files:

Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:07-06-2015
Ran by Markus Radosztics (administrator) on WAUT0001 on 07-06-2015 20:44:31
Running from C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MWQCMX90
Loaded Profiles: Markus Radosztics (Available Profiles: Markus Radosztics)
Platform: Windows 8 Pro (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Cherished Technololgy LIMITED) C:\ProgramData\IePluginService\PluginService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(DTS, Inc) C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
() C:\Program Files\WajWebE\wajam_64.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(LogMeIn Inc.) D:\Games\LogMeIn Hamachi\hamachi-2.exe
(LogMeIn, Inc.) D:\Games\LogMeIn Hamachi\LMIGuardianSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
() C:\Program Files\WajWebE\wajam.exe
() C:\Program Files\WajWebE\wajam_64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6600\Bin\ScanToPCActivationApp.exe
(Valve Corporation) D:\Games\Steam.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
() C:\Program Files (x86)\MixVideoPlayer\BrowserWeb.exe
(Valve Corporation) D:\Games\bin\steamwebhelper.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office15\ONENOTEM.EXE
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Dropbox, Inc.) C:\Users\Markus Radosztics\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(LogMeIn Inc.) D:\Games\LogMeIn Hamachi\hamachi-2-ui.exe
(LogMeIn, Inc.) D:\Games\LogMeIn Hamachi\LMIGuardianSvc.exe
(A1) C:\Program Files (x86)\A1 Servicecenter\A1 Servicecenter\A1Servicecenter_Launcher.exe
(A1) C:\Program Files (x86)\A1 Servicecenter\A1 Servicecenter\A1Servicecenter_Repair.exe
(A1 Telekom Austria AG) C:\Program Files (x86)\A1 Servicecenter\A1 Servicecenter\A1Servicecenter_Notification.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6600\Bin\HPNetworkCommunicator.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_169.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_169.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Reader_6.2.9200.20780_x64__8wekyb3d8bbwe\glcnd.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7575768 2014-05-14] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_DTS] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1387376 2014-05-13] (Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-07] (Apple Inc.)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288 2010-10-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [36760 2010-10-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [821144 2010-10-25] (Adobe Systems Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-03-20] (Apple Inc.)
HKLM-x32\...\Run: [Nikon Message Center 2] => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [571392 2011-10-30] (Nikon Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [335232 2015-02-10] (Oracle Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => D:\Games\LogMeIn Hamachi\hamachi-2-ui.exe [3978600 2015-03-30] (LogMeIn Inc.)
HKLM-x32\...\Run: [A1Servicecenter] => C:\Program Files (x86)\A1 Servicecenter\A1 Servicecenter\A1Servicecenter_Launcher.exe [11467864 2015-05-27] (A1)
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\...\Run: [Voobly] => C:\Program Files (x86)\Voobly\voobly.exe [159744 2015-01-12] (Voobly)
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\...\Run: [HP Officejet 6600 (NET)] => C:\Program Files\HP\HP Officejet 6600\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\...\Run: [Steam] => D:\Games\Steam.exe [2892992 2015-06-04] (Valve Corporation)
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\...\Run: [TomTomHOME.exe] => C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [248176 2014-06-05] (TomTom)
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [898048 2012-07-26] (Microsoft Corporation)
AppInit_DLLs: C:\PROGRA~2\SupTab\SEARCH~2.DLL => C:\PROGRA~2\SupTab\SEARCH~2.DLL File not found
AppInit_DLLs-x32: c:\progra~2\suptab\search~1.dll => "c:\progra~2\suptab\search~1.dll" File not found
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2014-01-16]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WebBrowserMixVideoPlayer.lnk [2015-06-03]
ShortcutTarget: WebBrowserMixVideoPlayer.lnk -> C:\Program Files (x86)\MixVideoPlayer\BrowserWeb.exe ()
Startup: C:\Users\Markus Radosztics\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2015-03-18]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files (x86)\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Markus Radosztics\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2013-10-13]
ShortcutTarget: Dropbox.lnk -> C:\Users\Markus Radosztics\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Markus Radosztics\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Markus Radosztics\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Markus Radosztics\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Markus Radosztics\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Markus Radosztics\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Markus Radosztics\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Markus Radosztics\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-817472733-4082136947-4255886928-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSE1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSE1
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.sweet-page.com/web/?type=ds&ts=1395606017&from=cor&uid=SamsungXSSDX840XEVOX120GB_S1D5NEAD869028B&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.sweet-page.com/web/?type=ds&ts=1395606017&from=cor&uid=SamsungXSSDX840XEVOX120GB_S1D5NEAD869028B&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1395606017&from=cor&uid=SamsungXSSDX840XEVOX120GB_S1D5NEAD869028B&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1395606017&from=cor&uid=SamsungXSSDX840XEVOX120GB_S1D5NEAD869028B&q={searchTerms}
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.safefinder.com/?p=mKO_AwFzXIpYRa8ldwnKG51HJOT1XRoA82gVkpDLIiC3wcwpHk-WqC1bzyn3YxBa73w29Svyvo4TTBuSWsKEzeobwGR3nR4rh_fHxD6ZxvQieOHH4BGGDXsewe6uYXAlQzgR4K59MYXI1HKkHX7GsRjv8D_x-2q9639bHsAF6DHshBcEDcFqxQuOPqrndIrOf2p8Jnw,&q={searchTerms}
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSE1
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.at.msn.com/
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.safefinder.com/?p=mKO_AwFzXIpYRa8ldwnKG51HJOT1XRoA82gVkpDLIiC3wcwpHk-WqC1bzyn3YxBa73w29Svyvo4TTBuSWsKEzeobwGR3nR4rh_fHxD6ZxvQieOHH4BGGDXsewe6uYXAlQzgR4K59MYXI1HKkHX7GsRjv8D_x-2q9639bHsAF6DHshBcEDcFqxQuOPqrndIrOf2p8Jnw,&q={searchTerms}
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=md_14_12_ie&cd=2XzuyEtN2Y1L1Qzu0A0CtBtBtD0BzztC0B0A0CyEyEtA0AyCtN0D0Tzu0SzztCtAtN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StD0FyE0BtByCyBzytGtCzztAyEtGtCzzzy0AtGyC0C0E0EtGtAtCtBtAyDtB0E0FyB0F0D0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyCtA0E0AyEyByCyDtGyD0FtAtDtG0D0C0F0AtGyEyCtA0EtGyD0FyDtDyEyDzz0B0AtC0AtB2Q&cr=875512666&ir=
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1395606017&from=cor&uid=SamsungXSSDX840XEVOX120GB_S1D5NEAD869028B&q={searchTerms}
SearchScopes: HKU\S-1-5-21-817472733-4082136947-4255886928-1001 -> DefaultScope {015DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-817472733-4082136947-4255886928-1001 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.safefinder.com/?p=mKO_AwFzXIpYRa8ldwnKG51HJOT1XRoA82gVkpDLIiC3wcwpHk-WqC1bzyn3YxBa73w29Svyvo4TTBuSWsKEzeobwGR3nR4rh_fHxD6ZxvQieOHH4BGGDXsewe6uYXAlQzgR4K59MYXI1HKkHX7GsRjv8D_x-2q9639bHsAF6DHshBcEDcFqxQuOPqrndIrOf2p8Jnw,&q={searchTerms}
SearchScopes: HKU\S-1-5-21-817472733-4082136947-4255886928-1001 -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-817472733-4082136947-4255886928-1001 -> {015DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-817472733-4082136947-4255886928-1001 -> {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3318001&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SP6E6C84DB-CC83-40C6-9AF4-059B58FE78D9&q={searchTerms}&SSPV=
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-05-04] (Microsoft Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation)
BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll [2014-09-19] (DVDVideoSoft Ltd.)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc.)
BHO-x32: SaveSense -> {0f21b1e5-5afc-43c9-9c66-515046e92ec2} -> C:\Program Files (x86)\SaveSense\SaveSenseIE.dll [2013-11-04] (SaveSense)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-10-25] (Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-03-31] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-03-06] (Oracle Corporation)
BHO-x32: af0.Adblock.BHO -> {90EFF544-3981-4d46-85C9-C0361D0931D6} -> C:\Windows\SysWOW64\mscoree.dll [2012-06-02] (Microsoft Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-10-25] (Adobe Systems Incorporated)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-06] (Oracle Corporation)
BHO-x32: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll [2014-09-23] (DVDVideoSoft Ltd.)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-10-25] (Adobe Systems Incorporated)
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-10-25] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-03-18] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default
FF NewTab: hxxp://www.trovi.com/?gd=&ctid=CT3325585&octid=EB_ORIGINAL_CTID&ISID=MBD76DC0A-7238-4E4A-A651-F7EFC810B1AB&SearchSource=69&CUI=&SSPV=&Lay=1&UM=6&UP=SPF0B6B979-9C91-40B9-8531-604BAA398CE2
FF DefaultSearchEngine: Trovi
FF SelectedSearchEngine: Trovi
FF Homepage: hxxp://www.google.com/
FF Keyword.URL: hxxp://feed.safefinder.com/?p=mKO_AwFzXIpYRa8ldwnKG51HJOT1XRoA82gVkpDLIiC3wcwpHk-WqC1bzyn3YxBa73w29Svyvo4TTBuSWsKEzeobwGR3nR4rh_fHxD6ZxvQieOHH4BGGDXsewe6uYXAlQzgR4K59MYXI1HKkHX7GsRjv8D_x-2q9639bHsAF6DHshBcEDcFqxQuOPqrndIrOf2p8Jnw,&q=
FF NetworkProxy: "gopher", ""
FF NetworkProxy: "gopher_port", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-14] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-14] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-06] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-06] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-03-31] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-03-18] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-07-02] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-07-02] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)
FF Plugin-x32: @tools.updaterss.com/SaveSenseLive Update;version=3 -> C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\npGoogleUpdate3.dll [2014-02-05] (SaveSense)
FF Plugin-x32: @tools.updaterss.com/SaveSenseLive Update;version=9 -> C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\npGoogleUpdate3.dll [2014-02-05] (SaveSense)
FF Plugin HKU\S-1-5-21-817472733-4082136947-4255886928-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Markus Radosztics\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2014-03-13] (Citrix Online)
FF Plugin HKU\S-1-5-21-817472733-4082136947-4255886928-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-05-23] ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-03-31] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2014-11-01] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2014-11-01] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2014-11-01] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2014-11-01] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2014-11-01] (Apple Inc.)
FF SearchPlugin: C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\searchplugins\Mysearchdial.xml [2014-03-24]
FF SearchPlugin: C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\searchplugins\SafeFinder Search.xml [2014-08-06]
FF SearchPlugin: C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\searchplugins\trovi-search.xml [2015-02-02]
FF SearchPlugin: C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\searchplugins\trovi.xml [2015-06-07]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\sweet-page.xml [2014-03-23]
FF Extension: A1 Servicecenter - C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\Extensions\{594657B4-413A-41D0-8F85-A6D3F35C9BDF} [2015-06-03]
FF Extension: SaveSense - C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\Extensions\{8b337819-d1e8-48d3-8178-168ae8c99c36} [2014-02-05]
FF Extension: Download videos and MP3s from YouTube - C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\Extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900} [2014-10-06]
FF Extension: MySearchDial - C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\Extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}.xpi [2014-03-24]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-05-01]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2013-09-30]
FF HKU\S-1-5-21-817472733-4082136947-4255886928-1001\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: No Name - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
FF HKU\S-1-5-21-817472733-4082136947-4255886928-1001\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2014-10-06]

Chrome: 
=======
CHR Profile: C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-11-19]
CHR Extension: (Google Drive) - C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-11-19]
CHR Extension: (YouTube) - C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-11-19]
CHR Extension: (Google Search) - C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-11-19]
CHR Extension: (iCloud Bookmarks) - C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkepacicchenbjecpbpbclokcabebhah [2014-12-27]
CHR Extension: (Bookmark Manager) - C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-16]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-05]
CHR Extension: (Google Wallet) - C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-19]
CHR Extension: (Gmail) - C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-11-19]
CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-07-04] ()
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2736824 2015-04-07] (Microsoft Corporation)
R2 DTSAudioSvc; C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [240576 2013-10-07] (DTS, Inc)
R2 Hamachi2Svc; D:\Games\LogMeIn Hamachi\hamachi-2.exe [2490216 2015-03-30] (LogMeIn Inc.)
R2 IePluginService; C:\ProgramData\IePluginService\PluginService.exe [705136 2014-04-11] (Cherished Technololgy LIMITED)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\LENOVO\easyplussdk\bin\EPHotspot64.exe [619776 2015-01-15] (Lenovo)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation)
S3 Origin Client Service; D:\Games\Origin\OriginClientService.exe [1931632 2015-05-15] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2015-05-23] ()
S2 savesenselive; C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe [146920 2014-02-05] (SaveSense)
S3 savesenselivem; C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe [146920 2014-02-05] (SaveSense)
R2 WajWebE Monitor; C:\Program Files\WajWebE\wajam_64.exe [1972736 2015-04-28] () [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16024 2015-01-31] (Microsoft Corporation)
S2 Update Mega Browse; "C:\Program Files (x86)\Mega Browse\updateMegaBrowse.exe" [X] <==== ATTENTION

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-21] ()
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
S1 dgttngeq; C:\Windows\system32\drivers\dgttngeq.sys [55104 2015-06-07] (Microsoft Corporation)
R3 e1dexpress; C:\Windows\system32\DRIVERS\e1d63x64.sys [468752 2013-02-27] (Intel Corporation)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [44296 2015-03-30] (LogMeIn Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-07 20:44 - 2015-06-07 20:44 - 00000000 ____D C:\FRST
2015-06-07 18:11 - 2015-06-07 18:11 - 00055104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dgttngeq.sys
2015-06-07 12:49 - 2015-06-07 18:11 - 00000000 ____D C:\Program Files (x86)\SearchProtect
2015-06-04 19:09 - 2015-06-04 19:09 - 00003538 _____ C:\Windows\System32\Tasks\avabvbyvyc
2015-06-04 19:08 - 2015-06-05 09:10 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\avabvbyvyc
2015-06-03 20:09 - 2015-06-03 20:12 - 00000000 ____D C:\Users\Public\Documents\a1
2015-06-03 20:07 - 2015-06-03 20:07 - 00001428 _____ C:\Users\Markus Radosztics\AppData\Roaming\Microsoft\Windows\Start Menu\A1 Servicecenter.lnk
2015-06-03 20:07 - 2015-06-03 20:07 - 00001404 _____ C:\Users\Public\Desktop\A1 Servicecenter.lnk
2015-06-03 20:07 - 2015-06-03 20:07 - 00000000 __HDC C:\ProgramData\{69A85660-A711-4C57-B62C-D99C4F0B0DF6}
2015-06-03 20:07 - 2015-06-03 20:07 - 00000000 ____D C:\Program Files (x86)\A1 Servicecenter
2015-06-03 20:07 - 2015-05-18 15:30 - 06320216 ____N (mquadr.at software engineering & consulting GmbH) C:\Windows\SysWOW64\m2network64helperUniDotNet.exe
2015-06-03 08:03 - 2015-06-03 08:03 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\com
2015-06-03 08:02 - 2015-06-03 08:02 - 00003092 _____ C:\Windows\System32\Tasks\MixVideoPlayer Update
2015-06-03 08:02 - 2015-06-03 08:02 - 00001967 _____ C:\Users\Markus Radosztics\Desktop\MixVideoPlayer.lnk
2015-06-03 08:02 - 2015-06-03 08:02 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\mixvideoplayer
2015-06-03 08:02 - 2015-06-03 08:02 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\BrowserWeb
2015-06-03 08:02 - 2015-06-03 08:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MixVideoPlayer
2015-06-03 08:02 - 2015-06-03 08:02 - 00000000 ____D C:\Program Files (x86)\MixVideoPlayer
2015-05-23 20:27 - 2015-05-23 21:26 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\Ubisoft Game Launcher
2015-05-23 20:11 - 2015-05-23 20:11 - 00282512 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2015-05-23 20:10 - 2015-05-23 20:10 - 00076888 _____ C:\Windows\SysWOW64\PnkBstrA.exe
2015-05-23 20:10 - 2015-05-23 20:10 - 00001207 _____ C:\Users\Markus Radosztics\Desktop\Uplay.lnk
2015-05-23 20:10 - 2015-05-23 20:10 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2015-05-23 20:10 - 2015-05-23 20:10 - 00000000 ____D C:\Program Files (x86)\Ubisoft
2015-05-23 19:51 - 2015-05-23 19:52 - 00000000 ____D C:\Users\Markus Radosztics\Documents\Witcher 2
2015-05-23 19:48 - 2015-05-23 19:48 - 00000000 ____D C:\Users\Markus Radosztics\Documents\Thief
2015-05-23 18:21 - 2015-05-23 18:21 - 00000202 _____ C:\Users\Markus Radosztics\Desktop\Thief.url
2015-05-23 18:09 - 2015-05-23 18:09 - 00000202 _____ C:\Users\Markus Radosztics\Desktop\Dishonored.url
2015-05-19 22:03 - 2015-05-19 22:03 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\TempTaskUpdateDetection6DA59A38-8DE6-4AC8-888A-3483530A69AB
2015-05-17 20:25 - 2015-05-17 20:25 - 00000000 ____D C:\Users\Markus Radosztics\Documents\Fussball Manager 13
2015-05-16 22:25 - 2015-05-17 20:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoccerLobby
2015-05-16 00:40 - 2015-04-30 15:07 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-16 00:40 - 2015-04-30 15:07 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-16 00:19 - 2015-05-16 21:41 - 00000000 ____D C:\Users\Markus Radosztics\Documents\FUSSBALL MANAGER 14
2015-05-15 23:27 - 2015-05-15 23:27 - 00000908 _____ C:\Users\Public\Desktop\FUSSBALL MANAGER 14.lnk
2015-05-15 23:27 - 2015-05-15 23:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FUSSBALL MANAGER 14
2015-05-15 23:08 - 2015-05-16 00:44 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\Origin
2015-05-15 23:08 - 2015-05-15 23:14 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\Origin
2015-05-15 23:05 - 2015-05-26 20:38 - 00000000 ____D C:\ProgramData\Origin
2015-05-15 23:05 - 2015-05-15 23:05 - 00000623 _____ C:\Users\Public\Desktop\Origin.lnk
2015-05-15 08:10 - 2015-05-15 08:10 - 00000000 ____D C:\Windows\rescache
2015-05-14 13:59 - 2015-05-02 08:28 - 00100184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-05-14 13:59 - 2015-05-02 05:59 - 00318976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-05-14 13:59 - 2015-05-02 05:36 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-05-14 13:59 - 2015-03-14 02:55 - 00410017 _____ C:\Windows\system32\ApnDatabase.xml
2015-05-14 13:59 - 2015-02-18 09:39 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-05-14 13:59 - 2015-02-18 09:38 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\tssdisai.dll
2015-05-13 19:57 - 2015-04-21 16:33 - 14374400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-05-13 19:57 - 2015-04-21 16:33 - 13771776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-05-13 19:57 - 2015-04-21 16:33 - 02864640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-05-13 19:57 - 2015-04-21 16:33 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-05-13 19:57 - 2015-04-21 16:33 - 01763328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-05-13 19:57 - 2015-04-21 16:33 - 01181696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-05-13 19:57 - 2015-04-21 16:33 - 00737280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-05-13 19:57 - 2015-04-21 16:33 - 00690176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-05-13 19:57 - 2015-04-21 16:33 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-05-13 19:57 - 2015-04-21 16:33 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-05-13 19:57 - 2015-04-21 16:33 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-05-13 19:57 - 2015-04-21 16:33 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-05-13 19:57 - 2015-04-21 16:33 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-05-13 19:57 - 2015-04-21 16:33 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-05-13 19:57 - 2015-04-21 16:32 - 01441280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-05-13 19:57 - 2015-04-21 15:53 - 02237440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-13 19:57 - 2015-04-21 15:53 - 01409536 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-13 19:57 - 2015-04-21 15:53 - 00601600 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-13 19:57 - 2015-04-21 15:52 - 19291136 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-13 19:57 - 2015-04-21 15:52 - 15414784 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-13 19:57 - 2015-04-21 15:52 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-05-13 19:57 - 2015-04-21 15:52 - 02656768 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-13 19:57 - 2015-04-21 15:52 - 01509376 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-13 19:57 - 2015-04-21 15:52 - 00949760 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-05-13 19:57 - 2015-04-21 15:52 - 00856064 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-05-13 19:57 - 2015-04-21 15:52 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-13 19:57 - 2015-04-21 15:52 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-13 19:57 - 2015-04-21 15:52 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-05-13 19:57 - 2015-04-21 15:52 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-13 19:57 - 2015-04-18 04:37 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-05-13 19:57 - 2015-04-18 04:34 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-13 18:11 - 2015-04-14 00:09 - 00570248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-05-13 18:11 - 2015-04-13 07:30 - 01839616 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-13 18:11 - 2015-04-13 07:30 - 01280512 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-13 18:11 - 2015-04-13 06:05 - 01416192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-05-13 18:11 - 2015-04-13 05:25 - 04063744 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-13 17:31 - 2015-04-13 07:32 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-13 17:31 - 2015-03-12 07:31 - 01688576 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
2015-05-13 16:39 - 2015-04-06 07:36 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\PhotoMetadataHandler.dll
2015-05-13 16:39 - 2015-04-06 06:08 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhotoMetadataHandler.dll
2015-05-13 16:39 - 2015-03-12 07:31 - 02048000 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-05-13 16:39 - 2015-03-12 07:31 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\WPDShServiceObj.dll
2015-05-13 16:39 - 2015-03-12 05:52 - 01933312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2015-05-13 16:39 - 2015-03-04 08:41 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-05-13 16:39 - 2015-03-04 08:39 - 00632832 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-05-13 16:39 - 2015-03-04 08:39 - 00204288 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-05-13 16:39 - 2015-03-04 06:53 - 00021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-05-13 16:39 - 2015-03-04 06:52 - 00676864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-07 20:44 - 2013-11-19 21:28 - 00001136 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-07 20:43 - 2014-02-05 17:38 - 00000972 _____ C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineUA.job
2015-06-07 20:38 - 2014-02-05 17:38 - 00000340 _____ C:\Windows\Tasks\SaveSense.job
2015-06-07 20:37 - 2013-09-30 21:01 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-07 20:06 - 2013-09-30 19:24 - 01484519 _____ C:\Windows\WindowsUpdate.log
2015-06-07 20:04 - 2013-11-22 22:24 - 00000366 _____ C:\Windows\Tasks\HP Photo Creations Communicator.job
2015-06-07 20:00 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\sru
2015-06-07 19:28 - 2014-12-27 12:45 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\36A80DEE-1AAD-4F7E-AA6A-4638F785B9B6.aplzod
2015-06-07 16:43 - 2014-02-05 17:38 - 00000968 _____ C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineCore.job
2015-06-07 12:43 - 2014-02-05 18:38 - 00000156 _____ C:\Users\Markus Radosztics\AppData\Roaming\WB.CFG
2015-06-07 12:30 - 2014-06-17 22:52 - 00005184 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for WAUT0001-Markus Radosztics WAUT0001
2015-06-07 11:33 - 2013-09-30 19:30 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-817472733-4082136947-4255886928-1001
2015-06-07 11:28 - 2015-01-14 23:45 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\LogMeIn Hamachi
2015-06-07 11:28 - 2014-12-27 12:46 - 00000000 ___RD C:\Users\Markus Radosztics\iCloudDrive
2015-06-07 11:28 - 2013-10-13 20:57 - 00000000 ___RD C:\Users\Markus Radosztics\Dropbox
2015-06-07 11:28 - 2013-10-13 20:55 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\Dropbox
2015-06-07 11:27 - 2013-11-19 21:28 - 00001132 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-07 11:25 - 2013-11-19 21:28 - 00002211 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-06-07 11:21 - 2012-07-26 12:27 - 00751892 _____ C:\Windows\system32\perfh007.dat
2015-06-07 11:21 - 2012-07-26 12:27 - 00155620 _____ C:\Windows\system32\perfc007.dat
2015-06-07 11:21 - 2012-07-26 09:28 - 01745416 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-07 11:14 - 2014-06-12 07:26 - 00000000 __HDC C:\ProgramData\~0
2015-06-07 11:14 - 2013-10-01 21:22 - 00000000 ____D C:\ProgramData\NVIDIA
2015-06-07 11:14 - 2013-10-01 18:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-06-07 11:14 - 2013-09-30 19:17 - 00101742 _____ C:\Windows\PFRO.log
2015-06-07 11:14 - 2012-07-26 09:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-03 20:07 - 2014-05-27 17:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\A1
2015-06-03 19:42 - 2014-09-29 17:58 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\A1
2015-06-03 19:18 - 2014-05-27 17:36 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\a1ta
2015-06-03 00:14 - 2014-06-25 17:28 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-06-01 19:41 - 2013-10-02 17:05 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\Skype
2015-05-28 22:04 - 2013-09-30 19:24 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\Packages
2015-05-25 17:24 - 2013-10-02 17:05 - 00000000 ____D C:\ProgramData\Skype
2015-05-23 21:39 - 2013-10-11 17:05 - 00000000 ____D C:\Users\Markus Radosztics\Documents\My Games
2015-05-23 20:10 - 2013-10-05 10:56 - 00519043 _____ C:\Windows\DirectX.log
2015-05-23 19:56 - 2013-09-30 19:32 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-05-22 08:42 - 2015-02-23 20:21 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-05-20 23:04 - 2013-10-01 18:20 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\TS3Client
2015-05-20 22:17 - 2013-10-02 16:32 - 00000000 ____D C:\Program Files (x86)\Voobly
2015-05-19 07:39 - 2015-03-18 18:45 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-05-18 15:31 - 2014-05-27 17:35 - 04037720 ____N (mquadr.at software engineering) C:\Windows\SysWOW64\M2ElevatedNetworkAdapters.dll
2015-05-18 08:39 - 2013-11-19 21:28 - 00004108 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-18 08:39 - 2013-11-19 21:28 - 00003872 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-16 00:42 - 2012-07-26 07:26 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-05-16 00:41 - 2013-09-30 19:53 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-05-16 00:41 - 2013-09-30 19:52 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-05-16 00:40 - 2012-07-26 09:59 - 00000000 ____D C:\Windows\CbsTemp
2015-05-15 07:29 - 2015-03-20 10:39 - 00507240 _____ C:\Windows\system32\FNTCACHE.DAT
2015-05-15 00:31 - 2012-07-26 12:29 - 00000000 ____D C:\Program Files\Windows Journal
2015-05-15 00:31 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2015-05-14 19:01 - 2013-11-22 22:36 - 00000000 ____D C:\ProgramData\MAGIX
2015-05-14 18:57 - 2014-03-13 19:52 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\Citrix
2015-05-14 18:54 - 2013-10-03 16:21 - 00000000 ____D C:\ProgramData\Solidshield
2015-05-14 14:01 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\AUInstallAgent
2015-05-13 21:08 - 2013-09-30 22:57 - 00000000 ____D C:\Windows\system32\MRT
2015-05-13 21:05 - 2013-09-30 22:57 - 140425016 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-05-13 16:24 - 2013-09-30 19:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-05-13 16:24 - 2012-07-26 07:26 - 00000269 _____ C:\Windows\win.ini
2015-05-13 16:23 - 2013-09-30 19:57 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-05-13 16:23 - 2013-09-30 19:57 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-05-09 10:07 - 2013-10-13 20:57 - 00001061 _____ C:\Users\Markus Radosztics\Desktop\Dropbox.lnk
2015-05-09 10:07 - 2013-10-13 20:55 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox

==================== Files in the root of some directories =======

2013-09-30 20:29 - 2013-09-30 20:29 - 0000268 ___RH () C:\Users\Markus Radosztics\AppData\Roaming\String Ensemble
2013-09-30 20:30 - 2013-09-30 20:30 - 0000268 ___RH () C:\Users\Markus Radosztics\AppData\Roaming\Strings
2013-09-30 20:29 - 2013-09-30 20:29 - 0000268 ___RH () C:\Users\Markus Radosztics\AppData\Roaming\Super Strings
2013-09-30 20:29 - 2013-09-30 20:29 - 0000268 ___RH () C:\Users\Markus Radosztics\AppData\Roaming\Techno Kit
2014-02-05 18:38 - 2015-06-07 12:43 - 0000156 _____ () C:\Users\Markus Radosztics\AppData\Roaming\WB.CFG
2013-11-06 10:01 - 2014-08-12 18:27 - 0006144 _____ () C:\Users\Markus Radosztics\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-12-23 18:56 - 2014-12-23 18:56 - 0007606 _____ () C:\Users\Markus Radosztics\AppData\Local\Resmon.ResmonCfg
2013-10-02 17:42 - 2013-10-02 17:42 - 0000057 _____ () C:\ProgramData\Ament.ini
2014-07-07 09:16 - 2014-07-07 09:16 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2013-09-30 20:29 - 2013-09-30 20:29 - 0000012 ___RH () C:\ProgramData\howto
2013-09-30 20:29 - 2013-09-30 20:29 - 0000020 ____H () C:\ProgramData\PKP_DLeo.DAT
2013-09-30 20:30 - 2013-09-30 20:30 - 0000020 ____H () C:\ProgramData\PKP_DLes.DAT
2013-09-30 20:29 - 2013-09-30 20:30 - 0000020 ____H () C:\ProgramData\PKP_DLet.DAT
2013-09-30 20:29 - 2013-09-30 20:29 - 0000020 ____H () C:\ProgramData\PKP_DLev.DAT
2013-09-30 20:29 - 2013-09-30 20:29 - 0000268 ___RH () C:\ProgramData\Sync Schema
2013-09-30 20:30 - 2013-09-30 20:30 - 0000268 ___RH () C:\ProgramData\Sync Services
2013-09-30 20:29 - 2013-09-30 20:29 - 0000268 ___RH () C:\ProgramData\Synth Basics
2013-09-30 20:29 - 2013-09-30 20:29 - 0000012 ___RH () C:\ProgramData\Track Settings
2013-09-30 20:30 - 2013-09-30 20:30 - 0000012 ___RH () C:\ProgramData\Transportation
2013-09-30 20:29 - 2013-09-30 20:29 - 0000012 ___RH () C:\ProgramData\Tremolo

Some files in TEMP:
====================
C:\Users\Markus Radosztics\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpbu6_bu.dll
C:\Users\Markus Radosztics\AppData\Local\Temp\NewUpdate.exe
C:\Users\Markus Radosztics\AppData\Local\Temp\{EFF616A3-14B1-4A6A-9192-4E85EA2DE69E}_emergency.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-06-07 11:02

==================== End of log ============================
         
Und hier noch das Addition-File:

[CODE]Additional
FRST Logfile:
Code:
ATTFilter
scan result of Farbar Recovery Scan Tool (x64) Version:07-06-2015
Ran by Markus Radosztics at 2015-06-07 20:44:50
Running from C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MWQCMX90
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-817472733-4082136947-4255886928-500 - Administrator - Disabled)
Birgit (S-1-5-21-817472733-4082136947-4255886928-1003 - Limited - Enabled)
Gast (S-1-5-21-817472733-4082136947-4255886928-501 - Limited - Disabled)
Markus Radosztics (S-1-5-21-817472733-4082136947-4255886928-1001 - Administrator - Enabled) => C:\Users\Markus Radosztics

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

A1 FTP (HKLM-x32\...\A1 FTP) (Version: 2.0.0.2 - A1 Telekom Austria AG)
A1 FTP (x32 Version: 2.0.0.2 - A1 Telekom Austria AG) Hidden
A1 Servicecenter (HKLM-x32\...\A1 Servicecenter) (Version: 9.15.1.1250 - A1 Telekom Austria AG)
AdblockIE (HKLM-x32\...\{5508128A-2C7B-46B5-81F9-58E8E8115F0B}) (Version: 1.2 - af0.net)
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.0.0 - Adobe Systems)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Apple Application Support (32-Bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
BIPA FotoShop (HKLM-x32\...\BIPA FotoShop) (Version: 5.1.7 - CEWE Stiftung u Co. KGaA)
BrettspielWelt (HKLM-x32\...\BrettspielWelt) (Version: 1.0 - BrettspielWelt GmbH)
Dishonored (HKLM-x32\...\Steam App 205100) (Version: 1.0 - Bethesda Softworks)
Documents To Go Desktop für iOS (HKLM-x32\...\DTGDesktop) (Version: 5.0000.013 - DataViz, Inc.)
Dropbox (HKU\S-1-5-21-817472733-4082136947-4255886928-1001\...\Dropbox) (Version: 3.4.6 - Dropbox, Inc.)
EAX4 Unified Redist (HKLM-x32\...\{89661B04-C646-4412-B6D3-5E19F02F1F37}) (Version: 4.001 - Creative Labs)
Far Cry 3 (HKLM-x32\...\{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88}) (Version: 1.05 - Ubisoft)
Free DVD Video Burner version 3.2.14.415 (HKLM-x32\...\Free DVD Video Burner_is1) (Version: 3.2.14.415 - DVDVideoSoft Ltd.)
Free YouTube Download version 3.2.46.923 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.46.923 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.54.128 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.54.128 - DVDVideoSoft Ltd.)
FUSSBALL MANAGER 14 (HKLM-x32\...\{5FC27E1E-08C0-4346-A321-ED2D31FAE936}) (Version: 1.0.0.0 - Electronic Arts)
GameRanger (HKU\S-1-5-21-817472733-4082136947-4255886928-1001\...\GameRanger) (Version:  - GameRanger Technologies)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.81 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Officejet 6600 - Grundlegende Software für das Gerät (HKLM\...\{F58934BD-F483-43EB-B307-CFFD88B18455}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.12412 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
iCloud (HKLM\...\{709A2D23-C25E-47B5-9268-CB6FEE648504}) (Version: 4.1.1.53 - Apple Inc.)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 18.1 - Intel)
iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.328 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.328 - LogMeIn, Inc.) Hidden
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Metric Collection SDK 35 (x32 Version: 1.2.0006.00 - Lenovo Group Limited) Hidden
Microsoft Age of Empires II (HKLM-x32\...\Age of Empires 2.0) (Version:  - )
Microsoft Age of Empires II: The Conquerors Expansion (HKLM-x32\...\Age of Empires II: The Conquerors Expansion 1.0) (Version:  - )
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-817472733-4082136947-4255886928-1001\...\OneDriveSetup.exe) (Version: 17.3.1171.0714 - Microsoft Corporation)
Microsoft OneNote 2013 - de-de (HKLM\...\OneNoteFreeRetail - de-de) (Version: 15.0.4719.1002 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
MixVideoPlayer (HKLM-x32\...\MixVideoPlayer) (Version: v1.0.0.18 - SoftForce LLC)
Mozilla Firefox 38.0.5 (x86 de) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 de)) (Version: 38.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Nikon Message Center 2 (HKLM-x32\...\{B014EE44-9197-4513-9613-71E6EB1B514E}) (Version: 2.1.0 - Nikon)
Nikon Movie Editor (HKLM-x32\...\{5CAD3393-EEC0-44CE-9F93-BCAA365B77FB}) (Version: 2.7.0 - Nikon)
NVIDIA 3D Vision Controller-Treiber 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4719.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4719.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4719.1002 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.3.2.2730 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PFPortChecker 1.0.40 (HKLM-x32\...\PFPortChecker) (Version: 1.0.40 - Portforward.com)
Picture Control Utility x64 (HKLM\...\{11953C65-BB4E-4CA4-B0F0-2600A4B20040}) (Version: 1.4.12 - Nikon)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.)
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14083.17 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.14083.17 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)
SaveSense (HKU\S-1-5-21-817472733-4082136947-4255886928-1001\...\SaveSense) (Version:  - ) <==== ATTENTION
SaveSense (remove only) (HKLM-x32\...\SaveSense) (Version: 5.3.0.6 - SaveSense) <==== ATTENTION
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version:  - Microsoft)
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 2.1.21.0 - Lenovo Group Limited)
SHIELD Streaming (Version: 3.1.100 - NVIDIA Corporation) Hidden
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version:  - 2K Games, Inc.)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation)
Skype™ 7.4 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.24951 - TeamViewer)
Thief (HKLM-x32\...\Steam App 239160) (Version:  - Eidos-Montréal)
TmNationsForever (HKLM-x32\...\TmNationsForever_is1) (Version:  - Nadeo)
TomTom HOME (HKLM-x32\...\{7A2BB1C8-903D-4585-9F3B-CADD67D07D37}) (Version: 2.9.8 - Ihr Firmenname)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Trainingspläne Version 1.0 (HKLM-x32\...\{F8A382D7-5453-4E2C-AD53-A598D868B3EE}_is1) (Version: 1.0 - SoccerLobby)
Update for Skype for Business 2015 (KB2889853) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0407-0000-0000000FF1CE}_Office15.PROPLUS_{0C5B0539-7EDE-4297-947E-48890971B557}) (Version:  - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
ViewNX 2 (HKLM\...\{635BE602-BB9C-4C59-8CC5-93F9366E8A21}) (Version: 2.7.6 - Nikon)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version:  - Elaborate Bytes)
VirtualDJ Home FREE (HKLM-x32\...\{77C2D5D4-ADC5-49F9-B36E-5992FCF35EA3}) (Version: 7.4.1 - Atomix Productions)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Voobly (HKLM-x32\...\Voobly_is1) (Version: Voobly - Voobly)
Wajam (HKLM-x32\...\WajWebE) (Version: 1.44.5.10 (i1.0) - Wajam) <==== ATTENTION
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-817472733-4082136947-4255886928-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Markus Radosztics\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-817472733-4082136947-4255886928-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Markus Radosztics\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-817472733-4082136947-4255886928-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Markus Radosztics\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-817472733-4082136947-4255886928-1001_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Markus Radosztics\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-817472733-4082136947-4255886928-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Markus Radosztics\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-817472733-4082136947-4255886928-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Markus Radosztics\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-817472733-4082136947-4255886928-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Markus Radosztics\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-817472733-4082136947-4255886928-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Markus Radosztics\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-817472733-4082136947-4255886928-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Markus Radosztics\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-817472733-4082136947-4255886928-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Markus Radosztics\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-817472733-4082136947-4255886928-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Markus Radosztics\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-817472733-4082136947-4255886928-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Markus Radosztics\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-817472733-4082136947-4255886928-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Markus Radosztics\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-817472733-4082136947-4255886928-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Markus Radosztics\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-817472733-4082136947-4255886928-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Markus Radosztics\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)

==================== Restore Points =========================

07-06-2015 18:11:02 Windows Defender Checkpoint

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {09440F26-5401-4511-BACA-C8831EC2AE6D} - System32\Tasks\Microsoft Office 15 Sync Maintenance for WAUT0001-Markus Radosztics WAUT0001 => C:\Program Files\Microsoft Office 15\root\Office15\MsoSync.exe [2015-05-04] (Microsoft Corporation)
Task: {14DA452B-3803-4CC6-B267-EBB050D9FD61} - System32\Tasks\SaveSenseLiveUpdateTaskMachineUA => C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe [2014-02-05] (SaveSense) <==== ATTENTION
Task: {25320076-3E36-427D-AEAD-2F08ABEFC8B2} - System32\Tasks\SaveSenseLiveUpdateTaskMachineCore => C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe [2014-02-05] (SaveSense) <==== ATTENTION
Task: {2E74F044-78F4-48E0-B6A0-91F591980FEB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-19] (Google Inc.)
Task: {379476DD-23F7-4AE9-A6B6-2E7FA392A420} - System32\Tasks\avabvbyvyc => C:\Users\Markus Radosztics\AppData\Local\avabvbyvyc\avabvbyvyc.exe [2015-05-31] () <==== ATTENTION
Task: {5818FE90-AFFD-4AFE-A7D4-A82A9C1B041F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-14] (Adobe Systems Incorporated)
Task: {61B31C95-845F-48F8-8F35-87FE7AB7A398} - System32\Tasks\HP Photo Creations Communicator => C:\ProgramData\HP Photo Creations\Communicator.exe [2013-11-22] ()
Task: {6F8840BE-EF31-437E-AB13-0EE27E62B6A0} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {8C34A83F-AB6B-4DD6-A135-184B6A087422} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-09-10] (Lenovo)
Task: {C37A8168-7AE0-45AF-87BA-5E7D155018D6} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {C4A8F7C1-E598-4018-A931-9156A8D07AF8} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {CE5EBAA0-6FA5-4B7C-A9B2-66052EF9D1FB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-19] (Google Inc.)
Task: {D5D08A86-6937-4ED9-8F5E-D26F0BBA1F1C} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-05-13] (Microsoft Corporation)
Task: {DB4C4EA9-E673-409B-BFC1-1B143E7A7376} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-04-14] (Microsoft Corporation)
Task: {E04F0DEA-DAE9-4613-89D1-569AB4AA22B2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {E8D1A991-A253-436E-AD0D-B832F4A7BE57} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-04-14] (Microsoft Corporation)
Task: {F8A4BEDA-BA3B-4B1D-A4F4-3DE233C64B32} - System32\Tasks\SaveSense => C:\Users\Markus Radosztics\AppData\Roaming\SaveSense\UpdateProc\UpdateTask.exe [2013-04-12] () <==== ATTENTION
Task: {FA6EDE8A-C39F-41FC-A819-6BBA4C030A08} - System32\Tasks\MixVideoPlayer Update => C:\Program Files (x86)\MixVideoPlayer\mixUpdater.exe [2015-05-21] ()
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HP Photo Creations Communicator.job => C:\ProgramData\HP Photo Creations\Communicator.exe
Task: C:\Windows\Tasks\SaveSense.job => C:\Users\MARKUS~1\AppData\Roaming\SAVESE~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineCore.job => C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe <==== ATTENTION
Task: C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineUA.job => C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe <==== ATTENTION

==================== Loaded Modules (Whitelisted) ==============

2013-09-30 19:55 - 2014-07-02 20:55 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-09-30 22:55 - 2013-07-04 03:32 - 00936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
2015-03-18 18:45 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2015-05-23 20:10 - 2015-05-23 20:10 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2015-04-28 22:53 - 2015-04-28 22:53 - 01972736 _____ () C:\Program Files\WajWebE\wajam_64.exe
2015-04-28 22:51 - 2015-04-28 22:51 - 01590784 _____ () C:\Program Files\WajWebE\wajam.exe
2015-06-07 11:14 - 2015-06-07 11:14 - 01393152 _____ () C:\Program Files\WajWebE\dlls\hlnsc.dll
2015-05-25 12:31 - 2015-05-25 12:31 - 00066048 _____ () C:\Program Files (x86)\MixVideoPlayer\BrowserWeb.exe
2013-09-30 22:55 - 2015-06-07 11:14 - 00028672 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll
2013-09-30 22:55 - 2012-05-07 18:04 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\ATKEX.dll
2015-06-07 11:14 - 2015-06-07 11:14 - 01199104 _____ () C:\Program Files\WajWebE\dlls\arlhv.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-05-14 10:06 - 2015-04-16 19:40 - 00776192 ____N () D:\Games\SDL2.dll
2015-05-14 10:06 - 2015-04-23 04:16 - 04962816 ____N () D:\Games\v8.dll
2015-06-07 10:37 - 2015-06-04 20:56 - 02407104 _____ () D:\Games\video.dll
2015-05-14 10:06 - 2015-04-23 04:16 - 01556992 ____N () D:\Games\icui18n.dll
2015-05-14 10:06 - 2015-04-23 04:16 - 01187840 ____N () D:\Games\icuuc.dll
2015-02-06 11:54 - 2014-12-01 23:31 - 02396672 ____N () D:\Games\libavcodec-56.dll
2015-02-06 11:54 - 2014-12-01 23:31 - 00479744 ____N () D:\Games\libavformat-56.dll
2015-02-06 11:54 - 2014-12-01 23:31 - 00332800 ____N () D:\Games\libavresample-2.dll
2015-02-06 11:54 - 2014-12-01 23:31 - 00442880 ____N () D:\Games\libavutil-54.dll
2015-02-06 11:54 - 2014-12-01 23:31 - 00485888 ____N () D:\Games\libswscale-3.dll
2015-06-07 10:37 - 2015-06-04 20:56 - 00703168 _____ () D:\Games\bin\chromehtml.DLL
2015-05-14 10:06 - 2015-05-11 21:01 - 36302728 ____N () D:\Games\bin\libcef.dll
2010-10-25 15:15 - 2010-10-25 15:15 - 00019968 _____ () C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\locale\de_de\acrotray.deu
2015-06-07 11:28 - 2015-06-07 11:28 - 00043008 _____ () c:\Users\Markus Radosztics\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpbu6_bu.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00750080 _____ () C:\Users\Markus Radosztics\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00047616 _____ () C:\Users\Markus Radosztics\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00865280 _____ () C:\Users\Markus Radosztics\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00200704 _____ () C:\Users\Markus Radosztics\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Windows\system32\Drivers\dgttngeq.sys:changelist

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-817472733-4082136947-4255886928-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Markus Radosztics\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 10.0.0.138

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run32: => "APSDaemon"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [TCP Query User{12B3E761-7E9C-487C-A6C7-71A94B02A9A6}C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.exe] => (Allow) C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.exe
FirewallRules: [UDP Query User{0D2D1C41-8235-4996-8423-AAC196CCD3A5}C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.exe] => (Allow) C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.exe
FirewallRules: [{987FF516-1D9B-4553-A1BB-A6E48D02E05E}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires II\age2_x1\age2_x2.exe
FirewallRules: [{7A9C7811-E7BE-41EE-95DF-B0C541733236}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires II\age2_x1\age2_x2.exe
FirewallRules: [{FC58825A-6514-4624-8DCD-0E92D6A5A51D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{CC8CDB57-99F2-44D9-B553-88A076EAB0E9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{7A288BFF-DFBA-49C6-9C6C-042CF623F317}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{5A35EB0E-2620-4B0D-BF14-0348A0B753C4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{631735D1-D72A-4BF3-B345-13962B361B20}] => (Allow) C:\Windows\SysWOW64\dplaysvr.exe
FirewallRules: [{70AC4E28-6244-4DBA-9D26-66B9B8685C6B}] => (Allow) C:\Windows\SysWOW64\dplaysvr.exe
FirewallRules: [{AA10494F-E851-412F-9F77-F5C4E912E897}] => (Allow) C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.exe
FirewallRules: [{B4C38608-5ABA-4EB1-A254-28AF1E13602E}] => (Allow) C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.exe
FirewallRules: [TCP Query User{8196E49A-726B-4E22-B44A-D4A6BEA8AA0B}C:\users\markus radosztics\appdata\roaming\gameranger\gameranger\gameranger.exe] => (Allow) C:\users\markus radosztics\appdata\roaming\gameranger\gameranger\gameranger.exe
FirewallRules: [UDP Query User{C8AF183D-695A-455F-8E54-335EBF0D17AA}C:\users\markus radosztics\appdata\roaming\gameranger\gameranger\gameranger.exe] => (Allow) C:\users\markus radosztics\appdata\roaming\gameranger\gameranger\gameranger.exe
FirewallRules: [{B924E48A-941A-453B-A456-076DD7A8218D}] => (Allow) C:\Program Files\HP\HP Officejet 6600\bin\FaxApplications.exe
FirewallRules: [{7251B19A-6116-4C23-99DC-8000CBF4AD37}] => (Allow) C:\Program Files\HP\HP Officejet 6600\bin\DigitalWizards.exe
FirewallRules: [{7BCBB288-9D10-4FB2-843C-3A5678A248C0}] => (Allow) C:\Program Files\HP\HP Officejet 6600\bin\SendAFax.exe
FirewallRules: [{16D07102-1BAD-4891-B845-C039F17C47E2}] => (Allow) C:\Program Files\HP\HP Officejet 6600\Bin\DeviceSetup.exe
FirewallRules: [{B5BEA6BD-7DD5-4370-8089-A431E9B727CE}] => (Allow) C:\Program Files\HP\HP Officejet 6600\Bin\HPNetworkCommunicator.exe
FirewallRules: [{7E087840-41B4-4F24-B6A4-FFC8BEBAEB89}] => (Allow) C:\Program Files\HP\HP Officejet 6600\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [TCP Query User{1DF54F7F-6297-45D3-B113-80948A28E143}C:\program files (x86)\tmnationsforever\tmforever.exe] => (Allow) C:\program files (x86)\tmnationsforever\tmforever.exe
FirewallRules: [UDP Query User{67B44643-DE75-41A1-9262-671B980EEB9D}C:\program files (x86)\tmnationsforever\tmforever.exe] => (Allow) C:\program files (x86)\tmnationsforever\tmforever.exe
FirewallRules: [TCP Query User{F7606471-0FB1-4092-827F-1FB53190140D}C:\program files (x86)\voobly\voobly.exe] => (Allow) C:\program files (x86)\voobly\voobly.exe
FirewallRules: [UDP Query User{BC834164-D4A3-47B7-97CC-D2C227FB7D43}C:\program files (x86)\voobly\voobly.exe] => (Allow) C:\program files (x86)\voobly\voobly.exe
FirewallRules: [{3F817821-4983-4364-9208-1D81F08E2CBE}] => (Allow) D:\Games\Steam.exe
FirewallRules: [{2BEEEE53-A5FE-4FDF-9FD5-D35215E1F9A3}] => (Allow) D:\Games\Steam.exe
FirewallRules: [{F2C6C1A4-93A7-45B9-B7BE-9290141C5BF8}] => (Allow) C:\Users\Markus Radosztics\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{9B64C189-F926-4B4E-98A1-F542C454DF81}] => (Allow) C:\Users\Markus Radosztics\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{D1742FAF-9B9F-4535-8F74-17D280C40459}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{C88C8307-5F55-4D61-8862-887D2105F71E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{08361B9C-1436-43CB-8ED7-7447926105C7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{0E1ADA58-1E53-4137-BE99-1308CD22FD7F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{311887E4-8CD3-43CE-A516-B3636172ED4F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{EA9A4AA8-7465-4DC4-9766-F9C4BB7ADA05}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{4F553A41-E2B2-43AB-BE0A-32D3C00D5D2F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{7F543D06-198A-4CE1-8015-EB85EF9BEE57}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{60607916-FF32-4CCF-8F30-14EFCD720AC7}D:\games\the witcher 2\bin\witcher2.exe] => (Allow) D:\games\the witcher 2\bin\witcher2.exe
FirewallRules: [UDP Query User{633C3547-A42F-4E3E-953E-B7370EE3D597}D:\games\the witcher 2\bin\witcher2.exe] => (Allow) D:\games\the witcher 2\bin\witcher2.exe
FirewallRules: [{CAC76C0B-DBB3-45DB-8440-C891678DDE50}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{249EA525-E665-4421-9D68-2D095DDDAB85}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{D19A8191-86A5-4394-AD86-CBE673C02324}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{81A1BDEB-5C5A-4163-9620-199C1B55DABC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{84124389-5F23-460B-A440-0B0C1890B2C2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{E9C02F06-B9E6-4612-B312-9AA2E15DB41D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{61993195-3FAF-49A2-96FB-79734E8CFDFF}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{48E4F530-43F6-43F0-B854-5DD43FDF710D}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{A4B35422-C5DD-4495-8ADB-D1CAFF586E3F}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{BCBF0BF4-46EE-477F-B7E6-A7AF46299B6A}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{80D26611-50A7-48D4-894D-3036FC65A47F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{B18147B6-59FF-45EC-AC63-E0238E149424}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{FFBC0C40-06CB-4D5A-861A-F5EBEDD4A235}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{81379960-4816-40C3-BB95-629C50136E29}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{7188B560-63DB-4CF1-A9E0-787EF40AC57F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{46A6122F-F0A5-48B8-8800-4D4FE2872C1A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{DF34092E-2C88-4CFD-817B-46AF1CC8779F}D:\games\anno1701.exe] => (Allow) D:\games\anno1701.exe
FirewallRules: [UDP Query User{F84FA8AF-E620-4056-99DB-B1C428CE4CA4}D:\games\anno1701.exe] => (Allow) D:\games\anno1701.exe
FirewallRules: [TCP Query User{686F978E-85C5-44E0-B9C8-AE75D9A53DC2}D:\games\scda-offline\system\splintercell4.exe] => (Allow) D:\games\scda-offline\system\splintercell4.exe
FirewallRules: [UDP Query User{ED50F34F-878E-4D91-A7DB-77D76C2C96D2}D:\games\scda-offline\system\splintercell4.exe] => (Allow) D:\games\scda-offline\system\splintercell4.exe
FirewallRules: [{33133F83-68DE-40BE-AEF1-A346CE63EAD4}] => (Allow) D:\Games\AssassinsCreed_Dx9.exe
FirewallRules: [{B3610912-69F4-4AAC-93C7-A0C6B8D6C7D7}] => (Allow) D:\Games\AssassinsCreed_Dx9.exe
FirewallRules: [{482BD8FC-11B2-420E-82D2-204AAE387526}] => (Allow) D:\Games\AssassinsCreed_Dx10.exe
FirewallRules: [{F176C00A-8546-48C3-BF1C-4F91D5282750}] => (Allow) D:\Games\AssassinsCreed_Dx10.exe
FirewallRules: [{8779B77A-DFDE-4515-8316-34327377D91C}] => (Allow) D:\Games\AssassinsCreed_Launcher.exe
FirewallRules: [{9F87AE0A-D5B3-4BBD-ADCE-0F9D1FDEA32D}] => (Allow) D:\Games\AssassinsCreed_Launcher.exe
FirewallRules: [TCP Query User{241BEA33-F8CD-42ED-BFFE-A7D024F27EC9}C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x2.exe] => (Allow) C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x2.exe
FirewallRules: [UDP Query User{47776DAF-CB2C-46E9-8991-85629B7A3700}C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x2.exe] => (Allow) C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x2.exe
FirewallRules: [TCP Query User{B5A0C5A7-3171-4A3E-BD5C-D85CECAAEA52}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [UDP Query User{941EBA13-30EB-4A5E-9F69-77B354F7DCFC}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [TCP Query User{4228E08D-F8D1-41BE-8582-6A9305E396A1}C:\program files (x86)\voobly\voobly.exe] => (Allow) C:\program files (x86)\voobly\voobly.exe
FirewallRules: [UDP Query User{BF516944-921E-455B-97A1-297B66461948}C:\program files (x86)\voobly\voobly.exe] => (Allow) C:\program files (x86)\voobly\voobly.exe
FirewallRules: [{9D2B2EE2-9A95-49AE-97DC-B096BBEDDBF6}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{0AA0215A-E361-4497-B674-D132141C2B8A}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{F86C7526-1C2C-451C-AE70-329EBDD35181}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{C4F565F5-1F71-4D5E-8BF6-7E53782A4D04}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [TCP Query User{98AC1056-6902-4888-AABD-47E3D88B374F}C:\program files (x86)\pfportchecker\pfportchecker.exe] => (Allow) C:\program files (x86)\pfportchecker\pfportchecker.exe
FirewallRules: [UDP Query User{406439DB-01F5-4A3D-92EE-F976D1C02679}C:\program files (x86)\pfportchecker\pfportchecker.exe] => (Allow) C:\program files (x86)\pfportchecker\pfportchecker.exe
FirewallRules: [TCP Query User{76EDB886-AFA1-45F5-B6C3-DABC75B2F832}C:\users\markus radosztics\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\markus radosztics\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{B3A31E5A-F91D-4B3F-8ECB-149122830FAE}C:\users\markus radosztics\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\markus radosztics\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{471DD0F4-DC65-4D6F-9944-220D8AAE2262}C:\program files (x86)\tmnationsforever\tmforever.exe] => (Block) C:\program files (x86)\tmnationsforever\tmforever.exe
FirewallRules: [UDP Query User{F2EEED6D-1097-40A9-8B0F-2034AE954873}C:\program files (x86)\tmnationsforever\tmforever.exe] => (Block) C:\program files (x86)\tmnationsforever\tmforever.exe
FirewallRules: [{B11663E4-AA0D-4BE8-86B1-E07B2DCA81A5}] => (Allow) C:\Users\Markus Radosztics\AppData\Local\Temp\7zS2B4B\HPDiagnosticCoreUI.exe
FirewallRules: [{9370E132-F236-4946-8725-87645974FD3E}] => (Allow) C:\Users\Markus Radosztics\AppData\Local\Temp\7zS2B4B\HPDiagnosticCoreUI.exe
FirewallRules: [{34094EED-F640-4601-B570-997DA2FCD630}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{E13BCE5A-E3F0-4D84-BE81-CA2514BC3A14}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{E98DA5B0-04D8-404E-9F9B-98FBD50FD112}] => (Allow) D:\Games\SteamApps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{8FB00592-0A35-4679-98F6-052FD8EA12C8}] => (Allow) D:\Games\SteamApps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{BDF8133B-B8E0-4115-9794-5A4226F38864}] => (Allow) D:\Games\bin\steamwebhelper.exe
FirewallRules: [{A81B79DD-9911-496B-82B9-8317A01E931E}] => (Allow) D:\Games\bin\steamwebhelper.exe
FirewallRules: [{59098536-8438-43D4-B99D-AE669B33324A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{83B3AAA4-C887-4561-978A-177EFCCBFCDB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{AC199BC7-F718-46E8-924A-1D3831C398FE}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{2D95A1B7-46BE-4D45-A9A3-B2F0674F83D9}] => (Allow) C:\Users\Markus Radosztics\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{C4988FEE-7109-4D13-8577-35831011D7ED}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{878D66FB-642F-4002-B78C-3264D6DED797}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{3411AC9F-C963-45A6-A56A-05BEDB0254D8}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{53E3F4FD-DA25-4C0A-8DFD-9D2C8CA5E0BC}] => (Allow) D:\Program Files (x86)\Origin Games\FIFA Manager 14\Manager14.exe
FirewallRules: [{82B4783A-8699-47D1-BBA1-07D499887559}] => (Allow) D:\Program Files (x86)\Origin Games\FIFA Manager 14\Manager14.exe
FirewallRules: [{6CDCCD7F-3CF7-4301-850E-0B8EF70A4345}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{37E7E30E-52A5-4CBD-9F23-48EF1B0928C7}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{2EF957BD-D2FA-4B61-A4AD-D802CCCBD1B0}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{70F202A2-6861-46DC-AC68-B0CEEEA52A10}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{3904D36F-AD19-400E-8D2B-A015A7AA6AAD}] => (Allow) D:\Games\SteamApps\common\Dishonored\Binaries\Win32\Dishonored.exe
FirewallRules: [{C02C5DA9-4129-4ACB-B503-3CFA0A6D8BFB}] => (Allow) D:\Games\SteamApps\common\Dishonored\Binaries\Win32\Dishonored.exe
FirewallRules: [{54948370-F857-4C29-AA8A-111C8711AFCD}] => (Allow) D:\Games\SteamApps\common\Thief\Binaries\Win64\Shipping-ThiefGame.exe
FirewallRules: [{7313EE1C-3056-4590-A330-0AA9C2246B85}] => (Allow) D:\Games\SteamApps\common\Thief\Binaries\Win64\Shipping-ThiefGame.exe
FirewallRules: [{DEB8EC5C-4039-43F2-854D-4C7236AD9770}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{337B17F3-F1FA-40D6-A5A0-3D0F7C52A67B}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{C75380E9-70C2-4E4F-BB03-34F3191BB24A}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{0D44F898-7D3B-448E-B8BF-50359D5D446B}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{337AC53C-A509-490F-8588-7A52F23A62EC}] => (Allow) D:\Games\bin\farcry3.exe
FirewallRules: [{9F022CF2-123B-4803-BA37-BE5FD2512EAC}] => (Allow) D:\Games\bin\farcry3.exe
FirewallRules: [{AF5516BA-BAFF-4B49-B43D-11054FDB085B}] => (Allow) D:\Games\bin\farcry3_d3d11.exe
FirewallRules: [{ABC098A1-31A1-4BBC-9D58-72B06297CA2B}] => (Allow) D:\Games\bin\farcry3_d3d11.exe
FirewallRules: [{8BC0DD0D-4478-46E4-A629-E0F26340005A}] => (Allow) D:\Games\bin\FC3Updater.exe
FirewallRules: [{26F0BABC-3AD8-4FCE-9C5A-59495B4F9A9A}] => (Allow) D:\Games\bin\FC3Updater.exe
FirewallRules: [{459E580B-97E5-46D3-A83D-622BE01EAE3C}] => (Allow) D:\Games\bin\FC3Editor.exe
FirewallRules: [{33FCF5B1-CCDB-40F0-A064-9993F2146E5E}] => (Allow) D:\Games\bin\FC3Editor.exe
FirewallRules: [{FE03F8C3-998F-4BEE-92F6-07220EBD4C41}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{E58573E7-278D-49C3-9377-55D2A756BB7C}] => (Allow) C:\Program Files (x86)\A1 Servicecenter\A1 Servicecenter\A1Servicecenter.exe
FirewallRules: [{CC6B6AC3-6EC3-4985-9C28-DEB844794FA4}] => (Allow) C:\Program Files (x86)\A1 Servicecenter\A1 Servicecenter\A1Servicecenter.exe
FirewallRules: [{E1585497-8F14-4028-9351-3F71332DBD8B}] => (Allow) C:\Program Files (x86)\A1 Servicecenter\A1 Breitband\A1Breitband.exe
FirewallRules: [{897820FC-81EB-4296-AD9D-545E5C30FB6C}] => (Allow) C:\Program Files (x86)\A1 Servicecenter\A1 Breitband\A1Breitband.exe
FirewallRules: [{C6FE6463-91FA-4545-BBBE-D08780263350}] => (Allow) C:\Program Files (x86)\A1 Servicecenter\A1 Servicecenter\A1Modemkonfigurator.exe
FirewallRules: [{4C04A79B-DF5F-48F8-BDE8-0CCEB0EF54CA}] => (Allow) C:\Program Files (x86)\A1 Servicecenter\A1 Servicecenter\A1Modemkonfigurator.exe
FirewallRules: [{C02090B6-F2BC-4240-8F51-57B0A148C73B}] => (Allow) C:\Program Files (x86)\A1 Servicecenter\A1 Servicecenter\A1WLANAssistent.exe
FirewallRules: [{5712DE55-B263-4979-8998-8336248192FF}] => (Allow) C:\Program Files (x86)\A1 Servicecenter\A1 Servicecenter\A1WLANAssistent.exe
FirewallRules: [{88803B51-2B5C-4DCF-A0A5-BCAFE5F03484}] => (Allow) C:\Program Files (x86)\A1 Servicecenter\A1 Bandbreiten-Optimierer\A1_Bandbreiten_Optimierer.exe
FirewallRules: [{6DA6EC79-C986-4EB9-9C97-2649E777D4BD}] => (Allow) C:\Program Files (x86)\A1 Servicecenter\A1 Bandbreiten-Optimierer\A1_Bandbreiten_Optimierer.exe
FirewallRules: [{208386AA-6AC6-4959-944A-AA02966D49FB}] => (Allow) C:\Program Files (x86)\A1 Servicecenter\A1 Bandbreiten-Optimierer\A1_Bandbreiten_Optimierer.exe
FirewallRules: [{90E13911-2650-4F9D-AA8F-B369FE9F5668}] => (Allow) C:\Program Files (x86)\A1 Servicecenter\A1 Bandbreiten-Optimierer\A1_Bandbreiten_Optimierer.exe
FirewallRules: [{0CC7B285-2DB0-4469-ACDD-76A0D5D242ED}] => (Allow) C:\Program Files (x86)\A1 Servicecenter\A1 Servicecenter\A1Servicecenter_Launcher.exe
FirewallRules: [{2255FA6E-0604-45B7-9D7C-7EF982323510}] => (Allow) C:\Program Files (x86)\A1 Servicecenter\A1 Servicecenter\A1Servicecenter_Launcher.exe
FirewallRules: [{D198254A-A587-4F02-B0A3-B701338561B2}] => (Allow) C:\Program Files (x86)\A1 Servicecenter\A1 Servicecenter\A1Servicecenter_Repair.exe
FirewallRules: [{633F22E1-49A4-4C86-AD85-EA0D349F3C7B}] => (Allow) C:\Program Files (x86)\A1 Servicecenter\A1 Servicecenter\A1Servicecenter_Repair.exe
FirewallRules: [{D6A5A135-01CA-4AF7-8B5A-C433E30CB3BF}] => (Allow) C:\Program Files (x86)\A1 Servicecenter\A1 Update\M2Updater.exe
FirewallRules: [{23ED350D-714D-4D8E-9E86-D91203F8B97C}] => (Allow) C:\Program Files (x86)\A1 Servicecenter\A1 Update\M2Updater.exe

==================== Faulty Device Manager Devices =============

Name: Netzwerkcontroller
Description: Netzwerkcontroller
Class Guid: 
Manufacturer: 
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/07/2015 06:11:02 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {28b6839d-8f37-4f8c-9e91-dc2b3dbab7a8}

Error: (06/07/2015 06:00:21 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"1". Fehler in Manifest- oder Richtliniendatei "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"2" in Zeile  UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (06/07/2015 11:02:56 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"1". Fehler in Manifest- oder Richtliniendatei "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"2" in Zeile  UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (06/06/2015 05:27:33 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {4772b657-4d24-4ef0-8451-33e2eda424e1}

Error: (06/06/2015 05:15:21 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"1". Fehler in Manifest- oder Richtliniendatei "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"2" in Zeile  UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (06/06/2015 05:08:23 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"1". Fehler in Manifest- oder Richtliniendatei "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"2" in Zeile  UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (06/06/2015 11:45:56 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"1". Fehler in Manifest- oder Richtliniendatei "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"2" in Zeile  UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (06/04/2015 09:20:55 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"1". Fehler in Manifest- oder Richtliniendatei "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"2" in Zeile  UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (06/04/2015 09:06:59 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"1". Fehler in Manifest- oder Richtliniendatei "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"2" in Zeile  UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (06/04/2015 06:22:32 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"1". Fehler in Manifest- oder Richtliniendatei "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"2" in Zeile  UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.


System errors:
=============
Error: (06/07/2015 06:11:05 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Search Protect Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 20000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (06/07/2015 06:00:06 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureCommand" aufgrund folgenden Fehlers fehlgeschlagen: 
%%5

Error: (06/07/2015 06:00:05 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "Start" aufgrund folgenden Fehlers fehlgeschlagen: 
%%5

Error: (06/07/2015 11:14:53 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Update Mega Browse" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (06/07/2015 11:12:57 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Search Protect Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 20000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (06/07/2015 10:37:33 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (06/07/2015 10:37:33 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.

Error: (06/06/2015 05:27:36 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Search Protect Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 20000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (06/06/2015 00:16:43 PM) (Source: DCOM) (EventID: 10010) (User: WAUT0001)
Description: {9E6E74C7-0E85-4D14-8851-7635E2C1C528}

Error: (06/06/2015 00:16:13 PM) (Source: DCOM) (EventID: 10010) (User: WAUT0001)
Description: {9E6E74C7-0E85-4D14-8851-7635E2C1C528}


Microsoft Office:
=========================
Error: (06/07/2015 06:11:02 PM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005, Zugriff verweigert


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {28b6839d-8f37-4f8c-9e91-dc2b3dbab7a8}

Error: (06/07/2015 06:00:21 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0"c:\program files (x86)\microsoft office\Office15\lync.exe.Manifestc:\program files (x86)\microsoft office\Office15\UccApi.DLL1

Error: (06/07/2015 11:02:56 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0"c:\program files (x86)\microsoft office\Office15\lync.exe.Manifestc:\program files (x86)\microsoft office\Office15\UccApi.DLL1

Error: (06/06/2015 05:27:33 PM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005, Zugriff verweigert


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {4772b657-4d24-4ef0-8451-33e2eda424e1}

Error: (06/06/2015 05:15:21 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0"c:\program files (x86)\microsoft office\Office15\lync.exe.Manifestc:\program files (x86)\microsoft office\Office15\UccApi.DLL1

Error: (06/06/2015 05:08:23 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0"c:\program files (x86)\microsoft office\Office15\lync.exe.Manifestc:\program files (x86)\microsoft office\Office15\UccApi.DLL1

Error: (06/06/2015 11:45:56 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0"c:\program files (x86)\microsoft office\Office15\lync.exe.Manifestc:\program files (x86)\microsoft office\Office15\UccApi.DLL1

Error: (06/04/2015 09:20:55 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0"c:\program files (x86)\microsoft office\Office15\lync.exe.Manifestc:\program files (x86)\microsoft office\Office15\UccApi.DLL1

Error: (06/04/2015 09:06:59 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0"c:\program files (x86)\microsoft office\Office15\lync.exe.Manifestc:\program files (x86)\microsoft office\Office15\UccApi.DLL1

Error: (06/04/2015 06:22:32 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0"c:\program files (x86)\microsoft office\Office15\lync.exe.Manifestc:\program files (x86)\microsoft office\Office15\UccApi.DLL1


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-4430 CPU @ 3.00GHz
Percentage of memory in use: 39%
Total physical RAM: 8130 MB
Available physical RAM: 4888.51 MB
Total Pagefile: 9346 MB
Available Pagefile: 5247.66 MB
Total Virtual: 8192 MB
Available Virtual: 8191.75 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:111.45 GB) (Free:5.92 GB) NTFS
Drive d: (Daten) (Fixed) (Total:931.51 GB) (Free:740.43 GB) NTFS
Drive h: (32_00_00) (Fixed) (Total:298.02 GB) (Free:209.5 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 2A03BD70)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.4 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 2A03BD6D)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (MBR Code: Windows XP) (Size: 298.1 GB) (Disk ID: 3E1EBD07)
Partition 1: (Active) - (Size=298.1 GB) - (Type=0C)

==================== End of log ============================
         
--- --- ---

Alt 07.06.2015, 20:35   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Ständig öffnen sich neue Internet-Fenster - Standard

Ständig öffnen sich neue Internet-Fenster



hi,

Lade Dir bitte von hier Revo Uninstaller Download Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
  • Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
  • Klicke auf Optionen und wähle als Sprache Deutsch.
  • Suche im Uninstallerfeld nach den Programmen:

    SaveSense

    SaveSense

    Wajam


  • Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
  • Wähle anschließend den Modus "Moderat" aus.
  • Reste löschen:
    Klicke auf dann auf und dann auf .

 




Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________

__________________

Alt 07.06.2015, 21:23   #3
Don_Camillo
 
Ständig öffnen sich neue Internet-Fenster - Standard

Ständig öffnen sich neue Internet-Fenster



Hier ist die mbam.txt Datei:

Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 07.06.2015
Suchlauf-Zeit: 21:52:21
Logdatei: mbam.txt
Administrator: Ja

Version: 2.01.6.1022
Malware Datenbank: v2015.06.07.05
Rootkit Datenbank: v2015.06.02.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 8
CPU: x64
Dateisystem: NTFS
Benutzer: Markus Radosztics

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 375349
Verstrichene Zeit: 9 Min, 8 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 2
PUP.Optional.IePluginService.A, C:\ProgramData\IePluginService\PluginService.exe, 1476, Löschen bei Neustart, [ebf6eccb593170c63c76dbb114edaa56]
PUP.Optional.MixVideoPlayer.A, C:\Program Files (x86)\MixVideoPlayer\BrowserWeb.exe, 6152, Löschen bei Neustart, [8b564176a6e4e353dda043ad7f843ac6]

Module: 4
PUP.Optional.SaveSence.A, C:\Program Files (x86)\SaveSense\SaveSenseIE.dll, Löschen bei Neustart, [10d107b01d6d57dfef14d4927294e31d], 
PUP.Optional.SaveSence.A, C:\Program Files (x86)\SaveSense\SaveSenseIE.dll, Löschen bei Neustart, [10d107b01d6d57dfef14d4927294e31d], 
PUP.Optional.SaveSence.A, C:\Program Files (x86)\SaveSense\SaveSenseIE.dll, Löschen bei Neustart, [10d107b01d6d57dfef14d4927294e31d], 
PUP.Optional.SaveSence.A, C:\Program Files (x86)\SaveSense\SaveSenseIE.dll, Löschen bei Neustart, [10d107b01d6d57dfef14d4927294e31d], 

Registrierungsschlüssel: 135
PUP.Optional.IePluginService.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\IePluginService, In Quarantäne, [ebf6eccb593170c63c76dbb114edaa56], 
PUP.Optional.SaveSence.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{0f21b1e5-5afc-43c9-9c66-515046e92ec2}, In Quarantäne, [10d107b01d6d57dfef14d4927294e31d], 
PUP.Optional.SaveSence.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{0F21B1E5-5AFC-43C9-9C66-515046E92EC2}, In Quarantäne, [10d107b01d6d57dfef14d4927294e31d], 
PUP.Optional.SaveSence.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{0F21B1E5-5AFC-43C9-9C66-515046E92EC2}, In Quarantäne, [10d107b01d6d57dfef14d4927294e31d], 
PUP.Optional.SaveSence.A, HKU\S-1-5-21-817472733-4082136947-4255886928-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{0F21B1E5-5AFC-43C9-9C66-515046E92EC2}, In Quarantäne, [10d107b01d6d57dfef14d4927294e31d], 
PUP.Optional.SaveSence.A, HKU\S-1-5-21-817472733-4082136947-4255886928-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{0F21B1E5-5AFC-43C9-9C66-515046E92EC2}, In Quarantäne, [10d107b01d6d57dfef14d4927294e31d], 
PUP.Optional.SaveSense.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\savesenselive, In Quarantäne, [ac356d4a2c5ebf77df2bc7dce71a768a], 
PUP.Optional.SaveSense.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\savesenselivem, In Quarantäne, [ac356d4a2c5ebf77df2bc7dce71a768a], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SAVESENSELIVE.EXE, In Quarantäne, [ac356d4a2c5ebf77df2bc7dce71a768a], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SAVESENSELIVE.EXE, In Quarantäne, [ac356d4a2c5ebf77df2bc7dce71a768a], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\APPID\{A2D3FB7A-6873-45E8-AF96-57092D721828}, In Quarantäne, [657c1f98becc56e0379ec1aa8d76956b], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.OnDemandCOMClassSvc, In Quarantäne, [657c1f98becc56e0379ec1aa8d76956b], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.OnDemandCOMClassSvc.1.0, In Quarantäne, [657c1f98becc56e0379ec1aa8d76956b], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.OnDemandCOMClassSvc, In Quarantäne, [657c1f98becc56e0379ec1aa8d76956b], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.OnDemandCOMClassSvc.1.0, In Quarantäne, [657c1f98becc56e0379ec1aa8d76956b], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\SaveSenseLiveUpdate.OnDemandCOMClassSvc, In Quarantäne, [657c1f98becc56e0379ec1aa8d76956b], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\SaveSenseLiveUpdate.OnDemandCOMClassSvc.1.0, In Quarantäne, [657c1f98becc56e0379ec1aa8d76956b], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{A2D3FB7A-6873-45E8-AF96-57092D721828}, In Quarantäne, [657c1f98becc56e0379ec1aa8d76956b], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\{A2D3FB7A-6873-45E8-AF96-57092D721828}, In Quarantäne, [657c1f98becc56e0379ec1aa8d76956b], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{A2D3FB7A-6873-45E8-AF96-57092D721828}, In Quarantäne, [657c1f98becc56e0379ec1aa8d76956b], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{A2D3FB7A-6873-45E8-AF96-57092D721828}, In Quarantäne, [657c1f98becc56e0379ec1aa8d76956b], 
PUP.Optional.Wajam.A, HKLM\SOFTWARE\CLASSES\APPID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}, In Quarantäne, [9150f6c1b6d402348947cfd1e22138c8], 
PUP.Optional.Wajam.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}, In Quarantäne, [9150f6c1b6d402348947cfd1e22138c8], 
PUP.Optional.Wajam.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}, In Quarantäne, [9150f6c1b6d402348947cfd1e22138c8], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{D40753C7-8A59-4C1F-BE88-C300F4624D5B}, In Quarantäne, [786917a00882db5bdc287927d52efa06], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{C292AD0A-C11F-479B-B8DB-743E72D283B0}, In Quarantäne, [786917a00882db5bdc287927d52efa06], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{C292AD0A-C11F-479B-B8DB-743E72D283B0}, In Quarantäne, [786917a00882db5bdc287927d52efa06], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{C292AD0A-C11F-479B-B8DB-743E72D283B0}, In Quarantäne, [786917a00882db5bdc287927d52efa06], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\esrv.mysearchdialESrvc.1, In Quarantäne, [786917a00882db5bdc287927d52efa06], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\esrv.mysearchdialESrvc, In Quarantäne, [786917a00882db5bdc287927d52efa06], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\esrv.mysearchdialESrvc, In Quarantäne, [786917a00882db5bdc287927d52efa06], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\esrv.mysearchdialESrvc, In Quarantäne, [786917a00882db5bdc287927d52efa06], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\esrv.mysearchdialESrvc.1, In Quarantäne, [786917a00882db5bdc287927d52efa06], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\esrv.mysearchdialESrvc.1, In Quarantäne, [786917a00882db5bdc287927d52efa06], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{D40753C7-8A59-4C1F-BE88-C300F4624D5B}, In Quarantäne, [786917a00882db5bdc287927d52efa06], 
PUP.Optional.Snapdo.T, HKU\S-1-5-21-817472733-4082136947-4255886928-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{006ee092-9658-4fd6-bd8e-a21a348e59f5}, In Quarantäne, [d50ca90e7218013583fb2380e1228080], 
PUP.Optional.Snapdo.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{006EE092-9658-4FD6-BD8E-A21A348E59F5}, In Quarantäne, [d50ca90e7218013583fb2380e1228080], 
PUP.Optional.SearchProtect.A, HKU\S-1-5-21-817472733-4082136947-4255886928-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}, In Quarantäne, [637ed8dfe9a150e6f9d0264029da5fa1], 
PUP.Optional.SearchProtect.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}, In Quarantäne, [637ed8dfe9a150e6f9d0264029da5fa1], 
PUP.Optional.MySearchDial.A, HKU\S-1-5-21-817472733-4082136947-4255886928-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}, In Quarantäne, [ab365b5ca1e92e080ebcfe68669d7b85], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}, In Quarantäne, [ab365b5ca1e92e080ebcfe68669d7b85], 
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, In Quarantäne, [71703c7b4644fc3a42db5c0fc73c50b0], 
PUP.Optional.MixVideoPlayer.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\MixVideoPlayer, In Quarantäne, [8b564176a6e4e353dda043ad7f843ac6], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLive.OneClickCtrl.9, In Quarantäne, [5c85b3042f5b7abcf80e2d2f4db816ea], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLive.OneClickProcessLauncherMachine, In Quarantäne, [f0f11d9a6e1c52e4b94dc89441c4718f], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLive.OneClickProcessLauncherMachine.1.0, In Quarantäne, [02dfa51293f753e3f90d3c200df8e020], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLive.Update3WebControl.3, In Quarantäne, [637e1c9b117963d39b6bb6a661a446ba], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.CoCreateAsync, In Quarantäne, [a041f0c7375353e32bdbc39965a00bf5], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.CoCreateAsync.1.0, In Quarantäne, [e6fb9c1b7f0b14220cfaa1bbc0455fa1], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.CoreClass, In Quarantäne, [fbe6cee90c7e01354abcf765e22328d8], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.CoreClass.1, In Quarantäne, [934e8334206ae05636d0cf8d877ec13f], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.CoreMachineClass, In Quarantäne, [dd0476410c7e47effd09d686b1545ba5], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.CoreMachineClass.1, In Quarantäne, [6f723483701a0333ee182c305baa6b95], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.CredentialDialogMachine, In Quarantäne, [0bd6fbbc117993a354b2d884a2633dc3], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.CredentialDialogMachine.1.0, In Quarantäne, [fde44a6d9cee5dd961a5d78591743dc3], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.OnDemandCOMClassMachine, In Quarantäne, [dc0591262c5e5ed8bf479bc1d72eb749], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.OnDemandCOMClassMachine.1.0, In Quarantäne, [dc05308748421e18778ff864887dce32], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.OnDemandCOMClassMachineFallback, In Quarantäne, [3da4467193f7f93d00062c3049bccf31], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.OnDemandCOMClassMachineFallback.1.0, In Quarantäne, [d30ee6d1e1a982b455b1530937ce25db], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.ProcessLauncher, In Quarantäne, [f2efb403e7a30e281aeccc903cc9bb45], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.ProcessLauncher.1.0, In Quarantäne, [3aa75562dcaeec4af70f0854e025629e], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.Update3COMClassService, In Quarantäne, [4b964077e4a6092d818526368a7be719], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.Update3COMClassService.1.0, In Quarantäne, [a33ec7f0d8b20e28b0569dbf7a8b47b9], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.Update3WebMachine, In Quarantäne, [1cc5d1e6f4964cea28de95c758adc040], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.Update3WebMachine.1.0, In Quarantäne, [eaf709ae286282b4ba4c005c0df8c23e], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.Update3WebMachineFallback, In Quarantäne, [8859496ebbcf3402e32387d512f3936d], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.Update3WebMachineFallback.1.0, In Quarantäne, [b82955625b2f45f13acc421a38cdff01], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.Update3WebSvc, In Quarantäne, [b72ae3d4a3e76cca8e787ddf1de8cd33], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.Update3WebSvc.1.0, In Quarantäne, [ac355a5de4a6a69051b54517808503fd], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\APPID\SaveSenseLive.exe, In Quarantäne, [eff2edca49414de943c2401c58ad53ad], 
PUP.Optional.MixVideoPlayer.A, HKLM\SOFTWARE\CLASSES\APPLICATIONS\MixVideoPlayer.exe, In Quarantäne, [f9e8d9de11791b1b1fa4700f9e678e72], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\SaveSenseLive.exe, In Quarantäne, [dc059621c5c56ec848bd1e3e3bca9b65], 
PUP.Optional.MixVideoPlayer.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPLICATIONS\MixVideoPlayer.exe, In Quarantäne, [f9e8655295f586b0a320dba4b84de020], 
PUP.Optional.Trovi.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\LAYERS\VC32LDR  , In Quarantäne, [fee3a71099f165d1be318ff5e520857b], 
PUP.Optional.SearchProtect, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\INSTALLEDSDB\{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}, In Quarantäne, [c1205f5896f40e282bea88e829dc7a86], 
PUP.Optional.SearchProtect, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\INSTALLEDSDB\{cf2797aa-b7ec-e311-8ed9-005056c00008}, In Quarantäne, [01e04176464421153dd72848ce3714ec], 
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\DealPlyLive, In Quarantäne, [39a8585f8cfe69cdd9f15fef7e87fd03], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\MySearchDial, In Quarantäne, [01e05e59a0eab87eb522a1cad5303ec2], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\SaveSenseLive, In Quarantäne, [8a57e7d0c0cacc6a7992f66659ac06fa], 
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\supWPM, In Quarantäne, [469b0fa8acde3df91eb722eb48bcc33d], 
PUP.Optional.SweetPage.A, HKLM\SOFTWARE\WOW6432NODE\sweet-pageSoftware, In Quarantäne, [7170ad0ac4c658de14a8b8a9f114f30d], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLive.OneClickCtrl.9, In Quarantäne, [449d8a2d187212246e984e0ec44120e0], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLive.OneClickProcessLauncherMachine, In Quarantäne, [459c288f236780b6679f283413f2a15f], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLive.OneClickProcessLauncherMachine.1.0, In Quarantäne, [2cb5dfd898f2c57118ee91cbaa5b4bb5], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLive.Update3WebControl.3, In Quarantäne, [e8f914a34a400135a561fa623acbe61a], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.CoCreateAsync, In Quarantäne, [1ec3783f58322a0cf70fbaa2bd48e11f], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.CoCreateAsync.1.0, In Quarantäne, [28b9c3f40b7fe2543dc9db81f70ed729], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.CoreClass, In Quarantäne, [3ea3eacd7515d75f0402114b9d68c13f], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.CoreClass.1, In Quarantäne, [3ba63c7b76143600a95df26a2ed75ea2], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.CoreMachineClass, In Quarantäne, [12cf209797f3bc7a54b23d1fab5a24dc], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.CoreMachineClass.1, In Quarantäne, [d50ca80f622873c36a9c5408a75e30d0], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.CredentialDialogMachine, In Quarantäne, [647d5f5877133ef87f87025a7f86a858], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.CredentialDialogMachine.1.0, In Quarantäne, [1fc25f580684b680d4321745e0250bf5], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.OnDemandCOMClassMachine, In Quarantäne, [11d0c2f54f3b77bfa85e48146c99c23e], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.OnDemandCOMClassMachine.1.0, In Quarantäne, [0ed3bafd3852f640c44286d632d37c84], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.OnDemandCOMClassMachineFallback, In Quarantäne, [865be5d2b7d3c2749274c9938283639d], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.OnDemandCOMClassMachineFallback.1.0, In Quarantäne, [9c45a90e79114fe742c4c59729dcdb25], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.ProcessLauncher, In Quarantäne, [469b496ec5c556e0d135471512f30cf4], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.ProcessLauncher.1.0, In Quarantäne, [6f72397eb6d4b086ae585309b64f8c74], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.Update3COMClassService, In Quarantäne, [6a77199e3159251185812e2ef114c43c], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.Update3COMClassService.1.0, In Quarantäne, [1cc52b8c6e1c6ccaf313bba127de916f], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.Update3WebMachine, In Quarantäne, [8d54f3c4a0ea38fe0cfa8ad2ef160cf4], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.Update3WebMachine.1.0, In Quarantäne, [8f529e194e3cd95dbf47124acf36ec14], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.Update3WebMachineFallback, In Quarantäne, [a53c892ee7a359dd65a1a9b373928c74], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.Update3WebMachineFallback.1.0, In Quarantäne, [875a9621d0baf244798d2834f80d17e9], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.Update3WebSvc, In Quarantäne, [32af288f2862251151b50f4ddf26ff01], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.Update3WebSvc.1.0, In Quarantäne, [459c4d6a0c7e082e7a8c3725778ebc44], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\SaveSenseLive.exe, In Quarantäne, [746d80378dfd4aec9075e17b6d9816ea], 
PUP.Optional.MixVideoPlayer.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPLICATIONS\MixVideoPlayer.exe, In Quarantäne, [28b9f7c07e0c7abcd5eecdb2f015a858], 
PUP.Optional.SweetPage.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, In Quarantäne, [32afcdea4a40c86ee8070877a0653cc4], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLAPLUGINS\@tools.updaterss.com/SaveSenseLive Update;version=3, In Quarantäne, [845db9fea4e62d09e029a6b635d05ea2], 
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLAPLUGINS\@tools.updaterss.com/SaveSenseLive Update;version=9, In Quarantäne, [b9285a5de5a584b2bc4d481449bc06fa], 
PUP.Optional.SearchProtect.A, HKLM\SOFTWARE\WOW6432NODE\SEARCHPROTECT, In Quarantäne, [1dc440771872b87ea2363bdd22e2ef11], 
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\SUPTAB, In Quarantäne, [08d97c3bcfbb76c0ca0af61755af7f81], 
PUP.Optional.MegaBrowse.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Update Mega Browse, In Quarantäne, [e2ff387fc7c3171f3714a58a669eb947], 
PUP.Optional.IEPluginServices.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\IePluginService, In Quarantäne, [10d19a1d53373501f6dd43bd22e2ce32], 
PUP.Optional.SaveSense.A, HKU\S-1-5-21-817472733-4082136947-4255886928-1001\SOFTWARE\SaveSenseLive, In Quarantäne, [6180a611f49682b41aee9ebe6b9a22de], 
PUP.Optional.InstallCore.A, HKU\S-1-5-21-817472733-4082136947-4255886928-1001\SOFTWARE\INSTALLCORE\1I1T1Q1S, In Quarantäne, [5b863c7be6a4b383586624134eb6d32d], 
PUP.Optional.InstallCore.A, HKU\S-1-5-21-817472733-4082136947-4255886928-1001\SOFTWARE\INSTALLCORE, In Quarantäne, [be23645358324ee898dbba9324e1af51], 
PUP.Optional.Trovi.C, HKU\S-1-5-21-817472733-4082136947-4255886928-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{015DB5FA-EAFB-4592-A95B-F44D3EE87FA9}, In Quarantäne, [b22f1b9cc0ca6bcbc013f789986d15eb], 
PUP.Optional.OptimizerPro.A, HKU\S-1-5-21-817472733-4082136947-4255886928-1001\SOFTWARE\OPTIMIZER PRO, In Quarantäne, [d011387fb1d98da9d744c8bc02039b65], 
PUP.Optional.SaveSense, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{A18D16ED-27B2-4B83-B70C-15E73F099546}, In Quarantäne, [38a91c9b315967cfbca08f27bf44de22], 
PUP.Optional.SaveSense, HKLM\SOFTWARE\CLASSES\WOW6432NODE\SaveSenseLive.OneClickCtrl.9, In Quarantäne, [38a91c9b315967cfbca08f27bf44de22], 
PUP.Optional.SaveSense, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{A18D16ED-27B2-4B83-B70C-15E73F099546}, In Quarantäne, [38a91c9b315967cfbca08f27bf44de22], 
PUP.Optional.SaveSense, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A18D16ED-27B2-4B83-B70C-15E73F099546}, In Quarantäne, [38a91c9b315967cfbca08f27bf44de22], 
PUP.Optional.SaveSense, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{A18D16ED-27B2-4B83-B70C-15E73F099546}, In Quarantäne, [38a91c9b315967cfbca08f27bf44de22], 
PUP.Optional.SaveSense, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{BEE7E029-5037-4DAD-A2DB-82E397AB1A44}, In Quarantäne, [38a91c9b315967cfbca08f27bf44de22], 
PUP.Optional.SaveSense, HKLM\SOFTWARE\CLASSES\WOW6432NODE\SaveSenseLive.Update3WebControl.3, In Quarantäne, [38a91c9b315967cfbca08f27bf44de22], 
PUP.Optional.SaveSense, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{BEE7E029-5037-4DAD-A2DB-82E397AB1A44}, In Quarantäne, [38a91c9b315967cfbca08f27bf44de22], 
PUP.Optional.SaveSense, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{BEE7E029-5037-4DAD-A2DB-82E397AB1A44}, In Quarantäne, [38a91c9b315967cfbca08f27bf44de22], 
PUP.Optional.SaveSense, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{BEE7E029-5037-4DAD-A2DB-82E397AB1A44}, In Quarantäne, [38a91c9b315967cfbca08f27bf44de22], 
PUP.Optional.SaveSense, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{998745A3-2AE4-488D-8092-B98FB20A00C2}, In Quarantäne, [38a91c9b315967cfbca08f27bf44de22], 
PUP.Optional.SaveSense, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{998745A3-2AE4-488D-8092-B98FB20A00C2}, In Quarantäne, [38a91c9b315967cfbca08f27bf44de22], 
PUP.Optional.SaveSense, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{C1424421-D274-491E-9D47-11C8D8CB5F9A}, In Quarantäne, [38a91c9b315967cfbca08f27bf44de22], 
PUP.Optional.SaveSense, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{C1424421-D274-491E-9D47-11C8D8CB5F9A}, In Quarantäne, [38a91c9b315967cfbca08f27bf44de22], 

Registrierungswerte: 24
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}|URL, hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=md_14_12_ie&cd=2XzuyEtN2Y1L1Qzu0A0CtBtBtD0BzztC0B0A0CyEyEtA0AyCtN0D0Tzu0SzztCtAtN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StD0FyE0BtByCyBzytGtCzztAyEtGtCzzzy0AtGyC0C0E0EtGtAtCtBtAyDtB0E0FyB0F0D0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyCtA0E0AyEyByCyDtGyD0FtAtDtG0D0C0F0AtGyEyCtA0EtGyD0FyDtDyEyDzz0B0AtC0AtB2Q&cr=875512666&ir=, In Quarantäne, [5f8222956624a09687a447a5798ac33d]
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}|TopResultURLFallback, hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=md_14_12_ie&cd=2XzuyEtN2Y1L1Qzu0A0CtBtBtD0BzztC0B0A0CyEyEtA0AyCtN0D0Tzu0SzztCtAtN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StD0FyE0BtByCyBzytGtCzztAyEtGtCzzzy0AtGyC0C0E0EtGtAtCtBtAyDtB0E0FyB0F0D0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyCtA0E0AyEyByCyDtGyD0FtAtDtG0D0C0F0AtGyEyCtA0EtGyD0FyDtDyEyDzz0B0AtC0AtB2Q&cr=875512666&ir=, In Quarantäne, [717003b45337ef47d15a5e8ed82b649c]
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}|FaviconPath, C:\Program Files (x86)\Mysearchdial\1.8.29.0\FavIcon.ico, In Quarantäne, [03de4b6cbfcbcd69bf6c6686a2615da3]
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}, Mysearchdial, In Quarantäne, [726f02b50b7f65d1111a5993e023ad53]
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}|DisplayName, Mysearchdial, In Quarantäne, [3ea38d2a28622313032814d8af548977]
PUP.Optional.SmartBar, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{ae07101b-46d4-4a98-af68-0333ea26e113}, Smartbar, In Quarantäne, [2fb211a6345657df4f55ae5e16ee1ee2]
PUP.Optional.Trovi.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\chrome.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130781477547992729, In Quarantäne, [12cfc8efdbaf280e6e808ef6699cdc24]
PUP.Optional.Trovi.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\explorer.xxx|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130781477547992729, In Quarantäne, [3ea316a12c5e1a1c56981e6619ec8d73]
PUP.Optional.Trovi.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\firefox.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130781477547992729, In Quarantäne, [d0114671d2b8c472b638691be124ef11]
PUP.Optional.Trovi.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\iexplore.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130781477547992729, In Quarantäne, [f5ec0aad701a77bfae4063210ff609f7]
PUP.Optional.Trovi.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\software_removal_tool.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130781477547992729, In Quarantäne, [db06a413850577bf519d95ef53b2bf41]
PUP.Optional.Trovi.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\software_reporter_tool.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130781477547992729, In Quarantäne, [36abebcc82084ee84aa44e3632d3ca36]
PUP.Optional.Trovi.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\LAYERS\VC32Ldr  |{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130781477547992729, In Quarantäne, [fee3a71099f165d1be318ff5e520857b]
PUP.Optional.SweetPage.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|DisplayName, sweet-page, In Quarantäne, [32afcdea4a40c86ee8070877a0653cc4]
PUP.Optional.SweetPage.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|URL, hxxp://www.sweet-page.com/web/?type=ds&ts=1395606017&from=cor&uid=SamsungXSSDX840XEVOX120GB_S1D5NEAD869028B&q={searchTerms}, In Quarantäne, [58893e791f6b77bf24cb2d525ea77e82]
PUP.Optional.SmartBar, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{ae07101b-46d4-4a98-af68-0333ea26e113}, Smartbar, In Quarantäne, [f2ef09ae1e6ca0964361ab61c73d27d9]
PUP.Optional.MixVideoPlayer.A, HKLM\SOFTWARE\WOW6432NODE\MIXVIDEOPLAYER\MIXVIDEOPLAYER|InstallDir, C:\Program Files (x86)\MixVideoPlayer, In Quarantäne, [3ba617a099f1d660c467559609fa56aa]
PUP.Optional.SearchProtect.A, HKLM\SOFTWARE\WOW6432NODE\SEARCHPROTECT|InstallDir, C:\PROGRA~2\SearchProtect, In Quarantäne, [1dc440771872b87ea2363bdd22e2ef11]
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\SUPTAB|ptid, cor, In Quarantäne, [08d97c3bcfbb76c0ca0af61755af7f81]
PUP.Optional.InstallCore.A, HKU\S-1-5-21-817472733-4082136947-4255886928-1001\SOFTWARE\INSTALLCORE|tb, 0A2O0R1R1H2Z1S1G0H1F, In Quarantäne, [be23645358324ee898dbba9324e1af51]
PUP.Optional.SafeFinder.A, HKU\S-1-5-21-817472733-4082136947-4255886928-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{006ee092-9658-4fd6-bd8e-a21a348e59f5}|URL, hxxp://feed.safefinder.com/?p=mKO_AwFzXIpYRa8ldwnKG51HJOT1XRoA82gVkpDLIiC3wcwpHk-WqC1bzyn3YxBa73w29Svyvo4TTBuSWsKEzeobwGR3nR4rh_fHxD6ZxvQieOHH4BGGDXsewe6uYXAlQzgR4K59MYXI1HKkHX7GsRjv8D_x-2q9639bHsAF6DHshBcEDcFqxQuOPqrndIrOf2p8Jnw,&q={searchTerms}, In Quarantäne, [2bb6a5122b5fdf57a969b6cf35d018e8]
PUP.Optional.Conduit.A, HKU\S-1-5-21-817472733-4082136947-4255886928-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}|URL, hxxp://search.conduit.com/Results.aspx?ctid=CT3318001&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SP6E6C84DB-CC83-40C6-9AF4-059B58FE78D9&q={searchTerms}&SSPV=, In Quarantäne, [a63bdfd84644e5510f9f7775aa59966a]
PUP.Optional.Conduit.A, HKU\S-1-5-21-817472733-4082136947-4255886928-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}|SuggestionsURL_JSON, hxxp://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms}, In Quarantäne, [835edadddbaf2c0aac02658714efc43c]
PUP.Optional.OptimizerPro.A, HKU\S-1-5-21-817472733-4082136947-4255886928-1001\SOFTWARE\OPTIMIZER PRO|AdsBuyNowURL, hxxp://www.safeshopgate.com/r?s=121001227&g=4FE29D14-99E7-746A-B3BD-A3BDA96EFF03, In Quarantäne, [d011387fb1d98da9d744c8bc02039b65]

Registrierungsdaten: 11
PUP.Optional.SweetPage.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, hxxp://www.sweet-page.com/web/?type=ds&ts=1395606017&from=cor&uid=SamsungXSSDX840XEVOX120GB_S1D5NEAD869028B&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.sweet-page.com/web/?type=ds&ts=1395606017&from=cor&uid=SamsungXSSDX840XEVOX120GB_S1D5NEAD869028B&q={searchTerms}),Ersetzt,[2db4bcfbe2a8fb3b91783009778ff10f]
PUP.Optional.SweetPage.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, hxxp://www.sweet-page.com/web/?type=ds&ts=1395606017&from=cor&uid=SamsungXSSDX840XEVOX120GB_S1D5NEAD869028B&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.sweet-page.com/web/?type=ds&ts=1395606017&from=cor&uid=SamsungXSSDX840XEVOX120GB_S1D5NEAD869028B&q={searchTerms}),Ersetzt,[1fc201b6dcae7fb79d6c192066a0837d]
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Gut: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Schlecht: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Ersetzt,[6e73d7e08ffb5adcab047cbc2fd747b9]
PUP.Optional.SweetPage.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, hxxp://www.sweet-page.com/web/?type=ds&ts=1395606017&from=cor&uid=SamsungXSSDX840XEVOX120GB_S1D5NEAD869028B&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.sweet-page.com/web/?type=ds&ts=1395606017&from=cor&uid=SamsungXSSDX840XEVOX120GB_S1D5NEAD869028B&q={searchTerms}),Ersetzt,[9c45aa0d5c2e1323b5540b2ecc3a3ac6]
PUP.Optional.SweetPage.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, hxxp://www.sweet-page.com/web/?type=ds&ts=1395606017&from=cor&uid=SamsungXSSDX840XEVOX120GB_S1D5NEAD869028B&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.sweet-page.com/web/?type=ds&ts=1395606017&from=cor&uid=SamsungXSSDX840XEVOX120GB_S1D5NEAD869028B&q={searchTerms}),Ersetzt,[746d882f5a3096a05cad85b4e91df60a]
PUP.Optional.SafeFinder.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|Default, hxxp://feed.safefinder.com/?p=mKO_AwFzXIpYRa8ldwnKG51HJOT1XRoA82gVkpDLIiC3wcwpHk-WqC1bzyn3YxBa73w29Svyvo4TTBuSWsKEzeobwGR3nR4rh_fHxD6ZxvQieOHH4BGGDXsewe6uYXAlQzgR4K59MYXI1HKkHX7GsRjv8D_x-2q9639bHsAF6DHshBcEClCUC6FiecqhhVzb4FeQc3s,&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://feed.safefinder.com/?p=mKO_AwFzXIpYRa8ldwnKG51HJOT1XRoA82gVkpDLIiC3wcwpHk-WqC1bzyn3YxBa73w29Svyvo4TTBuSWsKEzeobwGR3nR4rh_fHxD6ZxvQieOHH4BGGDXsewe6uYXAlQzgR4K59MYXI1HKkHX7GsRjv8D_x-2q9639bHsAF6DHshBcEClCUC6FiecqhhVzb4FeQc3s,&q={searchTerms}),Ersetzt,[8160bdfa8bfff244ef3e9d919c6a5ba5]
PUP.Optional.SafeFinder.A, HKU\S-1-5-21-817472733-4082136947-4255886928-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, hxxp://feed.safefinder.com/?p=mKO_AwFzXIpYRa8ldwnKG51HJOT1XRoA82gVkpDLIiC3wcwpHk-WqC1bzyn3YxBa73w29Svyvo4TTBuSWsKEzeobwGR3nR4rh_fHxD6ZxvQieOHH4BGGDXsewe6uYXAlQzgR4K59MYXI1HKkHX7GsRjv8D_x-2q9639bHsAF6DHshBcEDcFqxQuOPqrndIrOf2p8Jnw,&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://feed.safefinder.com/?p=mKO_AwFzXIpYRa8ldwnKG51HJOT1XRoA82gVkpDLIiC3wcwpHk-WqC1bzyn3YxBa73w29Svyvo4TTBuSWsKEzeobwGR3nR4rh_fHxD6ZxvQieOHH4BGGDXsewe6uYXAlQzgR4K59MYXI1HKkHX7GsRjv8D_x-2q9639bHsAF6DHshBcEDcFqxQuOPqrndIrOf2p8Jnw,&q={searchTerms}),Ersetzt,[0bd6625596f4f4427cadb678e5214fb1]
PUP.Optional.SafeFinder.A, HKU\S-1-5-21-817472733-4082136947-4255886928-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Bar, hxxp://feed.safefinder.com/?p=mKO_AwFzXIpYRa8ldwnKG51HJOT1XRoA82gVkpDLIiC3wcwpHk-WqC1bzyn3YxBa73w29Svyvo4TTBuSWsKEzeobwGR3nR4rh_fHxD6ZxvQieOHH4BGGDXsewe6uYXAlQzgR4K59MYXI1HKkHX7GsRjv8D_x-2q9639bHsAF6DHshBcEDcFqxQuOPqrndIrOf2p8Jnw,&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://feed.safefinder.com/?p=mKO_AwFzXIpYRa8ldwnKG51HJOT1XRoA82gVkpDLIiC3wcwpHk-WqC1bzyn3YxBa73w29Svyvo4TTBuSWsKEzeobwGR3nR4rh_fHxD6ZxvQieOHH4BGGDXsewe6uYXAlQzgR4K59MYXI1HKkHX7GsRjv8D_x-2q9639bHsAF6DHshBcEDcFqxQuOPqrndIrOf2p8Jnw,&q={searchTerms}),Ersetzt,[5e83892e8cfe2610ca5f2c02030310f0]
PUP.Optional.SafeFinder.A, HKU\S-1-5-21-817472733-4082136947-4255886928-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|Default_Search_URL, hxxp://feed.safefinder.com/?p=mKO_AwFzXIpYRa8ldwnKG51HJOT1XRoA82gVkpDLIiC3wcwpHk-WqC1bzyn3YxBa73w29Svyvo4TTBuSWsKEzeobwGR3nR4rh_fHxD6ZxvQieOHH4BGGDXsewe6uYXAlQzgR4K59MYXI1HKkHX7GsRjv8D_x-2q9639bHsAF6DHshBcEDcFqxQuOPqrndIrOf2p8Jnw,&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://feed.safefinder.com/?p=mKO_AwFzXIpYRa8ldwnKG51HJOT1XRoA82gVkpDLIiC3wcwpHk-WqC1bzyn3YxBa73w29Svyvo4TTBuSWsKEzeobwGR3nR4rh_fHxD6ZxvQieOHH4BGGDXsewe6uYXAlQzgR4K59MYXI1HKkHX7GsRjv8D_x-2q9639bHsAF6DHshBcEDcFqxQuOPqrndIrOf2p8Jnw,&q={searchTerms}),Ersetzt,[6e73684ffd8d3ef8e24a032b14f2b24e]
PUP.Optional.SafeFinder.A, HKU\S-1-5-21-817472733-4082136947-4255886928-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|SearchAssistant, hxxp://feed.safefinder.com/?p=mKO_AwFzXIpYRa8ldwnKG51HJOT1XRoA82gVkpDLIiC3wcwpHk-WqC1bzyn3YxBa73w29Svyvo4TTBuSWsKEzeobwGR3nR4rh_fHxD6ZxvQieOHH4BGGDXsewe6uYXAlQzgR4K59MYXI1HKkHX7GsRjv8D_x-2q9639bHsAF6DHshBcEDcFqxQuOPqrndIrOf2p8Jnw,&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://feed.safefinder.com/?p=mKO_AwFzXIpYRa8ldwnKG51HJOT1XRoA82gVkpDLIiC3wcwpHk-WqC1bzyn3YxBa73w29Svyvo4TTBuSWsKEzeobwGR3nR4rh_fHxD6ZxvQieOHH4BGGDXsewe6uYXAlQzgR4K59MYXI1HKkHX7GsRjv8D_x-2q9639bHsAF6DHshBcEDcFqxQuOPqrndIrOf2p8Jnw,&q={searchTerms}),Ersetzt,[6f72ae091f6b67cfb17b929cec1ac13f]
PUP.Optional.SafeFinder.A, HKU\S-1-5-21-817472733-4082136947-4255886928-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|Default, hxxp://feed.safefinder.com/?p=mKO_AwFzXIpYRa8ldwnKG51HJOT1XRoA82gVkpDLIiC3wcwpHk-WqC1bzyn3YxBa73w29Svyvo4TTBuSWsKEzeobwGR3nR4rh_fHxD6ZxvQieOHH4BGGDXsewe6uYXAlQzgR4K59MYXI1HKkHX7GsRjv8D_x-2q9639bHsAF6DHshBcEDcFqxQuOPqrndIrOf2p8Jnw,&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://feed.safefinder.com/?p=mKO_AwFzXIpYRa8ldwnKG51HJOT1XRoA82gVkpDLIiC3wcwpHk-WqC1bzyn3YxBa73w29Svyvo4TTBuSWsKEzeobwGR3nR4rh_fHxD6ZxvQieOHH4BGGDXsewe6uYXAlQzgR4K59MYXI1HKkHX7GsRjv8D_x-2q9639bHsAF6DHshBcEDcFqxQuOPqrndIrOf2p8Jnw,&q={searchTerms}),Ersetzt,[8a570daa2466bb7b032b5bd32fd732ce]

Ordner: 99
PUP.Optional.MixVideoPlayer.A, C:\Program Files (x86)\MixVideoPlayer, Löschen bei Neustart, [8b564176a6e4e353dda043ad7f843ac6], 
PUP.Optional.MixVideoPlayer.A, C:\Program Files (x86)\MixVideoPlayer\Controls, In Quarantäne, [8b564176a6e4e353dda043ad7f843ac6], 
PUP.Optional.MixVideoPlayer.A, C:\Program Files (x86)\MixVideoPlayer\Languages, In Quarantäne, [8b564176a6e4e353dda043ad7f843ac6], 
PUP.Optional.MixVideoPlayer.A, C:\Program Files (x86)\MixVideoPlayer\references, In Quarantäne, [8b564176a6e4e353dda043ad7f843ac6], 
PUP.Optional.MixVideoPlayer.A, C:\Program Files (x86)\MixVideoPlayer\Windows, In Quarantäne, [8b564176a6e4e353dda043ad7f843ac6], 
PUP.Optional.MixVideoPlayer.A, C:\Users\Markus Radosztics\AppData\Local\mixvideoplayer, In Quarantäne, [d908af085634171ffb836789ef14d729], 
PUP.Optional.MixVideoPlayer.A, C:\Users\Markus Radosztics\AppData\Local\mixvideoplayer\config, In Quarantäne, [d908af085634171ffb836789ef14d729], 
PUP.Optional.MixVideoPlayer.A, C:\Users\Markus Radosztics\AppData\Local\mixvideoplayer\Playlists, In Quarantäne, [d908af085634171ffb836789ef14d729], 
PUP.Optional.MixVideoPlayer.A, C:\Users\Markus Radosztics\AppData\Local\mixvideoplayer\Snap, In Quarantäne, [d908af085634171ffb836789ef14d729], 
PUP.Optional.MixVideoPlayer.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MixVideoPlayer, In Quarantäne, [5b86d4e3d0bac571c3bcc42c2bd84cb4], 
PUP.Optional.OptimizerPro.A, C:\Users\Markus Radosztics\Documents\Optimizer Pro, In Quarantäne, [16cbdadd9befb87ec75288fc887d45bb], 
Rogue.Multiple, C:\ProgramData\374311380, In Quarantäne, [756c87303a500d29eab1bee7e41f15eb], 
PUP.Optional.OpenCandy, C:\Users\Markus Radosztics\AppData\Roaming\OpenCandy, In Quarantäne, [20c1fbbcf29888ae8e8de1d421e204fc], 
PUP.Optional.OpenCandy, C:\Users\Markus Radosztics\AppData\Roaming\OpenCandy\2AE3CB6986E04F24BC389040D6619E8F, In Quarantäne, [20c1fbbcf29888ae8e8de1d421e204fc], 
PUP.Optional.OpenCandy, C:\Users\Markus Radosztics\AppData\Roaming\OpenCandy\376A26ACD3B849E88589C0F850D16F2D, In Quarantäne, [20c1fbbcf29888ae8e8de1d421e204fc], 
PUP.Optional.OpenCandy, C:\Users\Markus Radosztics\AppData\Roaming\OpenCandy\395634E0C13D4FDAB6EA5AF2DC58519B, In Quarantäne, [20c1fbbcf29888ae8e8de1d421e204fc], 
PUP.Optional.OpenCandy, C:\Users\Markus Radosztics\AppData\Roaming\OpenCandy\8E7543031D134DB6907DB008C12E2D3B, In Quarantäne, [20c1fbbcf29888ae8e8de1d421e204fc], 
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSense, Löschen bei Neustart, [9a47288fc4c68aac1249f9bdce354cb4], 
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive, In Quarantäne, [38a91c9b315967cfbca08f27bf44de22], 
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\CrashReports, In Quarantäne, [38a91c9b315967cfbca08f27bf44de22], 
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update, In Quarantäne, [38a91c9b315967cfbca08f27bf44de22], 
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0, In Quarantäne, [38a91c9b315967cfbca08f27bf44de22], 
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\Download, In Quarantäne, [38a91c9b315967cfbca08f27bf44de22], 
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\Install, In Quarantäne, [38a91c9b315967cfbca08f27bf44de22], 
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\Offline, In Quarantäne, [38a91c9b315967cfbca08f27bf44de22], 
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\Offline\{6E2EB843-FB57-4BB6-B365-717A7DA51945}, In Quarantäne, [38a91c9b315967cfbca08f27bf44de22], 
PUP.Optional.SaveSense, C:\ProgramData\SaveSenseLive, In Quarantäne, [469b2790bcce50e6500d288e35cef60a], 
PUP.Optional.SaveSense, C:\ProgramData\SaveSenseLive\Update, In Quarantäne, [469b2790bcce50e6500d288e35cef60a], 
PUP.Optional.SaveSense, C:\ProgramData\SaveSenseLive\Update\Log, In Quarantäne, [469b2790bcce50e6500d288e35cef60a], 
PUP.Optional.SaveSense, C:\Users\Markus Radosztics\AppData\Roaming\SaveSense, In Quarantäne, [934e9027d7b35adc6ef0189e54af9d63], 
PUP.Optional.SaveSense.A, C:\Users\Markus Radosztics\AppData\Local\SaveSenseLive, In Quarantäne, [dd04bef9523871c5ff63b0065fa45fa1], 
PUP.Optional.SaveSense.A, C:\Users\Markus Radosztics\AppData\Local\SaveSenseLive\CrashReports, In Quarantäne, [dd04bef9523871c5ff63b0065fa45fa1], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect\bin, In Quarantäne, [855c15a2e9a1f4427814645256ad40c0], 
PUP.Optional.IePluginService.A, C:\ProgramData\IePluginService, Löschen bei Neustart, [746d13a48a0038fedd932b8cff045ba5], 
PUP.Optional.IePluginService.A, C:\ProgramData\IePluginService\update, In Quarantäne, [746d13a48a0038fedd932b8cff045ba5], 
PUP.Optional.MySearchDial.A, C:\Users\Markus Radosztics\AppData\LocalLow\MySearchDial, In Quarantäne, [9c45daddef9bda5c7bb2cbed8c77b34d], 
PUP.Optional.MySearchDial.A, C:\Users\Markus Radosztics\AppData\LocalLow\MySearchDial\mysearchdial, In Quarantäne, [9c45daddef9bda5c7bb2cbed8c77b34d], 
PUP.Optional.SaveSense.A, C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\extensions\{8b337819-d1e8-48d3-8178-168ae8c99c36}, In Quarantäne, [4c957d3a7d0d2a0c9e7e1f9be12211ef], 
PUP.Optional.SaveSense.A, C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\extensions\{8b337819-d1e8-48d3-8178-168ae8c99c36}\content, In Quarantäne, [4c957d3a7d0d2a0c9e7e1f9be12211ef], 
PUP.Optional.SaveSense.A, C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\extensions\{8b337819-d1e8-48d3-8178-168ae8c99c36}\content\images, In Quarantäne, [4c957d3a7d0d2a0c9e7e1f9be12211ef], 
PUP.Optional.SaveSense.A, C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\extensions\{8b337819-d1e8-48d3-8178-168ae8c99c36}\defaults, In Quarantäne, [4c957d3a7d0d2a0c9e7e1f9be12211ef], 
PUP.Optional.SaveSense.A, C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\extensions\{8b337819-d1e8-48d3-8178-168ae8c99c36}\defaults\preferences, In Quarantäne, [4c957d3a7d0d2a0c9e7e1f9be12211ef], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect1813781, In Quarantäne, [538e1c9b216968cef55fd4e61ee5b947], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect1813781\Main, In Quarantäne, [538e1c9b216968cef55fd4e61ee5b947], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect1813781\Main\bin, In Quarantäne, [538e1c9b216968cef55fd4e61ee5b947], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect1813781\Main\Logs, In Quarantäne, [538e1c9b216968cef55fd4e61ee5b947], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect1813781\Main\rep, In Quarantäne, [538e1c9b216968cef55fd4e61ee5b947], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect1813781\SearchProtect, In Quarantäne, [538e1c9b216968cef55fd4e61ee5b947], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect1813781\SearchProtect\bin, In Quarantäne, [538e1c9b216968cef55fd4e61ee5b947], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect1813781\SearchProtect\Logs, In Quarantäne, [538e1c9b216968cef55fd4e61ee5b947], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect1813781\SearchProtect\rep, In Quarantäne, [538e1c9b216968cef55fd4e61ee5b947], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect1813781\UI, In Quarantäne, [538e1c9b216968cef55fd4e61ee5b947], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect1813781\UI\bin, In Quarantäne, [538e1c9b216968cef55fd4e61ee5b947], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect1813781\UI\dialogs, In Quarantäne, [538e1c9b216968cef55fd4e61ee5b947], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect1813781\UI\dialogs\bubble, In Quarantäne, [538e1c9b216968cef55fd4e61ee5b947], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect1813781\UI\dialogs\Images, In Quarantäne, [538e1c9b216968cef55fd4e61ee5b947], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect1813781\UI\dialogs\libs, In Quarantäne, [538e1c9b216968cef55fd4e61ee5b947], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect1813781\UI\dialogs\protection, In Quarantäne, [538e1c9b216968cef55fd4e61ee5b947], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect1813781\UI\dialogs\protectionDS, In Quarantäne, [538e1c9b216968cef55fd4e61ee5b947], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect1813781\UI\dialogs\settings, In Quarantäne, [538e1c9b216968cef55fd4e61ee5b947], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect1813781\UI\dialogs\uninstall, In Quarantäne, [538e1c9b216968cef55fd4e61ee5b947], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect1813781\UI\rep, In Quarantäne, [538e1c9b216968cef55fd4e61ee5b947], 
PUP.Optional.SearchProtect.A, C:\Users\Markus Radosztics\AppData\Local\SearchProtect, In Quarantäne, [c71af4c33456b1854c3a398d25de21df], 
PUP.Optional.SearchProtect.A, C:\Users\Markus Radosztics\AppData\Local\SearchProtect\SearchProtect, In Quarantäne, [c71af4c33456b1854c3a398d25de21df], 
PUP.Optional.SearchProtect.A, C:\Users\Markus Radosztics\AppData\Local\SearchProtect\SearchProtect\rep, In Quarantäne, [c71af4c33456b1854c3a398d25de21df], 
PUP.Optional.SearchProtect.A, C:\Users\Markus Radosztics\AppData\Local\SearchProtect\SearchProtect\STG, In Quarantäne, [c71af4c33456b1854c3a398d25de21df], 
PUP.Optional.SearchProtect.A, C:\Users\Markus Radosztics\AppData\Local\SearchProtect\UI, In Quarantäne, [c71af4c33456b1854c3a398d25de21df], 
PUP.Optional.SearchProtect.A, C:\Users\Markus Radosztics\AppData\Local\SearchProtect\UI\rep, In Quarantäne, [c71af4c33456b1854c3a398d25de21df], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab, In Quarantäne, [02df45721971d165b814b21935ceb24e], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web, In Quarantäne, [02df45721971d165b814b21935ceb24e], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img, In Quarantäne, [02df45721971d165b814b21935ceb24e], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\weather, In Quarantäne, [02df45721971d165b814b21935ceb24e], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js, In Quarantäne, [02df45721971d165b814b21935ceb24e], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales, In Quarantäne, [02df45721971d165b814b21935ceb24e], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\en-US, In Quarantäne, [02df45721971d165b814b21935ceb24e], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\es-419, In Quarantäne, [02df45721971d165b814b21935ceb24e], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\es-ES, In Quarantäne, [02df45721971d165b814b21935ceb24e], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-BE, In Quarantäne, [02df45721971d165b814b21935ceb24e], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-CA, In Quarantäne, [02df45721971d165b814b21935ceb24e], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-CH, In Quarantäne, [02df45721971d165b814b21935ceb24e], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-FR, In Quarantäne, [02df45721971d165b814b21935ceb24e], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-LU, In Quarantäne, [02df45721971d165b814b21935ceb24e], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\it-CH, In Quarantäne, [02df45721971d165b814b21935ceb24e], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\it-IT, In Quarantäne, [02df45721971d165b814b21935ceb24e], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pl, In Quarantäne, [02df45721971d165b814b21935ceb24e], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pt, In Quarantäne, [02df45721971d165b814b21935ceb24e], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pt-BR, In Quarantäne, [02df45721971d165b814b21935ceb24e], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\ru, In Quarantäne, [02df45721971d165b814b21935ceb24e], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\ru-MO, In Quarantäne, [02df45721971d165b814b21935ceb24e], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\tr-TR, In Quarantäne, [02df45721971d165b814b21935ceb24e], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\vi-VI, In Quarantäne, [02df45721971d165b814b21935ceb24e], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\zh-CN, In Quarantäne, [02df45721971d165b814b21935ceb24e], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\zh-TW, In Quarantäne, [02df45721971d165b814b21935ceb24e], 
PUP.Optional.SupTab.A, C:\Users\Markus Radosztics\AppData\Roaming\SupTab, In Quarantäne, [6c752c8b93f796a0ae1fb912d82bee12], 
PUP.Optional.SweetPage.A, C:\Users\Markus Radosztics\AppData\Roaming\sweet-page, In Quarantäne, [ecf5b1065535270fbe4f0dc446bdf20e], 
PUP.Optional.SweetPage.A, C:\Users\Markus Radosztics\AppData\Roaming\sweet-page\images, In Quarantäne, [ecf5b1065535270fbe4f0dc446bdf20e], 
PUP.Optional.SearchProtect.A, C:\Users\Markus Radosztics\AppData\Local\avabvbyvyc, In Quarantäne, [ae33cbec3b4fd4620b78637eed1639c7], 
PUP.Optional.MixVideoPlayer.A, C:\Users\Markus Radosztics\AppData\Local\com\MixVideoPlayer.exe_Url_0uxwaewrhelcgghll0o5cintgfcbqdxr, In Quarantäne, [a63b7e393753a6900b32bc28a45f12ee], 
PUP.Optional.MixVideoPlayer.A, C:\Users\Markus Radosztics\AppData\Local\com\MixVideoPlayer.exe_Url_0uxwaewrhelcgghll0o5cintgfcbqdxr\1.0.0.18, In Quarantäne, [a63b7e393753a6900b32bc28a45f12ee], 

Dateien: 413
PUP.Optional.IePluginService.A, C:\ProgramData\IePluginService\PluginService.exe, Löschen bei Neustart, [ebf6eccb593170c63c76dbb114edaa56], 
PUP.Optional.SaveSence.A, C:\Program Files (x86)\SaveSense\SaveSenseIE.dll, Löschen bei Neustart, [10d107b01d6d57dfef14d4927294e31d], 
PUP.Optional.SaveSense.A, C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe, In Quarantäne, [ac356d4a2c5ebf77df2bc7dce71a768a], 
PUP.Optional.OpenCandy.A, C:\Users\Markus Radosztics\AppData\Roaming\OpenCandy\2AE3CB6986E04F24BC389040D6619E8F\dlm.exe, In Quarantäne, [c918a413c2c8bc7a2ffc540247ba926e], 
PUP.Optional.OpenCandy.A, C:\Users\Markus Radosztics\AppData\Roaming\OpenCandy\376A26ACD3B849E88589C0F850D16F2D\dlm.exe, In Quarantäne, [7a674275721879bd67c40c4a649de21e], 
PUP.Optional.SaveSense.A, C:\Users\Markus Radosztics\AppData\Roaming\OpenCandy\395634E0C13D4FDAB6EA5AF2DC58519B\sas.exe, In Quarantäne, [598884335139003650f6ccadc33e09f7], 
PUP.Optional.Amonetize, C:\Users\Markus Radosztics\AppData\Roaming\OpenCandy\8E7543031D134DB6907DB008C12E2D3B\WS_p4v2_2CB2.exe, In Quarantäne, [865bddda0783171f722931a4f90c4db3], 
PUP.Optional.Conduit.A, C:\Users\Markus Radosztics\AppData\Roaming\RHEng\39EEDE05FA12487FA24E75ADC163EF43\sp-downloader.exe, In Quarantäne, [c120ac0bf5952313fa6fa5aec8394cb4], 
PUP.Optional.SupTab.A, C:\Users\Markus Radosztics\AppData\Roaming\SupTab\SupTab.dll, In Quarantäne, [6180dbdcc7c33303b3ec89ae7090bd43], 
PUP.Optional.MixVideoPlayer.A, C:\Program Files (x86)\MixVideoPlayer\FrameworkControl.exe, In Quarantäne, [885906b17f0bb58148c0bfb1ad53f808], 
PUP.Optional.MixVideoPlayer.A, C:\Program Files (x86)\MixVideoPlayer\MixVideoPlayer.exe, In Quarantäne, [b72a2691c7c305310ff9cfa1ec140ff1], 
PUP.Optional.SaveSense.A, C:\Program Files (x86)\SaveSense\SaveSenseUpdateVer.exe, In Quarantäne, [954c2592d9b13afc1a4b49ebc63a9b65], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\SupTab.dll, In Quarantäne, [99488136eb9fed494956a097dc2419e7], 
PUP.Optional.MixVideoPlayer.A, C:\Users\Markus Radosztics\AppData\Local\Temp\NewUpdate.exe, In Quarantäne, [6a77cfe80d7da69038d0da963cc4738d], 
PUP.Optional.MixVideoPlayer.A, C:\Users\Markus Radosztics\AppData\Local\Temp\ced932e3-4cee-48f2-917d-5042c629de52\mixvideoplayersetup.exe, In Quarantäne, [a8393582157581b565a38de3eb1515eb], 
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsaF947.exe, In Quarantäne, [1fc2f9be107a4de987b2ca966c957d83], 
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsaFBD9.exe, In Quarantäne, [8c55ad0abcce66d06ccd87d9c63ba45c], 
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsd4AE0.exe, In Quarantäne, [f9e8b7008bffbc7acb6edc8406fb22de], 
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsfED9D.exe, In Quarantäne, [3fa28b2c0486290dc277164a4ab725db], 
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nshDA27.exe, In Quarantäne, [48993b7cb1d96dc9ef4a96ca2ad7df21], 
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nshDA28.exe, In Quarantäne, [49987e39fe8cd16533066cf4bd44b54b], 
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsjECA5.exe, In Quarantäne, [b829783fb6d4e74fa6933e22e02104fc], 
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsa2A29.exe, In Quarantäne, [08d97a3d1c6ec6709d9c1c444cb53fc1], 
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsrD32F.exe, In Quarantäne, [20c1bdfa52383105ab8e87d98180f40c], 
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsrD330.exe, In Quarantäne, [e4fd12a5c8c2f4426dccef7128d936ca], 
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsrE67C.exe, In Quarantäne, [7c65496e296102346bcec59bac55d729], 
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsrFEA8.exe, In Quarantäne, [4a9731866e1c3afc5fda00606d94e719], 
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nssD63C.exe, In Quarantäne, [7869e7d01c6ede58e950312fbf4246ba], 
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nssD63D.exe, In Quarantäne, [6a77189f8a00360064d557098c7524dc], 
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nssE93B.exe, In Quarantäne, [3aa7d5e28cfeae88d663fe62de23cc34], 
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsuEC96.exe, In Quarantäne, [bd247245206a5fd78baeff61738ed22e], 
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsw1DAA.exe, In Quarantäne, [2cb5882fa0ea05316fcab5aba65bc13f], 
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsx2D1C.exe, In Quarantäne, [578a2493a6e45cda3dfc8ad639c8b44c], 
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsz153.exe, In Quarantäne, [944ddaddc4c66ec80d2cdd83946d4db3], 
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsz154.exe, In Quarantäne, [0fd26d4ac7c384b244f59cc4679adb25], 
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nskE967.exe, In Quarantäne, [3aa7783faedc78be2c0d70f026dbc43c], 
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsl1DB9.exe, In Quarantäne, [974a09aebad080b6ea4f66faa1600ff1], 
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsl2A1E.exe, In Quarantäne, [ad347e39652584b2ff3a90d0827f17e9], 
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nslFC44.exe, In Quarantäne, [954c0bac3e4c69cde7529fc127da8a76], 
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsm93EF.exe, In Quarantäne, [18c9684f23671620fb3e66fa649d728e], 
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nso8B83.exe, In Quarantäne, [538e912698f25adc0b2e055b9f62b848], 
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsqED8E.exe, In Quarantäne, [61801c9bc8c2ff3799a0144c56ab738d], 
PUP.Optional.SearchProtect, C:\Users\Markus Radosztics\AppData\Local\avabvbyvyc\avabvbyvyc.exe, In Quarantäne, [578a7d3a1e6c7db91ed79d833cc6827e], 
PUP.Optional.SearchProtect.A, C:\Users\Markus Radosztics\AppData\Local\avabvbyvyc\pbqrmvbub, In Quarantäne, [6d7442751179fa3cbb9acef45da46c94], 
PUP.Optional.SearchProtect.A, C:\Windows\apppatch\apppatch64\VCLdr64.dll, Löschen bei Neustart, [ba276e49ff8ba29413427949a45da35d], 
PUP.Optional.SearchProtect.A, C:\Windows\apppatch\apppatch64\VCLdr64.dll_1418713833489, In Quarantäne, [bd24c7f0ff8b7eb8fa5b02c027dad52b], 
PUP.Optional.SearchProtect.A, C:\Windows\apppatch\apppatch64\VCLdr64.dll_1419939361820, In Quarantäne, [59883c7b266449ed3520a31fec15f20e], 
PUP.Optional.SearchProtect.A, C:\Windows\apppatch\apppatch64\VCLdr64.dll_1420710112968, In Quarantäne, [627fc8efdcae43f30055ecd6a55c41bf], 
PUP.Optional.SearchProtect.A, C:\Windows\apppatch\apppatch64\VCLdr64.dll_1422907104182, In Quarantäne, [4e936a4d0d7d40f69abb546ebf4248b8], 
PUP.Optional.SearchProtect.A, C:\Windows\apppatch\apppatch64\VCLdr64.dll_1427049670352, In Quarantäne, [e6fbf0c715751d19cd887b4738c9af51], 
PUP.Optional.SearchProtect.A, C:\Windows\apppatch\apppatch64\VCLdr64.dll_1428231098860, In Quarantäne, [5a8720975a30ef475ff6e7dbf30e6e92], 
PUP.Optional.SearchProtect.A, C:\Windows\apppatch\apppatch64\VCLdr64.dll_1430647134300, In Quarantäne, [a04162555139e056c78e3191db267d83], 
PUP.Optional.SearchProtect.A, C:\Windows\apppatch\apppatch64\VCLdr64.dll_1432045676604, In Quarantäne, [11d00daa08822511f75eead836cbf30d], 
PUP.Optional.SearchProtect.A, C:\Windows\apppatch\apppatch64\VCLdr64.dll_1433272921983, In Quarantäne, [40a1496e2862d462d184833faf52cb35], 
PUP.Optional.SearchProtect.A, C:\Windows\apppatch\nbin\VC32Loader.dll, In Quarantäne, [b62b24938efce353f56049793bc6639d], 
PUP.Optional.MixVideoPlayer.A, C:\Windows\System32\Tasks\MixVideoPlayer Update, In Quarantäne, [3aa78136157593a31960a246bb486f91], 
PUP.Optional.Trovi.A, C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\searchplugins\trovi.xml, In Quarantäne, [944d892ef892bb7b3bfca748709327d9], 
PUP.Optional.MixVideoPlayer.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\WebBrowserMixVideoPlayer.lnk, In Quarantäne, [1cc5fcbbf694af87afcc7b7534cfae52], 
PUP.Optional.MixVideoPlayer.A, C:\Users\Markus Radosztics\Desktop\MixVideoPlayer.lnk, In Quarantäne, [627fcdea1a70ab8b314b4fa18e75956b], 
PUP.Optional.MixVideoPlayer.A, C:\Program Files (x86)\MixVideoPlayer\mixvideoplayer.affcode, In Quarantäne, [8b564176a6e4e353dda043ad7f843ac6], 
PUP.Optional.MixVideoPlayer.A, C:\Program Files (x86)\MixVideoPlayer\BrowserWeb.exe, Löschen bei Neustart, [8b564176a6e4e353dda043ad7f843ac6], 
PUP.Optional.MixVideoPlayer.A, C:\Program Files (x86)\MixVideoPlayer\DeleteTasks.exe, In Quarantäne, [8b564176a6e4e353dda043ad7f843ac6], 
PUP.Optional.MixVideoPlayer.A, C:\Program Files (x86)\MixVideoPlayer\dotNetFx40_Full_setup.exe, In Quarantäne, [8b564176a6e4e353dda043ad7f843ac6], 
PUP.Optional.MixVideoPlayer.A, C:\Program Files (x86)\MixVideoPlayer\icon-uninstall.ico, In Quarantäne, [8b564176a6e4e353dda043ad7f843ac6], 
PUP.Optional.MixVideoPlayer.A, C:\Program Files (x86)\MixVideoPlayer\icon.ico, In Quarantäne, [8b564176a6e4e353dda043ad7f843ac6], 
PUP.Optional.MixVideoPlayer.A, C:\Program Files (x86)\MixVideoPlayer\LTV2.exe, In Quarantäne, [8b564176a6e4e353dda043ad7f843ac6], 
PUP.Optional.MixVideoPlayer.A, C:\Program Files (x86)\MixVideoPlayer\LTVNetSdk.dll, In Quarantäne, [8b564176a6e4e353dda043ad7f843ac6], 
PUP.Optional.MixVideoPlayer.A, C:\Program Files (x86)\MixVideoPlayer\Microsoft.Win32.TaskScheduler.dll, In Quarantäne, [8b564176a6e4e353dda043ad7f843ac6], 
PUP.Optional.MixVideoPlayer.A, C:\Program Files (x86)\MixVideoPlayer\mixUpdater.exe, In Quarantäne, [8b564176a6e4e353dda043ad7f843ac6], 
PUP.Optional.MixVideoPlayer.A, C:\Program Files (x86)\MixVideoPlayer\mixvideoplayer.uidnum, In Quarantäne, [8b564176a6e4e353dda043ad7f843ac6], 
PUP.Optional.MixVideoPlayer.A, C:\Program Files (x86)\MixVideoPlayer\Newtonsoft.Json.dll, In Quarantäne, [8b564176a6e4e353dda043ad7f843ac6], 
PUP.Optional.MixVideoPlayer.A, C:\Program Files (x86)\MixVideoPlayer\NLog.dll, In Quarantäne, [8b564176a6e4e353dda043ad7f843ac6], 
PUP.Optional.MixVideoPlayer.A, C:\Program Files (x86)\MixVideoPlayer\PhotoLoader.dll, In Quarantäne, [8b564176a6e4e353dda043ad7f843ac6], 
PUP.Optional.MixVideoPlayer.A, C:\Program Files (x86)\MixVideoPlayer\policy.2.0.taglib-sharp.config, In Quarantäne, [8b564176a6e4e353dda043ad7f843ac6], 
PUP.Optional.MixVideoPlayer.A, C:\Program Files (x86)\MixVideoPlayer\policy.2.0.taglib-sharp.dll, In Quarantäne, [8b564176a6e4e353dda043ad7f843ac6], 
PUP.Optional.MixVideoPlayer.A, C:\Program Files (x86)\MixVideoPlayer\Sider.dll, In Quarantäne, [8b564176a6e4e353dda043ad7f843ac6], 
PUP.Optional.MixVideoPlayer.A, C:\Program Files (x86)\MixVideoPlayer\Snowplow.Tracker.dll, In Quarantäne, [8b564176a6e4e353dda043ad7f843ac6], 
PUP.Optional.MixVideoPlayer.A, C:\Program Files (x86)\MixVideoPlayer\taglib-sharp.dll, In Quarantäne, [8b564176a6e4e353dda043ad7f843ac6], 
PUP.Optional.MixVideoPlayer.A, C:\Program Files (x86)\MixVideoPlayer\uninstall.exe, In Quarantäne, [8b564176a6e4e353dda043ad7f843ac6], 
PUP.Optional.MixVideoPlayer.A, C:\Program Files (x86)\MixVideoPlayer\Controls\ifishplayer-icon2.ico, In Quarantäne, [8b564176a6e4e353dda043ad7f843ac6], 
PUP.Optional.MixVideoPlayer.A, C:\Program Files (x86)\MixVideoPlayer\Controls\Thumbs.db, In Quarantäne, [8b564176a6e4e353dda043ad7f843ac6], 
PUP.Optional.MixVideoPlayer.A, C:\Program Files (x86)\MixVideoPlayer\Languages\Hindi.ini, In Quarantäne, [8b564176a6e4e353dda043ad7f843ac6], 
PUP.Optional.MixVideoPlayer.A, C:\Program Files (x86)\MixVideoPlayer\Languages\Arabic.ini, In Quarantäne, [8b564176a6e4e353dda043ad7f843ac6], 
PUP.Optional.MixVideoPlayer.A, C:\Program Files (x86)\MixVideoPlayer\Languages\Bulgarian.ini, In Quarantäne, [8b564176a6e4e353dda043ad7f843ac6], 
PUP.Optional.MixVideoPlayer.A, C:\Program Files (x86)\MixVideoPlayer\Languages\Catalan.ini, In Quarantäne, [8b564176a6e4e353dda043ad7f843ac6], 
PUP.Optional.MixVideoPlayer.A, C:\Program Files (x86)\MixVideoPlayer\Languages\ChineseS.ini, In Quarantäne, [8b564176a6e4e353dda043ad7f843ac6], 
PUP.Optional.MixVideoPlayer.A, C:\Program Files (x86)\MixVideoPlayer\Languages\ChineseT.ini, In Quarantäne, [8b564176a6e4e353dda043ad7f843ac6], 
PUP.Optional.MixVideoPlayer.A, C:\Program Files (x86)\MixVideoPlayer\Languages\Czech.ini, In Quarantäne, [8b564176a6e4e353dda043ad7f843ac6], 
PUP.Optional.MixVideoPlayer.A, C:\Program Files (x86)\MixVideoPlayer\Languages\Danish.ini, In Quarantäne, [8b564176a6e4e353dda043ad7f843ac6], 
PUP.Optional.MixVideoPlayer.A, C:\Program Files (x86)\MixVideoPlayer\Languages\Dutch.ini, In Quarantäne, [8b564176a6e4e353dda043ad7f843ac6], 
PUP.Optional.MixVideoPlayer.A, C:\Program Files (x86)\MixVideoPlayer\Languages\English.ini, In Quarantäne, [8b564176a6e4e353dda043ad7f843ac6], 
PUP.Optional.MixVideoPlayer.A, C:\Program Files (x86)\MixVideoPlayer\Languages\Estonian.ini, In Quarantäne, [8b564176a6e4e353dda043ad7f843ac6], 
PUP.Optional.MixVideoPlayer.A, C:\Program Files (x86)\MixVideoPlayer\Languages\Finnish.ini, In Quarantäne, [8b564176a6e4e353dda043ad7f843ac6], 
PUP.Optional.MixVideoPlayer.A, C:\Program Files (x86)\MixVideoPlayer\Languages\French.ini, In Quarantäne, [8b564176a6e4e353dda043ad7f843ac6], 
PUP.Optional.MixVideoPlayer.A, C:\Program Files (x86)\MixVideoPlayer\Languages\German.ini, In Quarantäne, [8b564176a6e4e353dda043ad7f843ac6], 
PUP.Optional.MixVideoPlayer.A, C:\Program Files (x86)\MixVideoPlayer\Languages\Greek.ini, In Quarantäne, [8b564176a6e4e353dda043ad7f843ac6], 
PUP.Optional.MixVideoPlayer.A, C:\Program Files (x86)\MixVideoPlayer\Languages\HaitianCreole.ini, In Quarantäne, [8b564176a6e4e353dda043ad7f843ac6], 
PUP.Optional.MixVideoPlayer.A, C:\Program Files (x86)\MixVideoPlayer\Languages\Hebrew.ini, In Quarantäne, [8b564176a6e4e353dda043ad7f843ac6], 
PUP.Optional.MixVideoPlayer.A, C:\Program Files (x86)\MixVideoPlayer\Languages\Hungarian.ini, In Quarantäne, [8b564176a6e4e353dda043ad7f843ac6], 
PUP.Optional.MixVideoPlayer.A, C:\Program Files (x86)\MixVideoPlayer\Languages\Indonesian.ini, In Quarantäne, [8b564176a6e4e353dda043ad7f843ac6], 
PUP.Optional.MixVideoPlayer.A, C:\Program Files (x86)\MixVideoPlayer\Languages\Italian.ini, In Quarantäne, [8b564176a6e4e353dda043ad7f843ac6], 
PUP.Optional.MixVideoPlayer.A, C:\Program Files (x86)\MixVideoPlayer\Languages\Japanese.ini, In Quarantäne, [8b564176a6e4e353dda043ad7f843ac6], 
PUP.Optional.MixVideoPlayer.A, C:\Program Files (x86)\MixVideoPlayer\Languages\Korean.ini, In Quarantäne, [8b564176a6e4e353dda043ad7f843ac6], 
PUP.Optional.MixVideoPlayer.A, C:\Program Files (x86)\MixVideoPlayer\Languages\Latvian.ini, In Quarantäne, [8b564176a6e4e353dda043ad7f843ac6], 
PUP.Optional.MixVideoPlayer.A, C:\Program Files (x86)\MixVideoPlayer\Languages\Lithuanian.ini, In Quarantäne, [8b564176a6e4e353dda043ad7f843ac6], 
PUP.Optional.MixVideoPlayer.A, C:\Program Files (x86)\MixVideoPlayer\Languages\Norwegian.ini, In Quarantäne, [8b564176a6e4e353dda043ad7f843ac6], 
PUP.Optional.MixVideoPlayer.A, C:\Program Files (x86)\MixVideoPlayer\Languages\Polish.ini, In Quarantäne, [8b564176a6e4e353dda043ad7f843ac6], 
PUP.Optional.MixVideoPlayer.A, C:\Program Files (x86)\MixVideoPlayer\Languages\Portuguese.ini, In Quarantäne, [8b564176a6e4e353dda043ad7f843ac6], 
PUP.Optional.MixVideoPlayer.A, C:\Program Files (x86)\MixVideoPlayer\Languages\Romanian.ini, In Quarantäne, [8b564176a6e4e353dda043ad7f843ac6], 
PUP.Optional.MixVideoPlayer.A, C:\Program Files (x86)\MixVideoPlayer\Languages\Russian.ini, In Quarantäne, [8b564176a6e4e353dda043ad7f843ac6], 
PUP.Optional.MixVideoPlayer.A, C:\Program Files (x86)\MixVideoPlayer\Languages\Slovak.ini, In Quarantäne, [8b564176a6e4e353dda043ad7f843ac6], 
PUP.Optional.MixVideoPlayer.A, C:\Program Files (x86)\MixVideoPlayer\Languages\Slovenian.ini, In Quarantäne, [8b564176a6e4e353dda043ad7f843ac6], 
PUP.Optional.MixVideoPlayer.A, C:\Program Files (x86)\MixVideoPlayer\Languages\Spanish.ini, In Quarantäne, [8b564176a6e4e353dda043ad7f843ac6], 
PUP.Optional.MixVideoPlayer.A, C:\Program Files (x86)\MixVideoPlayer\Languages\Swedish.ini, In Quarantäne, [8b564176a6e4e353dda043ad7f843ac6], 
PUP.Optional.MixVideoPlayer.A, C:\Program Files (x86)\MixVideoPlayer\Languages\Thai.ini, In Quarantäne, [8b564176a6e4e353dda043ad7f843ac6], 
PUP.Optional.MixVideoPlayer.A, C:\Program Files (x86)\MixVideoPlayer\Languages\Turkish.ini, In Quarantäne, [8b564176a6e4e353dda043ad7f843ac6], 
PUP.Optional.MixVideoPlayer.A, C:\Program Files (x86)\MixVideoPlayer\Languages\Ukrainian.ini, In Quarantäne, [8b564176a6e4e353dda043ad7f843ac6], 
PUP.Optional.MixVideoPlayer.A, C:\Program Files (x86)\MixVideoPlayer\Languages\Vietnamese.ini, In Quarantäne, [8b564176a6e4e353dda043ad7f843ac6], 
PUP.Optional.MixVideoPlayer.A, C:\Program Files (x86)\MixVideoPlayer\references\extaudio.png, In Quarantäne, [8b564176a6e4e353dda043ad7f843ac6], 
PUP.Optional.MixVideoPlayer.A, C:\Program Files (x86)\MixVideoPlayer\references\extvideo.png, In Quarantäne, [8b564176a6e4e353dda043ad7f843ac6], 
PUP.Optional.MixVideoPlayer.A, C:\Program Files (x86)\MixVideoPlayer\references\ffmpeg.exe, In Quarantäne, [8b564176a6e4e353dda043ad7f843ac6], 
PUP.Optional.MixVideoPlayer.A, C:\Program Files (x86)\MixVideoPlayer\references\ffmpeg.zip, In Quarantäne, [8b564176a6e4e353dda043ad7f843ac6], 
PUP.Optional.MixVideoPlayer.A, C:\Program Files (x86)\MixVideoPlayer\references\folder.png, In Quarantäne, [8b564176a6e4e353dda043ad7f843ac6], 
PUP.Optional.MixVideoPlayer.A, C:\Program Files (x86)\MixVideoPlayer\references\Interop.SHDocVw.dll, In Quarantäne, [8b564176a6e4e353dda043ad7f843ac6], 
PUP.Optional.MixVideoPlayer.A, C:\Program Files (x86)\MixVideoPlayer\references\libreria.png, In Quarantäne, [8b564176a6e4e353dda043ad7f843ac6], 
PUP.Optional.MixVideoPlayer.A, C:\Program Files (x86)\MixVideoPlayer\references\mixChecker.exe, In Quarantäne, [8b564176a6e4e353dda043ad7f843ac6], 
PUP.Optional.MixVideoPlayer.A, C:\Program Files (x86)\MixVideoPlayer\references\NDde.dll, In Quarantäne, [8b564176a6e4e353dda043ad7f843ac6], 
PUP.Optional.MixVideoPlayer.A, C:\Program Files (x86)\MixVideoPlayer\references\Newtonsoft.Json.dll, In Quarantäne, [8b564176a6e4e353dda043ad7f843ac6], 
PUP.Optional.MixVideoPlayer.A, C:\Program Files (x86)\MixVideoPlayer\references\PhotoLoader.dll, In Quarantäne, [8b564176a6e4e353dda043ad7f843ac6], 
PUP.Optional.MixVideoPlayer.A, C:\Program Files (x86)\MixVideoPlayer\references\policy.2.0.taglib-sharp.config, In Quarantäne, [8b564176a6e4e353dda043ad7f843ac6], 
PUP.Optional.MixVideoPlayer.A, C:\Program Files (x86)\MixVideoPlayer\references\policy.2.0.taglib-sharp.dll, In Quarantäne, [8b564176a6e4e353dda043ad7f843ac6], 
PUP.Optional.MixVideoPlayer.A, C:\Program Files (x86)\MixVideoPlayer\references\taglib-sharp.dll, In Quarantäne, [8b564176a6e4e353dda043ad7f843ac6], 
PUP.Optional.MixVideoPlayer.A, C:\Program Files (x86)\MixVideoPlayer\references\Thumbs.db, In Quarantäne, [8b564176a6e4e353dda043ad7f843ac6], 
PUP.Optional.MixVideoPlayer.A, C:\Program Files (x86)\MixVideoPlayer\Windows\logopeq-icon.ico, In Quarantäne, [8b564176a6e4e353dda043ad7f843ac6], 
PUP.Optional.MixVideoPlayer.A, C:\Program Files (x86)\MixVideoPlayer\Windows\Thumbs.db, In Quarantäne, [8b564176a6e4e353dda043ad7f843ac6], 
PUP.Optional.MixVideoPlayer.A, C:\Users\Markus Radosztics\AppData\Local\mixvideoplayer\log.txt, In Quarantäne, [d908af085634171ffb836789ef14d729], 
PUP.Optional.MixVideoPlayer.A, C:\Users\Markus Radosztics\AppData\Local\mixvideoplayer\config\config.ini, In Quarantäne, [d908af085634171ffb836789ef14d729], 
PUP.Optional.MixVideoPlayer.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MixVideoPlayer\Uninstall MixVideoPlayer.lnk, In Quarantäne, [5b86d4e3d0bac571c3bcc42c2bd84cb4], 
PUP.Optional.MixVideoPlayer.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MixVideoPlayer\MixVideoPlayer.lnk, In Quarantäne, [5b86d4e3d0bac571c3bcc42c2bd84cb4], 
PUP.Optional.SearchProtect.A, C:\Windows\System32\Tasks\avabvbyvyc, In Quarantäne, [4a978136008a37ffa092fbf8aa5945bb], 
PUP.Optional.SaveSense.A, C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineCore.job, In Quarantäne, [58897b3c0882d06689a2d42b5da64db3], 
PUP.Optional.SaveSense.A, C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineUA.job, In Quarantäne, [cf12c4f3b4d6989e46e58d723ec52bd5], 
PUP.Optional.SafeFinder.A, C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\searchplugins\SafeFinder Search.xml, In Quarantäne, [de03c4f393f795a1c015d03e72929769], 
PUP.Optional.SaveSense, C:\Windows\System32\Tasks\SaveSenseLiveUpdateTaskMachineCore, In Quarantäne, [16cba90e7c0e4ee88fe762b757adea16], 
PUP.Optional.SaveSense, C:\Windows\System32\Tasks\SaveSenseLiveUpdateTaskMachineUA, In Quarantäne, [98490ea9fe8ccd692f47e9300ff5b24e], 
PUP.Optional.Trovi.A, C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\searchplugins\trovi-search.xml, In Quarantäne, [5889dcdba1e9a98de29ed15154b0d12f], 
PUP.Optional.MySearchDial.A, C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}.xpi, In Quarantäne, [c0218334b2d8e74f030822069c684eb2], 
PUP.Optional.MySearchDial.A, C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\searchplugins\Mysearchdial.xml, In Quarantäne, [30b14b6cf59589ad40c5260872926c94], 
PUP.Optional.SweetPage.A, C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\sweet-page.xml, In Quarantäne, [fee3892eb8d2072f09b2025f15f0cc34], 
PUP.Optional.MySpeedDial.A, C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pflphaooapbgpeakohlggbpidpppgdff_0.localstorage, In Quarantäne, [c12006b1f5951c1ae8254a1f0df803fd], 
PUP.Optional.SearchProtect, C:\Windows\apppatch\Custom\Custom64\{cf2797aa-b7ec-e311-8ed9-005056c00008}.sdb, In Quarantäne, [915016a11c6e3afc3fd9aec2f60fca36], 
PUP.Optional.OptimizerPro.A, C:\Users\Markus Radosztics\Documents\Optimizer Pro\CookiesException.txt, In Quarantäne, [16cbdadd9befb87ec75288fc887d45bb], 
PUP.Optional.OpenCandy, C:\Users\Markus Radosztics\AppData\Roaming\OpenCandy\2AE3CB6986E04F24BC389040D6619E8F\TuneUp2014AUST1day-de-DE-p4v1.exe, In Quarantäne, [20c1fbbcf29888ae8e8de1d421e204fc], 
PUP.Optional.OpenCandy, C:\Users\Markus Radosztics\AppData\Roaming\OpenCandy\376A26ACD3B849E88589C0F850D16F2D\Installer.exe, In Quarantäne, [20c1fbbcf29888ae8e8de1d421e204fc], 
PUP.Optional.OpenCandy, C:\Users\Markus Radosztics\AppData\Roaming\OpenCandy\376A26ACD3B849E88589C0F850D16F2D\Safefinder_RBCB_p1v3.exe, In Quarantäne, [20c1fbbcf29888ae8e8de1d421e204fc], 
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSense\icon.ico, In Quarantäne, [9a47288fc4c68aac1249f9bdce354cb4], 
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSense\SaveSense.crx, In Quarantäne, [9a47288fc4c68aac1249f9bdce354cb4], 
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSense\SaveSense.xpi, In Quarantäne, [9a47288fc4c68aac1249f9bdce354cb4], 
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSense\SaveSenseIE64.dll, In Quarantäne, [9a47288fc4c68aac1249f9bdce354cb4], 
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSense\uninst.exe, In Quarantäne, [9a47288fc4c68aac1249f9bdce354cb4], 
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_de.dll, In Quarantäne, [38a91c9b315967cfbca08f27bf44de22], 
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_el.dll, In Quarantäne, [38a91c9b315967cfbca08f27bf44de22], 
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_en-GB.dll, In Quarantäne, [38a91c9b315967cfbca08f27bf44de22], 
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_en.dll, In Quarantäne, [38a91c9b315967cfbca08f27bf44de22], 
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_es-419.dll, In Quarantäne, [38a91c9b315967cfbca08f27bf44de22], 
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_es.dll, In Quarantäne, [38a91c9b315967cfbca08f27bf44de22], 
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_et.dll, In Quarantäne, [38a91c9b315967cfbca08f27bf44de22], 
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_fa.dll, In Quarantäne, [38a91c9b315967cfbca08f27bf44de22], 
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_fi.dll, In Quarantäne, [38a91c9b315967cfbca08f27bf44de22], 
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_fil.dll, In Quarantäne, [38a91c9b315967cfbca08f27bf44de22], 
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_fr.dll, In Quarantäne, [38a91c9b315967cfbca08f27bf44de22], 
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_gu.dll, In Quarantäne, [38a91c9b315967cfbca08f27bf44de22], 
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_hi.dll, In Quarantäne, [38a91c9b315967cfbca08f27bf44de22], 
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_hr.dll, In Quarantäne, [38a91c9b315967cfbca08f27bf44de22], 
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_hu.dll, In Quarantäne, [38a91c9b315967cfbca08f27bf44de22], 
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_id.dll, In Quarantäne, [38a91c9b315967cfbca08f27bf44de22], 
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_it.dll, In Quarantäne, [38a91c9b315967cfbca08f27bf44de22], 
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_iw.dll, In Quarantäne, [38a91c9b315967cfbca08f27bf44de22], 
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_ja.dll, In Quarantäne, [38a91c9b315967cfbca08f27bf44de22], 
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_kn.dll, In Quarantäne, [38a91c9b315967cfbca08f27bf44de22], 
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_ko.dll, In Quarantäne, [38a91c9b315967cfbca08f27bf44de22], 
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_lt.dll, In Quarantäne, [38a91c9b315967cfbca08f27bf44de22], 
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_lv.dll, In Quarantäne, [38a91c9b315967cfbca08f27bf44de22], 
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_ml.dll, In Quarantäne, [38a91c9b315967cfbca08f27bf44de22], 
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_mr.dll, In Quarantäne, [38a91c9b315967cfbca08f27bf44de22], 
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_ms.dll, In Quarantäne, [38a91c9b315967cfbca08f27bf44de22], 
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_nl.dll, In Quarantäne, [38a91c9b315967cfbca08f27bf44de22], 
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_no.dll, In Quarantäne, [38a91c9b315967cfbca08f27bf44de22], 
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_pl.dll, In Quarantäne, [38a91c9b315967cfbca08f27bf44de22], 
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_pt-BR.dll, In Quarantäne, [38a91c9b315967cfbca08f27bf44de22], 
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_pt-PT.dll, In Quarantäne, [38a91c9b315967cfbca08f27bf44de22], 
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_ro.dll, In Quarantäne, [38a91c9b315967cfbca08f27bf44de22], 
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdate.dll, In Quarantäne, [38a91c9b315967cfbca08f27bf44de22], 
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_am.dll, In Quarantäne, [38a91c9b315967cfbca08f27bf44de22], 
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_ar.dll, In Quarantäne, [38a91c9b315967cfbca08f27bf44de22], 
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_bg.dll, In Quarantäne, [38a91c9b315967cfbca08f27bf44de22], 
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_bn.dll, In Quarantäne, [38a91c9b315967cfbca08f27bf44de22], 
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_ca.dll, In Quarantäne, [38a91c9b315967cfbca08f27bf44de22], 
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_cs.dll, In Quarantäne, [38a91c9b315967cfbca08f27bf44de22], 
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_sk.dll, In Quarantäne, [38a91c9b315967cfbca08f27bf44de22], 
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_sl.dll, In Quarantäne, [38a91c9b315967cfbca08f27bf44de22], 
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_sr.dll, In Quarantäne, [38a91c9b315967cfbca08f27bf44de22], 
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_sv.dll, In Quarantäne, [38a91c9b315967cfbca08f27bf44de22], 
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_sw.dll, In Quarantäne, [38a91c9b315967cfbca08f27bf44de22], 
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_ta.dll, In Quarantäne, [38a91c9b315967cfbca08f27bf44de22], 
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_te.dll, In Quarantäne, [38a91c9b315967cfbca08f27bf44de22], 
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_th.dll, In Quarantäne, [38a91c9b315967cfbca08f27bf44de22], 
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_tr.dll, In Quarantäne, [38a91c9b315967cfbca08f27bf44de22], 
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_uk.dll, In Quarantäne, [38a91c9b315967cfbca08f27bf44de22], 
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_ur.dll, In Quarantäne, [38a91c9b315967cfbca08f27bf44de22], 
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_vi.dll, In Quarantäne, [38a91c9b315967cfbca08f27bf44de22], 
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_zh-CN.dll, In Quarantäne, [38a91c9b315967cfbca08f27bf44de22], 
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_zh-TW.dll, In Quarantäne, [38a91c9b315967cfbca08f27bf44de22], 
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\npGoogleUpdate3.dll, In Quarantäne, [38a91c9b315967cfbca08f27bf44de22], 
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\psmachine.dll, In Quarantäne, [38a91c9b315967cfbca08f27bf44de22], 
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\psuser.dll, In Quarantäne, [38a91c9b315967cfbca08f27bf44de22], 
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\SaveSenseLive.exe, In Quarantäne, [38a91c9b315967cfbca08f27bf44de22], 
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\SaveSenseLiveBroker.exe, In Quarantäne, [38a91c9b315967cfbca08f27bf44de22], 
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\SaveSenseLiveHandler.exe, In Quarantäne, [38a91c9b315967cfbca08f27bf44de22], 
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\SaveSenseLiveHelper.msi, In Quarantäne, [38a91c9b315967cfbca08f27bf44de22], 
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\SaveSenseLiveOnDemand.exe, In Quarantäne, [38a91c9b315967cfbca08f27bf44de22], 
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_da.dll, In Quarantäne, [38a91c9b315967cfbca08f27bf44de22], 
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_is.dll, In Quarantäne, [38a91c9b315967cfbca08f27bf44de22], 
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_ru.dll, In Quarantäne, [38a91c9b315967cfbca08f27bf44de22], 
PUP.Optional.SaveSense, C:\ProgramData\SaveSenseLive\Update\Log\SaveSenseLive.log, In Quarantäne, [469b2790bcce50e6500d288e35cef60a], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect\bin\VC32.dll, In Quarantäne, [855c15a2e9a1f4427814645256ad40c0], 
PUP.Optional.IePluginService.A, C:\ProgramData\IePluginService\update\conf, In Quarantäne, [746d13a48a0038fedd932b8cff045ba5], 
PUP.Optional.SaveSense.A, C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\extensions\{8b337819-d1e8-48d3-8178-168ae8c99c36}\chrome.manifest, In Quarantäne, [4c957d3a7d0d2a0c9e7e1f9be12211ef], 
PUP.Optional.SaveSense.A, C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\extensions\{8b337819-d1e8-48d3-8178-168ae8c99c36}\install.rdf, In Quarantäne, [4c957d3a7d0d2a0c9e7e1f9be12211ef], 
PUP.Optional.SaveSense.A, C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\extensions\{8b337819-d1e8-48d3-8178-168ae8c99c36}\content\savesense.xul, In Quarantäne, [4c957d3a7d0d2a0c9e7e1f9be12211ef], 
PUP.Optional.SaveSense.A, C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\extensions\{8b337819-d1e8-48d3-8178-168ae8c99c36}\content\images\icon32.png, In Quarantäne, [4c957d3a7d0d2a0c9e7e1f9be12211ef], 
PUP.Optional.SaveSense.A, C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\extensions\{8b337819-d1e8-48d3-8178-168ae8c99c36}\defaults\preferences\defaults.js, In Quarantäne, [4c957d3a7d0d2a0c9e7e1f9be12211ef], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect1813781\EULA.txt, In Quarantäne, [538e1c9b216968cef55fd4e61ee5b947], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect1813781\Main\bin\CltMngSvc.exe, In Quarantäne, [538e1c9b216968cef55fd4e61ee5b947], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect1813781\Main\bin\SPTool.dll, In Quarantäne, [538e1c9b216968cef55fd4e61ee5b947], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect1813781\Main\bin\SPtool.dll_1389819848408, In Quarantäne, [538e1c9b216968cef55fd4e61ee5b947], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect1813781\Main\bin\SPtool.dll_1389819848419, In Quarantäne, [538e1c9b216968cef55fd4e61ee5b947], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect1813781\Main\bin\SPtool.dll_1390832140398, In Quarantäne, [538e1c9b216968cef55fd4e61ee5b947], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect1813781\Main\bin\SPtool.dll_1390832140414, In Quarantäne, [538e1c9b216968cef55fd4e61ee5b947], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect1813781\Main\bin\SPtool.dll_1391027642865, In Quarantäne, [538e1c9b216968cef55fd4e61ee5b947], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect1813781\Main\bin\SPtool.dll_1391027642869, In Quarantäne, [538e1c9b216968cef55fd4e61ee5b947], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect1813781\Main\bin\SPtool.dll_1391412808481, In Quarantäne, [538e1c9b216968cef55fd4e61ee5b947], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect1813781\Main\bin\SPtool.dll_1391450829593, In Quarantäne, [538e1c9b216968cef55fd4e61ee5b947], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect1813781\Main\bin\SPtool.dll_1391450829602, In Quarantäne, [538e1c9b216968cef55fd4e61ee5b947], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect1813781\Main\bin\uninstall.exe, In Quarantäne, [538e1c9b216968cef55fd4e61ee5b947], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect1813781\Main\rep\SystemRepository.dat, In Quarantäne, [538e1c9b216968cef55fd4e61ee5b947], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect1813781\SearchProtect\bin\cltmng.exe, In Quarantäne, [538e1c9b216968cef55fd4e61ee5b947], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect1813781\SearchProtect\bin\SPTool64.exe, In Quarantäne, [538e1c9b216968cef55fd4e61ee5b947], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect1813781\SearchProtect\bin\SPVC32.dll, In Quarantäne, [538e1c9b216968cef55fd4e61ee5b947], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect1813781\SearchProtect\bin\SPVC32Loader.dll, In Quarantäne, [538e1c9b216968cef55fd4e61ee5b947], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect1813781\SearchProtect\bin\SPVC64.dll, In Quarantäne, [538e1c9b216968cef55fd4e61ee5b947], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect1813781\SearchProtect\bin\SPVC64Loader.dll, In Quarantäne, [538e1c9b216968cef55fd4e61ee5b947], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect1813781\UI\bin\cltmngui.exe, In Quarantäne, [538e1c9b216968cef55fd4e61ee5b947], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect1813781\UI\dialogs\settings.html, In Quarantäne, [538e1c9b216968cef55fd4e61ee5b947], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect1813781\UI\dialogs\style.css, In Quarantäne, [538e1c9b216968cef55fd4e61ee5b947], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect1813781\UI\dialogs\bubble\bubble.css, In Quarantäne, [538e1c9b216968cef55fd4e61ee5b947], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect1813781\UI\dialogs\bubble\bubble.html, In Quarantäne, [538e1c9b216968cef55fd4e61ee5b947], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect1813781\UI\dialogs\bubble\bubble.js, In Quarantäne, [538e1c9b216968cef55fd4e61ee5b947], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect1813781\UI\dialogs\bubble\defaults.js, In Quarantäne, [538e1c9b216968cef55fd4e61ee5b947], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect1813781\UI\dialogs\Images\Apply-default.png, In Quarantäne, [538e1c9b216968cef55fd4e61ee5b947], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect1813781\UI\dialogs\Images\Apply-onclick.png, In Quarantäne, [538e1c9b216968cef55fd4e61ee5b947], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect1813781\UI\dialogs\Images\Apply-Rollover.png, In Quarantäne, [538e1c9b216968cef55fd4e61ee5b947], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect1813781\UI\dialogs\Images\bg-with-logo.png, In Quarantäne, [538e1c9b216968cef55fd4e61ee5b947], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect1813781\UI\dialogs\Images\bg.png, In Quarantäne, [538e1c9b216968cef55fd4e61ee5b947], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect1813781\UI\dialogs\Images\bgNotif.png, In Quarantäne, [538e1c9b216968cef55fd4e61ee5b947], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect1813781\UI\dialogs\Images\bgSettings.png, In Quarantäne, [538e1c9b216968cef55fd4e61ee5b947], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect1813781\UI\dialogs\Images\bgUninstall.png, In Quarantäne, [538e1c9b216968cef55fd4e61ee5b947], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect1813781\UI\dialogs\Images\btnBlue.png, In Quarantäne, [538e1c9b216968cef55fd4e61ee5b947], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect1813781\UI\dialogs\Images\btnClose.png, In Quarantäne, [538e1c9b216968cef55fd4e61ee5b947], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect1813781\UI\dialogs\Images\btnSilver.png, In Quarantäne, [538e1c9b216968cef55fd4e61ee5b947], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect1813781\UI\dialogs\Images\checkbox.png, In Quarantäne, [538e1c9b216968cef55fd4e61ee5b947], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect1813781\UI\dialogs\Images\checkbox_checked.png, In Quarantäne, [538e1c9b216968cef55fd4e61ee5b947], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect1813781\UI\dialogs\Images\checkbox_def.png, In Quarantäne, [538e1c9b216968cef55fd4e61ee5b947], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect1813781\UI\dialogs\Images\close-win-def.png, In Quarantäne, [538e1c9b216968cef55fd4e61ee5b947], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect1813781\UI\dialogs\Images\close-win-over-click.png, In Quarantäne, [538e1c9b216968cef55fd4e61ee5b947], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect1813781\UI\dialogs\Images\gray-bg.png, In Quarantäne, [538e1c9b216968cef55fd4e61ee5b947], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect1813781\UI\dialogs\Images\hez-def.png, In Quarantäne, [538e1c9b216968cef55fd4e61ee5b947], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect1813781\UI\dialogs\Images\hez-selected.png, In Quarantäne, [538e1c9b216968cef55fd4e61ee5b947], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect1813781\UI\dialogs\Images\hez.png, In Quarantäne, [538e1c9b216968cef55fd4e61ee5b947], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect1813781\UI\dialogs\Images\icon-win.png, In Quarantäne, [538e1c9b216968cef55fd4e61ee5b947], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect1813781\UI\dialogs\Images\info-icon.png, In Quarantäne, [538e1c9b216968cef55fd4e61ee5b947], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect1813781\UI\dialogs\Images\menu-rollover.png, In Quarantäne, [538e1c9b216968cef55fd4e61ee5b947], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect1813781\UI\dialogs\Images\menu-selected.png, In Quarantäne, [538e1c9b216968cef55fd4e61ee5b947], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect1813781\UI\dialogs\Images\radio-button-def.png, In Quarantäne, [538e1c9b216968cef55fd4e61ee5b947], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect1813781\UI\dialogs\Images\radio-button-selected.png, In Quarantäne, [538e1c9b216968cef55fd4e61ee5b947], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect1813781\UI\dialogs\Images\radio-button.png, In Quarantäne, [538e1c9b216968cef55fd4e61ee5b947], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect1813781\UI\dialogs\Images\radio-button2.png, In Quarantäne, [538e1c9b216968cef55fd4e61ee5b947], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect1813781\UI\dialogs\Images\Settings-icon.png, In Quarantäne, [538e1c9b216968cef55fd4e61ee5b947], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect1813781\UI\dialogs\Images\text-field.png, In Quarantäne, [538e1c9b216968cef55fd4e61ee5b947], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect1813781\UI\dialogs\Images\v.png, In Quarantäne, [538e1c9b216968cef55fd4e61ee5b947], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect1813781\UI\dialogs\Images\x.png, In Quarantäne, [538e1c9b216968cef55fd4e61ee5b947], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect1813781\UI\dialogs\libs\defaults.js, In Quarantäne, [538e1c9b216968cef55fd4e61ee5b947], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect1813781\UI\dialogs\libs\dialogUtils.js, In Quarantäne, [538e1c9b216968cef55fd4e61ee5b947], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect1813781\UI\dialogs\libs\jquery.1.7.1.min.js, In Quarantäne, [538e1c9b216968cef55fd4e61ee5b947], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect1813781\UI\dialogs\libs\json2.min.js, In Quarantäne, [538e1c9b216968cef55fd4e61ee5b947], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect1813781\UI\dialogs\libs\main.js, In Quarantäne, [538e1c9b216968cef55fd4e61ee5b947], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect1813781\UI\dialogs\libs\SPDialogAPI.js, In Quarantäne, [538e1c9b216968cef55fd4e61ee5b947], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect1813781\UI\dialogs\protection\defaults.js, In Quarantäne, [538e1c9b216968cef55fd4e61ee5b947], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect1813781\UI\dialogs\protection\protection.css, In Quarantäne, [538e1c9b216968cef55fd4e61ee5b947], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect1813781\UI\dialogs\protection\protection.html, In Quarantäne, [538e1c9b216968cef55fd4e61ee5b947], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect1813781\UI\dialogs\protection\protection.js, In Quarantäne, [538e1c9b216968cef55fd4e61ee5b947], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect1813781\UI\dialogs\protectionDS\defaults.js, In Quarantäne, [538e1c9b216968cef55fd4e61ee5b947], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect1813781\UI\dialogs\protectionDS\protectionDS.css, In Quarantäne, [538e1c9b216968cef55fd4e61ee5b947], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect1813781\UI\dialogs\protectionDS\protectionDS.html, In Quarantäne, [538e1c9b216968cef55fd4e61ee5b947], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect1813781\UI\dialogs\protectionDS\protectionDS.js, In Quarantäne, [538e1c9b216968cef55fd4e61ee5b947], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect1813781\UI\dialogs\settings\defaults.js, In Quarantäne, [538e1c9b216968cef55fd4e61ee5b947], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect1813781\UI\dialogs\settings\settings.css, In Quarantäne, [538e1c9b216968cef55fd4e61ee5b947], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect1813781\UI\dialogs\settings\settings.html, In Quarantäne, [538e1c9b216968cef55fd4e61ee5b947], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect1813781\UI\dialogs\settings\settings.js, In Quarantäne, [538e1c9b216968cef55fd4e61ee5b947], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect1813781\UI\dialogs\uninstall\defaults.js, In Quarantäne, [538e1c9b216968cef55fd4e61ee5b947], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect1813781\UI\dialogs\uninstall\uninstall.css, In Quarantäne, [538e1c9b216968cef55fd4e61ee5b947], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect1813781\UI\dialogs\uninstall\uninstall.html, In Quarantäne, [538e1c9b216968cef55fd4e61ee5b947], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect1813781\UI\dialogs\uninstall\uninstall.js, In Quarantäne, [538e1c9b216968cef55fd4e61ee5b947], 
PUP.Optional.SearchProtect.A, C:\Users\Markus Radosztics\AppData\Local\SearchProtect\SearchProtect\rep\Cvc.dat, In Quarantäne, [c71af4c33456b1854c3a398d25de21df], 
PUP.Optional.SearchProtect.A, C:\Users\Markus Radosztics\AppData\Local\SearchProtect\SearchProtect\rep\UserRepository.dat, In Quarantäne, [c71af4c33456b1854c3a398d25de21df], 
PUP.Optional.SearchProtect.A, C:\Users\Markus Radosztics\AppData\Local\SearchProtect\SearchProtect\rep\UserSettings.dat, In Quarantäne, [c71af4c33456b1854c3a398d25de21df], 
PUP.Optional.SearchProtect.A, C:\Users\Markus Radosztics\AppData\Local\SearchProtect\UI\rep\UIRepository.dat, In Quarantäne, [c71af4c33456b1854c3a398d25de21df], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\DpInterface32.dll, In Quarantäne, [02df45721971d165b814b21935ceb24e], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\DpInterface64.dll, In Quarantäne, [02df45721971d165b814b21935ceb24e], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\SpAPPSv64.dll, In Quarantäne, [02df45721971d165b814b21935ceb24e], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\data.html, In Quarantäne, [02df45721971d165b814b21935ceb24e], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\indexIE.html, In Quarantäne, [02df45721971d165b814b21935ceb24e], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\indexIE8.html, In Quarantäne, [02df45721971d165b814b21935ceb24e], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\main.css, In Quarantäne, [02df45721971d165b814b21935ceb24e], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\ver.txt, In Quarantäne, [02df45721971d165b814b21935ceb24e], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\arrow.png, In Quarantäne, [02df45721971d165b814b21935ceb24e], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\default_add_logo.png, In Quarantäne, [02df45721971d165b814b21935ceb24e], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\default_add_logo_hover.png, In Quarantäne, [02df45721971d165b814b21935ceb24e], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\default_logo.png, In Quarantäne, [02df45721971d165b814b21935ceb24e], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\googlelogo.png, In Quarantäne, [02df45721971d165b814b21935ceb24e], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\googlelogo2.png, In Quarantäne, [02df45721971d165b814b21935ceb24e], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\google_trends.png, In Quarantäne, [02df45721971d165b814b21935ceb24e], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\icon128.png, In Quarantäne, [02df45721971d165b814b21935ceb24e], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\icon16.png, In Quarantäne, [02df45721971d165b814b21935ceb24e], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\icon48.png, In Quarantäne, [02df45721971d165b814b21935ceb24e], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\loading.gif, In Quarantäne, [02df45721971d165b814b21935ceb24e], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\logo32.ico, In Quarantäne, [02df45721971d165b814b21935ceb24e], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\weather\0.png, In Quarantäne, [02df45721971d165b814b21935ceb24e], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\common.js, In Quarantäne, [02df45721971d165b814b21935ceb24e], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\ga.js, In Quarantäne, [02df45721971d165b814b21935ceb24e], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\ie8.js, In Quarantäne, [02df45721971d165b814b21935ceb24e], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\jquery-1.11.0.min.js, In Quarantäne, [02df45721971d165b814b21935ceb24e], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\jquery.autocomplete.js, In Quarantäne, [02df45721971d165b814b21935ceb24e], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\js.js, In Quarantäne, [02df45721971d165b814b21935ceb24e], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\library.js, In Quarantäne, [02df45721971d165b814b21935ceb24e], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\xagainit.js, In Quarantäne, [02df45721971d165b814b21935ceb24e], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\en-US\messages.json, In Quarantäne, [02df45721971d165b814b21935ceb24e], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\es-419\messages.json, In Quarantäne, [02df45721971d165b814b21935ceb24e], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\es-ES\messages.json, In Quarantäne, [02df45721971d165b814b21935ceb24e], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-BE\messages.json, In Quarantäne, [02df45721971d165b814b21935ceb24e], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-CA\messages.json, In Quarantäne, [02df45721971d165b814b21935ceb24e], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-CH\messages.json, In Quarantäne, [02df45721971d165b814b21935ceb24e], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-FR\messages.json, In Quarantäne, [02df45721971d165b814b21935ceb24e], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-LU\messages.json, In Quarantäne, [02df45721971d165b814b21935ceb24e], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\it-CH\messages.json, In Quarantäne, [02df45721971d165b814b21935ceb24e], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\it-IT\messages.json, In Quarantäne, [02df45721971d165b814b21935ceb24e], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pl\messages.json, In Quarantäne, [02df45721971d165b814b21935ceb24e], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pt\messages.json, In Quarantäne, [02df45721971d165b814b21935ceb24e], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pt-BR\messages.json, In Quarantäne, [02df45721971d165b814b21935ceb24e], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\ru\messages.json, In Quarantäne, [02df45721971d165b814b21935ceb24e], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\ru-MO\messages.json, In Quarantäne, [02df45721971d165b814b21935ceb24e], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\tr-TR\messages.json, In Quarantäne, [02df45721971d165b814b21935ceb24e], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\vi-VI\messages.json, In Quarantäne, [02df45721971d165b814b21935ceb24e], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\zh-CN\messages.json, In Quarantäne, [02df45721971d165b814b21935ceb24e], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\zh-TW\messages.json, In Quarantäne, [02df45721971d165b814b21935ceb24e], 
PUP.Optional.SweetPage.A, C:\Users\Markus Radosztics\AppData\Roaming\sweet-page\75.json, In Quarantäne, [ecf5b1065535270fbe4f0dc446bdf20e], 
PUP.Optional.SweetPage.A, C:\Users\Markus Radosztics\AppData\Roaming\sweet-page\uninstallDlg.xml, In Quarantäne, [ecf5b1065535270fbe4f0dc446bdf20e], 
PUP.Optional.SweetPage.A, C:\Users\Markus Radosztics\AppData\Roaming\sweet-page\UninstallManager.exe, In Quarantäne, [ecf5b1065535270fbe4f0dc446bdf20e], 
PUP.Optional.SweetPage.A, C:\Users\Markus Radosztics\AppData\Roaming\sweet-page\images\bg1.png, In Quarantäne, [ecf5b1065535270fbe4f0dc446bdf20e], 
PUP.Optional.SweetPage.A, C:\Users\Markus Radosztics\AppData\Roaming\sweet-page\images\button1.png, In Quarantäne, [ecf5b1065535270fbe4f0dc446bdf20e], 
PUP.Optional.SweetPage.A, C:\Users\Markus Radosztics\AppData\Roaming\sweet-page\images\checked.png, In Quarantäne, [ecf5b1065535270fbe4f0dc446bdf20e], 
PUP.Optional.SweetPage.A, C:\Users\Markus Radosztics\AppData\Roaming\sweet-page\images\close.png, In Quarantäne, [ecf5b1065535270fbe4f0dc446bdf20e], 
PUP.Optional.SweetPage.A, C:\Users\Markus Radosztics\AppData\Roaming\sweet-page\images\min.png, In Quarantäne, [ecf5b1065535270fbe4f0dc446bdf20e], 
PUP.Optional.SweetPage.A, C:\Users\Markus Radosztics\AppData\Roaming\sweet-page\images\Thumbs.db, In Quarantäne, [ecf5b1065535270fbe4f0dc446bdf20e], 
PUP.Optional.SweetPage.A, C:\Users\Markus Radosztics\AppData\Roaming\sweet-page\images\unchecked.png, In Quarantäne, [ecf5b1065535270fbe4f0dc446bdf20e], 
PUP.Optional.SearchProtect.A, C:\Users\Markus Radosztics\AppData\Local\avabvbyvyc\bahvxfk, In Quarantäne, [ae33cbec3b4fd4620b78637eed1639c7], 
PUP.Optional.SearchProtect.A, C:\Users\Markus Radosztics\AppData\Local\avabvbyvyc\mkfvxfk, In Quarantäne, [ae33cbec3b4fd4620b78637eed1639c7], 
PUP.Optional.SearchProtect.A, C:\Users\Markus Radosztics\AppData\Local\avabvbyvyc\pvpqbjobmlpfqlovvawq, In Quarantäne, [ae33cbec3b4fd4620b78637eed1639c7], 
PUP.Optional.SearchProtect.A, C:\Users\Markus Radosztics\AppData\Local\avabvbyvyc\qokvxfk, In Quarantäne, [ae33cbec3b4fd4620b78637eed1639c7], 
PUP.Optional.SearchProtect.A, C:\Users\Markus Radosztics\AppData\Local\avabvbyvyc\rfobmlpfqlovvawq, In Quarantäne, [ae33cbec3b4fd4620b78637eed1639c7], 
PUP.Optional.SearchProtect.A, C:\Users\Markus Radosztics\AppData\Local\avabvbyvyc\rpboobmlpfqlovvawq, In Quarantäne, [ae33cbec3b4fd4620b78637eed1639c7], 
PUP.Optional.SearchProtect.A, C:\Users\Markus Radosztics\AppData\Local\avabvbyvyc\stb.dat, In Quarantäne, [ae33cbec3b4fd4620b78637eed1639c7], 
PUP.Optional.SearchProtect.A, C:\Users\Markus Radosztics\AppData\Local\avabvbyvyc\ycfvxfk, In Quarantäne, [ae33cbec3b4fd4620b78637eed1639c7], 
PUP.Optional.MixVideoPlayer.A, C:\Users\Markus Radosztics\AppData\Local\com\MixVideoPlayer.exe_Url_0uxwaewrhelcgghll0o5cintgfcbqdxr\1.0.0.18\user.config, In Quarantäne, [a63b7e393753a6900b32bc28a45f12ee], 
PUP.Optional.SafeFinder.A, C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\prefs.js, Gut: (), Schlecht: (user_pref("keyword.URL", "hxxp://feed.safefinder.com/?p=mKO_AwFzXIpYRa8ldwnKG51HJOT1XRoA82gVkpDLIiC3wcwpHk-WqC1bzyn3YxBa73w29Svyvo4TTBuSWsKEzeobwGR3nR4rh_fHxD6ZxvQieOHH4BGGDXsewe6uYXAlQzgR4K59MYXI1HKkHX7GsRjv8D_x-2q9639bHsAF6DHshBcEDcFqxQuOPqrndIrOf2p8Jnw,&q=");), Ersetzt,[32afedca37538ea8411337413cca7987]
PUP.Optional.Trovi.A, C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\prefs.js, Gut: (), Schlecht: (user_pref("browser.newtab.url", "hxxp://www.trovi.com/?gd=&ctid=CT3325585&octid=EB_ORIGINAL_CTID&ISID=MBD76DC0A-7238-4E4A-A651-F7EFC810B1AB&SearchSource=69&CUI=&SSPV=&Lay=1&UM=6&UP=SPF0B6B979-9C91-40B9-8531-604BAA398CE2");), Ersetzt,[c21f6156b8d220167c4a54247492ce32]
PUP.Optional.MySearchDial.A, C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.AL", 2);), Ersetzt,[3ba62790a6e48baba46d5821b84eea16]
PUP.Optional.MySearchDial.A, C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\prefs.js, Gut: (), Schlecht: (ser Preferences

/* Do not edit this file.
 *
 * If y), Ersetzt,[14cd6c4bc8c2c76f71a008712dd9f010]
PUP.Optional.MySearchDial.A, C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\prefs.js, Gut: (), Schlecht: (s

/* Do not edit this file.
 *
 * If you make changes to this file while the app), Ersetzt,[b0315c5b2367c67062af146511f57987]
PUP.Optional.MySearchDial.A, C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\prefs.js, Gut: (), Schlecht: (e.
 *
 * If you make changes to this file while the application is running,
 * the changes will be overwritten when the application exits.
 *
 * To make a manual change to preferences, you can visit the URL about:config
 */

user_pref("app.update.lastUpdateTime.addon-background-update-timer", 1433671080);
user_pref("app.update.lastUpdateTi), Ersetzt,[627f4e69f991e6503fd2f18844c23ac6]
PUP.Optional.MySearchDial.A, C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\prefs.js, Gut: (), Schlecht: (Time.addon-background-update-timer", 1433671080);
use), Ersetzt,[558cbef9aae0c27448c9cdac48bee21e]
PUP.Optional.MySearchDial.A, C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\prefs.js, Gut: (), Schlecht: (nces

/* Do not edit this file.
 *
 * If you ), Ersetzt,[e6fbf1c60a8093a391806a0fcb3b946c]
PUP.Optional.MySearchDial.A, C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\prefs.js, Gut: (), Schlecht: (eferences

/* Do not edit this file.
 *
 * If yo), Ersetzt,[915045724e3cf0466da43742f70f6d93]
PUP.Optional.MySearchDial.A, C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\prefs.js, Gut: (), Schlecht: (rences

/* Do not edit this file.
 *
 * If you), Ersetzt,[21c05364ed9d8aacbc552d4ccd3904fc]
PUP.Optional.MySearchDial.A, C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\prefs.js, Gut: (), Schlecht: (ferences

/* Do not edit this file.
 *
 * If you), Ersetzt,[b72a288f5a30d6604fc24b2e689e7d83]
PUP.Optional.MySearchDial.A, C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\prefs.js, Gut: (), Schlecht: (rences

/* Do not edit this file.
 *
 * If y), Ersetzt,[0fd24a6db3d7ba7cdb36ea8f64a258a8]
PUP.Optional.MySearchDial.A, C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\prefs.js, Gut: (), Schlecht: (references

/* Do not edit this file.
 *
 * If you make changes to this file while the application is running,
 * the changes will be overwritten when the application exits.
 *
 * To make a manual change to preferences, you can visit the URL about:config
 */

user_pref("app.update.lastUpdateTime.addon-background-update-timer", 1433671080);
user_pref("app.update.lastUpdateTime.background-update-timer", 143366964), Ersetzt,[578ac9eeb9d1f442739e4c2d0ff719e7]
PUP.Optional.MySearchDial.A, C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\prefs.js, Gut: (), Schlecht: (stUpdateTime.background-update-timer", 1433669645);
user_pr), Ersetzt,[cc15daddd6b479bd9c75de9bee188b75]
PUP.Optional.MySearchDial.A, C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\prefs.js, Gut: (), Schlecht: (
/* Do not edit this file.
 *
 * If you make changes), Ersetzt,[d50c5265addd8fa7d83982f7aa5c15eb]
PUP.Optional.MySearchDial.A, C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\prefs.js, Gut: (), Schlecht: (ces

/* Do not edit this file.
 *
 * If you make chang), Ersetzt,[667bfeb9b8d21a1cdc35adcc2bdbfe02]
PUP.Optional.MySearchDial.A, C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\prefs.js, Gut: (), Schlecht: (

/* Do not edit this file.
 *
 * If you make changes to this file while the application is running,
 * the changes will be overwritten when the application exits.
 *
 * To make a manual change to preferences, you can visit the URL about:config
 */

user_pref("app.update.lastUpdateTime.addon-background-update-timer", 1433671080);
user_pref("app.update.lastUpdateTime.background-update-timer", 1433669645);
user_pr), Ersetzt,[35acd9de26640234d140e89162a48080]
PUP.Optional.MySearchDial.A, C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\prefs.js, Gut: (), Schlecht: (UpdateTime.background-update-timer", 1433669645);
user_pre), Ersetzt,[2ab77d3ae1a9c67053be5f1a21e5847c]
PUP.Optional.MySearchDial.A, C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\prefs.js, Gut: (), Schlecht: (

/* Do not edit this file.
 *
 * If you make changes to t), Ersetzt,[d9087443ed9da492ba57502916f027d9]
PUP.Optional.MySearchDial.A, C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\prefs.js, Gut: (), Schlecht: (
/* Do not edit this file.
 *
 * If you make changes to this ), Ersetzt,[a1401e99dfab79bda869caafc6407c84]
PUP.Optional.MySearchDial.A, C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\prefs.js, Gut: (), Schlecht: (* Do not edit this file.
 *
 * If you make changes), Ersetzt,[13ce11a61476c6702ce5e8919b6be21e]
PUP.Optional.MySearchDial.A, C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\prefs.js, Gut: (), Schlecht: (rences

/* Do not edit this file.
 *
 * If you make changes to this file while the application is running,
 * the changes will be overwritten when the application exits.
 *
 * To make a manual change to preferences, you can visit the URL about:config
 */

user_pref("app.update.lastUpdateTime.addon-background-update-timer", 1433671080);
user_pref("app.update.lastUpdateTime.background-update-timer", 1433669645);
user_p), Ersetzt,[766b10a72169ad890d04babfe22405fb]
PUP.Optional.MySearchDial.A, C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\prefs.js, Gut: (), Schlecht: (eTime.background-update-timer", 1433669645);
user_pre), Ersetzt,[7071a710206a46f0fc15730633d36e92]
PUP.Optional.MySearchDial.A, C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\prefs.js, Gut: (), Schlecht: (nces

/* Do not edit this file.
 *
 * If you make c), Ersetzt,[3da465525d2d52e43ed31b5efb0b6997]
PUP.Optional.MySearchDial.A, C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\prefs.js, Gut: (), Schlecht: (ces

/* Do not edit this file.
 *
 * If you make ), Ersetzt,[31b014a38604ec4a43ce5d1cbf4760a0]
PUP.Optional.MySearchDial.A, C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\prefs.js, Gut: (), Schlecht: (ences

/* Do not edit this file.
 *
 * If you make ), Ersetzt,[e2ffe5d28a0090a623ee4d2c10f6e917]
PUP.Optional.MySearchDial.A, C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\prefs.js, Gut: (), Schlecht: (ces

/* Do not edit this file.
 *
 * If you make changes to th), Ersetzt,[02dfd1e697f362d429e8bcbd4eb8a25e]
PUP.Optional.Trovi.C, C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\prefs.js, Gut: (), Schlecht: (user_pref("browser.search.defaultenginename", "Trovi");), Ersetzt,[40a13a7d57337bbb39142a5024e2d62a]
PUP.Optional.Trovi.C, C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\prefs.js, Gut: (), Schlecht: (user_pref("browser.search.selectedEngine", "Trovi");), Ersetzt,[68794c6b3a5047ef7dd116645caa14ec]

Physische Sektoren: 0
(Keine schädliche Elemente gefunden)


(end)
         
__________________

Alt 07.06.2015, 21:49   #4
Don_Camillo
 
Ständig öffnen sich neue Internet-Fenster - Standard

Ständig öffnen sich neue Internet-Fenster



Und hier die Datei von AdwCleaner:

Code:
ATTFilter
# AdwCleaner v4.206 - Bericht erstellt 07/06/2015 um 22:17:37
# Aktualisiert 01/06/2015 von Xplode
# Datenbank : 2015-06-05.1 [Server]
# Betriebssystem : Windows 8 Pro  (x64)
# Benutzername : Markus Radosztics - WAUT0001
# Gestarted von : C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8187EMMG\AdwCleaner_4.206.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\~0
Ordner Gelöscht : C:\ProgramData\WPM
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlvPlayer
Ordner Gelöscht : C:\Program Files (x86)\Mega Browse
Ordner Gelöscht : C:\Windows\SysWOW64\SearchProtect
Ordner Gelöscht : C:\Windows\SysWOW64\config\systemprofile\AppData\Local\SearchProtect
Ordner Gelöscht : C:\Users\Markus Radosztics\AppData\Local\PackageAware
Ordner Gelöscht : C:\Users\Markus Radosztics\AppData\Local\BrowserWeb
Ordner Gelöscht : C:\Users\Markus Radosztics\AppData\Roaming\iSafe
Ordner Gelöscht : C:\Users\Markus Radosztics\AppData\Roaming\RHEng
Datei Gelöscht : C:\Windows\AppPatch\Custom\{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb
Datei Gelöscht : C:\Windows\System32\log\iSafeKrnlCall.log
Datei Gelöscht : C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\invalidprefs.js

***** [ Geplante Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Schlüssel Gelöscht : HKCU\Software\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iLivid.torrent
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Wpm
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{997E3BFB-F821-411C-8B96-D61D415EC8FA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1070C156-160B-47A0-B7D9-1860396BAB57}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{27CE191D-733B-4450-AFCD-096D105288C3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{39A29266-D3E4-462D-AB05-F93B1053F6CF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{44FC7A33-2E5C-48DC-B6F5-B81E8005D122}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{73192D81-6D24-4C40-BF7B-2507C6FA0B1A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{88C606E7-BA26-41CB-8CC3-D1E313E34E75}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{93D3100A-BBB6-456C-96FC-82CAC5F383AC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{997E3BFB-F821-411C-8B96-D61D415EC8FA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{9E0546FF-D44F-4FE4-A324-995FCACB8D33}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CDDAB3A4-E64D-4AE0-9E1D-F3132F5F913F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E66A759D-367F-433E-85C6-ED7F040BCC32}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F4B8D46C-4EEE-401B-8607-DC03025F34B1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{27CE191D-733B-4450-AFCD-096D105288C3}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\ilivid
Schlüssel Gelöscht : HKCU\Software\Myfree Codec
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Schlüssel Gelöscht : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Schlüssel Gelöscht : HKLM\SOFTWARE\FlvPlayer
Schlüssel Gelöscht : HKLM\SOFTWARE\IePlugin
Schlüssel Gelöscht : HKLM\SOFTWARE\Wpm
Schlüssel Gelöscht : HKLM\SOFTWARE\SPPDCOM
Schlüssel Gelöscht : HKLM\SOFTWARE\MixVideoPlayer
Daten Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~2\suptab\search~1.dll
Daten Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SupTab\SEARCH~2.DLL
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\chatango.com
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\softonic.de

***** [ Internetbrowser ] *****

-\\ Internet Explorer v10.0.9200.17267


-\\ Mozilla Firefox v38.0.5 (x86 de)

[febuujst.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.irmysearch.aflt", "md_14_12_ie");
[febuujst.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.irmysearch.cd", "2XzuyEtN2Y1L1Qzu0A0CtBtBtD0BzztC0B0A0CyEyEtA0AyCtN0D0Tzu0SzztCtAtN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1RtN1L1G1B1V1N2Y1L1Qzu2SyCzy0C0B0FzztC0DtG0EtA0B0Et[...]
[febuujst.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.irmysearch.cr", "1814531633");
[febuujst.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.irmysearch.instlRef", "140305_c");
[febuujst.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.mysearchdial.aflt", "md_14_12_ie");
[febuujst.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.mysearchdial.appId", "{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}");
[febuujst.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.mysearchdial.cd", "2XzuyEtN2Y1L1Qzu0A0CtBtBtD0BzztC0B0A0CyEyEtA0AyCtN0D0Tzu0SzztCtAtN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1RtN1L1G1B1V1N2Y1L1Qzu2SyCzy0C0B0FzztC0DtG0EtA0B0[...]
[febuujst.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.mysearchdial.cr", "1814531633");
[febuujst.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.mysearchdial.dfltLng", "");
[febuujst.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.mysearchdial.dfltSrch", true);
[febuujst.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.mysearchdial.dnsErr", true);
[febuujst.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.mysearchdial.excTlbr", false);
[febuujst.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.mysearchdial.hmpg", true);
[febuujst.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.mysearchdial.hmpgUrl", "hxxp://start.mysearchdial.com/?f=1&a=md_14_12_ie&cd=2XzuyEtN2Y1L1Qzu0A0CtBtBtD0BzztC0B0A0CyEyEtA0AyCtN0D0Tzu0SzztCtAtN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtD[...]
[febuujst.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.mysearchdial.id", "AC220B81BAC443A6");
[febuujst.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.mysearchdial.instlDay", "16152");
[febuujst.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.mysearchdial.instlRef", "140305_c");
[febuujst.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.mysearchdial.newTabUrl", "hxxp://start.mysearchdial.com/?f=2&a=md_14_12_ie&cd=2XzuyEtN2Y1L1Qzu0A0CtBtBtD0BzztC0B0A0CyEyEtA0AyCtN0D0Tzu0SzztCtAtN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyE[...]
[febuujst.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.mysearchdial.prdct", "mysearchdial");
[febuujst.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.mysearchdial.prtnrId", "mysearchdial");
[febuujst.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.mysearchdial.srchPrvdr", "Mysearchdial");
[febuujst.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.mysearchdial.tlbrId", "base");
[febuujst.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.mysearchdial.tlbrSrchUrl", "hxxp://start.mysearchdial.com/?f=3&a=md_14_12_ie&cd=2XzuyEtN2Y1L1Qzu0A0CtBtBtD0BzztC0B0A0CyEyEtA0AyCtN0D0Tzu0SzztCtAtN1L2XzutBtFtCzztFtBtFtDtN1L1CzutC[...]
[febuujst.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.mysearchdial.vrsn", "1.8.29.0");
[febuujst.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.mysearchdial.vrsni", "1.8.29.0");
[febuujst.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.mysearchdial_i.newTab", false);
[febuujst.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.mysearchdial_i.smplGrp", "none");
[febuujst.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.mysearchdial_i.vrsnTs", "1.8.29.021:27:43");

-\\ Google Chrome v43.0.2357.81

[C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=md_14_12_ie&cd=2XzuyEtN2Y1L1Qzu0A0CtBtBtD0BzztC0B0A0CyEyEtA0AyCtN0D0Tzu0SzztCtAtN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StD0FyE0BtByCyBzytGtCzztAyEtGtCzzzy0AtGyC0C0E0EtGtAtCtBtAyDtB0E0FyB0F0D0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyCtA0E0AyEyByCyDtGyD0FtAtDtG0D0C0F0AtGyEyCtA0EtGyD0FyDtDyEyDzz0B0AtC0AtB2Q&cr=875512666&ir=
[C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.sweet-page.com/web/?type=ds&ts=1395607387&from=cor&uid=SamsungXSSDX840XEVOX120GB_S1D5NEAD869028B&q={searchTerms}
[C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://feed.safefinder.com/?p=mKO_AwFzXIpYRa8ldwnKG51HJOT1XRoA82gVkpDLIiC3wcwpHk-WqC1bzyn3YxBa73w29Svyvo4TTBuSWsKEzeobwGR3nR4rh_fHxD6ZxvQieOHH4BGGDXsewe6uYXAlQzgR4K59MYXI1HKkHX7GsRjv8D_x-2q9639bHsAF6DHshBcEDcFqxQuOPqrndIrOf2p8Jnw,&q={searchTerms}
[C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://feed.safefinder.com/?p=mKO_AwFzXIpYRa8ldwnKG51HJOT1XRoA82gVkpDLIiC3wcwpHk-WqC1bzyn3YxBa73w29Svyvo4TTBuSWsKEzeobwGR3nR4rh_fHxD6ZxvQieOHH4BGGDXsewe6uYXAlQzgR4K59MYXI1HKkHX7GsRjv8D_x-2q9639bHsAF6DHshBcEDcFqxQuOPqrndIrOf2p8Jnw,&q={searchTerms}
[C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325585&octid=EB_ORIGINAL_CTID&ISID=MBD76DC0A-7238-4E4A-A651-F7EFC810B1AB&SearchSource=58&CUI=&UM=6&UP=SPF0B6B979-9C91-40B9-8531-604BAA398CE2&q={searchTerms}&SSPV=

*************************

AdwCleaner[R0].txt - [13132 Bytes] - [07/06/2015 22:14:18]
AdwCleaner[S0].txt - [13113 Bytes] - [07/06/2015 22:17:37]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [13173  Bytes] ##########
         
Und hier die JRT.txt Datei:

Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.8.9 (06.06.2015:1)
OS: Windows 8 Pro x64
Ran by Markus Radosztics on 07.06.2015 at 22:33:21,08
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\\SearchAssistant



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\Update Mega Browse



~~~ Files

Successfully deleted: [File] C:\Users\Markus Radosztics\appdata\local\google\chrome\user data\default\local storage\https_static.olark.com_0.localstorage
Successfully deleted: [File] C:\Users\Markus Radosztics\appdata\local\google\chrome\user data\default\local storage\https_static.olark.com_0.localstorage-journal



~~~ Folders

Successfully deleted: [Folder] C:\Users\Markus Radosztics\appdata\local\com
Successfully deleted: [Folder] C:\Windows\syswow64\ai_recyclebin



~~~ FireFox

Emptied folder: C:\Users\Markus Radosztics\AppData\Roaming\mozilla\firefox\profiles\febuujst.default\minidumps [2 files]



~~~ Chrome


[C:\Users\Markus Radosztics\appdata\local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

[C:\Users\Markus Radosztics\appdata\local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:

[C:\Users\Markus Radosztics\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

[C:\Users\Markus Radosztics\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[
  booedmolknjekdopkepjjeckmjkdpfgl,
  bopakagnckmlgajfccecajhnimjiiedh,
  flpcjncodpafbgdpnkljologafpionhb,
  jpmbfleldcgkldadpdinhjjopdfpjfjp
]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 07.06.2015 at 22:35:17,09
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
Und hier die beiden FRST-Files:

Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:07-06-2015
Ran by Markus Radosztics (administrator) on WAUT0001 on 07-06-2015 22:45:22
Running from C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PYEKUK5B
Loaded Profiles: Markus Radosztics (Available Profiles: Markus Radosztics)
Platform: Windows 8 Pro (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office15\OUTLOOK.EXE
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office15\ONENOTEM.EXE
(A1) C:\Program Files (x86)\A1 Servicecenter\A1 Servicecenter\A1Servicecenter_Launcher.exe
(A1) C:\Program Files (x86)\A1 Servicecenter\A1 Servicecenter\A1Servicecenter_Repair.exe
(A1 Telekom Austria AG) C:\Program Files (x86)\A1 Servicecenter\A1 Servicecenter\A1Servicecenter_Notification.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7575768 2014-05-14] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_DTS] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1387376 2014-05-13] (Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-07] (Apple Inc.)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288 2010-10-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [36760 2010-10-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [821144 2010-10-25] (Adobe Systems Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-03-20] (Apple Inc.)
HKLM-x32\...\Run: [Nikon Message Center 2] => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [571392 2011-10-30] (Nikon Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [335232 2015-02-10] (Oracle Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => D:\Games\LogMeIn Hamachi\hamachi-2-ui.exe [3978600 2015-03-30] (LogMeIn Inc.)
HKLM-x32\...\Run: [A1Servicecenter] => C:\Program Files (x86)\A1 Servicecenter\A1 Servicecenter\A1Servicecenter_Launcher.exe [11467864 2015-05-27] (A1)
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\...\Run: [Voobly] => C:\Program Files (x86)\Voobly\voobly.exe [159744 2015-01-12] (Voobly)
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\...\Run: [HP Officejet 6600 (NET)] => C:\Program Files\HP\HP Officejet 6600\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\...\Run: [Steam] => D:\Games\Steam.exe [2892992 2015-06-04] (Valve Corporation)
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\...\Run: [TomTomHOME.exe] => C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [248176 2014-06-05] (TomTom)
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [898048 2012-07-26] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2014-01-16]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Markus Radosztics\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2015-03-18]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files (x86)\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Markus Radosztics\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2013-10-13]
ShortcutTarget: Dropbox.lnk -> C:\Users\Markus Radosztics\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Markus Radosztics\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Markus Radosztics\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Markus Radosztics\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Markus Radosztics\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Markus Radosztics\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Markus Radosztics\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Markus Radosztics\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-817472733-4082136947-4255886928-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSE1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSE1
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSE1
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.at.msn.com/
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-05-04] (Microsoft Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-10-25] (Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-03-31] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-03-06] (Oracle Corporation)
BHO-x32: af0.Adblock.BHO -> {90EFF544-3981-4d46-85C9-C0361D0931D6} -> C:\Windows\SysWOW64\mscoree.dll [2012-06-02] (Microsoft Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-10-25] (Adobe Systems Incorporated)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-06] (Oracle Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-10-25] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-10-25] (Adobe Systems Incorporated)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-03-18] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default
FF Homepage: hxxp://www.google.com/
FF NetworkProxy: "gopher", ""
FF NetworkProxy: "gopher_port", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-14] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-14] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-06] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-06] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-03-31] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-03-18] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-07-02] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-07-02] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)
FF Plugin HKU\S-1-5-21-817472733-4082136947-4255886928-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Markus Radosztics\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2014-03-13] (Citrix Online)
FF Plugin HKU\S-1-5-21-817472733-4082136947-4255886928-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-05-23] ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-03-31] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2014-11-01] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2014-11-01] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2014-11-01] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2014-11-01] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2014-11-01] (Apple Inc.)
FF Extension: A1 Servicecenter - C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\Extensions\{594657B4-413A-41D0-8F85-A6D3F35C9BDF} [2015-06-03]
FF Extension: Download videos and MP3s from YouTube - C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\Extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900} [2014-10-06]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-05-01]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2013-09-30]
FF HKU\S-1-5-21-817472733-4082136947-4255886928-1001\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: No Name - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
FF HKU\S-1-5-21-817472733-4082136947-4255886928-1001\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2014-10-06]

Chrome: 
=======
CHR Profile: C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-11-19]
CHR Extension: (Google Drive) - C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-11-19]
CHR Extension: (YouTube) - C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-11-19]
CHR Extension: (Google Search) - C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-11-19]
CHR Extension: (iCloud Bookmarks) - C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkepacicchenbjecpbpbclokcabebhah [2014-12-27]
CHR Extension: (Bookmark Manager) - C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-16]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-05]
CHR Extension: (Google Wallet) - C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-19]
CHR Extension: (Gmail) - C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-11-19]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.)
S2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-07-04] ()
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2736824 2015-04-07] (Microsoft Corporation)
S2 DTSAudioSvc; C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [240576 2013-10-07] (DTS, Inc)
S2 Hamachi2Svc; D:\Games\LogMeIn Hamachi\hamachi-2.exe [2490216 2015-03-30] (LogMeIn Inc.)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\LENOVO\easyplussdk\bin\EPHotspot64.exe [619776 2015-01-15] (Lenovo)
S2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation)
S3 Origin Client Service; D:\Games\Origin\OriginClientService.exe [1931632 2015-05-15] (Electronic Arts)
S2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2015-05-23] ()
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16024 2015-01-31] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-21] ()
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R3 e1dexpress; C:\Windows\system32\DRIVERS\e1d63x64.sys [468752 2013-02-27] (Intel Corporation)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [44296 2015-03-30] (LogMeIn Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-06-07] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-04-14] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-07 22:35 - 2015-06-07 22:35 - 00002121 _____ C:\Users\Markus Radosztics\Desktop\JRT.txt
2015-06-07 22:33 - 2015-06-07 22:33 - 00000207 _____ C:\Windows\tweaking.com-regbackup-WAUT0001-Windows-8-Pro-(64-bit).dat
2015-06-07 22:33 - 2015-06-07 22:33 - 00000000 ____D C:\RegBackup
2015-06-07 22:13 - 2015-06-07 22:17 - 00000000 ____D C:\AdwCleaner
2015-06-07 22:12 - 2015-06-07 22:12 - 00115147 _____ C:\Users\Markus Radosztics\Desktop\mbam.txt
2015-06-07 21:50 - 2015-06-07 22:18 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-06-07 21:50 - 2015-06-07 21:50 - 00001108 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-06-07 21:50 - 2015-06-07 21:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-06-07 21:50 - 2015-06-07 21:50 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-06-07 21:50 - 2015-06-07 21:50 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-06-07 21:50 - 2015-04-14 09:38 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-06-07 21:50 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-06-07 21:50 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-06-07 21:40 - 2015-06-07 21:40 - 00001270 _____ C:\Users\Markus Radosztics\Desktop\Revo Uninstaller.lnk
2015-06-07 21:40 - 2015-06-07 21:40 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2015-06-07 20:44 - 2015-06-07 22:45 - 00000000 ____D C:\FRST
2015-06-03 20:09 - 2015-06-03 20:12 - 00000000 ____D C:\Users\Public\Documents\a1
2015-06-03 20:07 - 2015-06-03 20:07 - 00001428 _____ C:\Users\Markus Radosztics\AppData\Roaming\Microsoft\Windows\Start Menu\A1 Servicecenter.lnk
2015-06-03 20:07 - 2015-06-03 20:07 - 00001404 _____ C:\Users\Public\Desktop\A1 Servicecenter.lnk
2015-06-03 20:07 - 2015-06-03 20:07 - 00000000 __HDC C:\ProgramData\{69A85660-A711-4C57-B62C-D99C4F0B0DF6}
2015-06-03 20:07 - 2015-06-03 20:07 - 00000000 ____D C:\Program Files (x86)\A1 Servicecenter
2015-06-03 20:07 - 2015-05-18 15:30 - 06320216 ____N (mquadr.at software engineering & consulting GmbH) C:\Windows\SysWOW64\m2network64helperUniDotNet.exe
2015-05-23 20:27 - 2015-05-23 21:26 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\Ubisoft Game Launcher
2015-05-23 20:11 - 2015-05-23 20:11 - 00282512 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2015-05-23 20:10 - 2015-05-23 20:10 - 00076888 _____ C:\Windows\SysWOW64\PnkBstrA.exe
2015-05-23 20:10 - 2015-05-23 20:10 - 00001207 _____ C:\Users\Markus Radosztics\Desktop\Uplay.lnk
2015-05-23 20:10 - 2015-05-23 20:10 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2015-05-23 20:10 - 2015-05-23 20:10 - 00000000 ____D C:\Program Files (x86)\Ubisoft
2015-05-23 19:51 - 2015-05-23 19:52 - 00000000 ____D C:\Users\Markus Radosztics\Documents\Witcher 2
2015-05-23 19:48 - 2015-05-23 19:48 - 00000000 ____D C:\Users\Markus Radosztics\Documents\Thief
2015-05-23 18:21 - 2015-05-23 18:21 - 00000202 _____ C:\Users\Markus Radosztics\Desktop\Thief.url
2015-05-23 18:09 - 2015-05-23 18:09 - 00000202 _____ C:\Users\Markus Radosztics\Desktop\Dishonored.url
2015-05-19 22:03 - 2015-05-19 22:03 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\TempTaskUpdateDetection6DA59A38-8DE6-4AC8-888A-3483530A69AB
2015-05-17 20:25 - 2015-05-17 20:25 - 00000000 ____D C:\Users\Markus Radosztics\Documents\Fussball Manager 13
2015-05-16 22:25 - 2015-05-17 20:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoccerLobby
2015-05-16 00:40 - 2015-04-30 15:07 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-16 00:40 - 2015-04-30 15:07 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-16 00:19 - 2015-05-16 21:41 - 00000000 ____D C:\Users\Markus Radosztics\Documents\FUSSBALL MANAGER 14
2015-05-15 23:27 - 2015-05-15 23:27 - 00000908 _____ C:\Users\Public\Desktop\FUSSBALL MANAGER 14.lnk
2015-05-15 23:27 - 2015-05-15 23:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FUSSBALL MANAGER 14
2015-05-15 23:08 - 2015-05-16 00:44 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\Origin
2015-05-15 23:08 - 2015-05-15 23:14 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\Origin
2015-05-15 23:05 - 2015-05-26 20:38 - 00000000 ____D C:\ProgramData\Origin
2015-05-15 23:05 - 2015-05-15 23:05 - 00000623 _____ C:\Users\Public\Desktop\Origin.lnk
2015-05-15 08:10 - 2015-05-15 08:10 - 00000000 ____D C:\Windows\rescache
2015-05-14 13:59 - 2015-05-02 08:28 - 00100184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-05-14 13:59 - 2015-05-02 05:59 - 00318976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-05-14 13:59 - 2015-05-02 05:36 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-05-14 13:59 - 2015-03-14 02:55 - 00410017 _____ C:\Windows\system32\ApnDatabase.xml
2015-05-14 13:59 - 2015-02-18 09:39 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-05-14 13:59 - 2015-02-18 09:38 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\tssdisai.dll
2015-05-13 19:57 - 2015-04-21 16:33 - 14374400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-05-13 19:57 - 2015-04-21 16:33 - 13771776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-05-13 19:57 - 2015-04-21 16:33 - 02864640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-05-13 19:57 - 2015-04-21 16:33 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-05-13 19:57 - 2015-04-21 16:33 - 01763328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-05-13 19:57 - 2015-04-21 16:33 - 01181696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-05-13 19:57 - 2015-04-21 16:33 - 00737280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-05-13 19:57 - 2015-04-21 16:33 - 00690176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-05-13 19:57 - 2015-04-21 16:33 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-05-13 19:57 - 2015-04-21 16:33 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-05-13 19:57 - 2015-04-21 16:33 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-05-13 19:57 - 2015-04-21 16:33 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-05-13 19:57 - 2015-04-21 16:33 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-05-13 19:57 - 2015-04-21 16:33 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-05-13 19:57 - 2015-04-21 16:32 - 01441280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-05-13 19:57 - 2015-04-21 15:53 - 02237440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-13 19:57 - 2015-04-21 15:53 - 01409536 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-13 19:57 - 2015-04-21 15:53 - 00601600 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-13 19:57 - 2015-04-21 15:52 - 19291136 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-13 19:57 - 2015-04-21 15:52 - 15414784 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-13 19:57 - 2015-04-21 15:52 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-05-13 19:57 - 2015-04-21 15:52 - 02656768 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-13 19:57 - 2015-04-21 15:52 - 01509376 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-13 19:57 - 2015-04-21 15:52 - 00949760 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-05-13 19:57 - 2015-04-21 15:52 - 00856064 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-05-13 19:57 - 2015-04-21 15:52 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-13 19:57 - 2015-04-21 15:52 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-13 19:57 - 2015-04-21 15:52 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-05-13 19:57 - 2015-04-21 15:52 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-13 19:57 - 2015-04-18 04:37 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-05-13 19:57 - 2015-04-18 04:34 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-13 18:11 - 2015-04-14 00:09 - 00570248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-05-13 18:11 - 2015-04-13 07:30 - 01839616 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-13 18:11 - 2015-04-13 07:30 - 01280512 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-13 18:11 - 2015-04-13 06:05 - 01416192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-05-13 18:11 - 2015-04-13 05:25 - 04063744 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-13 17:31 - 2015-04-13 07:32 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-13 17:31 - 2015-03-12 07:31 - 01688576 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
2015-05-13 16:39 - 2015-04-06 07:36 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\PhotoMetadataHandler.dll
2015-05-13 16:39 - 2015-04-06 06:08 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhotoMetadataHandler.dll
2015-05-13 16:39 - 2015-03-12 07:31 - 02048000 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-05-13 16:39 - 2015-03-12 07:31 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\WPDShServiceObj.dll
2015-05-13 16:39 - 2015-03-12 05:52 - 01933312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2015-05-13 16:39 - 2015-03-04 08:41 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-05-13 16:39 - 2015-03-04 08:39 - 00632832 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-05-13 16:39 - 2015-03-04 08:39 - 00204288 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-05-13 16:39 - 2015-03-04 06:53 - 00021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-05-13 16:39 - 2015-03-04 06:52 - 00676864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-07 22:44 - 2013-11-19 21:28 - 00001136 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-07 22:37 - 2013-09-30 21:01 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-07 22:36 - 2013-09-30 19:30 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-817472733-4082136947-4255886928-1001
2015-06-07 22:33 - 2014-06-17 22:52 - 00005184 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for WAUT0001-Markus Radosztics WAUT0001
2015-06-07 22:25 - 2012-07-26 12:27 - 00751892 _____ C:\Windows\system32\perfh007.dat
2015-06-07 22:25 - 2012-07-26 12:27 - 00155620 _____ C:\Windows\system32\perfc007.dat
2015-06-07 22:25 - 2012-07-26 09:28 - 01745416 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-07 22:19 - 2015-01-14 23:45 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\LogMeIn Hamachi
2015-06-07 22:19 - 2013-10-13 20:57 - 00000000 ___RD C:\Users\Markus Radosztics\Dropbox
2015-06-07 22:19 - 2013-10-13 20:55 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\Dropbox
2015-06-07 22:18 - 2014-12-27 12:46 - 00000000 ___RD C:\Users\Markus Radosztics\iCloudDrive
2015-06-07 22:18 - 2014-12-27 12:45 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\36A80DEE-1AAD-4F7E-AA6A-4638F785B9B6.aplzod
2015-06-07 22:18 - 2013-11-19 21:28 - 00001132 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-07 22:18 - 2013-10-01 21:22 - 00000000 ____D C:\ProgramData\NVIDIA
2015-06-07 22:18 - 2013-09-30 19:17 - 00231686 _____ C:\Windows\PFRO.log
2015-06-07 22:18 - 2012-07-26 09:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-07 22:17 - 2014-03-23 22:26 - 00000000 ____D C:\Windows\system32\log
2015-06-07 22:05 - 2012-07-26 07:26 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-06-07 22:04 - 2013-11-22 22:24 - 00000366 _____ C:\Windows\Tasks\HP Photo Creations Communicator.job
2015-06-07 22:00 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\sru
2015-06-07 21:48 - 2013-09-30 19:24 - 01499686 _____ C:\Windows\WindowsUpdate.log
2015-06-07 12:43 - 2014-02-05 18:38 - 00000156 _____ C:\Users\Markus Radosztics\AppData\Roaming\WB.CFG
2015-06-07 11:25 - 2013-11-19 21:28 - 00002211 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-06-07 11:14 - 2013-10-01 18:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-06-03 20:07 - 2014-05-27 17:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\A1
2015-06-03 19:42 - 2014-09-29 17:58 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\A1
2015-06-03 19:18 - 2014-05-27 17:36 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\a1ta
2015-06-03 00:14 - 2014-06-25 17:28 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-06-01 19:41 - 2013-10-02 17:05 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\Skype
2015-05-28 22:04 - 2013-09-30 19:24 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\Packages
2015-05-25 17:24 - 2013-10-02 17:05 - 00000000 ____D C:\ProgramData\Skype
2015-05-23 21:39 - 2013-10-11 17:05 - 00000000 ____D C:\Users\Markus Radosztics\Documents\My Games
2015-05-23 20:10 - 2013-10-05 10:56 - 00519043 _____ C:\Windows\DirectX.log
2015-05-23 19:56 - 2013-09-30 19:32 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-05-22 08:42 - 2015-02-23 20:21 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-05-20 23:04 - 2013-10-01 18:20 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\TS3Client
2015-05-20 22:17 - 2013-10-02 16:32 - 00000000 ____D C:\Program Files (x86)\Voobly
2015-05-19 07:39 - 2015-03-18 18:45 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-05-18 15:31 - 2014-05-27 17:35 - 04037720 ____N (mquadr.at software engineering) C:\Windows\SysWOW64\M2ElevatedNetworkAdapters.dll
2015-05-18 08:39 - 2013-11-19 21:28 - 00004108 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-18 08:39 - 2013-11-19 21:28 - 00003872 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-16 00:41 - 2013-09-30 19:53 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-05-16 00:41 - 2013-09-30 19:52 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-05-16 00:40 - 2012-07-26 09:59 - 00000000 ____D C:\Windows\CbsTemp
2015-05-15 07:29 - 2015-03-20 10:39 - 00507240 _____ C:\Windows\system32\FNTCACHE.DAT
2015-05-15 00:31 - 2012-07-26 12:29 - 00000000 ____D C:\Program Files\Windows Journal
2015-05-15 00:31 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2015-05-14 19:01 - 2013-11-22 22:36 - 00000000 ____D C:\ProgramData\MAGIX
2015-05-14 18:57 - 2014-03-13 19:52 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\Citrix
2015-05-14 18:54 - 2013-10-03 16:21 - 00000000 ____D C:\ProgramData\Solidshield
2015-05-14 14:01 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\AUInstallAgent
2015-05-13 21:08 - 2013-09-30 22:57 - 00000000 ____D C:\Windows\system32\MRT
2015-05-13 21:05 - 2013-09-30 22:57 - 140425016 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-05-13 16:24 - 2013-09-30 19:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-05-13 16:24 - 2012-07-26 07:26 - 00000269 _____ C:\Windows\win.ini
2015-05-13 16:23 - 2013-09-30 19:57 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-05-13 16:23 - 2013-09-30 19:57 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-05-09 10:07 - 2013-10-13 20:57 - 00001061 _____ C:\Users\Markus Radosztics\Desktop\Dropbox.lnk
2015-05-09 10:07 - 2013-10-13 20:55 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox

==================== Files in the root of some directories =======

2013-09-30 20:29 - 2013-09-30 20:29 - 0000268 ___RH () C:\Users\Markus Radosztics\AppData\Roaming\String Ensemble
2013-09-30 20:30 - 2013-09-30 20:30 - 0000268 ___RH () C:\Users\Markus Radosztics\AppData\Roaming\Strings
2013-09-30 20:29 - 2013-09-30 20:29 - 0000268 ___RH () C:\Users\Markus Radosztics\AppData\Roaming\Super Strings
2013-09-30 20:29 - 2013-09-30 20:29 - 0000268 ___RH () C:\Users\Markus Radosztics\AppData\Roaming\Techno Kit
2014-02-05 18:38 - 2015-06-07 12:43 - 0000156 _____ () C:\Users\Markus Radosztics\AppData\Roaming\WB.CFG
2013-11-06 10:01 - 2014-08-12 18:27 - 0006144 _____ () C:\Users\Markus Radosztics\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-12-23 18:56 - 2014-12-23 18:56 - 0007606 _____ () C:\Users\Markus Radosztics\AppData\Local\Resmon.ResmonCfg
2013-10-02 17:42 - 2013-10-02 17:42 - 0000057 _____ () C:\ProgramData\Ament.ini
2014-07-07 09:16 - 2014-07-07 09:16 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2013-09-30 20:29 - 2013-09-30 20:29 - 0000012 ___RH () C:\ProgramData\howto
2013-09-30 20:29 - 2013-09-30 20:29 - 0000020 ____H () C:\ProgramData\PKP_DLeo.DAT
2013-09-30 20:30 - 2013-09-30 20:30 - 0000020 ____H () C:\ProgramData\PKP_DLes.DAT
2013-09-30 20:29 - 2013-09-30 20:30 - 0000020 ____H () C:\ProgramData\PKP_DLet.DAT
2013-09-30 20:29 - 2013-09-30 20:29 - 0000020 ____H () C:\ProgramData\PKP_DLev.DAT
2013-09-30 20:29 - 2013-09-30 20:29 - 0000268 ___RH () C:\ProgramData\Sync Schema
2013-09-30 20:30 - 2013-09-30 20:30 - 0000268 ___RH () C:\ProgramData\Sync Services
2013-09-30 20:29 - 2013-09-30 20:29 - 0000268 ___RH () C:\ProgramData\Synth Basics
2013-09-30 20:29 - 2013-09-30 20:29 - 0000012 ___RH () C:\ProgramData\Track Settings
2013-09-30 20:30 - 2013-09-30 20:30 - 0000012 ___RH () C:\ProgramData\Transportation
2013-09-30 20:29 - 2013-09-30 20:29 - 0000012 ___RH () C:\ProgramData\Tremolo

Some files in TEMP:
====================
C:\Users\Markus Radosztics\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpcgpk7b.dll
C:\Users\Markus Radosztics\AppData\Local\Temp\Quarantine.exe
C:\Users\Markus Radosztics\AppData\Local\Temp\sqlite3.dll
C:\Users\Markus Radosztics\AppData\Local\Temp\{EFF616A3-14B1-4A6A-9192-4E85EA2DE69E}_emergency.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-06-07 11:02

==================== End of log ============================
         
Hier Nummer zwei:

[CODE]Additional
FRST Logfile:
Code:
ATTFilter
scan result of Farbar Recovery Scan Tool (x64) Version:07-06-2015
Ran by Markus Radosztics at 2015-06-07 22:45:37
Running from C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PYEKUK5B
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-817472733-4082136947-4255886928-500 - Administrator - Disabled)
Birgit (S-1-5-21-817472733-4082136947-4255886928-1003 - Limited - Enabled)
Gast (S-1-5-21-817472733-4082136947-4255886928-501 - Limited - Disabled)
Markus Radosztics (S-1-5-21-817472733-4082136947-4255886928-1001 - Administrator - Enabled) => C:\Users\Markus Radosztics

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

A1 FTP (HKLM-x32\...\A1 FTP) (Version: 2.0.0.2 - A1 Telekom Austria AG)
A1 FTP (x32 Version: 2.0.0.2 - A1 Telekom Austria AG) Hidden
A1 Servicecenter (HKLM-x32\...\A1 Servicecenter) (Version: 9.15.1.1250 - A1 Telekom Austria AG)
AdblockIE (HKLM-x32\...\{5508128A-2C7B-46B5-81F9-58E8E8115F0B}) (Version: 1.2 - af0.net)
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.0.0 - Adobe Systems)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Apple Application Support (32-Bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
BIPA FotoShop (HKLM-x32\...\BIPA FotoShop) (Version: 5.1.7 - CEWE Stiftung u Co. KGaA)
BrettspielWelt (HKLM-x32\...\BrettspielWelt) (Version: 1.0 - BrettspielWelt GmbH)
Dishonored (HKLM-x32\...\Steam App 205100) (Version: 1.0 - Bethesda Softworks)
Documents To Go Desktop für iOS (HKLM-x32\...\DTGDesktop) (Version: 5.0000.013 - DataViz, Inc.)
Dropbox (HKU\S-1-5-21-817472733-4082136947-4255886928-1001\...\Dropbox) (Version: 3.4.6 - Dropbox, Inc.)
EAX4 Unified Redist (HKLM-x32\...\{89661B04-C646-4412-B6D3-5E19F02F1F37}) (Version: 4.001 - Creative Labs)
Far Cry 3 (HKLM-x32\...\{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88}) (Version: 1.05 - Ubisoft)
Free DVD Video Burner version 3.2.14.415 (HKLM-x32\...\Free DVD Video Burner_is1) (Version: 3.2.14.415 - DVDVideoSoft Ltd.)
Free YouTube Download version 3.2.46.923 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.46.923 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.54.128 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.54.128 - DVDVideoSoft Ltd.)
FUSSBALL MANAGER 14 (HKLM-x32\...\{5FC27E1E-08C0-4346-A321-ED2D31FAE936}) (Version: 1.0.0.0 - Electronic Arts)
GameRanger (HKU\S-1-5-21-817472733-4082136947-4255886928-1001\...\GameRanger) (Version:  - GameRanger Technologies)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.81 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Officejet 6600 - Grundlegende Software für das Gerät (HKLM\...\{F58934BD-F483-43EB-B307-CFFD88B18455}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.12412 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
iCloud (HKLM\...\{709A2D23-C25E-47B5-9268-CB6FEE648504}) (Version: 4.1.1.53 - Apple Inc.)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 18.1 - Intel)
iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.328 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.328 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Metric Collection SDK 35 (x32 Version: 1.2.0006.00 - Lenovo Group Limited) Hidden
Microsoft Age of Empires II (HKLM-x32\...\Age of Empires 2.0) (Version:  - )
Microsoft Age of Empires II: The Conquerors Expansion (HKLM-x32\...\Age of Empires II: The Conquerors Expansion 1.0) (Version:  - )
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-817472733-4082136947-4255886928-1001\...\OneDriveSetup.exe) (Version: 17.3.1171.0714 - Microsoft Corporation)
Microsoft OneNote 2013 - de-de (HKLM\...\OneNoteFreeRetail - de-de) (Version: 15.0.4719.1002 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 38.0.5 (x86 de) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 de)) (Version: 38.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Nikon Message Center 2 (HKLM-x32\...\{B014EE44-9197-4513-9613-71E6EB1B514E}) (Version: 2.1.0 - Nikon)
Nikon Movie Editor (HKLM-x32\...\{5CAD3393-EEC0-44CE-9F93-BCAA365B77FB}) (Version: 2.7.0 - Nikon)
NVIDIA 3D Vision Controller-Treiber 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4719.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4719.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4719.1002 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.3.2.2730 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PFPortChecker 1.0.40 (HKLM-x32\...\PFPortChecker) (Version: 1.0.40 - Portforward.com)
Picture Control Utility x64 (HKLM\...\{11953C65-BB4E-4CA4-B0F0-2600A4B20040}) (Version: 1.4.12 - Nikon)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14083.17 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.14083.17 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version:  - Microsoft)
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 2.1.21.0 - Lenovo Group Limited)
SHIELD Streaming (Version: 3.1.100 - NVIDIA Corporation) Hidden
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version:  - 2K Games, Inc.)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation)
Skype™ 7.4 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.24951 - TeamViewer)
Thief (HKLM-x32\...\Steam App 239160) (Version:  - Eidos-Montréal)
TmNationsForever (HKLM-x32\...\TmNationsForever_is1) (Version:  - Nadeo)
TomTom HOME (HKLM-x32\...\{7A2BB1C8-903D-4585-9F3B-CADD67D07D37}) (Version: 2.9.8 - Ihr Firmenname)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Trainingspläne Version 1.0 (HKLM-x32\...\{F8A382D7-5453-4E2C-AD53-A598D868B3EE}_is1) (Version: 1.0 - SoccerLobby)
Update for Skype for Business 2015 (KB2889853) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0407-0000-0000000FF1CE}_Office15.PROPLUS_{0C5B0539-7EDE-4297-947E-48890971B557}) (Version:  - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
ViewNX 2 (HKLM\...\{635BE602-BB9C-4C59-8CC5-93F9366E8A21}) (Version: 2.7.6 - Nikon)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version:  - Elaborate Bytes)
VirtualDJ Home FREE (HKLM-x32\...\{77C2D5D4-ADC5-49F9-B36E-5992FCF35EA3}) (Version: 7.4.1 - Atomix Productions)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Voobly (HKLM-x32\...\Voobly_is1) (Version: Voobly - Voobly)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-817472733-4082136947-4255886928-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Markus Radosztics\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-817472733-4082136947-4255886928-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Markus Radosztics\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-817472733-4082136947-4255886928-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Markus Radosztics\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-817472733-4082136947-4255886928-1001_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Markus Radosztics\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-817472733-4082136947-4255886928-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Markus Radosztics\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-817472733-4082136947-4255886928-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Markus Radosztics\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-817472733-4082136947-4255886928-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Markus Radosztics\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-817472733-4082136947-4255886928-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Markus Radosztics\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-817472733-4082136947-4255886928-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Markus Radosztics\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-817472733-4082136947-4255886928-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Markus Radosztics\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-817472733-4082136947-4255886928-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Markus Radosztics\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-817472733-4082136947-4255886928-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Markus Radosztics\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-817472733-4082136947-4255886928-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Markus Radosztics\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-817472733-4082136947-4255886928-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Markus Radosztics\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-817472733-4082136947-4255886928-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Markus Radosztics\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)

==================== Restore Points =========================

07-06-2015 18:11:02 Windows Defender Checkpoint

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {09440F26-5401-4511-BACA-C8831EC2AE6D} - System32\Tasks\Microsoft Office 15 Sync Maintenance for WAUT0001-Markus Radosztics WAUT0001 => C:\Program Files\Microsoft Office 15\root\Office15\MsoSync.exe [2015-05-04] (Microsoft Corporation)
Task: {2E74F044-78F4-48E0-B6A0-91F591980FEB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-19] (Google Inc.)
Task: {379476DD-23F7-4AE9-A6B6-2E7FA392A420} - \avabvbyvyc No Task File <==== ATTENTION
Task: {5818FE90-AFFD-4AFE-A7D4-A82A9C1B041F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-14] (Adobe Systems Incorporated)
Task: {61B31C95-845F-48F8-8F35-87FE7AB7A398} - System32\Tasks\HP Photo Creations Communicator => C:\ProgramData\HP Photo Creations\Communicator.exe [2013-11-22] ()
Task: {6E00A728-E5F1-43E9-B732-042503B69676} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-05-13] (Microsoft Corporation)
Task: {6F8840BE-EF31-437E-AB13-0EE27E62B6A0} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {8C34A83F-AB6B-4DD6-A135-184B6A087422} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-09-10] (Lenovo)
Task: {C37A8168-7AE0-45AF-87BA-5E7D155018D6} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {C4A8F7C1-E598-4018-A931-9156A8D07AF8} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {CE5EBAA0-6FA5-4B7C-A9B2-66052EF9D1FB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-19] (Google Inc.)
Task: {DB4C4EA9-E673-409B-BFC1-1B143E7A7376} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-04-14] (Microsoft Corporation)
Task: {E04F0DEA-DAE9-4613-89D1-569AB4AA22B2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {E8D1A991-A253-436E-AD0D-B832F4A7BE57} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-04-14] (Microsoft Corporation)
Task: {FA6EDE8A-C39F-41FC-A819-6BBA4C030A08} - \MixVideoPlayer Update No Task File <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HP Photo Creations Communicator.job => C:\ProgramData\HP Photo Creations\Communicator.exe

==================== Loaded Modules (Whitelisted) ==============

2015-01-20 23:35 - 2015-01-20 23:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-03-18 18:45 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-09-25 13:31 - 2014-09-25 13:31 - 01754296 _____ () C:\Program Files (x86)\Microsoft Office\Office15\tmpod.dll
2014-01-23 15:55 - 2014-01-23 15:55 - 01030312 _____ () C:\Program Files (x86)\Microsoft Office\Office15\ADDINS\UmOutlookAddin.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-817472733-4082136947-4255886928-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Markus Radosztics\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 10.0.0.138

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run32: => "APSDaemon"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [TCP Query User{12B3E761-7E9C-487C-A6C7-71A94B02A9A6}C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.exe] => (Allow) C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.exe
FirewallRules: [UDP Query User{0D2D1C41-8235-4996-8423-AAC196CCD3A5}C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.exe] => (Allow) C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.exe
FirewallRules: [{987FF516-1D9B-4553-A1BB-A6E48D02E05E}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires II\age2_x1\age2_x2.exe
FirewallRules: [{7A9C7811-E7BE-41EE-95DF-B0C541733236}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires II\age2_x1\age2_x2.exe
FirewallRules: [{FC58825A-6514-4624-8DCD-0E92D6A5A51D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{CC8CDB57-99F2-44D9-B553-88A076EAB0E9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{7A288BFF-DFBA-49C6-9C6C-042CF623F317}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{5A35EB0E-2620-4B0D-BF14-0348A0B753C4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{631735D1-D72A-4BF3-B345-13962B361B20}] => (Allow) C:\Windows\SysWOW64\dplaysvr.exe
FirewallRules: [{70AC4E28-6244-4DBA-9D26-66B9B8685C6B}] => (Allow) C:\Windows\SysWOW64\dplaysvr.exe
FirewallRules: [{AA10494F-E851-412F-9F77-F5C4E912E897}] => (Allow) C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.exe
FirewallRules: [{B4C38608-5ABA-4EB1-A254-28AF1E13602E}] => (Allow) C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.exe
FirewallRules: [TCP Query User{8196E49A-726B-4E22-B44A-D4A6BEA8AA0B}C:\users\markus radosztics\appdata\roaming\gameranger\gameranger\gameranger.exe] => (Allow) C:\users\markus radosztics\appdata\roaming\gameranger\gameranger\gameranger.exe
FirewallRules: [UDP Query User{C8AF183D-695A-455F-8E54-335EBF0D17AA}C:\users\markus radosztics\appdata\roaming\gameranger\gameranger\gameranger.exe] => (Allow) C:\users\markus radosztics\appdata\roaming\gameranger\gameranger\gameranger.exe
FirewallRules: [{B924E48A-941A-453B-A456-076DD7A8218D}] => (Allow) C:\Program Files\HP\HP Officejet 6600\bin\FaxApplications.exe
FirewallRules: [{7251B19A-6116-4C23-99DC-8000CBF4AD37}] => (Allow) C:\Program Files\HP\HP Officejet 6600\bin\DigitalWizards.exe
FirewallRules: [{7BCBB288-9D10-4FB2-843C-3A5678A248C0}] => (Allow) C:\Program Files\HP\HP Officejet 6600\bin\SendAFax.exe
FirewallRules: [{16D07102-1BAD-4891-B845-C039F17C47E2}] => (Allow) C:\Program Files\HP\HP Officejet 6600\Bin\DeviceSetup.exe
FirewallRules: [{B5BEA6BD-7DD5-4370-8089-A431E9B727CE}] => (Allow) C:\Program Files\HP\HP Officejet 6600\Bin\HPNetworkCommunicator.exe
FirewallRules: [{7E087840-41B4-4F24-B6A4-FFC8BEBAEB89}] => (Allow) C:\Program Files\HP\HP Officejet 6600\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [TCP Query User{1DF54F7F-6297-45D3-B113-80948A28E143}C:\program files (x86)\tmnationsforever\tmforever.exe] => (Allow) C:\program files (x86)\tmnationsforever\tmforever.exe
FirewallRules: [UDP Query User{67B44643-DE75-41A1-9262-671B980EEB9D}C:\program files (x86)\tmnationsforever\tmforever.exe] => (Allow) C:\program files (x86)\tmnationsforever\tmforever.exe
FirewallRules: [TCP Query User{F7606471-0FB1-4092-827F-1FB53190140D}C:\program files (x86)\voobly\voobly.exe] => (Allow) C:\program files (x86)\voobly\voobly.exe
FirewallRules: [UDP Query User{BC834164-D4A3-47B7-97CC-D2C227FB7D43}C:\program files (x86)\voobly\voobly.exe] => (Allow) C:\program files (x86)\voobly\voobly.exe
FirewallRules: [{3F817821-4983-4364-9208-1D81F08E2CBE}] => (Allow) D:\Games\Steam.exe
FirewallRules: [{2BEEEE53-A5FE-4FDF-9FD5-D35215E1F9A3}] => (Allow) D:\Games\Steam.exe
FirewallRules: [{F2C6C1A4-93A7-45B9-B7BE-9290141C5BF8}] => (Allow) C:\Users\Markus Radosztics\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{9B64C189-F926-4B4E-98A1-F542C454DF81}] => (Allow) C:\Users\Markus Radosztics\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{D1742FAF-9B9F-4535-8F74-17D280C40459}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{C88C8307-5F55-4D61-8862-887D2105F71E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{08361B9C-1436-43CB-8ED7-7447926105C7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{0E1ADA58-1E53-4137-BE99-1308CD22FD7F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{311887E4-8CD3-43CE-A516-B3636172ED4F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{EA9A4AA8-7465-4DC4-9766-F9C4BB7ADA05}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{4F553A41-E2B2-43AB-BE0A-32D3C00D5D2F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{7F543D06-198A-4CE1-8015-EB85EF9BEE57}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{60607916-FF32-4CCF-8F30-14EFCD720AC7}D:\games\the witcher 2\bin\witcher2.exe] => (Allow) D:\games\the witcher 2\bin\witcher2.exe
FirewallRules: [UDP Query User{633C3547-A42F-4E3E-953E-B7370EE3D597}D:\games\the witcher 2\bin\witcher2.exe] => (Allow) D:\games\the witcher 2\bin\witcher2.exe
FirewallRules: [{CAC76C0B-DBB3-45DB-8440-C891678DDE50}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{249EA525-E665-4421-9D68-2D095DDDAB85}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{D19A8191-86A5-4394-AD86-CBE673C02324}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{81A1BDEB-5C5A-4163-9620-199C1B55DABC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{84124389-5F23-460B-A440-0B0C1890B2C2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{E9C02F06-B9E6-4612-B312-9AA2E15DB41D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{61993195-3FAF-49A2-96FB-79734E8CFDFF}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{48E4F530-43F6-43F0-B854-5DD43FDF710D}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{A4B35422-C5DD-4495-8ADB-D1CAFF586E3F}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{BCBF0BF4-46EE-477F-B7E6-A7AF46299B6A}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{80D26611-50A7-48D4-894D-3036FC65A47F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{B18147B6-59FF-45EC-AC63-E0238E149424}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{FFBC0C40-06CB-4D5A-861A-F5EBEDD4A235}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{81379960-4816-40C3-BB95-629C50136E29}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{7188B560-63DB-4CF1-A9E0-787EF40AC57F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{46A6122F-F0A5-48B8-8800-4D4FE2872C1A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{DF34092E-2C88-4CFD-817B-46AF1CC8779F}D:\games\anno1701.exe] => (Allow) D:\games\anno1701.exe
FirewallRules: [UDP Query User{F84FA8AF-E620-4056-99DB-B1C428CE4CA4}D:\games\anno1701.exe] => (Allow) D:\games\anno1701.exe
FirewallRules: [TCP Query User{686F978E-85C5-44E0-B9C8-AE75D9A53DC2}D:\games\scda-offline\system\splintercell4.exe] => (Allow) D:\games\scda-offline\system\splintercell4.exe
FirewallRules: [UDP Query User{ED50F34F-878E-4D91-A7DB-77D76C2C96D2}D:\games\scda-offline\system\splintercell4.exe] => (Allow) D:\games\scda-offline\system\splintercell4.exe
FirewallRules: [{33133F83-68DE-40BE-AEF1-A346CE63EAD4}] => (Allow) D:\Games\AssassinsCreed_Dx9.exe
FirewallRules: [{B3610912-69F4-4AAC-93C7-A0C6B8D6C7D7}] => (Allow) D:\Games\AssassinsCreed_Dx9.exe
FirewallRules: [{482BD8FC-11B2-420E-82D2-204AAE387526}] => (Allow) D:\Games\AssassinsCreed_Dx10.exe
FirewallRules: [{F176C00A-8546-48C3-BF1C-4F91D5282750}] => (Allow) D:\Games\AssassinsCreed_Dx10.exe
FirewallRules: [{8779B77A-DFDE-4515-8316-34327377D91C}] => (Allow) D:\Games\AssassinsCreed_Launcher.exe
FirewallRules: [{9F87AE0A-D5B3-4BBD-ADCE-0F9D1FDEA32D}] => (Allow) D:\Games\AssassinsCreed_Launcher.exe
FirewallRules: [TCP Query User{241BEA33-F8CD-42ED-BFFE-A7D024F27EC9}C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x2.exe] => (Allow) C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x2.exe
FirewallRules: [UDP Query User{47776DAF-CB2C-46E9-8991-85629B7A3700}C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x2.exe] => (Allow) C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x2.exe
FirewallRules: [TCP Query User{B5A0C5A7-3171-4A3E-BD5C-D85CECAAEA52}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [UDP Query User{941EBA13-30EB-4A5E-9F69-77B354F7DCFC}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [TCP Query User{4228E08D-F8D1-41BE-8582-6A9305E396A1}C:\program files (x86)\voobly\voobly.exe] => (Allow) C:\program files (x86)\voobly\voobly.exe
FirewallRules: [UDP Query User{BF516944-921E-455B-97A1-297B66461948}C:\program files (x86)\voobly\voobly.exe] => (Allow) C:\program files (x86)\voobly\voobly.exe
FirewallRules: [{9D2B2EE2-9A95-49AE-97DC-B096BBEDDBF6}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{0AA0215A-E361-4497-B674-D132141C2B8A}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{F86C7526-1C2C-451C-AE70-329EBDD35181}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{C4F565F5-1F71-4D5E-8BF6-7E53782A4D04}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [TCP Query User{98AC1056-6902-4888-AABD-47E3D88B374F}C:\program files (x86)\pfportchecker\pfportchecker.exe] => (Allow) C:\program files (x86)\pfportchecker\pfportchecker.exe
FirewallRules: [UDP Query User{406439DB-01F5-4A3D-92EE-F976D1C02679}C:\program files (x86)\pfportchecker\pfportchecker.exe] => (Allow) C:\program files (x86)\pfportchecker\pfportchecker.exe
FirewallRules: [TCP Query User{76EDB886-AFA1-45F5-B6C3-DABC75B2F832}C:\users\markus radosztics\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\markus radosztics\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{B3A31E5A-F91D-4B3F-8ECB-149122830FAE}C:\users\markus radosztics\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\markus radosztics\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{471DD0F4-DC65-4D6F-9944-220D8AAE2262}C:\program files (x86)\tmnationsforever\tmforever.exe] => (Block) C:\program files (x86)\tmnationsforever\tmforever.exe
FirewallRules: [UDP Query User{F2EEED6D-1097-40A9-8B0F-2034AE954873}C:\program files (x86)\tmnationsforever\tmforever.exe] => (Block) C:\program files (x86)\tmnationsforever\tmforever.exe
FirewallRules: [{B11663E4-AA0D-4BE8-86B1-E07B2DCA81A5}] => (Allow) C:\Users\Markus Radosztics\AppData\Local\Temp\7zS2B4B\HPDiagnosticCoreUI.exe
FirewallRules: [{9370E132-F236-4946-8725-87645974FD3E}] => (Allow) C:\Users\Markus Radosztics\AppData\Local\Temp\7zS2B4B\HPDiagnosticCoreUI.exe
FirewallRules: [{34094EED-F640-4601-B570-997DA2FCD630}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{E13BCE5A-E3F0-4D84-BE81-CA2514BC3A14}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{E98DA5B0-04D8-404E-9F9B-98FBD50FD112}] => (Allow) D:\Games\SteamApps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{8FB00592-0A35-4679-98F6-052FD8EA12C8}] => (Allow) D:\Games\SteamApps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{BDF8133B-B8E0-4115-9794-5A4226F38864}] => (Allow) D:\Games\bin\steamwebhelper.exe
FirewallRules: [{A81B79DD-9911-496B-82B9-8317A01E931E}] => (Allow) D:\Games\bin\steamwebhelper.exe
FirewallRules: [{59098536-8438-43D4-B99D-AE669B33324A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{83B3AAA4-C887-4561-978A-177EFCCBFCDB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{AC199BC7-F718-46E8-924A-1D3831C398FE}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{2D95A1B7-46BE-4D45-A9A3-B2F0674F83D9}] => (Allow) C:\Users\Markus Radosztics\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{C4988FEE-7109-4D13-8577-35831011D7ED}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{878D66FB-642F-4002-B78C-3264D6DED797}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{3411AC9F-C963-45A6-A56A-05BEDB0254D8}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{53E3F4FD-DA25-4C0A-8DFD-9D2C8CA5E0BC}] => (Allow) D:\Program Files (x86)\Origin Games\FIFA Manager 14\Manager14.exe
FirewallRules: [{82B4783A-8699-47D1-BBA1-07D499887559}] => (Allow) D:\Program Files (x86)\Origin Games\FIFA Manager 14\Manager14.exe
FirewallRules: [{6CDCCD7F-3CF7-4301-850E-0B8EF70A4345}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{37E7E30E-52A5-4CBD-9F23-48EF1B0928C7}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{2EF957BD-D2FA-4B61-A4AD-D802CCCBD1B0}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{70F202A2-6861-46DC-AC68-B0CEEEA52A10}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{3904D36F-AD19-400E-8D2B-A015A7AA6AAD}] => (Allow) D:\Games\SteamApps\common\Dishonored\Binaries\Win32\Dishonored.exe
FirewallRules: [{C02C5DA9-4129-4ACB-B503-3CFA0A6D8BFB}] => (Allow) D:\Games\SteamApps\common\Dishonored\Binaries\Win32\Dishonored.exe
FirewallRules: [{54948370-F857-4C29-AA8A-111C8711AFCD}] => (Allow) D:\Games\SteamApps\common\Thief\Binaries\Win64\Shipping-ThiefGame.exe
FirewallRules: [{7313EE1C-3056-4590-A330-0AA9C2246B85}] => (Allow) D:\Games\SteamApps\common\Thief\Binaries\Win64\Shipping-ThiefGame.exe
FirewallRules: [{DEB8EC5C-4039-43F2-854D-4C7236AD9770}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{337B17F3-F1FA-40D6-A5A0-3D0F7C52A67B}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{C75380E9-70C2-4E4F-BB03-34F3191BB24A}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{0D44F898-7D3B-448E-B8BF-50359D5D446B}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{337AC53C-A509-490F-8588-7A52F23A62EC}] => (Allow) D:\Games\bin\farcry3.exe
FirewallRules: [{9F022CF2-123B-4803-BA37-BE5FD2512EAC}] => (Allow) D:\Games\bin\farcry3.exe
FirewallRules: [{AF5516BA-BAFF-4B49-B43D-11054FDB085B}] => (Allow) D:\Games\bin\farcry3_d3d11.exe
FirewallRules: [{ABC098A1-31A1-4BBC-9D58-72B06297CA2B}] => (Allow) D:\Games\bin\farcry3_d3d11.exe
FirewallRules: [{8BC0DD0D-4478-46E4-A629-E0F26340005A}] => (Allow) D:\Games\bin\FC3Updater.exe
FirewallRules: [{26F0BABC-3AD8-4FCE-9C5A-59495B4F9A9A}] => (Allow) D:\Games\bin\FC3Updater.exe
FirewallRules: [{459E580B-97E5-46D3-A83D-622BE01EAE3C}] => (Allow) D:\Games\bin\FC3Editor.exe
FirewallRules: [{33FCF5B1-CCDB-40F0-A064-9993F2146E5E}] => (Allow) D:\Games\bin\FC3Editor.exe
FirewallRules: [{FE03F8C3-998F-4BEE-92F6-07220EBD4C41}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{E58573E7-278D-49C3-9377-55D2A756BB7C}] => (Allow) C:\Program Files (x86)\A1 Servicecenter\A1 Servicecenter\A1Servicecenter.exe
FirewallRules: [{CC6B6AC3-6EC3-4985-9C28-DEB844794FA4}] => (Allow) C:\Program Files (x86)\A1 Servicecenter\A1 Servicecenter\A1Servicecenter.exe
FirewallRules: [{E1585497-8F14-4028-9351-3F71332DBD8B}] => (Allow) C:\Program Files (x86)\A1 Servicecenter\A1 Breitband\A1Breitband.exe
FirewallRules: [{897820FC-81EB-4296-AD9D-545E5C30FB6C}] => (Allow) C:\Program Files (x86)\A1 Servicecenter\A1 Breitband\A1Breitband.exe
FirewallRules: [{C6FE6463-91FA-4545-BBBE-D08780263350}] => (Allow) C:\Program Files (x86)\A1 Servicecenter\A1 Servicecenter\A1Modemkonfigurator.exe
FirewallRules: [{4C04A79B-DF5F-48F8-BDE8-0CCEB0EF54CA}] => (Allow) C:\Program Files (x86)\A1 Servicecenter\A1 Servicecenter\A1Modemkonfigurator.exe
FirewallRules: [{C02090B6-F2BC-4240-8F51-57B0A148C73B}] => (Allow) C:\Program Files (x86)\A1 Servicecenter\A1 Servicecenter\A1WLANAssistent.exe
FirewallRules: [{5712DE55-B263-4979-8998-8336248192FF}] => (Allow) C:\Program Files (x86)\A1 Servicecenter\A1 Servicecenter\A1WLANAssistent.exe
FirewallRules: [{88803B51-2B5C-4DCF-A0A5-BCAFE5F03484}] => (Allow) C:\Program Files (x86)\A1 Servicecenter\A1 Bandbreiten-Optimierer\A1_Bandbreiten_Optimierer.exe
FirewallRules: [{6DA6EC79-C986-4EB9-9C97-2649E777D4BD}] => (Allow) C:\Program Files (x86)\A1 Servicecenter\A1 Bandbreiten-Optimierer\A1_Bandbreiten_Optimierer.exe
FirewallRules: [{208386AA-6AC6-4959-944A-AA02966D49FB}] => (Allow) C:\Program Files (x86)\A1 Servicecenter\A1 Bandbreiten-Optimierer\A1_Bandbreiten_Optimierer.exe
FirewallRules: [{90E13911-2650-4F9D-AA8F-B369FE9F5668}] => (Allow) C:\Program Files (x86)\A1 Servicecenter\A1 Bandbreiten-Optimierer\A1_Bandbreiten_Optimierer.exe
FirewallRules: [{0CC7B285-2DB0-4469-ACDD-76A0D5D242ED}] => (Allow) C:\Program Files (x86)\A1 Servicecenter\A1 Servicecenter\A1Servicecenter_Launcher.exe
FirewallRules: [{2255FA6E-0604-45B7-9D7C-7EF982323510}] => (Allow) C:\Program Files (x86)\A1 Servicecenter\A1 Servicecenter\A1Servicecenter_Launcher.exe
FirewallRules: [{D198254A-A587-4F02-B0A3-B701338561B2}] => (Allow) C:\Program Files (x86)\A1 Servicecenter\A1 Servicecenter\A1Servicecenter_Repair.exe
FirewallRules: [{633F22E1-49A4-4C86-AD85-EA0D349F3C7B}] => (Allow) C:\Program Files (x86)\A1 Servicecenter\A1 Servicecenter\A1Servicecenter_Repair.exe
FirewallRules: [{D6A5A135-01CA-4AF7-8B5A-C433E30CB3BF}] => (Allow) C:\Program Files (x86)\A1 Servicecenter\A1 Update\M2Updater.exe
FirewallRules: [{23ED350D-714D-4D8E-9E86-D91203F8B97C}] => (Allow) C:\Program Files (x86)\A1 Servicecenter\A1 Update\M2Updater.exe

==================== Faulty Device Manager Devices =============

Name: Netzwerkcontroller
Description: Netzwerkcontroller
Class Guid: 
Manufacturer: 
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/07/2015 06:11:02 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {28b6839d-8f37-4f8c-9e91-dc2b3dbab7a8}

Error: (06/07/2015 06:00:21 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"1". Fehler in Manifest- oder Richtliniendatei "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"2" in Zeile  UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (06/07/2015 11:02:56 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"1". Fehler in Manifest- oder Richtliniendatei "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"2" in Zeile  UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (06/06/2015 05:27:33 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {4772b657-4d24-4ef0-8451-33e2eda424e1}

Error: (06/06/2015 05:15:21 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"1". Fehler in Manifest- oder Richtliniendatei "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"2" in Zeile  UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (06/06/2015 05:08:23 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"1". Fehler in Manifest- oder Richtliniendatei "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"2" in Zeile  UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (06/06/2015 11:45:56 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"1". Fehler in Manifest- oder Richtliniendatei "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"2" in Zeile  UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (06/04/2015 09:20:55 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"1". Fehler in Manifest- oder Richtliniendatei "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"2" in Zeile  UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (06/04/2015 09:06:59 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"1". Fehler in Manifest- oder Richtliniendatei "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"2" in Zeile  UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (06/04/2015 06:22:32 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"1". Fehler in Manifest- oder Richtliniendatei "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"2" in Zeile  UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.


System errors:
=============
Error: (06/07/2015 10:33:58 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Steam Client Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/07/2015 10:33:58 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "iPod-Dienst" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/07/2015 10:33:58 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "LogMeIn Hamachi Tunneling Engine" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/07/2015 10:33:57 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "TomTomHOMEService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/07/2015 10:33:57 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "PnkBstrA" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/07/2015 10:33:57 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Streamer Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/07/2015 10:33:57 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Network Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/07/2015 10:33:39 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "MBAMService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/07/2015 10:33:39 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "MBAMScheduler" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/07/2015 10:33:39 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "DTSAudioSvc" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


Microsoft Office:
=========================
Error: (06/07/2015 06:11:02 PM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005, Zugriff verweigert


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {28b6839d-8f37-4f8c-9e91-dc2b3dbab7a8}

Error: (06/07/2015 06:00:21 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0"c:\program files (x86)\microsoft office\Office15\lync.exe.Manifestc:\program files (x86)\microsoft office\Office15\UccApi.DLL1

Error: (06/07/2015 11:02:56 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0"c:\program files (x86)\microsoft office\Office15\lync.exe.Manifestc:\program files (x86)\microsoft office\Office15\UccApi.DLL1

Error: (06/06/2015 05:27:33 PM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005, Zugriff verweigert


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {4772b657-4d24-4ef0-8451-33e2eda424e1}

Error: (06/06/2015 05:15:21 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0"c:\program files (x86)\microsoft office\Office15\lync.exe.Manifestc:\program files (x86)\microsoft office\Office15\UccApi.DLL1

Error: (06/06/2015 05:08:23 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0"c:\program files (x86)\microsoft office\Office15\lync.exe.Manifestc:\program files (x86)\microsoft office\Office15\UccApi.DLL1

Error: (06/06/2015 11:45:56 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0"c:\program files (x86)\microsoft office\Office15\lync.exe.Manifestc:\program files (x86)\microsoft office\Office15\UccApi.DLL1

Error: (06/04/2015 09:20:55 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0"c:\program files (x86)\microsoft office\Office15\lync.exe.Manifestc:\program files (x86)\microsoft office\Office15\UccApi.DLL1

Error: (06/04/2015 09:06:59 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0"c:\program files (x86)\microsoft office\Office15\lync.exe.Manifestc:\program files (x86)\microsoft office\Office15\UccApi.DLL1

Error: (06/04/2015 06:22:32 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0"c:\program files (x86)\microsoft office\Office15\lync.exe.Manifestc:\program files (x86)\microsoft office\Office15\UccApi.DLL1


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-4430 CPU @ 3.00GHz
Percentage of memory in use: 20%
Total physical RAM: 8130 MB
Available physical RAM: 6475.21 MB
Total Pagefile: 9346 MB
Available Pagefile: 7465.93 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:111.45 GB) (Free:5.66 GB) NTFS
Drive d: (Daten) (Fixed) (Total:931.51 GB) (Free:740.43 GB) NTFS
Drive h: (32_00_00) (Fixed) (Total:298.02 GB) (Free:209.5 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 2A03BD70)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.4 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 2A03BD6D)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (MBR Code: Windows XP) (Size: 298.1 GB) (Disk ID: 3E1EBD07)
Partition 1: (Active) - (Size=298.1 GB) - (Type=0C)

==================== End of log ============================
         
--- --- ---

Alt 08.06.2015, 16:05   #5
schrauber
/// the machine
/// TB-Ausbilder
 

Ständig öffnen sich neue Internet-Fenster - Standard

Ständig öffnen sich neue Internet-Fenster




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 13.06.2015, 09:14   #6
Don_Camillo
 
Ständig öffnen sich neue Internet-Fenster - Standard

Ständig öffnen sich neue Internet-Fenster



Hallo Schrauber,

WR ein paar Tage nicht zu Hause. Hab daher deine letzte Anweisung noch nicht durchgeführt. Und jetzt kann ich nicht mehr. Was ist passiert? Gestern hat eines der von dir gewünschten Programme einen Trojaner entdeckt und empfohlen, ihn unter Quarantäne zu stellen. Hab ich gemacht und musste dann wieder weg. Seit heute lässt sich der PC jetzt nicht mehr hochfahren. Auch die Tastatur und Maus (beides über USB angeschlossen) reagieren nicht. Bildschirm bleibt schwarz. Hast du eine Idee, was ich tun könnte?

Lg Don Camillo

Alt 14.06.2015, 06:05   #7
schrauber
/// the machine
/// TB-Ausbilder
 

Ständig öffnen sich neue Internet-Fenster - Standard

Ständig öffnen sich neue Internet-Fenster



Welches Programm? Welcher Fund? Und wo?

Scan mit Farbar's Recovery Scan Tool (Recovery Mode - Windows Vista, 7, 8)
Hinweise für Windows 8-Nutzer: Anleitung 1 (FRST-Variante) und Anleitung 2 (zweiter Teil)
  • Downloade dir bitte die passende Version des Tools (im Zweifel beide) und speichere diese auf einen USB Stick: FRST Download FRST 32-Bit | FRST 64-Bit
  • Schließe den USB Stick an das infizierte System an und boote das System in die System Reparatur Option.
  • Scanne jetzt nach der bebilderten Anleitung oder verwende die folgende Kurzanleitung:
Über den Boot Manager:
  • Starte den Rechner neu.
  • Während dem Hochfahren drücke mehrmals die F8 Taste
  • Wähle nun Computer reparieren.
  • Wähle dein Betriebssystem und Benutzerkonto und klicke jeweils "Weiter".
Mit Windows CD/DVD (auch bei Windows 8 möglich):
  • Lege die Windows CD in dein Laufwerk.
  • Starte den Rechner neu und starte von der CD.
  • Wähle die Spracheinstellungen und klicke "Weiter".
  • Klicke auf Computerreparaturoptionen !
  • Wähle dein Betriebssystem und Benutzerkonto und klicke jeweils "Weiter".
Wähle in den Reparaturoptionen: Eingabeaufforderung
  • Gib nun bitte notepad ein und drücke Enter.
  • Im öffnenden Textdokument: Datei > Speichern unter... und wähle Computer.
    Hier wird dir der Laufwerksbuchstabe deines USB Sticks angezeigt, merke ihn dir.
  • Schließe Notepad wieder
  • Gib nun bitte folgenden Befehl ein.
    e:\frst.exe bzw. e:\frst64.exe
    Hinweis: e steht für den Laufwerksbuchstaben deines USB Sticks, den du dir gemerkt hast. Gegebenfalls anpassen.
  • Akzeptiere den Disclaimer mit Ja und klicke Untersuchen
Das Tool erstellt eine FRST.txt auf deinem USB Stick. Poste den Inhalt bitte hier nach Möglichkeit in Code-Tags (Anleitung).

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 21.08.2015, 09:43   #8
Don_Camillo
 
Ständig öffnen sich neue Internet-Fenster - Standard

Ständig öffnen sich neue Internet-Fenster



Hallo Schrauber,

sorry für die späte Antwort, aber an dem zuletzt erwähnten Problem war mein Motherboard schuld, dass sich verabschiedet hat. Jetzt habe ich endlich wieder ein neues und würde gerne weitermachen, wo wir aufgehört haben. Hier ist das gewünschte Logfile:

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:21-08-2015
durchgeführt von SYSTEM auf MININT-M8UCGVK (21-08-2015 10:35:14)
Gestartet von e:\
Platform: Windows 8 Pro (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 10
Start-Modus: Recovery

Standard: ControlSet001
ACHTUNG!:=====> Wenn das System startfähig ist sollte FRST im normalen oder abgesicherten Modus ausgeführt werden, um ein vollständiges Ergebnis zu erhalten.

Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8466136 2015-04-30] (Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => "D:\Programme\iTunesHelper.exe"
HKLM\...\Run: [gpuminer] => C:\Users\Markus Radosztics\AppData\Roaming\cpuminer\sgminer\sgminer.cmd [218 2015-08-17] ()
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288 2010-10-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [36760 2010-10-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [821144 2010-10-25] (Adobe Systems Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-05-15] (Apple Inc.)
HKLM-x32\...\Run: [Nikon Message Center 2] => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [571392 2011-10-30] (Nikon Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [A1Servicecenter] => C:\Program Files (x86)\A1 Servicecenter\A1 Servicecenter\A1Servicecenter_Launcher.exe [11467864 2015-05-27] (A1)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => D:\Games\LogMeIn Hamachi\hamachi-2-ui.exe [5579624 2015-08-03] (LogMeIn Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKLM-x32\...\Run: [ QQPCTray] => C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16600.237\QQPCTray.exe [355296 2015-08-20] (Tencent)
HKLM-x32\...\Run: [RSDTRAY] => C:\Program Files (x86)\Rising\RSD\popwndexe.exe [126808 2012-09-25] (Beijing Rising Information Technology Co., Ltd.)
HKU\Markus Radosztics\...\Run: [Voobly] => C:\Program Files (x86)\Voobly\voobly.exe [159744 2015-01-12] (Voobly)
HKU\Markus Radosztics\...\Run: [HP Officejet 6600 (NET)] => C:\Program Files\HP\HP Officejet 6600\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\Markus Radosztics\...\Run: [Steam] => D:\Games\Steam.exe [2899136 2015-08-19] (Valve Corporation)
HKU\Markus Radosztics\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2015-04-26] (Apple Inc.)
HKU\Markus Radosztics\...\Run: [TomTomHOME.exe] => C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [248176 2014-06-05] (TomTom)
HKU\Markus Radosztics\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2015-04-26] (Apple Inc.)
HKU\Markus Radosztics\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [43816 2015-04-26] (Apple Inc.)
HKU\Markus Radosztics\...\Run: [Dropbox Update] => C:\Users\Markus Radosztics\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-18] (Dropbox, Inc.)
HKU\Markus Radosztics\...\Run: [OneDrive] => C:\Users\Markus Radosztics\AppData\Local\Microsoft\OneDrive\OneDrive.exe [404064 2015-08-20] (Microsoft Corporation)
HKU\Markus Radosztics\...\Run: [Shop-wit] => C:\Program Files (x86)\shopwit\shopwit\1.4.0.7\shopwit.exe [689920 2015-08-20] ()
HKU\Markus Radosztics\...\Run: [apphide] => C:\Program Files (x86)\baidu\pps.exe
HKU\Markus Radosztics\...\RunOnce: [Uninstall C:\Users\Markus Radosztics\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Markus Radosztics\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64"
HKU\Markus Radosztics\...\RunOnce: [Uninstall C:\Users\Markus Radosztics\AppData\Local\Microsoft\OneDrive\17.3.5907.0716] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Markus Radosztics\AppData\Local\Microsoft\OneDrive\17.3.5907.0716"
Startup: C:\Users\Markus Radosztics\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2015-03-18]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files (x86)\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Markus Radosztics\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2013-10-13]
ShortcutTarget: Dropbox.lnk ->  (Keine Datei)
GroupPolicy: Gruppenrichtline auf Chrome erkannt <======= ACHTUNG

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 acengine; C:\Program Files (x86)\FastSearch\acengine.exe [1839728 2015-08-11] (Abengine)
S2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
S2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-07-04] ()
S2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
S2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
S2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2753720 2015-07-01] (Microsoft Corporation)
S2 eproduct; C:\Users\Markus Radosztics\AppData\Local\Salttex.exe [47616 2015-08-20] ()
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [68608 2015-08-20] (globalUpdate) <==== ACHTUNG
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [68608 2015-08-20] (globalUpdate) <==== ACHTUNG
S2 Hamachi2Svc; D:\Games\LogMeIn Hamachi\hamachi-2.exe [2545512 2015-08-03] (LogMeIn Inc.)
S2 igfx32; C:\Program Files\igfx32\igfx32.exe [379904 2015-08-19] ()
S2 IHProtect Service; C:\Program Files (x86)\MiniLite\ProtectService.exe [129688 2015-08-20] (XTab system)
S2 kefowydy; C:\Program Files (x86)\00000000-1440101150-0000-0000-448A5BA07B78\hnsf344.tmp [137728 2015-08-20] ()
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\LENOVO\easyplussdk\bin\EPHotspot64.exe [619776 2015-01-15] (Lenovo)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.149\McCHSvc.exe [289256 2015-06-26] (McAfee, Inc.)
S2 MSI_Trigger_Service; C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe [30240 2013-09-26] (MICRO-STAR INTERNATIONAL CO., LTD.)
S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation)
S3 Origin Client Service; D:\Games\Origin\OriginClientService.exe [1931632 2015-05-15] (Electronic Arts)
S2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2015-05-23] ()
S2 QQPCRTP; C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16600.237\QQPCRtp.exe [297608 2015-08-20] (Tencent)
S2 RsMgrSvc; C:\Program Files (x86)\Rising\RSD\RsMgrSvc.exe [196288 2015-08-20] (Beijing Rising Information Technology Co., Ltd.)
S3 TAOFrame; C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16600.237\TAOFrame.exe [293856 2015-08-20] (Tencent)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2015-07-06] (Microsoft Corporation)
S2 WindowsMangerProtect; C:\ProgramData\WWinManProW\ProtectWindowsManager.exe [708264 2015-08-21] (DTools LIMITED) <==== ACHTUNG
S2 hyverumu; C:\Program Files (x86)\00000000-1440101150-0000-0000-448A5BA07B78\jnsiE347.tmp [X]
S2 qyhexedy; C:\Program Files (x86)\00000000-1440101150-0000-0000-448A5BA07B78\knsrBA5C.tmpfs [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S5 3ware; C:\Windows\System32\drivers\3ware.sys [106736 2012-07-26] (LSI)
S5 ACPI; C:\Windows\System32\drivers\ACPI.sys [425192 2012-09-20] (Microsoft Corporation)
S5 acpiex; C:\Windows\System32\Drivers\acpiex.sys [77040 2012-07-26] (Microsoft Corporation)
S2 acwfp; C:\Windows\system32\Drivers\acwfp64.sys [45784 2015-08-13] (Abengine)
S5 adp94xx; C:\Windows\System32\drivers\adp94xx.sys [492272 2012-07-26] (Adaptec, Inc.)
S5 adpahci; C:\Windows\System32\drivers\adpahci.sys [340720 2012-07-26] (Adaptec, Inc.)
S5 adpu320; C:\Windows\System32\drivers\adpu320.sys [184048 2012-07-26] (Adaptec, Inc.)
S5 agp440; C:\Windows\System32\drivers\agp440.sys [63216 2012-07-26] (Microsoft Corporation)
S5 amdsata; C:\Windows\System32\drivers\amdsata.sys [76016 2012-07-26] (Advanced Micro Devices)
S5 amdsbs; C:\Windows\System32\drivers\amdsbs.sys [258288 2012-07-26] (AMD Technologies Inc.)
S5 amdxata; C:\Windows\System32\drivers\amdxata.sys [26352 2012-07-26] (Advanced Micro Devices)
S5 arc; C:\Windows\System32\drivers\arc.sys [104688 2012-07-26] (PMC-Sierra, Inc.)
S5 arcsas; C:\Windows\System32\drivers\arcsas.sys [108272 2012-07-26] (PMC-Sierra, Inc.)
S1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-21] ()
S5 atapi; C:\Windows\System32\drivers\atapi.sys [25840 2012-07-26] (Microsoft Corporation)
S5 b06bdrv; C:\Windows\System32\drivers\bxvbda.sys [533224 2012-09-20] (Broadcom Corporation)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
S5 CLFS; C:\Windows\System32\drivers\CLFS.sys [361280 2015-03-04] (Microsoft Corporation)
S5 CNG; C:\Windows\System32\Drivers\cng.sys [570248 2015-04-13] (Microsoft Corporation)
S5 disk; C:\Windows\System32\drivers\disk.sys [100696 2013-10-13] (Microsoft Corporation)
S3 e1dexpress; C:\Windows\system32\DRIVERS\e1d63x64.sys [468752 2013-02-27] (Intel Corporation)
S5 ebdrv; C:\Windows\System32\drivers\evbda.sys [3265256 2012-09-20] (Broadcom Corporation)
S5 EhStorClass; C:\Windows\System32\drivers\EhStorClass.sys [81136 2012-07-26] (Microsoft Corporation)
S5 EhStorTcgDrv; C:\Windows\System32\drivers\EhStorTcgDrv.sys [113904 2012-07-26] (Microsoft Corporation)
S5 FileInfo; C:\Windows\System32\drivers\fileinfo.sys [71920 2012-07-26] (Microsoft Corporation)
S5 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [374512 2012-07-26] (Microsoft Corporation)
S5 Fs_Rec; C:\Windows\System32\Drivers\Fs_Rec.sys [25328 2012-07-26] (Microsoft Corporation)
S5 fvevol; C:\Windows\System32\DRIVERS\fvevol.sys [465240 2013-08-21] (Microsoft Corporation)
S5 gagp30kx; C:\Windows\System32\drivers\gagp30kx.sys [66800 2012-07-26] (Microsoft Corporation)
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2015-08-03] (LogMeIn Inc.)
S5 HpSAMD; C:\Windows\System32\drivers\HpSAMD.sys [64752 2012-07-26] (Hewlett-Packard Company)
S5 hwpolicy; C:\Windows\System32\drivers\hwpolicy.sys [24816 2012-07-26] (Microsoft Corporation)
S5 iaStorV; C:\Windows\System32\drivers\iaStorV.sys [411888 2012-07-26] (Intel Corporation)
S5 iirsp; C:\Windows\System32\drivers\iirsp.sys [45296 2012-07-26] (Intel Corp./ICP vortex GmbH)
S5 intelide; C:\Windows\System32\drivers\intelide.sys [18672 2012-07-26] (Microsoft Corporation)
S5 isapnp; C:\Windows\System32\drivers\isapnp.sys [22256 2012-07-26] (Microsoft Corporation)
S5 KSecDD; C:\Windows\System32\Drivers\ksecdd.sys [100184 2015-05-02] (Microsoft Corporation)
S5 KSecPkg; C:\Windows\System32\Drivers\ksecpkg.sys [171352 2015-06-27] (Microsoft Corporation)
S5 LSI_SAS; C:\Windows\System32\drivers\lsi_sas.sys [108784 2012-07-26] (LSI Corporation)
S5 LSI_SAS2; C:\Windows\System32\drivers\lsi_sas2.sys [92400 2012-07-26] (LSI Corporation)
S5 LSI_SCSI; C:\Windows\System32\drivers\lsi_scsi.sys [116976 2012-07-26] (LSI Corporation)
S5 LSI_SSS; C:\Windows\System32\drivers\lsi_sss.sys [81136 2012-07-26] (LSI Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-06-21] (Malwarebytes Corporation)
S5 megasas; C:\Windows\System32\drivers\megasas.sys [51952 2012-07-26] (LSI Corporation)
S5 MegaSR; C:\Windows\System32\drivers\MegaSR.sys [353008 2012-07-26] (LSI Corporation, Inc.)
S3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation)
S5 mountmgr; C:\Windows\System32\drivers\mountmgr.sys [95064 2015-07-15] (Microsoft Corporation)
S5 msisadrv; C:\Windows\System32\drivers\msisadrv.sys [17136 2012-07-26] (Microsoft Corporation)
S5 Mup; C:\Windows\System32\Drivers\mup.sys [83696 2012-07-26] (Microsoft Corporation)
S5 mvumis; C:\Windows\System32\drivers\mvumis.sys [64240 2012-07-26] (Marvell Semiconductor, Inc.)
S5 NDIS; C:\Windows\System32\drivers\ndis.sys [997632 2013-06-16] (Microsoft Corporation)
S5 nfrd960; C:\Windows\System32\drivers\nfrd960.sys [52464 2012-07-26] (IBM Corporation)
S5 nvraid; C:\Windows\System32\drivers\nvraid.sys [150256 2012-07-26] (NVIDIA Corporation)
S5 nvstor; C:\Windows\System32\drivers\nvstor.sys [168176 2012-07-26] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation)
S3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
S5 nv_agp; C:\Windows\System32\drivers\nv_agp.sys [125168 2012-07-26] (Microsoft Corporation)
S5 partmgr; C:\Windows\System32\drivers\partmgr.sys [91880 2013-01-10] (Microsoft Corporation)
S5 pci; C:\Windows\System32\drivers\pci.sys [234224 2012-07-26] (Microsoft Corporation)
S5 pciide; C:\Windows\System32\drivers\pciide.sys [14064 2012-07-26] (Microsoft Corporation)
S5 pcmcia; C:\Windows\System32\drivers\pcmcia.sys [237808 2012-07-26] (Microsoft Corporation)
S5 pcw; C:\Windows\System32\drivers\pcw.sys [52464 2012-07-26] (Microsoft Corporation)
S5 pdc; C:\Windows\System32\drivers\pdc.sys [69864 2013-03-02] (Microsoft Corporation)
S1 QMUdisk; C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16600.237\QMUdisk64.sys [62264 2015-08-20] (Tencent)
S2 QQSysMonX64; C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16600.237\QQSysMonX64.sys [138040 2015-08-20] (电脑管家)
S5 rdyboost; C:\Windows\System32\drivers\rdyboost.sys [217328 2012-07-26] (Microsoft Corporation)
S5 sbp2port; C:\Windows\System32\drivers\sbp2port.sys [107760 2012-07-26] (Microsoft Corporation)
S5 SiSRaid2; C:\Windows\System32\drivers\SiSRaid2.sys [44784 2012-07-26] (Silicon Integrated Systems Corp.)
S5 SiSRaid4; C:\Windows\System32\drivers\sisraid4.sys [81648 2012-07-26] (Silicon Integrated Systems)
S5 spaceport; C:\Windows\System32\drivers\spaceport.sys [285016 2013-10-05] (Microsoft Corporation)
S5 stexstor; C:\Windows\System32\drivers\stexstor.sys [30960 2012-07-26] (Promise Technology, Inc.)
S5 storahci; C:\Windows\System32\drivers\storahci.sys [77544 2013-03-02] (Microsoft Corporation)
S5 storflt; C:\Windows\System32\DRIVERS\vmstorfl.sys [45160 2012-07-26] (Microsoft Corporation)
S5 storvsc; C:\Windows\System32\drivers\storvsc.sys [37992 2012-07-26] (Microsoft Corporation)
S2 TAOAccelerator; C:\Windows\system32\Drivers\TAOAccelerator64.sys [74040 2015-08-20] (Tencent)
S2 TAOKernelDriver; C:\Windows\system32\drivers\TAOKernel64.sys [274232 2015-08-20] (Tencent Technology(Shenzhen) Company Limited)
S5 Tcpip; C:\Windows\System32\drivers\tcpip.sys [2233152 2014-09-13] (Microsoft Corporation)
S3 TFsFlt; C:\Windows\System32\Drivers\TFsFltX64.sys [87864 2015-08-20] (电脑管家)
S3 TS888x64; C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16600.237\TS888x64.sys [28984 2015-08-21] (Tencent)
S1 TSDefenseBt; C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16600.237\TsDefenseBT64.sys [28472 2015-08-20] (Tencent)
S1 TSSysKit; C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16600.237\TSSysKit64.sys [87352 2015-08-20] (电脑管家)
S5 uagp35; C:\Windows\System32\drivers\uagp35.sys [65776 2012-07-26] (Microsoft Corporation)
S5 uliagpkx; C:\Windows\System32\drivers\uliagpkx.sys [66800 2012-07-26] (Microsoft Corporation)
S5 vdrvroot; C:\Windows\System32\drivers\vdrvroot.sys [36080 2012-07-26] (Microsoft Corporation)
S5 viaide; C:\Windows\System32\drivers\viaide.sys [19184 2012-07-26] (VIA Technologies, Inc.)
S5 vmbus; C:\Windows\System32\drivers\vmbus.sys [137832 2012-07-26] (Microsoft Corporation)
S5 volmgr; C:\Windows\System32\drivers\volmgr.sys [83184 2012-07-26] (Microsoft Corporation)
S5 volmgrx; C:\Windows\System32\drivers\volmgrx.sys [378608 2012-07-26] (Microsoft Corporation)
S5 volsnap; C:\Windows\System32\drivers\volsnap.sys [328000 2014-07-04] (Microsoft Corporation)
S5 vsmraid; C:\Windows\System32\drivers\vsmraid.sys [164080 2012-07-26] (VIA Technologies Inc.,Ltd)
S5 VSTXRAID; C:\Windows\System32\drivers\vstxraid.sys [322800 2012-07-26] (VIA Corporation)
S5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [64000 2012-07-26] (Microsoft Corporation)
S5 Wd; C:\Windows\System32\drivers\wd.sys [23792 2012-07-26] (Microsoft Corporation)
S5 Wdf01000; C:\Windows\System32\drivers\Wdf01000.sys [785624 2013-06-22] (Microsoft Corporation)
S5 WFPLWFS; C:\Windows\System32\DRIVERS\wfplwfs.sys [96576 2014-12-18] (Microsoft Corporation)
S1 {092386fb-9faf-4d52-817c-d4095ab6e5cd}Gw64; C:\Windows\System32\drivers\{092386fb-9faf-4d52-817c-d4095ab6e5cd}Gw64.sys [48784 2015-08-19] (StdLib)
S1 {8b8ff336-6f1d-48e8-bf3a-a8cbaafdd963}Gw64; C:\Windows\System32\drivers\{8b8ff336-6f1d-48e8-bf3a-a8cbaafdd963}Gw64.sys [48784 2015-08-20] (StdLib)
S1 {987371d1-e860-4e27-ba6a-35575fd33b7c}Gw64; C:\Windows\System32\drivers\{987371d1-e860-4e27-ba6a-35575fd33b7c}Gw64.sys [48784 2015-08-20] (StdLib)
S3 MSICDSetup; \??\E:\CDriver64.sys [X]
S3 NTIOLib_1_0_C; \??\E:\NTIOLib_X64.sys [X]
S1 rrfd_vw_1_10_0_22; system32\drivers\rrfd_vw_1_10_0_22.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-08-21 08:25 - 2015-08-21 08:25 - 00001051 _____ C:\Users\Markus Radosztics\Desktop\AnyProtect.lnk
2015-08-21 08:24 - 2015-08-21 08:32 - 00000000 ____D C:\ProgramData\update
2015-08-21 08:24 - 2015-08-21 08:25 - 00000000 ____D C:\Program Files (x86)\AnyProtectEx
2015-08-21 08:24 - 2015-08-21 08:24 - 00613255 _____ (CMI Limited) C:\Users\Markus Radosztics\AppData\Local\nseE692.tmp
2015-08-21 08:24 - 2015-08-21 08:24 - 00000000 ____D C:\ProgramData\WWinManProW
2015-08-21 08:24 - 2015-08-21 08:24 - 00000000 ____D C:\Program Files (x86)\MiniLite
2015-08-21 08:20 - 2015-08-21 08:21 - 02173952 _____ (Farbar) C:\Users\Markus Radosztics\Downloads\FRST64 (1).exe
2015-08-21 08:14 - 2015-08-21 08:14 - 02173952 _____ (Farbar) C:\Users\Markus Radosztics\Downloads\FRST64.exe
2015-08-20 22:02 - 2015-08-20 22:02 - 00002250 _____ C:\Users\Markus Radosztics\AppData\Roaming\mKEEssqw2b6jam0xKEJW.exe.lnk
2015-08-20 22:02 - 2015-08-20 22:02 - 00002228 _____ C:\Users\Markus Radosztics\AppData\Roaming\Cus4wE9mf.exe.lnk
2015-08-20 21:58 - 2015-08-21 08:31 - 00028984 _____ (Tencent) C:\Windows\SysWOW64\Drivers\TS888x64.sys
2015-08-20 21:58 - 2015-08-21 08:24 - 00002398 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-08-20 21:58 - 2015-08-20 21:58 - 00003338 _____ C:\Windows\System32\Tasks\RsDelayLauncher_{8A34248E-7D35-4832-8378-7659E0B0A380}
2015-08-20 21:57 - 2015-08-21 07:25 - 00000298 _____ C:\Windows\Tasks\Tempo Runner yvegdufu.job
2015-08-20 21:57 - 2015-08-21 07:25 - 00000298 _____ C:\Windows\Tasks\Tempo Runner yveg6ufu.job
2015-08-20 21:57 - 2015-08-20 21:57 - 00002442 _____ C:\Windows\System32\Tasks\Tempo Runner yvegdufu
2015-08-20 21:57 - 2015-08-20 21:57 - 00002442 _____ C:\Windows\System32\Tasks\Tempo Runner yveg6ufu
2015-08-20 21:51 - 2015-08-21 07:53 - 00000000 ____D C:\ProgramData\Rising
2015-08-20 21:51 - 2015-08-21 07:53 - 00000000 ____D C:\Program Files (x86)\Rising
2015-08-20 21:51 - 2015-08-20 23:36 - 00000000 ___RD C:\RavBin
2015-08-20 21:51 - 2014-07-30 03:44 - 00091928 ____N (Beijing Rising Information Technology Co., Ltd.) C:\Windows\SysWOW64\vpatch.dll
2015-08-20 21:50 - 2015-08-20 21:50 - 00274232 _____ (Tencent Technology(Shenzhen) Company Limited) C:\Windows\System32\Drivers\TAOKernel64.sys
2015-08-20 21:50 - 2015-08-20 21:50 - 00087864 _____ (电脑管家) C:\Windows\System32\Drivers\TFsFltX64.sys
2015-08-20 21:50 - 2015-08-20 21:50 - 00074040 _____ (Tencent) C:\Windows\System32\Drivers\TAOAccelerator64.sys
2015-08-20 21:50 - 2015-08-20 21:50 - 00000000 ____D C:\ProgramData\TXQMPC
2015-08-20 21:50 - 2015-08-20 21:50 - 00000000 ____D C:\Program Files\Common Files\Tencent
2015-08-20 21:49 - 2015-08-20 22:31 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\Tencent
2015-08-20 21:49 - 2015-08-20 21:52 - 00000000 ____D C:\ProgramData\Tencent
2015-08-20 21:49 - 2015-08-20 21:49 - 00000000 ____D C:\Program Files (x86)\Tencent
2015-08-20 21:45 - 2015-08-20 21:45 - 00613255 _____ (CMI Limited) C:\Users\Markus Radosztics\AppData\Local\nss7098.tmp
2015-08-20 21:44 - 2015-08-20 21:44 - 00001113 _____ C:\Users\Markus Radosztics\Desktop\Continue Live Installation.lnk
2015-08-20 21:44 - 2015-08-20 21:44 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\istartsurf
2015-08-20 21:40 - 2015-08-20 21:39 - 00613255 _____ (CMI Limited) C:\Users\Markus Radosztics\AppData\Local\nse80CC.tmp
2015-08-20 21:37 - 2015-08-20 21:37 - 00000000 _____ C:\dummy.htm
2015-08-20 21:32 - 2015-08-20 21:33 - 00000000 ____D C:\ProgramData\LocalStorage
2015-08-20 21:30 - 2015-08-20 21:30 - 00000000 ____D C:\Users\Markus Radosztics\.android
2015-08-20 21:29 - 2015-08-20 21:29 - 00001318 _____ C:\Users\Markus Radosztics\Desktop\全网影视.lnk
2015-08-20 21:29 - 2015-08-20 21:29 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\ppslog
2015-08-20 21:19 - 2015-08-21 07:25 - 00000378 _____ C:\Windows\Tasks\APSnotifierPP1.job
2015-08-20 21:19 - 2015-08-20 21:55 - 00000376 _____ C:\Windows\Tasks\APSnotifierPP2.job
2015-08-20 21:19 - 2015-08-20 21:49 - 00002832 _____ C:\Windows\System32\Tasks\APSnotifierPP1
2015-08-20 21:19 - 2015-08-20 21:49 - 00002830 _____ C:\Windows\System32\Tasks\APSnotifierPP3
2015-08-20 21:19 - 2015-08-20 21:49 - 00002830 _____ C:\Windows\System32\Tasks\APSnotifierPP2
2015-08-20 21:19 - 2015-08-20 21:49 - 00000376 _____ C:\Windows\Tasks\APSnotifierPP3.job
2015-08-20 21:17 - 2015-08-21 07:47 - 00000000 ____D C:\IQIYI Video
2015-08-20 21:17 - 2015-08-21 07:46 - 00000000 ____D C:\ProgramData\IQIYI Video
2015-08-20 21:17 - 2015-08-20 21:30 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\IQIYI Video
2015-08-20 21:17 - 2015-08-20 21:17 - 00613255 _____ (CMI Limited) C:\Users\Markus Radosztics\AppData\Local\nsv2DEB.tmp
2015-08-20 21:17 - 2015-08-20 21:17 - 00000000 __SHD C:\Users\Markus Radosztics\AppData\Roaming\AnyProtectEx
2015-08-20 21:17 - 2015-08-20 21:17 - 00000000 ____D C:\Users\Public\QiYi
2015-08-20 21:17 - 2015-08-20 21:17 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\Unity
2015-08-20 21:17 - 2015-08-20 21:17 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\SysassistByHotWheel
2015-08-20 21:16 - 2015-08-20 21:16 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\node-webkit
2015-08-20 21:15 - 2015-08-20 23:37 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\cpuminer
2015-08-20 21:15 - 2015-08-20 21:58 - 00000000 ____D C:\Program Files (x86)\baidu
2015-08-20 21:15 - 2015-08-20 21:15 - 00000217 _____ C:\task.vbs
2015-08-20 21:10 - 2015-08-20 21:10 - 29727656 _____ (Oracle Corporation) C:\Users\Markus Radosztics\Desktop\jre-8u25-windows-i586.exe
2015-08-20 21:09 - 2015-08-20 22:09 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\Gameo
2015-08-20 21:09 - 2015-08-20 21:26 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\Opera Software
2015-08-20 21:09 - 2015-08-20 21:26 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\Opera Software
2015-08-20 21:09 - 2015-08-20 21:09 - 00000185 _____ C:\Users\Markus Radosztics\Desktop\Play Games Online.url
2015-08-20 21:09 - 2015-08-20 21:09 - 00000000 ___HD C:\Users\Markus Radosztics\AppData\Roaming\GoldenGate
2015-08-20 21:09 - 2015-08-20 21:09 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\Gameo
2015-08-20 21:07 - 2015-08-20 23:37 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\WarThunder
2015-08-20 21:07 - 2015-08-20 21:07 - 29727656 _____ (Oracle Corporation) C:\Users\Markus Radosztics\Downloads\setup [1].exe
2015-08-20 21:06 - 2015-08-20 21:30 - 00000000 ____D C:\Program Files (x86)\Cinem Plus 2.4cV20.08
2015-08-20 21:06 - 2015-08-20 21:11 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\00000000-1440108399-0000-0000-448A5BA07B78
2015-08-20 21:06 - 2015-08-20 08:50 - 00048784 _____ (StdLib) C:\Windows\System32\Drivers\{8b8ff336-6f1d-48e8-bf3a-a8cbaafdd963}Gw64.sys
2015-08-20 21:06 - 2015-07-23 14:47 - 00000854 _____ C:\Windows\System32\Drivers\etc\hp.bak
2015-08-20 21:05 - 2015-08-20 23:38 - 00000000 ____D C:\Program Files (x86)\OLBPre
2015-08-20 21:05 - 2015-08-20 22:02 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\{1A0B2C57-3EA3-40EF-533B-65077753999F}
2015-08-20 21:05 - 2015-08-20 21:58 - 00000000 ____D C:\Program Files (x86)\00000000-1440101150-0000-0000-448A5BA07B78
2015-08-20 21:05 - 2015-08-20 21:05 - 00004008 _____ C:\Windows\System32\Tasks\LaunchPreSignup
2015-08-20 21:04 - 2015-08-21 07:27 - 00000000 ____D C:\Program Files\igfx32
2015-08-20 21:04 - 2015-08-20 21:26 - 00000000 ____D C:\Program Files (x86)\Opera
2015-08-20 21:04 - 2015-08-20 21:04 - 00047616 _____ C:\Users\Markus Radosztics\AppData\Local\Salttex.exe
2015-08-20 20:58 - 2015-08-20 20:58 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\Sun
2015-08-20 20:58 - 2015-08-20 20:58 - 00000000 ____D C:\Users\Markus Radosztics\.oracle_jre_usage
2015-08-20 20:37 - 2015-08-20 20:37 - 01199392 _____ C:\Users\Markus Radosztics\Downloads\kies-air.exe
2015-08-20 19:37 - 2015-08-20 23:38 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\WindSolutions
2015-08-20 19:37 - 2015-08-20 19:44 - 00000000 ____D C:\ProgramData\WindSolutions
2015-08-20 19:03 - 2015-08-20 19:03 - 01260832 _____ C:\Users\Markus Radosztics\Downloads\CopyTrans Manager - CHIP-Installer.exe
2015-08-20 11:29 - 2015-08-20 13:13 - 00000190 _____ C:\mylog.log
2015-08-20 11:29 - 2015-08-20 11:29 - 00000000 ____D C:\Program Files (x86)\MSI
2015-08-20 11:22 - 2015-08-20 11:22 - 00000000 ____D C:\Users\Markus Radosztics\Downloads\intel_usb30
2015-08-20 11:21 - 2015-08-20 11:21 - 06227267 _____ C:\Users\Markus Radosztics\Downloads\intel_usb30.zip
2015-08-20 11:19 - 2015-08-20 11:19 - 02837521 _____ C:\Users\Markus Radosztics\Downloads\intel_chipse_9_w10.zip
2015-08-20 11:19 - 2015-08-20 11:19 - 00000000 ____D C:\Users\Markus Radosztics\Downloads\intel_chipse_9_w10
2015-08-20 10:43 - 2015-08-20 21:55 - 00000004 _____ C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-08-20 10:43 - 2015-08-20 10:43 - 00003156 _____ C:\Windows\System32\Tasks\Download Touch
2015-08-20 10:43 - 2015-08-20 10:43 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\Download Touch
2015-08-20 10:39 - 2015-08-21 08:34 - 00001012 _____ C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2015-08-20 10:39 - 2015-08-20 21:44 - 00001016 _____ C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2015-08-20 10:39 - 2015-08-20 21:39 - 00003988 _____ C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA
2015-08-20 10:39 - 2015-08-20 21:39 - 00003752 _____ C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore
2015-08-20 10:39 - 2015-08-20 19:27 - 00000000 ____D C:\Program Files (x86)\CinemaP-1.9cV16.03
2015-08-20 10:39 - 2015-08-20 10:39 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\globalUpdate
2015-08-20 10:39 - 2015-08-20 10:39 - 00000000 ____D C:\Program Files (x86)\globalUpdate
2015-08-20 10:37 - 2015-08-20 10:37 - 19284168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-08-20 10:34 - 2015-08-21 08:29 - 00012176 _____ C:\Windows\SysWOW64\acengineOff.ini
2015-08-20 10:34 - 2015-08-21 08:29 - 00012176 _____ C:\Windows\System32\acengineOff.ini
2015-08-20 10:34 - 2015-08-13 13:49 - 00045784 _____ (Abengine) C:\Windows\System32\Drivers\acwfp64.sys
2015-08-20 10:34 - 2015-08-11 15:50 - 00299296 _____ (Abengine) C:\Windows\SysWOW64\acengine.dll
2015-08-20 10:15 - 2015-08-20 00:24 - 00048784 _____ (StdLib) C:\Windows\System32\Drivers\{987371d1-e860-4e27-ba6a-35575fd33b7c}Gw64.sys
2015-08-20 10:13 - 2015-08-20 10:13 - 00012839 _____ C:\Users\Markus Radosztics\Desktop\Apple_Mobile_Device_USB_Driver(1).msi
2015-08-20 10:12 - 2015-08-21 08:34 - 00000000 ____D C:\Program Files (x86)\FastSearch
2015-08-20 10:12 - 2015-08-20 10:38 - 00000000 ____D C:\Program Files (x86)\GUPlayer
2015-08-20 10:12 - 2015-08-20 10:34 - 00000002 _____ C:\END
2015-08-20 10:12 - 2015-08-20 10:12 - 00012839 _____ C:\Users\Markus Radosztics\Desktop\Apple_Mobile_Device_USB_Driver.msi
2015-08-20 10:12 - 2015-08-20 10:12 - 00003578 _____ C:\Windows\System32\Tasks\Shop-wit Updater
2015-08-20 10:12 - 2015-08-20 10:12 - 00003112 _____ C:\Windows\System32\Tasks\cfr3011
2015-08-20 10:12 - 2015-08-20 10:12 - 00000000 ____D C:\Program Files (x86)\shopwit
2015-08-20 10:12 - 2015-08-11 20:11 - 00349584 _____ (Abengine) C:\Windows\System32\acengine64.dll
2015-08-20 10:11 - 2015-08-20 10:11 - 00662120 _____ ( ) C:\Users\Markus Radosztics\Downloads\Apple_Mobile_Device_USB_Driver.exe
2015-08-20 09:43 - 2015-08-20 09:43 - 00001456 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-08-20 09:43 - 2015-08-20 09:43 - 00000000 ____D C:\Program Files\iPod
2015-08-20 09:43 - 2015-08-20 09:43 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-08-20 09:42 - 2015-08-20 09:42 - 00000000 ____D C:\Windows\System32\Tasks\Apple
2015-08-20 09:42 - 2015-08-20 09:42 - 00000000 ____D C:\Program Files\Bonjour
2015-08-20 09:42 - 2015-08-20 09:42 - 00000000 ____D C:\Program Files (x86)\Bonjour
2015-08-20 09:42 - 2015-08-20 09:42 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2015-08-19 21:11 - 2015-08-19 23:33 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\MediaMonkey
2015-08-19 21:11 - 2015-08-19 21:11 - 00000695 _____ C:\Users\Public\Desktop\MediaMonkey.lnk
2015-08-19 21:11 - 2015-08-19 21:11 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\MediaMonkey
2015-08-19 21:10 - 2015-08-19 21:10 - 00000000 ____D C:\ProgramData\MediaMonkey
2015-08-19 20:18 - 2015-08-13 13:34 - 19292160 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2015-08-19 20:18 - 2015-08-13 12:02 - 14383616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-08-19 20:18 - 2015-08-13 11:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2015-08-19 20:18 - 2015-08-13 11:44 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-08-19 19:48 - 2015-08-19 19:51 - 00000512 __RSH C:\ProgramData\ntuser.pol
2015-08-19 19:46 - 2015-08-19 19:46 - 01135152 _____ C:\Windows\Minidump\081915-12953-01.dmp
2015-08-19 15:27 - 2015-08-19 01:39 - 00048784 _____ (StdLib) C:\Windows\System32\Drivers\{092386fb-9faf-4d52-817c-d4095ab6e5cd}Gw64.sys
2015-08-19 15:24 - 2015-08-21 08:24 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\mystartsearch
2015-08-19 15:24 - 2015-08-19 20:03 - 00000000 ____D C:\ProgramData\nWinManPron
2015-08-19 15:24 - 2015-08-19 15:24 - 00000000 _____ C:\Windows\prleth.sys
2015-08-19 15:24 - 2015-08-19 15:24 - 00000000 _____ C:\Windows\hgfs.sys
2015-08-19 15:22 - 2015-08-19 15:22 - 00000767 _____ C:\Users\Markus Radosztics\Desktop\MP3 Voice Recorder.lnk
2015-08-19 15:22 - 2004-03-08 20:30 - 00212240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\richtx32.ocx
2015-08-15 23:59 - 2015-07-30 14:11 - 00124624 _____ (Microsoft Corporation) C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
2015-08-15 23:59 - 2015-07-30 14:10 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-15 23:59 - 2015-07-13 22:05 - 00054272 _____ (Microsoft Corporation) C:\Windows\System32\basesrv.dll
2015-08-15 23:59 - 2015-07-13 22:05 - 00048128 _____ (Microsoft Corporation) C:\Windows\System32\csrsrv.dll
2015-08-15 23:59 - 2015-07-09 22:46 - 05982208 _____ (Microsoft Corporation) C:\Windows\System32\mstscax.dll
2015-08-15 23:59 - 2015-07-09 22:44 - 00322560 _____ (Microsoft Corporation) C:\Windows\System32\aaclient.dll
2015-08-15 23:59 - 2015-07-09 21:17 - 05095424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-08-15 23:59 - 2015-07-09 21:16 - 00269824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-08-15 23:59 - 2015-07-06 17:16 - 00044560 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\WdBoot.sys
2015-08-15 23:59 - 2015-07-06 15:32 - 00281944 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\WdFilter.sys
2015-08-15 23:59 - 2015-07-01 14:00 - 00227328 _____ (Microsoft Corporation) C:\Windows\System32\WebClnt.dll
2015-08-15 23:59 - 2015-07-01 13:58 - 00104448 _____ (Microsoft Corporation) C:\Windows\System32\davclnt.dll
2015-08-15 23:59 - 2015-07-01 12:42 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-08-15 23:59 - 2015-07-01 12:41 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-08-15 23:58 - 2015-07-28 17:25 - 00025776 _____ (Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
2015-08-15 23:58 - 2015-07-28 15:13 - 01116160 _____ (Microsoft Corporation) C:\Windows\System32\appraiser.dll
2015-08-15 23:58 - 2015-07-28 15:13 - 00774144 _____ (Microsoft Corporation) C:\Windows\System32\invagent.dll
2015-08-15 23:58 - 2015-07-28 15:13 - 00743424 _____ (Microsoft Corporation) C:\Windows\System32\generaltel.dll
2015-08-15 23:58 - 2015-07-28 15:13 - 00437248 _____ (Microsoft Corporation) C:\Windows\System32\devinv.dll
2015-08-15 23:58 - 2015-07-28 15:13 - 00069120 _____ (Microsoft Corporation) C:\Windows\System32\acmigration.dll
2015-08-15 23:58 - 2015-07-28 14:12 - 01148416 _____ (Microsoft Corporation) C:\Windows\System32\aeinv.dll
2015-08-15 23:58 - 2015-07-16 21:32 - 02239488 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2015-08-15 23:58 - 2015-07-16 21:32 - 01409024 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2015-08-15 23:58 - 2015-07-16 21:32 - 00601600 _____ (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2015-08-15 23:58 - 2015-07-16 21:31 - 03959808 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2015-08-15 23:58 - 2015-07-16 21:31 - 00856064 _____ (Microsoft Corporation) C:\Windows\System32\jscript.dll
2015-08-15 23:58 - 2015-07-16 21:31 - 00603136 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2015-08-15 23:58 - 2015-07-16 21:30 - 15416320 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2015-08-15 23:58 - 2015-07-16 21:30 - 02657280 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2015-08-15 23:58 - 2015-07-16 21:30 - 00949760 _____ (Microsoft Corporation) C:\Windows\System32\inetcomm.dll
2015-08-15 23:58 - 2015-07-16 20:07 - 01763328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-08-15 23:58 - 2015-07-16 20:07 - 01181696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-08-15 23:58 - 2015-07-16 20:07 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-08-15 23:58 - 2015-07-16 20:06 - 13774848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-08-15 23:58 - 2015-07-16 20:06 - 02865664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-08-15 23:58 - 2015-07-16 20:06 - 02056704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-08-15 23:58 - 2015-07-16 20:06 - 00737280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-08-15 23:58 - 2015-07-16 20:06 - 00690176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-08-15 23:58 - 2015-07-16 20:06 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-08-15 23:58 - 2015-07-16 20:06 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-08-15 23:58 - 2015-07-16 20:06 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-08-15 23:58 - 2015-07-13 22:23 - 01744384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-08-15 23:58 - 2015-07-13 22:23 - 01422336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-08-15 23:58 - 2015-07-13 22:05 - 02340864 _____ (Microsoft Corporation) C:\Windows\System32\msxml6.dll
2015-08-15 23:58 - 2015-07-13 22:05 - 01850880 _____ (Microsoft Corporation) C:\Windows\System32\msxml3.dll
2015-08-15 23:55 - 2015-07-29 15:45 - 01412608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-08-15 23:55 - 2015-07-29 15:45 - 00035328 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-08-15 23:55 - 2015-07-29 14:52 - 01840640 _____ (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2015-08-15 23:55 - 2015-07-29 14:52 - 01280000 _____ (Microsoft Corporation) C:\Windows\System32\FntCache.dll
2015-08-15 23:55 - 2015-07-29 14:52 - 00046080 _____ (Adobe Systems) C:\Windows\System32\atmlib.dll
2015-08-15 23:55 - 2015-07-27 23:42 - 00304128 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-08-15 23:55 - 2015-07-27 23:40 - 04064768 _____ (Microsoft Corporation) C:\Windows\System32\win32k.sys
2015-08-15 23:55 - 2015-07-27 23:40 - 00366592 _____ (Adobe Systems Incorporated) C:\Windows\System32\atmfd.dll
2015-08-15 23:55 - 2015-07-15 17:09 - 06969688 _____ (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2015-08-15 23:55 - 2015-07-15 17:09 - 00095064 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mountmgr.sys
2015-08-15 23:55 - 2015-07-15 17:06 - 01824296 _____ (Microsoft Corporation) C:\Windows\System32\ntdll.dll
2015-08-15 23:55 - 2015-07-15 14:49 - 01410000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-08-15 23:55 - 2015-07-15 14:29 - 01333248 _____ (Microsoft Corporation) C:\Windows\System32\sysmain.dll
2015-08-15 23:55 - 2015-07-09 22:47 - 00243712 _____ (Microsoft Corporation) C:\Windows\System32\notepad.exe
2015-08-15 23:55 - 2015-07-09 22:47 - 00243712 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-08-15 23:55 - 2015-07-09 21:18 - 00233984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2015-08-15 23:55 - 2015-06-09 14:09 - 00411133 _____ C:\Windows\System32\ApnDatabase.xml
2015-08-03 11:12 - 2015-08-03 11:12 - 00045680 ____H (LogMeIn Inc.) C:\Windows\System32\Drivers\Hamdrv.sys
2015-07-29 14:41 - 2015-07-29 14:41 - 01373000 _____ C:\Windows\Minidump\072915-9968-01.dmp
2015-07-26 15:51 - 2015-07-26 15:51 - 00000803 _____ C:\Users\Public\Desktop\CDBurnerXP.lnk
2015-07-26 15:51 - 2015-07-26 15:51 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\Canneverbe Limited
2015-07-26 15:51 - 2015-07-26 15:51 - 00000000 ____D C:\ProgramData\Canneverbe Limited
2015-07-24 10:56 - 2015-07-30 17:24 - 00016603 _____ C:\Users\Markus Radosztics\Downloads\Schulsporthilfe-Vorschlag-2015.xlsx
2015-07-24 07:23 - 2015-07-24 07:23 - 01274248 _____ C:\Windows\Minidump\072415-10750-01.dmp
2015-07-23 14:47 - 2015-07-23 14:47 - 00000000 ____D C:\Program Files\McAfee Security Scan
2015-07-23 07:54 - 2015-07-23 07:54 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\CEF

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-08-21 09:07 - 2013-09-30 18:24 - 01092913 _____ C:\Windows\WindowsUpdate.log
2015-08-21 09:05 - 2013-10-01 20:22 - 00000000 ____D C:\ProgramData\NVIDIA
2015-08-21 09:05 - 2012-07-26 08:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-21 08:35 - 2014-06-17 21:52 - 00005184 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for WAUT0001-Markus Radosztics WAUT0001
2015-08-21 08:34 - 2013-11-19 20:28 - 00001132 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-21 08:31 - 2015-01-14 22:45 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\LogMeIn Hamachi
2015-08-21 08:31 - 2014-12-27 11:46 - 00000000 ___RD C:\Users\Markus Radosztics\iCloudDrive
2015-08-21 08:31 - 2013-10-13 19:57 - 00000000 ___RD C:\Users\Markus Radosztics\Dropbox
2015-08-21 08:31 - 2013-10-13 19:55 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\Dropbox
2015-08-21 08:29 - 2013-09-30 18:17 - 00266696 _____ C:\Windows\PFRO.log
2015-08-21 08:00 - 2015-06-18 05:45 - 00001290 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-817472733-4082136947-4255886928-1001UA.job
2015-08-21 08:00 - 2012-07-26 11:27 - 00751892 _____ C:\Windows\System32\perfh007.dat
2015-08-21 08:00 - 2012-07-26 11:27 - 00155620 _____ C:\Windows\System32\perfc007.dat
2015-08-21 08:00 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\System32\sru
2015-08-21 08:00 - 2012-07-26 08:28 - 01745416 _____ C:\Windows\System32\PerfStringBackup.INI
2015-08-21 07:57 - 2013-09-30 18:30 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-817472733-4082136947-4255886928-1001
2015-08-21 07:52 - 2015-03-20 09:39 - 00507984 _____ C:\Windows\System32\FNTCACHE.DAT
2015-08-21 07:50 - 2013-11-22 21:24 - 00000366 _____ C:\Windows\Tasks\HP Photo Creations Communicator.job
2015-08-21 07:37 - 2013-09-30 20:01 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-08-21 07:28 - 2014-12-27 11:45 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\36A80DEE-1AAD-4F7E-AA6A-4638F785B9B6.aplzod
2015-08-20 23:51 - 2013-11-19 20:28 - 00001136 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-20 21:50 - 2013-09-30 18:24 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\VirtualStore
2015-08-20 21:30 - 2013-09-30 18:24 - 00000000 ____D C:\users\Markus Radosztics
2015-08-20 21:10 - 2014-02-01 12:30 - 00000000 ____D C:\ProgramData\Oracle
2015-08-20 21:06 - 2012-07-26 06:26 - 00000269 _____ C:\Windows\win.ini
2015-08-20 20:58 - 2015-03-06 17:34 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-08-20 20:58 - 2014-02-01 12:30 - 00000000 ____D C:\Program Files (x86)\Java
2015-08-20 20:22 - 2014-11-19 17:47 - 00000000 ____D C:\Program Files (x86)\Samsung
2015-08-20 20:22 - 2013-12-19 12:46 - 00000000 ____D C:\Users\Markus Radosztics\Documents\samsung
2015-08-20 20:22 - 2013-12-19 12:46 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\Samsung
2015-08-20 20:18 - 2013-09-30 18:32 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-08-20 19:58 - 2013-09-30 19:29 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\Downloaded Installations
2015-08-20 19:27 - 2015-06-03 19:07 - 00000000 ____D C:\Program Files (x86)\A1 Servicecenter
2015-08-20 18:32 - 2013-10-02 16:05 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\Skype
2015-08-20 10:43 - 2014-06-25 16:28 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-20 10:37 - 2013-09-30 20:01 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-08-20 10:00 - 2015-06-18 05:45 - 00001238 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-817472733-4082136947-4255886928-1001Core.job
2015-08-20 09:43 - 2013-09-30 19:20 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-08-20 09:42 - 2013-09-30 19:20 - 00000000 ____D C:\ProgramData\Apple
2015-08-19 20:47 - 2013-09-30 18:24 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\Packages
2015-08-19 20:18 - 2012-07-26 08:59 - 00000000 ____D C:\Windows\CbsTemp
2015-08-19 19:46 - 2015-07-15 09:52 - 764369291 ____N C:\Windows\MEMORY.DMP
2015-08-19 16:27 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\System32\GroupPolicy
2015-08-16 17:23 - 2015-07-14 20:02 - 00000650 _____ C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2015-08-16 17:22 - 2015-04-17 07:09 - 00000000 ___SD C:\Windows\System32\CompatTel
2015-08-16 17:22 - 2015-04-17 07:09 - 00000000 ____D C:\Windows\System32\appraiser
2015-08-16 17:22 - 2013-09-30 18:57 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-08-16 17:22 - 2013-09-30 18:57 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-08-16 17:22 - 2012-07-26 09:12 - 00000000 ____D C:\Program Files\Windows Defender
2015-08-16 17:22 - 2012-07-26 09:12 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-08-16 09:55 - 2013-09-30 18:52 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-08-16 09:53 - 2013-09-30 21:57 - 00000000 ____D C:\Windows\System32\MRT
2015-08-16 09:51 - 2013-09-30 21:57 - 132483416 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe
2015-08-16 09:26 - 2013-10-01 17:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-15 10:11 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\AUInstallAgent
2015-08-08 03:27 - 2012-07-26 09:14 - 00793544 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-08-08 03:27 - 2012-07-26 09:14 - 00177632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-30 07:37 - 2015-02-23 19:21 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-07-30 07:37 - 2013-10-02 16:05 - 00000000 ____D C:\ProgramData\Skype
2015-07-29 14:41 - 2013-11-25 11:30 - 00000000 ____D C:\Windows\Minidump
2015-07-23 14:47 - 2014-01-16 15:47 - 00001940 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2015-07-23 14:47 - 2014-01-16 15:47 - 00000000 ____D C:\ProgramData\McAfee Security Scan

Einige Dateien in TEMP:
====================
C:\Users\Markus Radosztics\AppData\Local\Temp\2549.exe
C:\Users\Markus Radosztics\AppData\Local\Temp\5494.exe
C:\Users\Markus Radosztics\AppData\Local\Temp\71387_updater.exe
C:\Users\Markus Radosztics\AppData\Local\Temp\976.exe
C:\Users\Markus Radosztics\AppData\Local\Temp\AutoWifi.exe
C:\Users\Markus Radosztics\AppData\Local\Temp\devcon64.exe
C:\Users\Markus Radosztics\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpbk9cpk.dll
C:\Users\Markus Radosztics\AppData\Local\Temp\Execute2App.exe
C:\Users\Markus Radosztics\AppData\Local\Temp\fsd6341.exe
C:\Users\Markus Radosztics\AppData\Local\Temp\fsd6B10.exe
C:\Users\Markus Radosztics\AppData\Local\Temp\fsdC449.exe
C:\Users\Markus Radosztics\AppData\Local\Temp\fsdD8AD.exe
C:\Users\Markus Radosztics\AppData\Local\Temp\fuf5B0B.exe
C:\Users\Markus Radosztics\AppData\Local\Temp\install1804741.exe
C:\Users\Markus Radosztics\AppData\Local\Temp\IQIYIsetup_l_huayukeji@kb006.exe
C:\Users\Markus Radosztics\AppData\Local\Temp\masauto_runxx.dl.dll
C:\Users\Markus Radosztics\AppData\Local\Temp\masblog_runxx.dl.dll
C:\Users\Markus Radosztics\AppData\Local\Temp\msvcp90.dll
C:\Users\Markus Radosztics\AppData\Local\Temp\msvcr90.dll
C:\Users\Markus Radosztics\AppData\Local\Temp\nsc7E69.exe
C:\Users\Markus Radosztics\AppData\Local\Temp\qqpcmgr_v10.11.16600.237_72601_Silence.exe
C:\Users\Markus Radosztics\AppData\Local\Temp\QYAgent_runxx.dl.dll
C:\Users\Markus Radosztics\AppData\Local\Temp\res.dll
C:\Users\Markus Radosztics\AppData\Local\Temp\setup3.exe
C:\Users\Markus Radosztics\AppData\Local\Temp\shopup.exe
C:\Users\Markus Radosztics\AppData\Local\Temp\shpwt.exe
C:\Users\Markus Radosztics\AppData\Local\Temp\sqlite3.dll
C:\Users\Markus Radosztics\AppData\Local\Temp\SYkC1CD.exe
C:\Users\Markus Radosztics\AppData\Local\Temp\tmp7048.tmp.exe
C:\Users\Markus Radosztics\AppData\Local\Temp\Uninstall.exe
C:\Users\Markus Radosztics\AppData\Local\Temp\{EFF616A3-14B1-4A6A-9192-4E85EA2DE69E}_emergency.exe

==================== Known DLLs (Nicht auf der Ausnahmeliste) =========================


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\System32\winlogon.exe => MD5 ist legitim
C:\Windows\System32\wininit.exe => MD5 ist legitim
C:\Windows\explorer.exe => MD5 ist legitim
C:\Windows\SysWOW64\explorer.exe => MD5 ist legitim
C:\Windows\System32\svchost.exe => MD5 ist legitim
C:\Windows\SysWOW64\svchost.exe => MD5 ist legitim
C:\Windows\System32\services.exe
[2015-05-13 16:31] - [2015-04-13 06:32] - 0417280 ____A (Microsoft Corporation) 590A2B4198DD35AA42893BA04F66FD3F

C:\Windows\System32\User32.dll
[2014-10-16 21:39] - [2014-06-28 07:57] - 1341952 ____A (Microsoft Corporation) FAC7814096952227B0EBB08175D82B40

C:\Windows\SysWOW64\User32.dll
[2014-10-16 21:39] - [2014-06-28 03:23] - 1126400 ____A (Microsoft Corporation) BBC180F529B08A65100536A08724ED58

C:\Windows\System32\userinit.exe => MD5 ist legitim
C:\Windows\SysWOW64\userinit.exe => MD5 ist legitim
C:\Windows\System32\rpcss.dll => MD5 ist legitim
C:\Windows\System32\dnsapi.dll
[2014-12-11 21:27] - [2014-10-09 04:59] - 0623616 ____A (Microsoft Corporation) 7904C03BF9C0C0337563FFAA97D0ACE8

C:\Windows\SysWOW64\dnsapi.dll
[2014-12-11 21:27] - [2014-10-09 04:58] - 0458240 ____A (Microsoft Corporation) 0BE9606A1175C7400ED862991453A847

C:\Windows\System32\Drivers\volsnap.sys
[2014-10-16 21:43] - [2014-07-04 11:52] - 0328000 ____A (Microsoft Corporation) AA37946941ED3805AB3A924965907147


==================== Wiederherstellungspunkte =========================


==================== Speicherinformationen =========================== 

Prozentuale Nutzung des RAM: 10%
Installierter physikalischer RAM: 8143.88 MB
Verfügbarer physikalischer RAM: 7292.79 MB
Summe virtueller Speicher: 8143.88 MB
Verfügbarer virtueller Speicher: 7307.44 MB

==================== Laufwerke ================================

Drive c: (System) (Fixed) (Total:111.45 GB) (Free:3.06 GB) NTFS
Drive d: (Daten) (Fixed) (Total:931.51 GB) (Free:727.19 GB) NTFS
Drive e: () (Removable) (Total:0.98 GB) (Free:0.98 GB) FAT32
Drive f: (32_00_00) (Fixed) (Total:298.02 GB) (Free:208.52 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (System-reserviert) (Fixed) (Total:0.34 GB) (Free:0.11 GB) NTFS ==>[System mit Startkomponenten (eingeholt von lesen Laufwerk)]

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 2A03BD70)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.4 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 2A03BD6D)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 1011 MB) (Disk ID: 0DFF7265)
No partition Table on disk 2.

========================================================
Disk: 4 (MBR Code: Windows XP) (Size: 298.1 GB) (Disk ID: 3E1EBD07)
Partition 1: (Active) - (Size=298.1 GB) - (Type=0C)


LastRegBack: 2015-08-16 17:02

==================== Ende von Ergebnis ============================
         
Don Camillo, der übrigens gestern Java installiert hat und seitdem so eine komische Software mit chinesischen Zeichen am Laufen hat, die ich zwar schon deinstalliert habe unter Programme, aber die trotzdem noch da ist und mit ständigen Pop-Up-Fenstern nervt.

Alt 22.08.2015, 09:49   #9
schrauber
/// the machine
/// TB-Ausbilder
 

Ständig öffnen sich neue Internet-Fenster - Standard

Ständig öffnen sich neue Internet-Fenster



Wenn der Rechner normal startet dann bitte mit den Anweisungen aus dem vorletzten Post weiter machen, ESET Onlinescan und Co
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 22.08.2015, 14:52   #10
Don_Camillo
 
Ständig öffnen sich neue Internet-Fenster - Standard

Ständig öffnen sich neue Internet-Fenster



Hier ist das ESET-Logfile:

Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=1369993e84da1f4d82ed91939febc327
# end=init
# utc_time=2015-08-22 11:13:42
# local_time=2015-08-22 01:13:42 (+0100, Mitteleuropäische Sommerzeit)
# country="Austria"
# osver=6.2.9200 NT 
Update Init
Update Download
Update Finalize
Updated modules version: 25397
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=1369993e84da1f4d82ed91939febc327
# end=updated
# utc_time=2015-08-22 11:19:04
# local_time=2015-08-22 01:19:04 (+0100, Mitteleuropäische Sommerzeit)
# country="Austria"
# osver=6.2.9200 NT 
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=1369993e84da1f4d82ed91939febc327
# engine=25397
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-08-22 12:33:54
# local_time=2015-08-22 02:33:54 (+0100, Mitteleuropäische Sommerzeit)
# country="Austria"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 150986 4053710 0 0
# scanned=378233
# found=198
# cleaned=0
# scan_time=4489
sh=C32947EF2CA2C19EE4AAC336D5F9695A000986E4 ft=1 fh=2f07912b0e2564f8 vn="Variante von Win32/Solimba.C evtl. unerwünschte Anwendung" ac=I fn="C:\$Recycle.Bin\S-1-5-21-817472733-4082136947-4255886928-1001\$RH5PA0J.exe"
sh=9B0D83F390959F137E430824DB9A8757DFD9E8BC ft=1 fh=9fb325431298e094 vn="Variante von Win32/AdWare.SpeedingUpMyPC.N Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus Radosztics\AppData\Roaming\RHEng\494798214E33401494DD58835BA348C0\OptimizerPro.exe.vir"
sh=708C2EABF37588554E7530E82773E3785D36DBA6 ft=1 fh=cd8c4a243aac4b69 vn="Variante von Win32/Wajam.T evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus Radosztics\AppData\Roaming\RHEng\8218DC45DEB74DFD91B345C9D5135827\WWE_1.44.5.10.exe.vir"
sh=568F5AB6545E0298557B527C70D7E2DE24742DBA ft=1 fh=3280dd8fccb2a277 vn="Variante von MSIL/Amonetize.AA evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files\igfx32\igfx32.exe"
sh=4CA39D7210787694515B8DA532E474AAC2882436 ft=1 fh=7da3dc549260331b vn="MSIL/StartPage.BG Trojaner" ac=I fn="C:\Program Files\igfx32\packages\0188a862-794e-4d85-ae0a-de04a64a973f\file.exe"
sh=A9D457421D39A8B6CA33BF549945D976F262D39B ft=1 fh=24b24f8b9757e7db vn="MSIL/Agent.QPF Trojaner" ac=I fn="C:\Program Files\igfx32\packages\0188a862-794e-4d85-ae0a-de04a64a973f\start.exe"
sh=279AC1526E064CA06F8EE3976106731F3D50C130 ft=1 fh=b970d8d7bf051b8c vn="Variante von MSIL/Toolbar.Linkury.S evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files\igfx32\packages\54cbc31f-d6cf-4034-8f3f-db9fb5a613ac\Jackson.exe"
sh=4608E29EA2427D18DE964E01C137E009E9C72AAC ft=1 fh=1c73383dae7844dc vn="Variante von MSIL/Amonetize.AB evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files\igfx32\packages\b6ec3048-f68f-40c2-84af-0f333b42d550\fchk.exe"
sh=5942FDA73220BF776ED0EBAC9F7CE57ADC2D5671 ft=1 fh=123abec879d1baab vn="Variante von Win32/OutBrowse.BY evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files\igfx32\packages\b6ec3048-f68f-40c2-84af-0f333b42d550\setup\JavaUpdate.8.0.450.14.exe"
sh=805E2A87B36E2E9E9FCD4881058A2636162F2018 ft=1 fh=66c28e6c46d9def8 vn="Variante von Win32/OutBrowse.BY evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files\igfx32\packages\b6ec3048-f68f-40c2-84af-0f333b42d550\setup\VLCUpdate.2.2.1.exe"
sh=964F6C6421E2C75110398D55111B49CEB7DFDD38 ft=1 fh=d21b90e685bee935 vn="Variante von Win32/OutBrowse.BY evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files\igfx32\packages\b6ec3048-f68f-40c2-84af-0f333b42d550\setup\WinrarUpdate.5.21.0.exe"
sh=A0A60FD2F39C0CDC5CB73038DCAC38965D0A9611 ft=1 fh=6fdbf8af5feee06a vn="Variante von Win32/Adware.ConvertAd.WQ Anwendung" ac=I fn="C:\Program Files (x86)\00000000-1440101150-0000-0000-448A5BA07B78\rnsqD019.exe"
sh=2996C742415D0B104044FE7293473DA66F386AC2 ft=1 fh=2708948c11391be9 vn="Win32/AnyProtect.I evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\AnyProtectEx\Uninstall.exe"
sh=6ACB5B4F760FBC6937250C3448DED69AC0A46DAD ft=1 fh=4e42c013f3d27293 vn="Variante von Win32/HideBaid.L evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\baidu\Bind.exe"
sh=805132505F1270C1DB2F6C808FB2B31FE2475AF5 ft=1 fh=5c503c5e2b2849bb vn="Variante von Win32/Toolbar.CrossRider.CG evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\Cinem Plus 2.4cV20.08\1159fad3-7973-4be7-b312-c162e4e7bfd9.dll"
sh=AC149E5B4610D011D0FFB9CA26270DDE0152BC4D ft=1 fh=c71c0011c4309a57 vn="Variante von Win32/Toolbar.CrossRider.CG evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\CinemaP-1.9cV16.03\156eacdc-6be3-484e-958c-b1950c01381c.dll"
sh=7BDEB1BAA07CC5FC2BD80D8DA0BB0DACFEFCD8DF ft=1 fh=08b0354e8a474639 vn="Variante von Win32/Solimba.C evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\GUPlayer\GUPlayerUninstaller.exe"
sh=EDB59ADBEA45CF3FA6B85BD29413711C3B68D78A ft=1 fh=1b1adebab83c94bf vn="Variante von MSIL/MyPCBackup.G evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\OLBPre\OLBPre.exe"
sh=A54B9C560D1C90243FDA63220EE86C80FCD4D326 ft=1 fh=80dc06b1762ff605 vn="Variante von Win32/Toolbar.Montiera.AG evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\shopwit\shopwit\1.4.0.7\shopwit.exe"
sh=2B58D3AD036665900C39C9CEB73C45AB5B1D396D ft=1 fh=c71c0011681c0fa5 vn="Variante von Win32/Toolbar.Montiera.AE evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\shopwit\shopwit\1.4.0.7\yjae1Hlm.dll"
sh=94C0F4786BD516B096D8E44A15481617394A3AF8 ft=1 fh=1c1d92655d912850 vn="Variante von Win32/Toolbar.Linkury.U.gen evtl. unerwünschte Anwendung" ac=I fn="C:\ProgramData\ExtTag\Alphatrax.dll"
sh=0DA50FE09462C7E4C1FCD4E32E070A81734C358A ft=1 fh=f132251ef3f8699a vn="Variante von Win32/Toolbar.Linkury.T evtl. unerwünschte Anwendung" ac=I fn="C:\ProgramData\ExtTag\Biodandom.dll"
sh=2A9F3E2270475620A21AD1757833D29B51438702 ft=1 fh=d96ecd29f2f29530 vn="Variante von Win32/Toolbar.Linkury.T evtl. unerwünschte Anwendung" ac=I fn="C:\ProgramData\ExtTag\Blueplus.dll"
sh=EF541F00984EDA65F91B2577E4F596C541C2AF73 ft=1 fh=0ecf269dd4864ab0 vn="Variante von MSIL/Toolbar.Linkury.S evtl. unerwünschte Anwendung" ac=I fn="C:\ProgramData\ExtTag\ExtTag.exe"
sh=9925675D1A850EA6CF32BCCBD8562FC9CA453F91 ft=1 fh=e9fa79aa07b0956e vn="Variante von MSIL/Toolbar.Linkury.M.gen evtl. unerwünschte Anwendung" ac=I fn="C:\ProgramData\ExtTag\Greenstring.exe"
sh=71DADE4A83E252202EB71DE147EF7E5DE2B5D906 ft=1 fh=4e11953c78120a3e vn="Variante von Win32/Toolbar.Linkury.U.gen evtl. unerwünschte Anwendung" ac=I fn="C:\ProgramData\ExtTag\Jobzimtech.dll"
sh=008312D1FE965AE64AD9567AF64953CFC6E48F6A ft=1 fh=89c8f34e4ca9e9be vn="Variante von Win64/Toolbar.Linkury.D.gen evtl. unerwünschte Anwendung" ac=I fn="C:\ProgramData\ExtTag\Keyfix.dll"
sh=34DC17E8EBE21DDFFABEB9B0A988B4B69789C9A1 ft=1 fh=0ea4b96e4fccb737 vn="Variante von Win32/Toolbar.Linkury.U.gen evtl. unerwünschte Anwendung" ac=I fn="C:\ProgramData\ExtTag\Overnix.dll"
sh=1F106017DC5711FBE81C2469F9F88174E6D16FBE ft=1 fh=cff46087fffb3f23 vn="Variante von Win64/Toolbar.Linkury.D.gen evtl. unerwünschte Anwendung" ac=I fn="C:\ProgramData\ExtTag\Solin.dll"
sh=A2F16D9AA6055165564FE9A4507BECF14DE2D59D ft=1 fh=27348dfd81b975f5 vn="Variante von Win32/Toolbar.Linkury.U.gen evtl. unerwünschte Anwendung" ac=I fn="C:\ProgramData\ExtTag\Vilatam.dll"
sh=F860205B091D79DB5BBB2FDC6C136203B54E96E5 ft=1 fh=f0980999170e3b6e vn="Variante von Win64/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\ProgramData\ExtTag\Zimdox.dll"
sh=94C0F4786BD516B096D8E44A15481617394A3AF8 ft=1 fh=1c1d92655d912850 vn="Variante von Win32/Toolbar.Linkury.U.gen evtl. unerwünschte Anwendung" ac=I fn="C:\Users\All Users\ExtTag\Alphatrax.dll"
sh=0DA50FE09462C7E4C1FCD4E32E070A81734C358A ft=1 fh=f132251ef3f8699a vn="Variante von Win32/Toolbar.Linkury.T evtl. unerwünschte Anwendung" ac=I fn="C:\Users\All Users\ExtTag\Biodandom.dll"
sh=2A9F3E2270475620A21AD1757833D29B51438702 ft=1 fh=d96ecd29f2f29530 vn="Variante von Win32/Toolbar.Linkury.T evtl. unerwünschte Anwendung" ac=I fn="C:\Users\All Users\ExtTag\Blueplus.dll"
sh=EF541F00984EDA65F91B2577E4F596C541C2AF73 ft=1 fh=0ecf269dd4864ab0 vn="Variante von MSIL/Toolbar.Linkury.S evtl. unerwünschte Anwendung" ac=I fn="C:\Users\All Users\ExtTag\ExtTag.exe"
sh=9925675D1A850EA6CF32BCCBD8562FC9CA453F91 ft=1 fh=e9fa79aa07b0956e vn="Variante von MSIL/Toolbar.Linkury.M.gen evtl. unerwünschte Anwendung" ac=I fn="C:\Users\All Users\ExtTag\Greenstring.exe"
sh=71DADE4A83E252202EB71DE147EF7E5DE2B5D906 ft=1 fh=4e11953c78120a3e vn="Variante von Win32/Toolbar.Linkury.U.gen evtl. unerwünschte Anwendung" ac=I fn="C:\Users\All Users\ExtTag\Jobzimtech.dll"
sh=008312D1FE965AE64AD9567AF64953CFC6E48F6A ft=1 fh=89c8f34e4ca9e9be vn="Variante von Win64/Toolbar.Linkury.D.gen evtl. unerwünschte Anwendung" ac=I fn="C:\Users\All Users\ExtTag\Keyfix.dll"
sh=34DC17E8EBE21DDFFABEB9B0A988B4B69789C9A1 ft=1 fh=0ea4b96e4fccb737 vn="Variante von Win32/Toolbar.Linkury.U.gen evtl. unerwünschte Anwendung" ac=I fn="C:\Users\All Users\ExtTag\Overnix.dll"
sh=1F106017DC5711FBE81C2469F9F88174E6D16FBE ft=1 fh=cff46087fffb3f23 vn="Variante von Win64/Toolbar.Linkury.D.gen evtl. unerwünschte Anwendung" ac=I fn="C:\Users\All Users\ExtTag\Solin.dll"
sh=A2F16D9AA6055165564FE9A4507BECF14DE2D59D ft=1 fh=27348dfd81b975f5 vn="Variante von Win32/Toolbar.Linkury.U.gen evtl. unerwünschte Anwendung" ac=I fn="C:\Users\All Users\ExtTag\Vilatam.dll"
sh=F860205B091D79DB5BBB2FDC6C136203B54E96E5 ft=1 fh=f0980999170e3b6e vn="Variante von Win64/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\Users\All Users\ExtTag\Zimdox.dll"
sh=6FA07C781B84151C862A8FACD4E2EFB7D8DA3E2F ft=1 fh=ebf21d2230451b57 vn="Win32/AnyProtect.G evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\nse80CC.tmp"
sh=6FA07C781B84151C862A8FACD4E2EFB7D8DA3E2F ft=1 fh=ebf21d2230451b57 vn="Win32/AnyProtect.G evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\nseE692.tmp"
sh=6FA07C781B84151C862A8FACD4E2EFB7D8DA3E2F ft=1 fh=ebf21d2230451b57 vn="Win32/AnyProtect.G evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\nss7098.tmp"
sh=6FA07C781B84151C862A8FACD4E2EFB7D8DA3E2F ft=1 fh=ebf21d2230451b57 vn="Win32/AnyProtect.G evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\nsv2DEB.tmp"
sh=A0A60FD2F39C0CDC5CB73038DCAC38965D0A9611 ft=1 fh=6fdbf8af5feee06a vn="Variante von Win32/Adware.ConvertAd.WQ Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\00000000-1440108399-0000-0000-448A5BA07B78\rnsc5FED.exe"
sh=491164FE123DB6DA6E777864326D6213AD986A78 ft=1 fh=3cc6bbefcd819d9d vn="Win32/Adware.ConvertAd.UC Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\00000000-1440108399-0000-0000-448A5BA07B78\snsc5FEC.tmp"
sh=FA14CDEDC3BCBCB1C8B8487D47BE1E628A930503 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\102.js"
sh=C10E64DC01896B43B0C89F53376D4164453BC74E ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\178.js"
sh=9CB942D538CEA821683BC9D832014E8EC5FDE2EC ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\179.js"
sh=80C90D030EA66EA5346FBF5214670595E3375CAD ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\180.js"
sh=0987FB3F0C956A9578B1C3D050189BB99A017FC2 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\184.js"
sh=32FE8D811A0CD3B7424FD03880F6FE6C32781264 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.G evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\19.js"
sh=4BCC541E7A14BF89B1633A1BC794E6848B831E80 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\200.js"
sh=81093FDBF2F59E6D00BA4DACA51E6D37F185678F ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\220.js"
sh=4A456E8397DFF5CBB4FF25D8B9710C41A42AFCC3 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\223.js"
sh=877349BAD187BE3A07174EA0A6F16A375474C639 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\231.js"
sh=776290247C80F20D24E4BA8F99F13F2D5578ECC8 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\232.js"
sh=F3C19FB08E08EEDA6008DFA8175DEDEA51DE1BFA ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\234.js"
sh=69F3441DAAA26144ABB42DB33386C549E9F2231D ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\242.js"
sh=3CA5653E6B858F15992AC689F06C8456A94B0CC7 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\253.js"
sh=C7CDE1253534F30E65119C426D5345ED57905D37 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\262.js"
sh=F07F02D132DE7A3F89F9CEE7284820DB1DD63331 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\263.js"
sh=C7574CAC8611C5FBBE4AE2127C4CA0E2FB58DB69 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\273.js"
sh=5443843013D026E8A114EDEC837671DAC84F4AEA ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\281.js"
sh=397EC598B400D3A2111C9C0EEA7D85464774BBD7 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\288.js"
sh=EEC37C06483A1CC592AEBB925056B8C66C782438 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\289.js"
sh=7A0B43CC3BD069AE9B149EB8F4BEEB6F097837DB ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\300.js"
sh=F830C45582EA30AA81037DD511D6657BAC6D3470 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\335.js"
sh=DAFE26CC2D17C59CC7CA0B0563A50C6215781167 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\339.js"
sh=81A6DC2B3E4EB2A7B58E592A3E86C0C858936E87 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\380.js"
sh=46785AF9F3FDFD7BA7E68C918CA9B2BFD5FE81CE ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\385.js"
sh=939E258F473C19C99336F99FA8924A127E12AA67 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\389.js"
sh=8C03AF269B9B3748482016ABD7F8FDF2BE562177 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\390.js"
sh=B11A64AE212C15C25C435BCE4C67235DDECCE883 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\391.js"
sh=08A2BB08725C99F79A889C6C7CB9C7DD6306E0B6 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\424.js"
sh=86D944D5832E0CADF81AD1ABD5E5CDC20C057A44 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\437.js"
sh=38F620054260AA85245ED08062006157CE62CD54 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\91.js"
sh=908310927982C1DFD45B8CBBF669A940C0CE7CC6 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.E evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\js\b6b7830c988806df88c32cfddd53fc99.js"
sh=AF15C2CD390979ACF65E9210C6DB0E85252F6052 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.G evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\js\api\1f71f589179f394711674e1bef2e79a8.js"
sh=832ADA6E9B2673CA1DE314A566FF76316F0A2997 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.G evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\js\api\a08bb5eaf593c92c0258a3aa5f5d9c10.js"
sh=F4FE303A5886572113DF4DA3579956CEBB907F56 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.G evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\js\api\e859f8ab59353a98b1ba776d4ab159a6.js"
sh=B3ABD3CAA6ADACF7A87576C3F949A2C023F51456 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.G evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\js\lib\04653a6705d18bce9815dba825dbd4f3.js"
sh=F7B2040B9EB935D0FFB1571CC0184FED6B7D7583 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.G evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\js\lib\1224091a7d8a03a01c84cfece5978749.js"
sh=902E327ADBC89F0A47999D10E7F6F6554CFCC0F4 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.G evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\js\lib\148ed776917d1394e64d3bee6bb0a7d0.js"
sh=6B8D57805A81A0C2A68E87C410FF89D15BB71CC9 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.H evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\js\lib\32e72a69456c7c6b07a2b8bb2a43a288.js"
sh=3E6E49061DC4C0339624D1BD4C5972D2D6988DA4 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.G evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\js\lib\8f9803aafd03bf9d3527c303aedc96e5.js"
sh=D88F73897D0415B880A52D98AACBCBA8372956B2 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.G evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\js\lib\b20ec6be3b71d58ac5b997701b1928fb.js"
sh=EDB82EF0A2AC160256F1A5C49F0778E3A42AC559 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.G evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\js\lib\d69da36dc93a45dd99574490876cba61.js"
sh=D0C7F78DB84A354E59B10C0A394E6B2779597925 ft=0 fh=0000000000000000 vn="Win32/Toolbar.TNT2.I evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8187EMMG\1[1].zip"
sh=9B4A8E1835F375DBA6A150C1D231D8750EFC4FB9 ft=0 fh=0000000000000000 vn="Win32/Toolbar.TNT2.I evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8187EMMG\1[2].zip"
sh=9ABBAF453246D0C43D62E3A372F40807FB500BCD ft=1 fh=c71c0011f21cd2d8 vn="Win32/AnyProtect.H evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8187EMMG\AnyProtect[1].exe"
sh=89A374B457E92AF2AF2623B8F85A2A5C14D5CAB3 ft=1 fh=c3f4930aa34ec276 vn="Variante von Win32/Adware.ConvertAd.WD Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8187EMMG\policyname[1].exe"
sh=3AC4A9844D4F9BD3BB4E8901A97110E427401FE4 ft=1 fh=8fc422a7ad8e11f3 vn="Variante von Win32/Toolbar.CrossRider.CZ evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8187EMMG\setup[1].exe"
sh=A6EBA8A5E8C8EF9A3973203EAF393460D303B821 ft=0 fh=0000000000000000 vn="Win32/XingSofInst.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MWQCMX90\2[2].zip"
sh=6FA07C781B84151C862A8FACD4E2EFB7D8DA3E2F ft=1 fh=ebf21d2230451b57 vn="Win32/AnyProtect.G evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MWQCMX90\AnyProtectSetup[1].exe"
sh=9ABBAF453246D0C43D62E3A372F40807FB500BCD ft=1 fh=c71c0011f21cd2d8 vn="Win32/AnyProtect.H evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MWQCMX90\AnyProtect[1].exe"
sh=C98D7CF7AE934A46CE23DF3017469B961C862AD9 ft=1 fh=e4f536f3f580d5c1 vn="Variante von MSIL/Adware.Imali.A Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MWQCMX90\FinalInstaller_dotnet4[1].exe"
sh=BAA544D83AD4DEC18AD39AD88352F01ED2EC7773 ft=1 fh=41431cb0279fdc84 vn="Variante von Win32/Adware.ConvertAd.XA.gen Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MWQCMX90\SearchUpdater[1].exe"
sh=63EBBB5EF7817680DA5819257E7ACCA8545E3939 ft=0 fh=0000000000000000 vn="Win32/XingSofInst.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PYEKUK5B\2[1].zip"
sh=510FDBB2E680A448A97E601A4321EE1816A21C3B ft=1 fh=a125e718cf919a35 vn="Variante von Win32/OutBrowse.BY evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PYEKUK5B\Reimage[1].exe"
sh=7209A1BFDD193888CF9D6634B1D5620E9BB0A570 ft=1 fh=37a32e1420f6e479 vn="Variante von Win32/Packed.ScrambleWrapper.O evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PYEKUK5B\setup[1].exe"
sh=E5A8FA6169C7195369F39DC49676AAC100D24807 ft=1 fh=6a4bfd5fd08dd2fa vn="Variante von Win32/Adware.Imali.E Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PYEKUK5B\setup_362[2].exe"
sh=4DAF88365A6CC9A52703404812352AFD7D23B335 ft=1 fh=c67803aaa0601427 vn="Variante von Win32/OutBrowse.BY evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XVRE7LXX\Reimage[1].exe"
sh=A9997714D8E62E449BE6B3ED46EBFF4D29646752 ft=1 fh=a3bab22b0a9c336a vn="Win32/InstallMonetizer.BG evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XVRE7LXX\VuuPC_VO2_8907[1].exe"
sh=9D96CEBE4395E0151B82F2C64AC9C2DDA2274FB2 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1DM2S2NU\trojaner-board_de[1].htm"
sh=C89E2588365B65C2ACA9D862F1D04851482DD85C ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\RYADG1IT\afr[1].htm"
sh=18A7F915DAF36A39EF7AC79BA106B43F324EAD2A ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Mozilla\Firefox\Profiles\febuujst.default\cache2\entries\1467BB079417F9F051FA6EA8C7391D9C03B46034"
sh=622B3FBFF7F44F1400A3D984BEDDC310B9E391D7 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Mozilla\Firefox\Profiles\febuujst.default\cache2\entries\2513273621AEA92FDA7F197FE306C61AB57CD82C"
sh=C9DF8322F62D6731FC3C6A613ACC2D4A7CF86137 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Mozilla\Firefox\Profiles\febuujst.default\cache2\entries\2C5B5C32F614ABCE1B2E6F98262E134D3A471F55"
sh=8301307E97016ED8EA5219A963CF6450548D3176 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Mozilla\Firefox\Profiles\febuujst.default\cache2\entries\3AFB6AD46657D59461FDAD66FB5F88F7E486DB73"
sh=A69CE918424FF9F9F128B4A19426559A64963375 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Mozilla\Firefox\Profiles\febuujst.default\cache2\entries\4B011C0394440B2950D8F79F2239B6A410AA9ABA"
sh=4208C9F640C0E0C5785437ED89EAA22F723E0155 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Mozilla\Firefox\Profiles\febuujst.default\cache2\entries\5059E31C2C0B0CC7DDF6B50778335DDD090F02A3"
sh=E494F529567402211F7B501294D1CE1DC285F342 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Mozilla\Firefox\Profiles\febuujst.default\cache2\entries\7457893C1262DC14F9ACD39B0EDB0F4D9A3E4B74"
sh=64A7C2D5108F6DBBDBF228D3EF6E16ED617BCAA8 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Mozilla\Firefox\Profiles\febuujst.default\cache2\entries\76E89FA6682C33F128F828096B95BCA1714D8097"
sh=D5E35E912077176449CAA4E36755692ED9F07D87 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Mozilla\Firefox\Profiles\febuujst.default\cache2\entries\E2157AFFDC9A55B7C1F514C044F34F76759B5515"
sh=FE9F5600DB639612BD7F5BA185821D8C9EB0456D ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Mozilla\Firefox\Profiles\febuujst.default\cache2\entries\FEC3A29932E057A370B8C9524ABE8DA1A67FA8BD"
sh=6453E91847D4D4968B90E20236A331CC5BB19395 ft=1 fh=c71c001101c7c54e vn="Variante von Win32/Toolbar.CrossRider.CD evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Temp\2549.exe"
sh=3AC4A9844D4F9BD3BB4E8901A97110E427401FE4 ft=1 fh=8fc422a7ad8e11f3 vn="Variante von Win32/Toolbar.CrossRider.CZ evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Temp\5494.exe"
sh=7209A1BFDD193888CF9D6634B1D5620E9BB0A570 ft=1 fh=37a32e1420f6e479 vn="Variante von Win32/Packed.ScrambleWrapper.O evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Temp\976.exe"
sh=C98D7CF7AE934A46CE23DF3017469B961C862AD9 ft=1 fh=e4f536f3f580d5c1 vn="Variante von MSIL/Adware.Imali.A Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Temp\fsd6341.exe"
sh=C98D7CF7AE934A46CE23DF3017469B961C862AD9 ft=1 fh=e4f536f3f580d5c1 vn="Variante von MSIL/Adware.Imali.A Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Temp\fsd6B10.exe"
sh=C98D7CF7AE934A46CE23DF3017469B961C862AD9 ft=1 fh=e4f536f3f580d5c1 vn="Variante von MSIL/Adware.Imali.A Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Temp\fsdC449.exe"
sh=C98D7CF7AE934A46CE23DF3017469B961C862AD9 ft=1 fh=e4f536f3f580d5c1 vn="Variante von MSIL/Adware.Imali.A Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Temp\fsdD8AD.exe"
sh=BD4751E4797043C0A1F4D74EBCA1E1BC325A8F0F ft=1 fh=3aa7b8e8f10141cd vn="Variante von Win32/InstallCore.VV evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Temp\ICReinstall_nsg2EF9.tmp"
sh=EBC603BB724B644A9922B284D1AE778EEEB3C929 ft=1 fh=18c1148c484ad496 vn="Variante von Win32/Adware.ConvertAd.XC.gen Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Temp\nsbB654.tmp"
sh=6202C4893945B92BD0E8011F4EAE716AE9AD3B66 ft=1 fh=95b6f41d3e9a4a2a vn="Variante von MSIL/Amonetize.AB evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Temp\nsc7E69.exe"
sh=B9ECABDD8F386A528414CB9F07A0BDC6DD4D3BCD ft=1 fh=ff869300bb378ccf vn="Variante von Win32/Adware.ConvertAd.XD.gen Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Temp\nscDA5A.tmp"
sh=E0118A55956BB3448D5D6F45EF7E9BD43C8224D8 ft=1 fh=b450d75ff86965e7 vn="Variante von Win32/Adware.ConvertAd.XC.gen Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Temp\nsdF6EC.tmp"
sh=BD4751E4797043C0A1F4D74EBCA1E1BC325A8F0F ft=1 fh=3aa7b8e8f10141cd vn="Variante von Win32/InstallCore.VV evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Temp\nsg2EF9.tmp"
sh=B330E680CE55A3DFC5B0152052F1A54A8505520B ft=1 fh=8158c06b6a03d286 vn="Variante von Win32/Adware.ConvertAd.XC.gen Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Temp\nsi2FB1.tmp"
sh=B330E680CE55A3DFC5B0152052F1A54A8505520B ft=1 fh=8158c06b6a03d286 vn="Variante von Win32/Adware.ConvertAd.XC.gen Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Temp\nsj7B4.tmp"
sh=A30E0405040B94374FFE277EAF0A996D861C7F26 ft=1 fh=5a3d48a7e5d407f1 vn="Win32/HideBaid.L evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Temp\nsjAE42.tmp"
sh=EBC603BB724B644A9922B284D1AE778EEEB3C929 ft=1 fh=18c1148c484ad496 vn="Variante von Win32/Adware.ConvertAd.XC.gen Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Temp\nskE9B3.tmp"
sh=B9ECABDD8F386A528414CB9F07A0BDC6DD4D3BCD ft=1 fh=ff869300bb378ccf vn="Variante von Win32/Adware.ConvertAd.XD.gen Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Temp\nso3242.tmp"
sh=B330E680CE55A3DFC5B0152052F1A54A8505520B ft=1 fh=8158c06b6a03d286 vn="Variante von Win32/Adware.ConvertAd.XC.gen Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Temp\nsoD141.tmp"
sh=B330E680CE55A3DFC5B0152052F1A54A8505520B ft=1 fh=8158c06b6a03d286 vn="Variante von Win32/Adware.ConvertAd.XC.gen Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Temp\nsq3687.tmp"
sh=B330E680CE55A3DFC5B0152052F1A54A8505520B ft=1 fh=8158c06b6a03d286 vn="Variante von Win32/Adware.ConvertAd.XC.gen Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Temp\nsr2E68.tmp"
sh=B9ECABDD8F386A528414CB9F07A0BDC6DD4D3BCD ft=1 fh=ff869300bb378ccf vn="Variante von Win32/Adware.ConvertAd.XD.gen Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Temp\nsr38F9.tmp"
sh=B9ECABDD8F386A528414CB9F07A0BDC6DD4D3BCD ft=1 fh=ff869300bb378ccf vn="Variante von Win32/Adware.ConvertAd.XD.gen Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Temp\nss10FC.tmp"
sh=EBC603BB724B644A9922B284D1AE778EEEB3C929 ft=1 fh=18c1148c484ad496 vn="Variante von Win32/Adware.ConvertAd.XC.gen Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Temp\nss8325.tmp"
sh=574BDC64C4C790A31E010AABB2D6789E690B8E7D ft=1 fh=be1af8505cbed5bf vn="Variante von Win32/Adware.ConvertAd.XD.gen Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Temp\nssD54.tmp"
sh=EBC603BB724B644A9922B284D1AE778EEEB3C929 ft=1 fh=18c1148c484ad496 vn="Variante von Win32/Adware.ConvertAd.XC.gen Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Temp\nsuE86B.tmp"
sh=EBC603BB724B644A9922B284D1AE778EEEB3C929 ft=1 fh=18c1148c484ad496 vn="Variante von Win32/Adware.ConvertAd.XC.gen Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Temp\nsxF05A.tmp"
sh=B9ECABDD8F386A528414CB9F07A0BDC6DD4D3BCD ft=1 fh=ff869300bb378ccf vn="Variante von Win32/Adware.ConvertAd.XD.gen Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Temp\nsy30AC.tmp"
sh=3990977EEFF475D8E4B6F93249955A42567FEE1F ft=1 fh=5db928a760750611 vn="Variante von Win32/HideBaid.L evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Temp\setup3.exe"
sh=2219C4E172CD87F40B0D3FD5FCCCBFDCCF379243 ft=1 fh=a002f5dedfc90054 vn="Variante von Win32/Toolbar.Montiera.R evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Temp\shopup.exe"
sh=2B9620378B881BEC2CBA33C65EC02DB128A5CD81 ft=1 fh=f552f76c1bc42a1d vn="Variante von Win32/Toolbar.Montiera.AE evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Temp\shpwt.exe"
sh=0E7CC420B0BE38296EF8516DC3786361119F1F5F ft=1 fh=02f58beb2edcfbd2 vn="Win32/AlteredSoftware.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Temp\comh.374571\GoogleCrashHandler.exe"
sh=01C53FBC0030066FE9032FEC431D9EA26B5811CC ft=1 fh=af8c82510ee8e748 vn="Win32/AlteredSoftware.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Temp\comh.374571\GoogleUpdate.exe"
sh=A565AA91F7873179776579995E9F4D2B2894AE5A ft=1 fh=22e3a81795d8fb05 vn="Variante von Win32/AlteredSoftware.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Temp\comh.374571\GoogleUpdateBroker.exe"
sh=F1A0D0D29F924A24AF0F0521CF6F9A9150A10ECC ft=1 fh=22e3a817befc6b5a vn="Variante von Win32/AlteredSoftware.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Temp\comh.374571\GoogleUpdateOnDemand.exe"
sh=8B4D2CF381FC34517780B846B74C82724D263A30 ft=1 fh=c71c001192caf50d vn="Variante von Win32/AlteredSoftware.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Temp\comh.374571\goopdate.dll"
sh=E89CED694CBF421D4C9AF42C599CD849AFEC0B99 ft=1 fh=d9cdf1c8ff17595a vn="Variante von Win32/AlteredSoftware.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Temp\comh.374571\goopdateres_en.dll"
sh=A6E841F2C767FA5FEE629D2B812799CFA94AEACC ft=1 fh=c71c0011fea7552e vn="Variante von Win32/AlteredSoftware.E evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Temp\comh.374571\npGoogleUpdate4.dll"
sh=EDB4A6C7E75E18ACB805418EFFD78267BB2F37C4 ft=1 fh=c71c001126306ac8 vn="Variante von Win32/AlteredSoftware.G evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Temp\comh.374571\psmachine.dll"
sh=399CE73FBD27EABB303FD899656E3C66C55B3F29 ft=1 fh=c71c001160921a34 vn="Variante von Win32/AlteredSoftware.G evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Temp\comh.374571\psuser.dll"
sh=DD4605E26B48B7C231DBEBA5E8FAA91F33D21B2B ft=1 fh=bb1ffd2794ad6ec5 vn="Win32/AlteredSoftware.F evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Temp\comh.476784\globalupdate.exe"
sh=08976B0143D7A77694D2B3014053542C42F4774E ft=1 fh=67450ef68c8fc670 vn="Win32/AlteredSoftware.H evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Temp\comh.476784\globalupdateBroker.exe"
sh=DD4605E26B48B7C231DBEBA5E8FAA91F33D21B2B ft=1 fh=bb1ffd2794ad6ec5 vn="Win32/AlteredSoftware.F evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Temp\comh.476784\globalupdateCrashHandler.exe"
sh=FE3BD67B77BB38A3110091D17DE69012FAAD4FA6 ft=1 fh=67450ef6f68fd149 vn="Win32/AlteredSoftware.H evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Temp\comh.476784\globalupdateOnDemand.exe"
sh=3F803D7047395CA8BE45B6903E048EE8026A6116 ft=1 fh=c71c00119a74eb7c vn="Variante von Win32/AlteredSoftware.E evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Temp\comh.476784\npglobalupdateUpdate4.dll"
sh=BD08E733D803A193E4FA4118A6D52BCD0FC98F81 ft=1 fh=c71c0011371aa7ff vn="Variante von Win32/AlteredSoftware.G evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Temp\comh.476784\psmachine.dll"
sh=9AE1636DE7E3CB630B3A2C11E41C76BF0B716CCD ft=1 fh=c71c0011864645d3 vn="Variante von Win32/AlteredSoftware.G evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Temp\comh.476784\psuser.dll"
sh=DD4605E26B48B7C231DBEBA5E8FAA91F33D21B2B ft=1 fh=bb1ffd2794ad6ec5 vn="Win32/AlteredSoftware.F evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Temp\comh.89854\globalupdate.exe"
sh=08976B0143D7A77694D2B3014053542C42F4774E ft=1 fh=67450ef68c8fc670 vn="Win32/AlteredSoftware.H evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Temp\comh.89854\globalupdateBroker.exe"
sh=DD4605E26B48B7C231DBEBA5E8FAA91F33D21B2B ft=1 fh=bb1ffd2794ad6ec5 vn="Win32/AlteredSoftware.F evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Temp\comh.89854\globalupdateCrashHandler.exe"
sh=FE3BD67B77BB38A3110091D17DE69012FAAD4FA6 ft=1 fh=67450ef6f68fd149 vn="Win32/AlteredSoftware.H evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Temp\comh.89854\globalupdateOnDemand.exe"
sh=3F803D7047395CA8BE45B6903E048EE8026A6116 ft=1 fh=c71c00119a74eb7c vn="Variante von Win32/AlteredSoftware.E evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Temp\comh.89854\npglobalupdateUpdate4.dll"
sh=BD08E733D803A193E4FA4118A6D52BCD0FC98F81 ft=1 fh=c71c0011371aa7ff vn="Variante von Win32/AlteredSoftware.G evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Temp\comh.89854\psmachine.dll"
sh=9AE1636DE7E3CB630B3A2C11E41C76BF0B716CCD ft=1 fh=c71c0011864645d3 vn="Variante von Win32/AlteredSoftware.G evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Temp\comh.89854\psuser.dll"
sh=712DE87D51AAC46AB47A3EB212D4530BC4FB260C ft=1 fh=06652911dc11249b vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Temp\DMR\dmr_72.exe"
sh=69D6405690EECD325240FE98B4F9AD98F222995F ft=1 fh=9de7f30725f65f89 vn="Variante von Win32/LiMo.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Temp\f9626892-7a78-3199-abd2-97bbce96297b\adv_76.exe"
sh=D594B97A2D3A1AAE10970BA1B9B4F41F81AFC180 ft=1 fh=30ebf0272a3b672d vn="Variante von MSIL/Adware.Imali.A Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Temp\f9626892-7a78-3199-abd2-97bbce96297b\OfferInstaller.exe"
sh=04034158323D8F3FA424747C7324C74F95A24955 ft=1 fh=1fc0d2e2234f966c vn="Variante von Win32/Solimba.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Temp\n2341\gusetup_pub.exe"
sh=9F8060D6BA395C66F6B0339D4A1377EB609A658E ft=1 fh=c71c00118fe24094 vn="Win32/Adware.Imali.E Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Temp\n2341\Imalimedia_0308--b6ebc012.exe"
sh=8E6610055453D45A8B272BE005032F5F8AE3F9B3 ft=1 fh=4ffd472b2744a23e vn="Win32/BrowseFox.AV evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Local\Temp\n2582\BananaPhone_12_08--c5f0d88b.exe"
sh=C28052B54F49AACF8660C7759B076341257F2241 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.I evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Roaming\4Kyh3h9rTUrqEq0XkfiBd"
sh=96EDAD94BE1A45EC7D5E7D67B97FE20C1DE1D676 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Roaming\BYAIAMUF"
sh=171D0DFAD4ABC8BFCFC3DE6AD9EB03DBA9CB60AC ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Roaming\Cus4wE9mf"
sh=9413821E4285C46DAF48156B472065FC2D763FE8 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Roaming\GNOK"
sh=171D0DFAD4ABC8BFCFC3DE6AD9EB03DBA9CB60AC ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Roaming\KcbELr9nVCvO5C9EQ1LmCgPDQK"
sh=C28052B54F49AACF8660C7759B076341257F2241 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.I evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Roaming\mKEEssqw2b6jam0xKEJW"
sh=3C6235A2342A488A2DD67B6E26F7BE3A84C43292 ft=0 fh=0000000000000000 vn="Win32/AnyProtect.H evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Roaming\AnyProtectEx\swf\swfxZ.swf"
sh=16E54F243A10629AA0AF4E39FD2FFDC525BA6C94 ft=0 fh=0000000000000000 vn="Win32/Toolbar.TNT2.I evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\extensions\defsearchp@gmail.com\chrome\content\jquery-2.1.0.min.js"
sh=7FF6E5033246ACB1FAA8C38BEC6F5458F6CB44F2 ft=1 fh=570274b588ee73ab vn="Variante von Win32/ELEX.CP evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\AppData\Roaming\mystartsearch\UninstallManager.exe"
sh=D6948B8BCDBC0D3BD4C7723D9D988EB27EE5205C ft=1 fh=579e5dbc0e2564f8 vn="Variante von Win32/Solimba.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\Downloads\Apple_Mobile_Device_USB_Driver.exe"
sh=6AE6BFD7E869FEBDAF4298EB97A423FCD3B22D2B ft=1 fh=32471695d768f53c vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\Downloads\CopyTrans Manager - CHIP-Installer.exe"
sh=1C9E8A42D0DA252F9D6498D0E5F6EE60FDC34A34 ft=1 fh=bd8d6ef4c0f07051 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus Radosztics\Downloads\kies-air.exe"
sh=9E95D795AA636C88ED5325D81E39AD8EA8EF01F0 ft=1 fh=963428f6c89b09ae vn="MSIL/StartPage.BG Trojaner" ac=I fn="C:\Windows\Temp\nse9CF.exe"
sh=9E95D795AA636C88ED5325D81E39AD8EA8EF01F0 ft=1 fh=963428f6c89b09ae vn="MSIL/StartPage.BG Trojaner" ac=I fn="C:\Windows\Temp\nsh6916.exe"
sh=9E95D795AA636C88ED5325D81E39AD8EA8EF01F0 ft=1 fh=963428f6c89b09ae vn="MSIL/StartPage.BG Trojaner" ac=I fn="C:\Windows\Temp\nsl66C4.exe"
sh=9E95D795AA636C88ED5325D81E39AD8EA8EF01F0 ft=1 fh=963428f6c89b09ae vn="MSIL/StartPage.BG Trojaner" ac=I fn="C:\Windows\Temp\nsp9C0.exe"
sh=8945AC4A8DE12D32F3F97AE25874B5BB519363D2 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Windows\Temp\tmp6462.tmp"
sh=8945AC4A8DE12D32F3F97AE25874B5BB519363D2 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Windows\Temp\tmp659A.tmp"
sh=3454CD94530D331DF8FD314C7A667CC7CC4AA59B ft=0 fh=0000000000000000 vn="Variante von MSIL/Amonetize.AB evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Temp\tmp720E.tmp"
sh=0000000000000000000000000000000000000000 ft=- fh=0000000000000000 vn="Variante von Win32/BrowseFox.BZ evtl. unerwünschte Anwendung" ac=I fn="${Memory}"
         
Der Rest folgt...

lg Don Camillo

Und hier der Inhalt der Checkup.txt Datei von Security Check:

Code:
ATTFilter
 Results of screen317's Security Check version 1.006  
   x64 (UAC is enabled)  
 Internet Explorer 10 Out of date! 
``````````````Antivirus/Firewall Check:`````````````` 
????????   
Windows Defender   
 WMI entry may not exist for antivirus; attempting automatic update. 
`````````Anti-malware/Other Utilities Check:````````` 
 TuneUp Utilities 2014   
 TuneUp Utilities 2014 (de-DE)  
 TuneUp Utilities 2014   
 Java 8 Update 25  
 Java 8 Update 60  
 Java version 32-bit out of Date! 
 Adobe Flash Player 	18.0.0.232  
 Mozilla Firefox (40.0.2) 
 Google Chrome (44.0.2403.155) 
 Google Chrome (44.0.2403.157) 
````````Process Check: objlist.exe by Laurent````````  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log``````````````````````
         
Frisches FRST log folgt in Kürze...

lg Don Camillo

Und hier noch das frische FRST log-file:

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:21-08-2015
durchgeführt von SYSTEM auf MININT-VA8070I (22-08-2015 15:39:07)
Gestartet von I:\
Platform: Windows 8 Pro (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 10
Start-Modus: Recovery

Standard: ControlSet001
ACHTUNG!:=====> Wenn das System startfähig ist sollte FRST im normalen oder abgesicherten Modus ausgeführt werden, um ein vollständiges Ergebnis zu erhalten.

Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8466136 2015-04-30] (Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => "D:\Programme\iTunesHelper.exe"
HKLM\...\Run: [gpuminer] => C:\Users\Markus Radosztics\AppData\Roaming\cpuminer\sgminer\sgminer.cmd [218 2015-08-17] ()
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288 2010-10-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [36760 2010-10-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [821144 2010-10-25] (Adobe Systems Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-05-15] (Apple Inc.)
HKLM-x32\...\Run: [Nikon Message Center 2] => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [571392 2011-10-30] (Nikon Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [A1Servicecenter] => C:\Program Files (x86)\A1 Servicecenter\A1 Servicecenter\A1Servicecenter_Launcher.exe [11467864 2015-05-27] (A1)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => D:\Games\LogMeIn Hamachi\hamachi-2-ui.exe [5579624 2015-08-03] (LogMeIn Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKLM-x32\...\Run: [ QQPCTray] => C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16600.237\QQPCTRAY.EXE [355296 2015-08-20] (Tencent)
HKLM-x32\...\Run: [RSDTRAY] => C:\Program Files (x86)\Rising\RSD\popwndexe.exe [126808 2012-09-25] (Beijing Rising Information Technology Co., Ltd.)
HKU\Markus Radosztics\...\Run: [Voobly] => C:\Program Files (x86)\Voobly\voobly.exe [159744 2015-01-12] (Voobly)
HKU\Markus Radosztics\...\Run: [HP Officejet 6600 (NET)] => C:\Program Files\HP\HP Officejet 6600\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\Markus Radosztics\...\Run: [Steam] => D:\Games\Steam.exe [2899136 2015-08-19] (Valve Corporation)
HKU\Markus Radosztics\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2015-04-26] (Apple Inc.)
HKU\Markus Radosztics\...\Run: [TomTomHOME.exe] => C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [248176 2014-06-05] (TomTom)
HKU\Markus Radosztics\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2015-04-26] (Apple Inc.)
HKU\Markus Radosztics\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [43816 2015-04-26] (Apple Inc.)
HKU\Markus Radosztics\...\Run: [Dropbox Update] => C:\Users\Markus Radosztics\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-18] (Dropbox, Inc.)
HKU\Markus Radosztics\...\Run: [OneDrive] => C:\Users\Markus Radosztics\AppData\Local\Microsoft\OneDrive\OneDrive.exe [404064 2015-08-20] (Microsoft Corporation)
HKU\Markus Radosztics\...\Run: [Shop-wit] => C:\Program Files (x86)\shopwit\shopwit\1.4.0.7\shopwit.exe [689920 2015-08-20] ()
HKU\Markus Radosztics\...\Run: [apphide] => C:\Program Files (x86)\baidu\pps.exe
HKU\Markus Radosztics\...\RunOnce: [Uninstall C:\Users\Markus Radosztics\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Markus Radosztics\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64"
HKU\Markus Radosztics\...\RunOnce: [Uninstall C:\Users\Markus Radosztics\AppData\Local\Microsoft\OneDrive\17.3.5907.0716] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Markus Radosztics\AppData\Local\Microsoft\OneDrive\17.3.5907.0716"
AppInit_DLLs: C:\ProgramData\ExtTag\Zimdox.dll => C:\ProgramData\ExtTag\Zimdox.dll [135680 2015-08-21] ()
AppInit_DLLs-x32: C:\ProgramData\ExtTag\Biodandom.dll => C:\ProgramData\ExtTag\Biodandom.dll [121344 2015-08-21] ()
Startup: C:\Users\Markus Radosztics\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2015-03-18]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files (x86)\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Markus Radosztics\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2013-10-13]
ShortcutTarget: Dropbox.lnk ->  (Keine Datei)
GroupPolicy: Gruppenrichtline auf Chrome erkannt <======= ACHTUNG

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 acengine; C:\Program Files (x86)\FastSearch\acengine.exe [1839728 2015-08-11] (Abengine)
S2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
S2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-07-04] ()
S2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
S2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
S2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2765496 2015-07-14] (Microsoft Corporation)
S2 eproduct; C:\Users\Markus Radosztics\AppData\Local\Salttex.exe [47616 2015-08-20] ()
S2 ExtTag; C:\ProgramData\ExtTag\ExtTag.exe [22528 2015-08-20] ()
S2 Hamachi2Svc; D:\Games\LogMeIn Hamachi\hamachi-2.exe [2545512 2015-08-03] (LogMeIn Inc.)
S2 igfx32; C:\Program Files\igfx32\igfx32.exe [379904 2015-08-19] ()
S2 IHProtect Service; C:\Program Files (x86)\MiniLite\ProtectService.exe [129688 2015-08-20] (XTab system)
S2 kefowydy; C:\Program Files (x86)\00000000-1440101150-0000-0000-448A5BA07B78\hnsf344.tmp [137728 2015-08-20] ()
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\LENOVO\easyplussdk\bin\EPHotspot64.exe [619776 2015-01-15] (Lenovo)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.149\McCHSvc.exe [289256 2015-06-26] (McAfee, Inc.)
S2 MSI_Trigger_Service; C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe [30240 2013-09-26] (MICRO-STAR INTERNATIONAL CO., LTD.)
S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation)
S3 Origin Client Service; D:\Games\Origin\OriginClientService.exe [1931632 2015-05-15] (Electronic Arts)
S2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2015-05-23] ()
S2 QQPCRTP; C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16600.237\QQPCRtp.exe [297608 2015-08-20] (Tencent)
S2 RsMgrSvc; C:\Program Files (x86)\Rising\RSD\RsMgrSvc.exe [196288 2015-08-20] (Beijing Rising Information Technology Co., Ltd.)
S2 Service Mgr GreatFind; C:\ProgramData\d64c6aa4-9b30-4b06-8859-0cfa31bd50dc\plugincontainer.exe [1203424 2015-08-22] ()
S3 TAOFrame; C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16600.237\TAOFrame.exe [293856 2015-08-20] (Tencent)
S2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2145080 2015-06-25] (TuneUp Software)
S2 Update Mgr GreatFind; C:\Program Files (x86)\Common Files\d64c6aa4-9b30-4b06-8859-0cfa31bd50dc\updater.exe [708832 2015-08-22] ()
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2015-07-06] (Microsoft Corporation)
S2 dojoluri; C:\Program Files (x86)\00000000-1440101150-0000-0000-448A5BA07B78\knsb4C96.tmp [X]
S2 hyverumu; C:\Program Files (x86)\00000000-1440101150-0000-0000-448A5BA07B78\jnsiE347.tmp [X]
S2 WindowsMangerProtect; C:\ProgramData\WWinManProW\ProtectWindowsManager.exe -service [X] <==== ACHTUNG

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S5 3ware; C:\Windows\System32\drivers\3ware.sys [106736 2012-07-26] (LSI)
S5 ACPI; C:\Windows\System32\drivers\ACPI.sys [425192 2012-09-20] (Microsoft Corporation)
S5 acpiex; C:\Windows\System32\Drivers\acpiex.sys [77040 2012-07-26] (Microsoft Corporation)
S2 acwfp; C:\Windows\system32\Drivers\acwfp64.sys [45784 2015-08-13] (Abengine)
S5 adp94xx; C:\Windows\System32\drivers\adp94xx.sys [492272 2012-07-26] (Adaptec, Inc.)
S5 adpahci; C:\Windows\System32\drivers\adpahci.sys [340720 2012-07-26] (Adaptec, Inc.)
S5 adpu320; C:\Windows\System32\drivers\adpu320.sys [184048 2012-07-26] (Adaptec, Inc.)
S5 agp440; C:\Windows\System32\drivers\agp440.sys [63216 2012-07-26] (Microsoft Corporation)
S5 amdsata; C:\Windows\System32\drivers\amdsata.sys [76016 2012-07-26] (Advanced Micro Devices)
S5 amdsbs; C:\Windows\System32\drivers\amdsbs.sys [258288 2012-07-26] (AMD Technologies Inc.)
S5 amdxata; C:\Windows\System32\drivers\amdxata.sys [26352 2012-07-26] (Advanced Micro Devices)
S5 arc; C:\Windows\System32\drivers\arc.sys [104688 2012-07-26] (PMC-Sierra, Inc.)
S5 arcsas; C:\Windows\System32\drivers\arcsas.sys [108272 2012-07-26] (PMC-Sierra, Inc.)
S1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-21] ()
S5 atapi; C:\Windows\System32\drivers\atapi.sys [25840 2012-07-26] (Microsoft Corporation)
S5 b06bdrv; C:\Windows\System32\drivers\bxvbda.sys [533224 2012-09-20] (Broadcom Corporation)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
S5 CLFS; C:\Windows\System32\drivers\CLFS.sys [361280 2015-03-04] (Microsoft Corporation)
S5 CNG; C:\Windows\System32\Drivers\cng.sys [570248 2015-04-13] (Microsoft Corporation)
S5 disk; C:\Windows\System32\drivers\disk.sys [100696 2013-10-13] (Microsoft Corporation)
S3 e1dexpress; C:\Windows\system32\DRIVERS\e1d63x64.sys [468752 2013-02-27] (Intel Corporation)
S5 ebdrv; C:\Windows\System32\drivers\evbda.sys [3265256 2012-09-20] (Broadcom Corporation)
S5 EhStorClass; C:\Windows\System32\drivers\EhStorClass.sys [81136 2012-07-26] (Microsoft Corporation)
S5 EhStorTcgDrv; C:\Windows\System32\drivers\EhStorTcgDrv.sys [113904 2012-07-26] (Microsoft Corporation)
S5 FileInfo; C:\Windows\System32\drivers\fileinfo.sys [71920 2012-07-26] (Microsoft Corporation)
S5 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [374512 2012-07-26] (Microsoft Corporation)
S5 Fs_Rec; C:\Windows\System32\Drivers\Fs_Rec.sys [25328 2012-07-26] (Microsoft Corporation)
S5 fvevol; C:\Windows\System32\DRIVERS\fvevol.sys [465240 2013-08-21] (Microsoft Corporation)
S5 gagp30kx; C:\Windows\System32\drivers\gagp30kx.sys [66800 2012-07-26] (Microsoft Corporation)
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2015-08-03] (LogMeIn Inc.)
S5 HpSAMD; C:\Windows\System32\drivers\HpSAMD.sys [64752 2012-07-26] (Hewlett-Packard Company)
S5 hwpolicy; C:\Windows\System32\drivers\hwpolicy.sys [24816 2012-07-26] (Microsoft Corporation)
S5 iaStorV; C:\Windows\System32\drivers\iaStorV.sys [411888 2012-07-26] (Intel Corporation)
S5 iirsp; C:\Windows\System32\drivers\iirsp.sys [45296 2012-07-26] (Intel Corp./ICP vortex GmbH)
S5 intelide; C:\Windows\System32\drivers\intelide.sys [18672 2012-07-26] (Microsoft Corporation)
S5 isapnp; C:\Windows\System32\drivers\isapnp.sys [22256 2012-07-26] (Microsoft Corporation)
S5 KSecDD; C:\Windows\System32\Drivers\ksecdd.sys [100184 2015-05-02] (Microsoft Corporation)
S5 KSecPkg; C:\Windows\System32\Drivers\ksecpkg.sys [171352 2015-06-27] (Microsoft Corporation)
S5 LSI_SAS; C:\Windows\System32\drivers\lsi_sas.sys [108784 2012-07-26] (LSI Corporation)
S5 LSI_SAS2; C:\Windows\System32\drivers\lsi_sas2.sys [92400 2012-07-26] (LSI Corporation)
S5 LSI_SCSI; C:\Windows\System32\drivers\lsi_scsi.sys [116976 2012-07-26] (LSI Corporation)
S5 LSI_SSS; C:\Windows\System32\drivers\lsi_sss.sys [81136 2012-07-26] (LSI Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-06-21] (Malwarebytes Corporation)
S5 megasas; C:\Windows\System32\drivers\megasas.sys [51952 2012-07-26] (LSI Corporation)
S5 MegaSR; C:\Windows\System32\drivers\MegaSR.sys [353008 2012-07-26] (LSI Corporation, Inc.)
S3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation)
S5 mountmgr; C:\Windows\System32\drivers\mountmgr.sys [95064 2015-07-15] (Microsoft Corporation)
S5 msisadrv; C:\Windows\System32\drivers\msisadrv.sys [17136 2012-07-26] (Microsoft Corporation)
S5 Mup; C:\Windows\System32\Drivers\mup.sys [83696 2012-07-26] (Microsoft Corporation)
S5 mvumis; C:\Windows\System32\drivers\mvumis.sys [64240 2012-07-26] (Marvell Semiconductor, Inc.)
S5 NDIS; C:\Windows\System32\drivers\ndis.sys [997632 2013-06-16] (Microsoft Corporation)
S5 nfrd960; C:\Windows\System32\drivers\nfrd960.sys [52464 2012-07-26] (IBM Corporation)
S5 nvraid; C:\Windows\System32\drivers\nvraid.sys [150256 2012-07-26] (NVIDIA Corporation)
S5 nvstor; C:\Windows\System32\drivers\nvstor.sys [168176 2012-07-26] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation)
S3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
S5 nv_agp; C:\Windows\System32\drivers\nv_agp.sys [125168 2012-07-26] (Microsoft Corporation)
S5 partmgr; C:\Windows\System32\drivers\partmgr.sys [91880 2013-01-10] (Microsoft Corporation)
S5 pci; C:\Windows\System32\drivers\pci.sys [234224 2012-07-26] (Microsoft Corporation)
S5 pciide; C:\Windows\System32\drivers\pciide.sys [14064 2012-07-26] (Microsoft Corporation)
S5 pcmcia; C:\Windows\System32\drivers\pcmcia.sys [237808 2012-07-26] (Microsoft Corporation)
S5 pcw; C:\Windows\System32\drivers\pcw.sys [52464 2012-07-26] (Microsoft Corporation)
S5 pdc; C:\Windows\System32\drivers\pdc.sys [69864 2013-03-02] (Microsoft Corporation)
S1 QMUdisk; C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16600.237\QMUdisk64.sys [62264 2015-08-20] (Tencent)
S2 QQSysMonX64; C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16600.237\QQSysMonX64.sys [138040 2015-08-20] (电脑管家)
S5 rdyboost; C:\Windows\System32\drivers\rdyboost.sys [217328 2012-07-26] (Microsoft Corporation)
S5 sbp2port; C:\Windows\System32\drivers\sbp2port.sys [107760 2012-07-26] (Microsoft Corporation)
S5 SiSRaid2; C:\Windows\System32\drivers\SiSRaid2.sys [44784 2012-07-26] (Silicon Integrated Systems Corp.)
S5 SiSRaid4; C:\Windows\System32\drivers\sisraid4.sys [81648 2012-07-26] (Silicon Integrated Systems)
S5 spaceport; C:\Windows\System32\drivers\spaceport.sys [285016 2013-10-05] (Microsoft Corporation)
S5 stexstor; C:\Windows\System32\drivers\stexstor.sys [30960 2012-07-26] (Promise Technology, Inc.)
S5 storahci; C:\Windows\System32\drivers\storahci.sys [77544 2013-03-02] (Microsoft Corporation)
S5 storflt; C:\Windows\System32\DRIVERS\vmstorfl.sys [45160 2012-07-26] (Microsoft Corporation)
S5 storvsc; C:\Windows\System32\drivers\storvsc.sys [37992 2012-07-26] (Microsoft Corporation)
S2 TAOAccelerator; C:\Windows\system32\Drivers\TAOAccelerator64.sys [74040 2015-08-20] (Tencent)
S2 TAOKernelDriver; C:\Windows\system32\drivers\TAOKernel64.sys [274232 2015-08-20] (Tencent Technology(Shenzhen) Company Limited)
S5 Tcpip; C:\Windows\System32\drivers\tcpip.sys [2233152 2014-09-13] (Microsoft Corporation)
S3 TFsFlt; C:\Windows\System32\Drivers\TFsFltX64.sys [87864 2015-08-20] (电脑管家)
S3 TS888x64; C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16600.237\TS888x64.sys [28984 2015-08-22] (Tencent)
S1 TSDefenseBt; C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16600.237\TsDefenseBT64.sys [28472 2015-08-20] (Tencent)
S1 TSSysKit; C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16600.237\TSSysKit64.sys [87352 2015-08-20] (电脑管家)
S3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [31144 2015-06-04] (TuneUp Software)
S5 uagp35; C:\Windows\System32\drivers\uagp35.sys [65776 2012-07-26] (Microsoft Corporation)
S5 uliagpkx; C:\Windows\System32\drivers\uliagpkx.sys [66800 2012-07-26] (Microsoft Corporation)
S5 vdrvroot; C:\Windows\System32\drivers\vdrvroot.sys [36080 2012-07-26] (Microsoft Corporation)
S5 viaide; C:\Windows\System32\drivers\viaide.sys [19184 2012-07-26] (VIA Technologies, Inc.)
S5 vmbus; C:\Windows\System32\drivers\vmbus.sys [137832 2012-07-26] (Microsoft Corporation)
S5 volmgr; C:\Windows\System32\drivers\volmgr.sys [83184 2012-07-26] (Microsoft Corporation)
S5 volmgrx; C:\Windows\System32\drivers\volmgrx.sys [378608 2012-07-26] (Microsoft Corporation)
S5 volsnap; C:\Windows\System32\drivers\volsnap.sys [328000 2014-07-04] (Microsoft Corporation)
S5 vsmraid; C:\Windows\System32\drivers\vsmraid.sys [164080 2012-07-26] (VIA Technologies Inc.,Ltd)
S5 VSTXRAID; C:\Windows\System32\drivers\vstxraid.sys [322800 2012-07-26] (VIA Corporation)
S5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [64000 2012-07-26] (Microsoft Corporation)
S5 Wd; C:\Windows\System32\drivers\wd.sys [23792 2012-07-26] (Microsoft Corporation)
S5 Wdf01000; C:\Windows\System32\drivers\Wdf01000.sys [785624 2013-06-22] (Microsoft Corporation)
S5 WFPLWFS; C:\Windows\System32\DRIVERS\wfplwfs.sys [96576 2014-12-18] (Microsoft Corporation)
S1 {092386fb-9faf-4d52-817c-d4095ab6e5cd}Gw64; C:\Windows\System32\drivers\{092386fb-9faf-4d52-817c-d4095ab6e5cd}Gw64.sys [48784 2015-08-19] (StdLib)
S1 {8b8ff336-6f1d-48e8-bf3a-a8cbaafdd963}Gw64; C:\Windows\System32\drivers\{8b8ff336-6f1d-48e8-bf3a-a8cbaafdd963}Gw64.sys [48784 2015-08-20] (StdLib)
S1 {987371d1-e860-4e27-ba6a-35575fd33b7c}Gw64; C:\Windows\System32\drivers\{987371d1-e860-4e27-ba6a-35575fd33b7c}Gw64.sys [48784 2015-08-20] (StdLib)
S3 MSICDSetup; \??\E:\CDriver64.sys [X]
S3 NTIOLib_1_0_C; \??\E:\NTIOLib_X64.sys [X]
S1 rrfd_vw_1_10_0_22; system32\drivers\rrfd_vw_1_10_0_22.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-08-22 14:20 - 2015-08-22 14:20 - 00852684 _____ C:\Users\Markus Radosztics\Desktop\SecurityCheck.exe
2015-08-22 13:31 - 2015-08-22 13:32 - 00000000 ____D C:\ProgramData\d64c6aa4-9b30-4b06-8859-0cfa31bd50dc
2015-08-22 13:31 - 2015-08-22 13:31 - 00002215 _____ C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
2015-08-22 13:31 - 2015-08-22 13:31 - 00002195 _____ C:\Users\Public\Desktop\TuneUp Utilities 2014.lnk
2015-08-22 13:31 - 2015-08-22 13:31 - 00000000 ____D C:\Program Files (x86)\Great Find
2015-08-22 13:31 - 2015-06-25 06:53 - 00040760 _____ (TuneUp Software) C:\Windows\System32\TURegOpt.exe
2015-08-22 13:31 - 2015-06-25 06:53 - 00029496 _____ (TuneUp Software) C:\Windows\System32\authuitu.dll
2015-08-22 13:31 - 2015-06-25 06:53 - 00025400 _____ (TuneUp Software) C:\Windows\SysWOW64\authuitu.dll
2015-08-22 13:30 - 2015-08-22 13:31 - 00000000 ____D C:\Program Files (x86)\TuneUp Utilities 2014
2015-08-22 13:30 - 2015-08-22 13:30 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\OpenCandy
2015-08-22 12:05 - 2015-08-22 12:05 - 02870984 _____ (ESET) C:\Users\Markus Radosztics\Downloads\esetsmartinstaller_deu.exe
2015-08-21 22:42 - 2015-08-21 22:42 - 00002377 _____ C:\Windows\SysWOW64\findit.xml
2015-08-21 22:42 - 2015-08-21 22:42 - 00000000 ____D C:\ProgramData\ExtTags
2015-08-21 22:42 - 2015-08-21 22:42 - 00000000 ____D C:\ProgramData\ExtTag
2015-08-21 14:10 - 2015-08-21 14:10 - 00957064 _____ C:\Windows\Minidump\082115-9765-01.dmp
2015-08-21 09:36 - 2015-08-21 09:36 - 01162256 _____ C:\Windows\Minidump\082115-8296-01.dmp
2015-08-21 08:25 - 2015-08-21 08:25 - 00001051 _____ C:\Users\Markus Radosztics\Desktop\AnyProtect.lnk
2015-08-21 08:24 - 2015-08-22 13:06 - 00000000 ____D C:\ProgramData\update
2015-08-21 08:24 - 2015-08-22 10:46 - 00000000 ____D C:\ProgramData\WWinManProW
2015-08-21 08:24 - 2015-08-21 08:25 - 00000000 ____D C:\Program Files (x86)\AnyProtectEx
2015-08-21 08:24 - 2015-08-21 08:24 - 00613255 _____ (CMI Limited) C:\Users\Markus Radosztics\AppData\Local\nseE692.tmp
2015-08-21 08:24 - 2015-08-21 08:24 - 00000000 ____D C:\Program Files (x86)\MiniLite
2015-08-21 08:20 - 2015-08-21 08:21 - 02173952 _____ (Farbar) C:\Users\Markus Radosztics\Downloads\FRST64 (1).exe
2015-08-21 08:14 - 2015-08-21 08:14 - 02173952 _____ (Farbar) C:\Users\Markus Radosztics\Downloads\FRST64.exe
2015-08-20 22:02 - 2015-08-20 22:02 - 00002250 _____ C:\Users\Markus Radosztics\AppData\Roaming\mKEEssqw2b6jam0xKEJW.exe.lnk
2015-08-20 22:02 - 2015-08-20 22:02 - 00002228 _____ C:\Users\Markus Radosztics\AppData\Roaming\Cus4wE9mf.exe.lnk
2015-08-20 21:58 - 2015-08-22 08:44 - 00028984 _____ (Tencent) C:\Windows\SysWOW64\Drivers\TS888x64.sys
2015-08-20 21:58 - 2015-08-21 22:56 - 00002193 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-08-20 21:58 - 2015-08-20 21:58 - 00003338 _____ C:\Windows\System32\Tasks\RsDelayLauncher_{8A34248E-7D35-4832-8378-7659E0B0A380}
2015-08-20 21:57 - 2015-08-21 07:25 - 00000298 _____ C:\Windows\Tasks\Tempo Runner yvegdufu.job
2015-08-20 21:57 - 2015-08-21 07:25 - 00000298 _____ C:\Windows\Tasks\Tempo Runner yveg6ufu.job
2015-08-20 21:57 - 2015-08-20 21:57 - 00002442 _____ C:\Windows\System32\Tasks\Tempo Runner yvegdufu
2015-08-20 21:57 - 2015-08-20 21:57 - 00002442 _____ C:\Windows\System32\Tasks\Tempo Runner yveg6ufu
2015-08-20 21:51 - 2015-08-21 07:53 - 00000000 ____D C:\ProgramData\Rising
2015-08-20 21:51 - 2015-08-21 07:53 - 00000000 ____D C:\Program Files (x86)\Rising
2015-08-20 21:51 - 2015-08-20 23:36 - 00000000 ___RD C:\RavBin
2015-08-20 21:51 - 2014-07-30 03:44 - 00091928 ____N (Beijing Rising Information Technology Co., Ltd.) C:\Windows\SysWOW64\vpatch.dll
2015-08-20 21:50 - 2015-08-20 21:50 - 00274232 _____ (Tencent Technology(Shenzhen) Company Limited) C:\Windows\System32\Drivers\TAOKernel64.sys
2015-08-20 21:50 - 2015-08-20 21:50 - 00087864 _____ (电脑管家) C:\Windows\System32\Drivers\TFsFltX64.sys
2015-08-20 21:50 - 2015-08-20 21:50 - 00074040 _____ (Tencent) C:\Windows\System32\Drivers\TAOAccelerator64.sys
2015-08-20 21:50 - 2015-08-20 21:50 - 00000000 ____D C:\ProgramData\TXQMPC
2015-08-20 21:50 - 2015-08-20 21:50 - 00000000 ____D C:\Program Files\Common Files\Tencent
2015-08-20 21:49 - 2015-08-20 22:31 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\Tencent
2015-08-20 21:49 - 2015-08-20 21:52 - 00000000 ____D C:\ProgramData\Tencent
2015-08-20 21:49 - 2015-08-20 21:49 - 00000000 ____D C:\Program Files (x86)\Tencent
2015-08-20 21:45 - 2015-08-20 21:45 - 00613255 _____ (CMI Limited) C:\Users\Markus Radosztics\AppData\Local\nss7098.tmp
2015-08-20 21:44 - 2015-08-20 21:44 - 00001113 _____ C:\Users\Markus Radosztics\Desktop\Continue Live Installation.lnk
2015-08-20 21:44 - 2015-08-20 21:44 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\istartsurf
2015-08-20 21:40 - 2015-08-20 21:39 - 00613255 _____ (CMI Limited) C:\Users\Markus Radosztics\AppData\Local\nse80CC.tmp
2015-08-20 21:37 - 2015-08-20 21:37 - 00000000 _____ C:\dummy.htm
2015-08-20 21:32 - 2015-08-20 21:33 - 00000000 ____D C:\ProgramData\LocalStorage
2015-08-20 21:30 - 2015-08-20 21:30 - 00000000 ____D C:\Users\Markus Radosztics\.android
2015-08-20 21:29 - 2015-08-20 21:29 - 00001318 _____ C:\Users\Markus Radosztics\Desktop\全网影视.lnk
2015-08-20 21:29 - 2015-08-20 21:29 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\ppslog
2015-08-20 21:19 - 2015-08-21 07:25 - 00000378 _____ C:\Windows\Tasks\APSnotifierPP1.job
2015-08-20 21:19 - 2015-08-20 21:55 - 00000376 _____ C:\Windows\Tasks\APSnotifierPP2.job
2015-08-20 21:19 - 2015-08-20 21:49 - 00002832 _____ C:\Windows\System32\Tasks\APSnotifierPP1
2015-08-20 21:19 - 2015-08-20 21:49 - 00002830 _____ C:\Windows\System32\Tasks\APSnotifierPP3
2015-08-20 21:19 - 2015-08-20 21:49 - 00002830 _____ C:\Windows\System32\Tasks\APSnotifierPP2
2015-08-20 21:19 - 2015-08-20 21:49 - 00000376 _____ C:\Windows\Tasks\APSnotifierPP3.job
2015-08-20 21:17 - 2015-08-21 07:47 - 00000000 ____D C:\IQIYI Video
2015-08-20 21:17 - 2015-08-21 07:46 - 00000000 ____D C:\ProgramData\IQIYI Video
2015-08-20 21:17 - 2015-08-20 23:37 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\Unity
2015-08-20 21:17 - 2015-08-20 21:30 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\IQIYI Video
2015-08-20 21:17 - 2015-08-20 21:17 - 00613255 _____ (CMI Limited) C:\Users\Markus Radosztics\AppData\Local\nsv2DEB.tmp
2015-08-20 21:17 - 2015-08-20 21:17 - 00000000 __SHD C:\Users\Markus Radosztics\AppData\Roaming\AnyProtectEx
2015-08-20 21:17 - 2015-08-20 21:17 - 00000000 ____D C:\Users\Public\QiYi
2015-08-20 21:17 - 2015-08-20 21:17 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\SysassistByHotWheel
2015-08-20 21:16 - 2015-08-20 21:16 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\node-webkit
2015-08-20 21:15 - 2015-08-20 23:37 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\cpuminer
2015-08-20 21:15 - 2015-08-20 21:58 - 00000000 ____D C:\Program Files (x86)\baidu
2015-08-20 21:15 - 2015-08-20 21:15 - 00000217 _____ C:\task.vbs
2015-08-20 21:10 - 2015-08-20 21:10 - 29727656 _____ (Oracle Corporation) C:\Users\Markus Radosztics\Desktop\jre-8u25-windows-i586.exe
2015-08-20 21:09 - 2015-08-20 22:09 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\Gameo
2015-08-20 21:09 - 2015-08-20 21:26 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\Opera Software
2015-08-20 21:09 - 2015-08-20 21:26 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\Opera Software
2015-08-20 21:09 - 2015-08-20 21:09 - 00000185 _____ C:\Users\Markus Radosztics\Desktop\Play Games Online.url
2015-08-20 21:09 - 2015-08-20 21:09 - 00000000 ___HD C:\Users\Markus Radosztics\AppData\Roaming\GoldenGate
2015-08-20 21:09 - 2015-08-20 21:09 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\Gameo
2015-08-20 21:07 - 2015-08-20 23:37 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\WarThunder
2015-08-20 21:07 - 2015-08-20 21:07 - 29727656 _____ (Oracle Corporation) C:\Users\Markus Radosztics\Downloads\setup [1].exe
2015-08-20 21:06 - 2015-08-20 21:30 - 00000000 ____D C:\Program Files (x86)\Cinem Plus 2.4cV20.08
2015-08-20 21:06 - 2015-08-20 21:11 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\00000000-1440108399-0000-0000-448A5BA07B78
2015-08-20 21:06 - 2015-08-20 08:50 - 00048784 _____ (StdLib) C:\Windows\System32\Drivers\{8b8ff336-6f1d-48e8-bf3a-a8cbaafdd963}Gw64.sys
2015-08-20 21:06 - 2015-07-23 14:47 - 00000854 _____ C:\Windows\System32\Drivers\etc\hp.bak
2015-08-20 21:05 - 2015-08-22 10:46 - 00000000 ____D C:\Program Files (x86)\00000000-1440101150-0000-0000-448A5BA07B78
2015-08-20 21:05 - 2015-08-20 23:38 - 00000000 ____D C:\Program Files (x86)\OLBPre
2015-08-20 21:05 - 2015-08-20 22:02 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\{1A0B2C57-3EA3-40EF-533B-65077753999F}
2015-08-20 21:05 - 2015-08-20 21:05 - 00004008 _____ C:\Windows\System32\Tasks\LaunchPreSignup
2015-08-20 21:04 - 2015-08-21 07:27 - 00000000 ____D C:\Program Files\igfx32
2015-08-20 21:04 - 2015-08-20 21:26 - 00000000 ____D C:\Program Files (x86)\Opera
2015-08-20 21:04 - 2015-08-20 21:04 - 00047616 _____ C:\Users\Markus Radosztics\AppData\Local\Salttex.exe
2015-08-20 20:58 - 2015-08-20 20:58 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\Sun
2015-08-20 20:58 - 2015-08-20 20:58 - 00000000 ____D C:\Users\Markus Radosztics\.oracle_jre_usage
2015-08-20 20:37 - 2015-08-20 20:37 - 01199392 _____ C:\Users\Markus Radosztics\Downloads\kies-air.exe
2015-08-20 19:37 - 2015-08-20 23:38 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\WindSolutions
2015-08-20 19:37 - 2015-08-20 19:44 - 00000000 ____D C:\ProgramData\WindSolutions
2015-08-20 19:03 - 2015-08-20 19:03 - 01260832 _____ C:\Users\Markus Radosztics\Downloads\CopyTrans Manager - CHIP-Installer.exe
2015-08-20 11:29 - 2015-08-20 13:13 - 00000190 _____ C:\mylog.log
2015-08-20 11:29 - 2015-08-20 11:29 - 00000000 ____D C:\Program Files (x86)\MSI
2015-08-20 11:22 - 2015-08-20 11:22 - 00000000 ____D C:\Users\Markus Radosztics\Downloads\intel_usb30
2015-08-20 11:21 - 2015-08-20 11:21 - 06227267 _____ C:\Users\Markus Radosztics\Downloads\intel_usb30.zip
2015-08-20 11:19 - 2015-08-20 11:19 - 02837521 _____ C:\Users\Markus Radosztics\Downloads\intel_chipse_9_w10.zip
2015-08-20 11:19 - 2015-08-20 11:19 - 00000000 ____D C:\Users\Markus Radosztics\Downloads\intel_chipse_9_w10
2015-08-20 10:43 - 2015-08-20 21:55 - 00000004 _____ C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-08-20 10:43 - 2015-08-20 10:43 - 00003156 _____ C:\Windows\System32\Tasks\Download Touch
2015-08-20 10:43 - 2015-08-20 10:43 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\Download Touch
2015-08-20 10:39 - 2015-08-21 09:44 - 00000000 ____D C:\Program Files (x86)\globalUpdate
2015-08-20 10:39 - 2015-08-20 19:27 - 00000000 ____D C:\Program Files (x86)\CinemaP-1.9cV16.03
2015-08-20 10:39 - 2015-08-20 10:39 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\globalUpdate
2015-08-20 10:37 - 2015-08-20 10:37 - 19284168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-08-20 10:34 - 2015-08-22 14:27 - 00012280 _____ C:\Windows\SysWOW64\acengineOff.ini
2015-08-20 10:34 - 2015-08-22 14:27 - 00012280 _____ C:\Windows\System32\acengineOff.ini
2015-08-20 10:34 - 2015-08-13 13:49 - 00045784 _____ (Abengine) C:\Windows\System32\Drivers\acwfp64.sys
2015-08-20 10:34 - 2015-08-11 15:50 - 00299296 _____ (Abengine) C:\Windows\SysWOW64\acengine.dll
2015-08-20 10:15 - 2015-08-20 00:24 - 00048784 _____ (StdLib) C:\Windows\System32\Drivers\{987371d1-e860-4e27-ba6a-35575fd33b7c}Gw64.sys
2015-08-20 10:13 - 2015-08-20 10:13 - 00012839 _____ C:\Users\Markus Radosztics\Desktop\Apple_Mobile_Device_USB_Driver(1).msi
2015-08-20 10:12 - 2015-08-22 08:44 - 00000000 ____D C:\Program Files (x86)\FastSearch
2015-08-20 10:12 - 2015-08-20 10:38 - 00000000 ____D C:\Program Files (x86)\GUPlayer
2015-08-20 10:12 - 2015-08-20 10:34 - 00000002 _____ C:\END
2015-08-20 10:12 - 2015-08-20 10:12 - 00012839 _____ C:\Users\Markus Radosztics\Desktop\Apple_Mobile_Device_USB_Driver.msi
2015-08-20 10:12 - 2015-08-20 10:12 - 00003578 _____ C:\Windows\System32\Tasks\Shop-wit Updater
2015-08-20 10:12 - 2015-08-20 10:12 - 00003112 _____ C:\Windows\System32\Tasks\cfr3011
2015-08-20 10:12 - 2015-08-20 10:12 - 00000000 ____D C:\Program Files (x86)\shopwit
2015-08-20 10:12 - 2015-08-11 20:11 - 00349584 _____ (Abengine) C:\Windows\System32\acengine64.dll
2015-08-20 10:11 - 2015-08-20 10:11 - 00662120 _____ ( ) C:\Users\Markus Radosztics\Downloads\Apple_Mobile_Device_USB_Driver.exe
2015-08-20 09:43 - 2015-08-20 09:43 - 00001456 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-08-20 09:43 - 2015-08-20 09:43 - 00000000 ____D C:\Program Files\iPod
2015-08-20 09:43 - 2015-08-20 09:43 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-08-20 09:42 - 2015-08-20 09:42 - 00000000 ____D C:\Windows\System32\Tasks\Apple
2015-08-20 09:42 - 2015-08-20 09:42 - 00000000 ____D C:\Program Files\Bonjour
2015-08-20 09:42 - 2015-08-20 09:42 - 00000000 ____D C:\Program Files (x86)\Bonjour
2015-08-20 09:42 - 2015-08-20 09:42 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2015-08-19 21:11 - 2015-08-19 23:33 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\MediaMonkey
2015-08-19 21:11 - 2015-08-19 21:11 - 00000695 _____ C:\Users\Public\Desktop\MediaMonkey.lnk
2015-08-19 21:11 - 2015-08-19 21:11 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\MediaMonkey
2015-08-19 21:10 - 2015-08-19 21:10 - 00000000 ____D C:\ProgramData\MediaMonkey
2015-08-19 20:18 - 2015-08-13 13:34 - 19292160 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2015-08-19 20:18 - 2015-08-13 12:02 - 14383616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-08-19 20:18 - 2015-08-13 11:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2015-08-19 20:18 - 2015-08-13 11:44 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-08-19 19:48 - 2015-08-19 19:51 - 00000512 __RSH C:\ProgramData\ntuser.pol
2015-08-19 19:46 - 2015-08-19 19:46 - 01135152 _____ C:\Windows\Minidump\081915-12953-01.dmp
2015-08-19 15:27 - 2015-08-19 01:39 - 00048784 _____ (StdLib) C:\Windows\System32\Drivers\{092386fb-9faf-4d52-817c-d4095ab6e5cd}Gw64.sys
2015-08-19 15:24 - 2015-08-21 08:24 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\mystartsearch
2015-08-19 15:24 - 2015-08-19 20:03 - 00000000 ____D C:\ProgramData\nWinManPron
2015-08-19 15:24 - 2015-08-19 15:24 - 00000000 _____ C:\Windows\prleth.sys
2015-08-19 15:24 - 2015-08-19 15:24 - 00000000 _____ C:\Windows\hgfs.sys
2015-08-19 15:22 - 2015-08-19 15:22 - 00000767 _____ C:\Users\Markus Radosztics\Desktop\MP3 Voice Recorder.lnk
2015-08-19 15:22 - 2004-03-08 20:30 - 00212240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\richtx32.ocx
2015-08-15 23:59 - 2015-07-30 14:11 - 00124624 _____ (Microsoft Corporation) C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
2015-08-15 23:59 - 2015-07-30 14:10 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-15 23:59 - 2015-07-13 22:05 - 00054272 _____ (Microsoft Corporation) C:\Windows\System32\basesrv.dll
2015-08-15 23:59 - 2015-07-13 22:05 - 00048128 _____ (Microsoft Corporation) C:\Windows\System32\csrsrv.dll
2015-08-15 23:59 - 2015-07-09 22:46 - 05982208 _____ (Microsoft Corporation) C:\Windows\System32\mstscax.dll
2015-08-15 23:59 - 2015-07-09 22:44 - 00322560 _____ (Microsoft Corporation) C:\Windows\System32\aaclient.dll
2015-08-15 23:59 - 2015-07-09 21:17 - 05095424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-08-15 23:59 - 2015-07-09 21:16 - 00269824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-08-15 23:59 - 2015-07-06 17:16 - 00044560 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\WdBoot.sys
2015-08-15 23:59 - 2015-07-06 15:32 - 00281944 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\WdFilter.sys
2015-08-15 23:59 - 2015-07-01 14:00 - 00227328 _____ (Microsoft Corporation) C:\Windows\System32\WebClnt.dll
2015-08-15 23:59 - 2015-07-01 13:58 - 00104448 _____ (Microsoft Corporation) C:\Windows\System32\davclnt.dll
2015-08-15 23:59 - 2015-07-01 12:42 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-08-15 23:59 - 2015-07-01 12:41 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-08-15 23:58 - 2015-07-28 17:25 - 00025776 _____ (Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
2015-08-15 23:58 - 2015-07-28 15:13 - 01116160 _____ (Microsoft Corporation) C:\Windows\System32\appraiser.dll
2015-08-15 23:58 - 2015-07-28 15:13 - 00774144 _____ (Microsoft Corporation) C:\Windows\System32\invagent.dll
2015-08-15 23:58 - 2015-07-28 15:13 - 00743424 _____ (Microsoft Corporation) C:\Windows\System32\generaltel.dll
2015-08-15 23:58 - 2015-07-28 15:13 - 00437248 _____ (Microsoft Corporation) C:\Windows\System32\devinv.dll
2015-08-15 23:58 - 2015-07-28 15:13 - 00069120 _____ (Microsoft Corporation) C:\Windows\System32\acmigration.dll
2015-08-15 23:58 - 2015-07-28 14:12 - 01148416 _____ (Microsoft Corporation) C:\Windows\System32\aeinv.dll
2015-08-15 23:58 - 2015-07-16 21:32 - 02239488 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2015-08-15 23:58 - 2015-07-16 21:32 - 01409024 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2015-08-15 23:58 - 2015-07-16 21:32 - 00601600 _____ (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2015-08-15 23:58 - 2015-07-16 21:31 - 03959808 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2015-08-15 23:58 - 2015-07-16 21:31 - 00856064 _____ (Microsoft Corporation) C:\Windows\System32\jscript.dll
2015-08-15 23:58 - 2015-07-16 21:31 - 00603136 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2015-08-15 23:58 - 2015-07-16 21:30 - 15416320 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2015-08-15 23:58 - 2015-07-16 21:30 - 02657280 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2015-08-15 23:58 - 2015-07-16 21:30 - 00949760 _____ (Microsoft Corporation) C:\Windows\System32\inetcomm.dll
2015-08-15 23:58 - 2015-07-16 20:07 - 01763328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-08-15 23:58 - 2015-07-16 20:07 - 01181696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-08-15 23:58 - 2015-07-16 20:07 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-08-15 23:58 - 2015-07-16 20:06 - 13774848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-08-15 23:58 - 2015-07-16 20:06 - 02865664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-08-15 23:58 - 2015-07-16 20:06 - 02056704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-08-15 23:58 - 2015-07-16 20:06 - 00737280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-08-15 23:58 - 2015-07-16 20:06 - 00690176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-08-15 23:58 - 2015-07-16 20:06 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-08-15 23:58 - 2015-07-16 20:06 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-08-15 23:58 - 2015-07-16 20:06 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-08-15 23:58 - 2015-07-13 22:23 - 01744384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-08-15 23:58 - 2015-07-13 22:23 - 01422336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-08-15 23:58 - 2015-07-13 22:05 - 02340864 _____ (Microsoft Corporation) C:\Windows\System32\msxml6.dll
2015-08-15 23:58 - 2015-07-13 22:05 - 01850880 _____ (Microsoft Corporation) C:\Windows\System32\msxml3.dll
2015-08-15 23:55 - 2015-07-29 15:45 - 01412608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-08-15 23:55 - 2015-07-29 15:45 - 00035328 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-08-15 23:55 - 2015-07-29 14:52 - 01840640 _____ (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2015-08-15 23:55 - 2015-07-29 14:52 - 01280000 _____ (Microsoft Corporation) C:\Windows\System32\FntCache.dll
2015-08-15 23:55 - 2015-07-29 14:52 - 00046080 _____ (Adobe Systems) C:\Windows\System32\atmlib.dll
2015-08-15 23:55 - 2015-07-27 23:42 - 00304128 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-08-15 23:55 - 2015-07-27 23:40 - 04064768 _____ (Microsoft Corporation) C:\Windows\System32\win32k.sys
2015-08-15 23:55 - 2015-07-27 23:40 - 00366592 _____ (Adobe Systems Incorporated) C:\Windows\System32\atmfd.dll
2015-08-15 23:55 - 2015-07-15 17:09 - 06969688 _____ (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2015-08-15 23:55 - 2015-07-15 17:09 - 00095064 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mountmgr.sys
2015-08-15 23:55 - 2015-07-15 17:06 - 01824296 _____ (Microsoft Corporation) C:\Windows\System32\ntdll.dll
2015-08-15 23:55 - 2015-07-15 14:49 - 01410000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-08-15 23:55 - 2015-07-15 14:29 - 01333248 _____ (Microsoft Corporation) C:\Windows\System32\sysmain.dll
2015-08-15 23:55 - 2015-07-09 22:47 - 00243712 _____ (Microsoft Corporation) C:\Windows\System32\notepad.exe
2015-08-15 23:55 - 2015-07-09 22:47 - 00243712 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-08-15 23:55 - 2015-07-09 21:18 - 00233984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2015-08-15 23:55 - 2015-06-09 14:09 - 00411133 _____ C:\Windows\System32\ApnDatabase.xml
2015-08-03 11:12 - 2015-08-03 11:12 - 00045680 ____H (LogMeIn Inc.) C:\Windows\System32\Drivers\Hamdrv.sys
2015-07-29 14:41 - 2015-07-29 14:41 - 01373000 _____ C:\Windows\Minidump\072915-9968-01.dmp
2015-07-26 15:51 - 2015-07-26 15:51 - 00000803 _____ C:\Users\Public\Desktop\CDBurnerXP.lnk
2015-07-26 15:51 - 2015-07-26 15:51 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\Canneverbe Limited
2015-07-26 15:51 - 2015-07-26 15:51 - 00000000 ____D C:\ProgramData\Canneverbe Limited
2015-07-24 10:56 - 2015-07-30 17:24 - 00016603 _____ C:\Users\Markus Radosztics\Downloads\Schulsporthilfe-Vorschlag-2015.xlsx
2015-07-24 07:23 - 2015-07-24 07:23 - 01274248 _____ C:\Windows\Minidump\072415-10750-01.dmp
2015-07-23 14:47 - 2015-07-23 14:47 - 00000000 ____D C:\Program Files\McAfee Security Scan
2015-07-23 07:54 - 2015-07-23 07:54 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\CEF

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-08-22 14:29 - 2013-10-01 20:22 - 00000000 ____D C:\ProgramData\NVIDIA
2015-08-22 14:29 - 2012-07-26 08:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-22 14:27 - 2013-09-30 18:17 - 00271402 _____ C:\Windows\PFRO.log
2015-08-22 14:23 - 2013-09-30 18:30 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-817472733-4082136947-4255886928-1001
2015-08-22 14:17 - 2014-08-06 11:17 - 00000000 ____D C:\ProgramData\TuneUp Software
2015-08-22 14:13 - 2013-09-30 18:24 - 01237454 _____ C:\Windows\WindowsUpdate.log
2015-08-22 14:04 - 2013-11-22 21:24 - 00000366 _____ C:\Windows\Tasks\HP Photo Creations Communicator.job
2015-08-22 14:00 - 2015-06-18 05:45 - 00001290 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-817472733-4082136947-4255886928-1001UA.job
2015-08-22 14:00 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\System32\sru
2015-08-22 13:51 - 2013-11-19 20:28 - 00001136 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-22 13:37 - 2013-09-30 20:01 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-08-22 12:43 - 2014-12-27 11:45 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\36A80DEE-1AAD-4F7E-AA6A-4638F785B9B6.aplzod
2015-08-22 11:39 - 2013-10-02 16:05 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\Skype
2015-08-22 11:04 - 2015-02-23 19:21 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-08-22 11:04 - 2013-10-02 16:05 - 00000000 ____D C:\ProgramData\Skype
2015-08-22 10:00 - 2015-06-18 05:45 - 00001238 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-817472733-4082136947-4255886928-1001Core.job
2015-08-22 09:00 - 2015-03-18 17:45 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-08-22 09:00 - 2014-06-17 21:52 - 00005182 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for WAUT0001-Markus Radosztics WAUT0001
2015-08-22 08:51 - 2013-11-19 20:28 - 00001132 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-22 08:50 - 2012-07-26 11:27 - 00751892 _____ C:\Windows\System32\perfh007.dat
2015-08-22 08:50 - 2012-07-26 11:27 - 00155620 _____ C:\Windows\System32\perfc007.dat
2015-08-22 08:50 - 2012-07-26 08:28 - 01745416 _____ C:\Windows\System32\PerfStringBackup.INI
2015-08-22 08:44 - 2015-01-14 22:45 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\LogMeIn Hamachi
2015-08-22 08:44 - 2014-12-27 11:46 - 00000000 ___RD C:\Users\Markus Radosztics\iCloudDrive
2015-08-22 08:44 - 2013-10-13 19:57 - 00000000 ___RD C:\Users\Markus Radosztics\Dropbox
2015-08-22 08:44 - 2013-10-13 19:55 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\Dropbox
2015-08-21 14:10 - 2013-11-25 11:30 - 00000000 ____D C:\Windows\Minidump
2015-08-21 10:35 - 2015-06-07 19:44 - 00000000 ____D C:\FRST
2015-08-21 07:52 - 2015-03-20 09:39 - 00507984 _____ C:\Windows\System32\FNTCACHE.DAT
2015-08-20 21:50 - 2013-09-30 18:24 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\VirtualStore
2015-08-20 21:30 - 2013-09-30 18:24 - 00000000 ____D C:\users\Markus Radosztics
2015-08-20 21:10 - 2014-02-01 12:30 - 00000000 ____D C:\ProgramData\Oracle
2015-08-20 21:06 - 2012-07-26 06:26 - 00000269 _____ C:\Windows\win.ini
2015-08-20 20:58 - 2015-03-06 17:34 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-08-20 20:58 - 2014-02-01 12:30 - 00000000 ____D C:\Program Files (x86)\Java
2015-08-20 20:22 - 2014-11-19 17:47 - 00000000 ____D C:\Program Files (x86)\Samsung
2015-08-20 20:22 - 2013-12-19 12:46 - 00000000 ____D C:\Users\Markus Radosztics\Documents\samsung
2015-08-20 20:22 - 2013-12-19 12:46 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\Samsung
2015-08-20 20:18 - 2013-09-30 18:32 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-08-20 19:58 - 2013-09-30 19:29 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\Downloaded Installations
2015-08-20 19:27 - 2015-06-03 19:07 - 00000000 ____D C:\Program Files (x86)\A1 Servicecenter
2015-08-20 10:43 - 2014-06-25 16:28 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-20 10:37 - 2013-09-30 20:01 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-08-20 09:43 - 2013-09-30 19:20 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-08-20 09:42 - 2013-09-30 19:20 - 00000000 ____D C:\ProgramData\Apple
2015-08-19 20:47 - 2013-09-30 18:24 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\Packages
2015-08-19 20:18 - 2012-07-26 08:59 - 00000000 ____D C:\Windows\CbsTemp
2015-08-19 16:27 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\System32\GroupPolicy
2015-08-16 17:23 - 2015-07-14 20:02 - 00000650 _____ C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2015-08-16 17:22 - 2015-04-17 07:09 - 00000000 ___SD C:\Windows\System32\CompatTel
2015-08-16 17:22 - 2015-04-17 07:09 - 00000000 ____D C:\Windows\System32\appraiser
2015-08-16 17:22 - 2013-09-30 18:57 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-08-16 17:22 - 2013-09-30 18:57 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-08-16 17:22 - 2012-07-26 09:12 - 00000000 ____D C:\Program Files\Windows Defender
2015-08-16 17:22 - 2012-07-26 09:12 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-08-16 09:55 - 2013-09-30 18:52 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-08-16 09:53 - 2013-09-30 21:57 - 00000000 ____D C:\Windows\System32\MRT
2015-08-16 09:51 - 2013-09-30 21:57 - 132483416 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe
2015-08-16 09:26 - 2013-10-01 17:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-15 10:11 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\AUInstallAgent
2015-08-08 03:27 - 2012-07-26 09:14 - 00793544 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-08-08 03:27 - 2012-07-26 09:14 - 00177632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-23 14:47 - 2014-01-16 15:47 - 00001940 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2015-07-23 14:47 - 2014-01-16 15:47 - 00000000 ____D C:\ProgramData\McAfee Security Scan

Einige Dateien in TEMP:
====================
C:\Users\Markus Radosztics\AppData\Local\Temp\2549.exe
C:\Users\Markus Radosztics\AppData\Local\Temp\5494.exe
C:\Users\Markus Radosztics\AppData\Local\Temp\71387_updater.exe
C:\Users\Markus Radosztics\AppData\Local\Temp\976.exe
C:\Users\Markus Radosztics\AppData\Local\Temp\AutoWifi.exe
C:\Users\Markus Radosztics\AppData\Local\Temp\devcon64.exe
C:\Users\Markus Radosztics\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpprhcty.dll
C:\Users\Markus Radosztics\AppData\Local\Temp\Execute2App.exe
C:\Users\Markus Radosztics\AppData\Local\Temp\fsd6341.exe
C:\Users\Markus Radosztics\AppData\Local\Temp\fsd6B10.exe
C:\Users\Markus Radosztics\AppData\Local\Temp\fsdC449.exe
C:\Users\Markus Radosztics\AppData\Local\Temp\fsdD8AD.exe
C:\Users\Markus Radosztics\AppData\Local\Temp\fuf5B0B.exe
C:\Users\Markus Radosztics\AppData\Local\Temp\install1804741.exe
C:\Users\Markus Radosztics\AppData\Local\Temp\IQIYIsetup_l_huayukeji@kb006.exe
C:\Users\Markus Radosztics\AppData\Local\Temp\masauto_runxx.dl.dll
C:\Users\Markus Radosztics\AppData\Local\Temp\masblog_runxx.dl.dll
C:\Users\Markus Radosztics\AppData\Local\Temp\msvcp90.dll
C:\Users\Markus Radosztics\AppData\Local\Temp\msvcr90.dll
C:\Users\Markus Radosztics\AppData\Local\Temp\nsc7E69.exe
C:\Users\Markus Radosztics\AppData\Local\Temp\nse978A.exe
C:\Users\Markus Radosztics\AppData\Local\Temp\nsu979B.exe
C:\Users\Markus Radosztics\AppData\Local\Temp\qqpcmgr_v10.11.16600.237_72601_Silence.exe
C:\Users\Markus Radosztics\AppData\Local\Temp\QYAgent_runxx.dl.dll
C:\Users\Markus Radosztics\AppData\Local\Temp\res.dll
C:\Users\Markus Radosztics\AppData\Local\Temp\setup3.exe
C:\Users\Markus Radosztics\AppData\Local\Temp\shopup.exe
C:\Users\Markus Radosztics\AppData\Local\Temp\shpwt.exe
C:\Users\Markus Radosztics\AppData\Local\Temp\sqlite3.dll
C:\Users\Markus Radosztics\AppData\Local\Temp\SYkC1CD.exe
C:\Users\Markus Radosztics\AppData\Local\Temp\tmp7048.tmp.exe
C:\Users\Markus Radosztics\AppData\Local\Temp\Uninstall.exe
C:\Users\Markus Radosztics\AppData\Local\Temp\{8AACE4BB-0DCF-4F2B-9FD2-6DE9ACF20F86}.dll
C:\Users\Markus Radosztics\AppData\Local\Temp\{A2396524-F74C-4109-874C-AEE42D1C36A5}.dll
C:\Users\Markus Radosztics\AppData\Local\Temp\{EFF616A3-14B1-4A6A-9192-4E85EA2DE69E}_emergency.exe

==================== Known DLLs (Nicht auf der Ausnahmeliste) =========================


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\System32\winlogon.exe => MD5 ist legitim
C:\Windows\System32\wininit.exe => MD5 ist legitim
C:\Windows\explorer.exe => MD5 ist legitim
C:\Windows\SysWOW64\explorer.exe => MD5 ist legitim
C:\Windows\System32\svchost.exe => MD5 ist legitim
C:\Windows\SysWOW64\svchost.exe => MD5 ist legitim
C:\Windows\System32\services.exe
[2015-05-13 16:31] - [2015-04-13 06:32] - 0417280 ____A (Microsoft Corporation) 590A2B4198DD35AA42893BA04F66FD3F

C:\Windows\System32\User32.dll
[2014-10-16 21:39] - [2014-06-28 07:57] - 1341952 ____A (Microsoft Corporation) FAC7814096952227B0EBB08175D82B40

C:\Windows\SysWOW64\User32.dll
[2014-10-16 21:39] - [2014-06-28 03:23] - 1126400 ____A (Microsoft Corporation) BBC180F529B08A65100536A08724ED58

C:\Windows\System32\userinit.exe => MD5 ist legitim
C:\Windows\SysWOW64\userinit.exe => MD5 ist legitim
C:\Windows\System32\rpcss.dll => MD5 ist legitim
C:\Windows\System32\dnsapi.dll
[2014-12-11 21:27] - [2014-10-09 04:59] - 0623616 ____A (Microsoft Corporation) 7904C03BF9C0C0337563FFAA97D0ACE8

C:\Windows\SysWOW64\dnsapi.dll
[2014-12-11 21:27] - [2014-10-09 04:58] - 0458240 ____A (Microsoft Corporation) 0BE9606A1175C7400ED862991453A847

C:\Windows\System32\Drivers\volsnap.sys
[2014-10-16 21:43] - [2014-07-04 11:52] - 0328000 ____A (Microsoft Corporation) AA37946941ED3805AB3A924965907147


==================== Wiederherstellungspunkte =========================


==================== Speicherinformationen =========================== 

Prozentuale Nutzung des RAM: 10%
Installierter physikalischer RAM: 8143.88 MB
Verfügbarer physikalischer RAM: 7285.02 MB
Summe virtueller Speicher: 8143.88 MB
Verfügbarer virtueller Speicher: 7311.78 MB

==================== Laufwerke ================================

Drive c: (System) (Fixed) (Total:111.45 GB) (Free:5.8 GB) NTFS
Drive d: (Daten) (Fixed) (Total:931.51 GB) (Free:727.19 GB) NTFS
Drive e: (32_00_00) (Fixed) (Total:298.02 GB) (Free:208.52 GB) FAT32
Drive i: () (Removable) (Total:0.98 GB) (Free:0.98 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (System-reserviert) (Fixed) (Total:0.34 GB) (Free:0.11 GB) NTFS ==>[System mit Startkomponenten (eingeholt von lesen Laufwerk)]

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 2A03BD70)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.4 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 2A03BD6D)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 298.1 GB) (Disk ID: 3E1EBD07)
Partition 1: (Active) - (Size=298.1 GB) - (Type=0C)

========================================================
Disk: 4 (Size: 1011 MB) (Disk ID: 0DFF7265)
No partition Table on disk 4.


LastRegBack: 2015-08-16 17:02

==================== Ende von Ergebnis ============================
         
lg Don Camillo

Alt 23.08.2015, 07:28   #11
schrauber
/// the machine
/// TB-Ausbilder
 

Ständig öffnen sich neue Internet-Fenster - Standard

Ständig öffnen sich neue Internet-Fenster



Alte Java Versionen deinstallieren. Alles von Baidu deinstallieren.

FRST bitte im normalen Modus ausführen, nicht Recovery.

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
C:\$Recycle.Bin
C:\Program Files\igfx32
C:\Program Files (x86)\00000000-1440101150-0000-0000-448A5BA07B78

C:\Program Files (x86)\AnyProtectEx\Uninstall.exe

C:\Program Files (x86)\baidu\Bind.exe

C:\Program Files (x86)\Cinem Plus 2.4cV20.08\1159fad3-7973-4be7-b312-c162e4e7bfd9.dll

C:\Program Files (x86)\CinemaP-1.9cV16.03\156eacdc-6be3-484e-958c-b1950c01381c.dll

C:\Program Files (x86)\GUPlayer\GUPlayerUninstaller.exe

C:\Program Files (x86)\OLBPre\OLBPre.exe

C:\Program Files (x86)\shopwit\shopwit\1.4.0.7\shopwit.exe

C:\Program Files (x86)\shopwit\shopwit\1.4.0.7\yjae1Hlm.dll

C:\ProgramData\ExtTag\Alphatrax.dll

C:\ProgramData\ExtTag\Biodandom.dll

C:\ProgramData\ExtTag\Blueplus.dll

C:\ProgramData\ExtTag\ExtTag.exe

C:\ProgramData\ExtTag\Greenstring.exe

C:\ProgramData\ExtTag\Jobzimtech.dll

C:\ProgramData\ExtTag\Keyfix.dll

C:\ProgramData\ExtTag\Overnix.dll

C:\ProgramData\ExtTag\Solin.dll

C:\ProgramData\ExtTag\Vilatam.dll

C:\ProgramData\ExtTag\Zimdox.dll

C:\Users\All Users\ExtTag\Alphatrax.dll

C:\Users\All Users\ExtTag\Biodandom.dll

C:\Users\All Users\ExtTag\Blueplus.dll

C:\Users\All Users\ExtTag\ExtTag.exe

C:\Users\All Users\ExtTag\Greenstring.exe

C:\Users\All Users\ExtTag\Jobzimtech.dll

C:\Users\All Users\ExtTag\Keyfix.dll

C:\Users\All Users\ExtTag\Overnix.dll

C:\Users\All Users\ExtTag\Solin.dll

C:\Users\All Users\ExtTag\Vilatam.dll

C:\Users\All Users\ExtTag\Zimdox.dll

C:\Users\Markus Radosztics\AppData\Local\nse80CC.tmp

C:\Users\Markus Radosztics\AppData\Local\nseE692.tmp

C:\Users\Markus Radosztics\AppData\Local\nss7098.tmp

C:\Users\Markus Radosztics\AppData\Local\nsv2DEB.tmp

C:\Users\Markus Radosztics\AppData\Local\00000000-1440108399-0000-0000-448A5BA07B78\rnsc5FED.exe

C:\Users\Markus Radosztics\AppData\Local\00000000-1440108399-0000-0000-448A5BA07B78\snsc5FEC.tmp

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\102.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\178.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\179.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\180.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\184.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\19.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\200.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\220.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\223.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\231.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\232.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\234.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\242.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\253.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\262.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\263.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\273.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\281.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\288.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\289.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\300.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\335.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\339.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\380.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\385.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\389.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\390.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\391.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\424.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\437.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\91.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\js\b6b7830c988806df88c32cfddd53fc99.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\js\api\1f71f589179f394711674e1bef2e79a8.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\js\api\a08bb5eaf593c92c0258a3aa5f5d9c10.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\js\api\e859f8ab59353a98b1ba776d4ab159a6.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\js\lib\04653a6705d18bce9815dba825dbd4f3.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\js\lib\1224091a7d8a03a01c84cfece5978749.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\js\lib\148ed776917d1394e64d3bee6bb0a7d0.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\js\lib\32e72a69456c7c6b07a2b8bb2a43a288.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\js\lib\8f9803aafd03bf9d3527c303aedc96e5.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\js\lib\b20ec6be3b71d58ac5b997701b1928fb.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\js\lib\d69da36dc93a45dd99574490876cba61.js

C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8187EMMG\1[1].zip

C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8187EMMG\1[2].zip

C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8187EMMG\AnyProtect[1].exe

C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8187EMMG\policyname[1].exe

C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8187EMMG\setup[1].exe

C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MWQCMX90\2[2].zip

C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MWQCMX90\AnyProtectSetup[1].exe

C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MWQCMX90\AnyProtect[1].exe

C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MWQCMX90\FinalInstaller_dotnet4[1].exe

C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MWQCMX90\SearchUpdater[1].exe

C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PYEKUK5B\2[1].zip

C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PYEKUK5B\Reimage[1].exe

C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PYEKUK5B\setup[1].exe

C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PYEKUK5B\setup_362[2].exe

C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XVRE7LXX\Reimage[1].exe

C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XVRE7LXX\VuuPC_VO2_8907[1].exe

C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1DM2S2NU\trojaner-board_de[1].htm

C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\RYADG1IT\afr[1].htm

C:\Users\Markus Radosztics\AppData\Local\Mozilla\Firefox\Profiles\febuujst.default\cache2\entries\1467BB079417F9F051FA6EA8C7391D9C03B46034

C:\Users\Markus Radosztics\AppData\Local\Mozilla\Firefox\Profiles\febuujst.default\cache2\entries\2513273621AEA92FDA7F197FE306C61AB57CD82C

C:\Users\Markus Radosztics\AppData\Local\Mozilla\Firefox\Profiles\febuujst.default\cache2\entries\2C5B5C32F614ABCE1B2E6F98262E134D3A471F55

C:\Users\Markus Radosztics\AppData\Local\Mozilla\Firefox\Profiles\febuujst.default\cache2\entries\3AFB6AD46657D59461FDAD66FB5F88F7E486DB73

C:\Users\Markus Radosztics\AppData\Local\Mozilla\Firefox\Profiles\febuujst.default\cache2\entries\4B011C0394440B2950D8F79F2239B6A410AA9ABA

C:\Users\Markus Radosztics\AppData\Local\Mozilla\Firefox\Profiles\febuujst.default\cache2\entries\5059E31C2C0B0CC7DDF6B50778335DDD090F02A3

C:\Users\Markus Radosztics\AppData\Local\Mozilla\Firefox\Profiles\febuujst.default\cache2\entries\7457893C1262DC14F9ACD39B0EDB0F4D9A3E4B74

C:\Users\Markus Radosztics\AppData\Local\Mozilla\Firefox\Profiles\febuujst.default\cache2\entries\76E89FA6682C33F128F828096B95BCA1714D8097

C:\Users\Markus Radosztics\AppData\Local\Mozilla\Firefox\Profiles\febuujst.default\cache2\entries\E2157AFFDC9A55B7C1F514C044F34F76759B5515

C:\Users\Markus Radosztics\AppData\Local\Mozilla\Firefox\Profiles\febuujst.default\cache2\entries\FEC3A29932E057A370B8C9524ABE8DA1A67FA8BD

C:\Users\Markus Radosztics\AppData\Local\Temp\2549.exe

C:\Users\Markus Radosztics\AppData\Local\Temp\5494.exe

C:\Users\Markus Radosztics\AppData\Local\Temp\976.exe

C:\Users\Markus Radosztics\AppData\Local\Temp\fsd6341.exe

C:\Users\Markus Radosztics\AppData\Local\Temp\fsd6B10.exe

C:\Users\Markus Radosztics\AppData\Local\Temp\fsdC449.exe

C:\Users\Markus Radosztics\AppData\Local\Temp\fsdD8AD.exe

C:\Users\Markus Radosztics\AppData\Local\Temp\ICReinstall_nsg2EF9.tmp

C:\Users\Markus Radosztics\AppData\Local\Temp\nsbB654.tmp

C:\Users\Markus Radosztics\AppData\Local\Temp\nsc7E69.exe

C:\Users\Markus Radosztics\AppData\Local\Temp\nscDA5A.tmp

C:\Users\Markus Radosztics\AppData\Local\Temp\nsdF6EC.tmp

C:\Users\Markus Radosztics\AppData\Local\Temp\nsg2EF9.tmp

C:\Users\Markus Radosztics\AppData\Local\Temp\nsi2FB1.tmp

C:\Users\Markus Radosztics\AppData\Local\Temp\nsj7B4.tmp

C:\Users\Markus Radosztics\AppData\Local\Temp\nsjAE42.tmp

C:\Users\Markus Radosztics\AppData\Local\Temp\nskE9B3.tmp

C:\Users\Markus Radosztics\AppData\Local\Temp\nso3242.tmp

C:\Users\Markus Radosztics\AppData\Local\Temp\nsoD141.tmp

C:\Users\Markus Radosztics\AppData\Local\Temp\nsq3687.tmp

C:\Users\Markus Radosztics\AppData\Local\Temp\nsr2E68.tmp

C:\Users\Markus Radosztics\AppData\Local\Temp\nsr38F9.tmp

C:\Users\Markus Radosztics\AppData\Local\Temp\nss10FC.tmp

C:\Users\Markus Radosztics\AppData\Local\Temp\nss8325.tmp

C:\Users\Markus Radosztics\AppData\Local\Temp\nssD54.tmp

C:\Users\Markus Radosztics\AppData\Local\Temp\nsuE86B.tmp

C:\Users\Markus Radosztics\AppData\Local\Temp\nsxF05A.tmp

C:\Users\Markus Radosztics\AppData\Local\Temp\nsy30AC.tmp

C:\Users\Markus Radosztics\AppData\Local\Temp\setup3.exe

C:\Users\Markus Radosztics\AppData\Local\Temp\shopup.exe

C:\Users\Markus Radosztics\AppData\Local\Temp\shpwt.exe

C:\Users\Markus Radosztics\AppData\Local\Temp\comh.374571\GoogleCrashHandler.exe

C:\Users\Markus Radosztics\AppData\Local\Temp\comh.374571\GoogleUpdate.exe

C:\Users\Markus Radosztics\AppData\Local\Temp\comh.374571\GoogleUpdateBroker.exe

C:\Users\Markus Radosztics\AppData\Local\Temp\comh.374571\GoogleUpdateOnDemand.exe

C:\Users\Markus Radosztics\AppData\Local\Temp\comh.374571\goopdate.dll

C:\Users\Markus Radosztics\AppData\Local\Temp\comh.374571\goopdateres_en.dll

C:\Users\Markus Radosztics\AppData\Local\Temp\comh.374571\npGoogleUpdate4.dll

C:\Users\Markus Radosztics\AppData\Local\Temp\comh.374571\psmachine.dll

C:\Users\Markus Radosztics\AppData\Local\Temp\comh.374571\psuser.dll

C:\Users\Markus Radosztics\AppData\Local\Temp\comh.476784\globalupdate.exe

C:\Users\Markus Radosztics\AppData\Local\Temp\comh.476784\globalupdateBroker.exe

C:\Users\Markus Radosztics\AppData\Local\Temp\comh.476784\globalupdateCrashHandler.exe

C:\Users\Markus Radosztics\AppData\Local\Temp\comh.476784\globalupdateOnDemand.exe

C:\Users\Markus Radosztics\AppData\Local\Temp\comh.476784\npglobalupdateUpdate4.dll

C:\Users\Markus Radosztics\AppData\Local\Temp\comh.476784\psmachine.dll

C:\Users\Markus Radosztics\AppData\Local\Temp\comh.476784\psuser.dll

C:\Users\Markus Radosztics\AppData\Local\Temp\comh.89854\globalupdate.exe

C:\Users\Markus Radosztics\AppData\Local\Temp\comh.89854\globalupdateBroker.exe

C:\Users\Markus Radosztics\AppData\Local\Temp\comh.89854\globalupdateCrashHandler.exe

C:\Users\Markus Radosztics\AppData\Local\Temp\comh.89854\globalupdateOnDemand.exe

C:\Users\Markus Radosztics\AppData\Local\Temp\comh.89854\npglobalupdateUpdate4.dll

C:\Users\Markus Radosztics\AppData\Local\Temp\comh.89854\psmachine.dll

C:\Users\Markus Radosztics\AppData\Local\Temp\comh.89854\psuser.dll

C:\Users\Markus Radosztics\AppData\Local\Temp\DMR\dmr_72.exe

C:\Users\Markus Radosztics\AppData\Local\Temp\f9626892-7a78-3199-abd2-97bbce96297b\adv_76.exe

C:\Users\Markus Radosztics\AppData\Local\Temp\f9626892-7a78-3199-abd2-97bbce96297b\OfferInstaller.exe

C:\Users\Markus Radosztics\AppData\Local\Temp\n2341\gusetup_pub.exe

C:\Users\Markus Radosztics\AppData\Local\Temp\n2341\Imalimedia_0308--b6ebc012.exe

C:\Users\Markus Radosztics\AppData\Local\Temp\n2582\BananaPhone_12_08--c5f0d88b.exe

C:\Users\Markus Radosztics\AppData\Roaming\4Kyh3h9rTUrqEq0XkfiBd

C:\Users\Markus Radosztics\AppData\Roaming\BYAIAMUF

C:\Users\Markus Radosztics\AppData\Roaming\Cus4wE9mf

C:\Users\Markus Radosztics\AppData\Roaming\GNOK

C:\Users\Markus Radosztics\AppData\Roaming\KcbELr9nVCvO5C9EQ1LmCgPDQK

C:\Users\Markus Radosztics\AppData\Roaming\mKEEssqw2b6jam0xKEJW

C:\Users\Markus Radosztics\AppData\Roaming\AnyProtectEx\swf\swfxZ.swf

C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\extensions\defsearchp@gmail.com\chrome\content\jquery-2.1.0.min.js

C:\Users\Markus Radosztics\AppData\Roaming\mystartsearch\UninstallManager.exe

C:\Users\Markus Radosztics\Downloads\Apple_Mobile_Device_USB_Driver.exe

C:\Users\Markus Radosztics\Downloads\CopyTrans Manager - CHIP-Installer.exe

C:\Users\Markus Radosztics\Downloads\kies-air.exe

C:\Windows\Temp\nse9CF.exe

C:\Windows\Temp\nsh6916.exe

C:\Windows\Temp\nsl66C4.exe

C:\Windows\Temp\nsp9C0.exe

C:\Windows\Temp\tmp6462.tmp

C:\Windows\Temp\tmp659A.tmp

C:\Windows\Temp\tmp720E.tmp
HKU\Markus Radosztics\...\Run: [Shop-wit] => C:\Program Files (x86)\shopwit\shopwit\1.4.0.7\shopwit.exe [689920 2015-08-20] ()
HKU\Markus Radosztics\...\Run: [apphide] => C:\Program Files (x86)\baidu\pps.exe
C:\Program Files (x86)\shopwit
C:\Program Files (x86)\baidu
AppInit_DLLs: C:\ProgramData\ExtTag\Zimdox.dll => C:\ProgramData\ExtTag\Zimdox.dll [135680 2015-08-21] ()
AppInit_DLLs-x32: C:\ProgramData\ExtTag\Biodandom.dll => C:\ProgramData\ExtTag\Biodandom.dll [121344 2015-08-21] ()
C:\ProgramData\ExtTag
Emptytemp:
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.





http://filepony.de/download-revo_uninstaller/
damit Chrome deinstallieren, keine Daten behalten, Reste entfernen lassen, neu installieren.

Dann:
https://support.google.com/chrome/answer/3296214?hl=de


Frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 23.08.2015, 13:17   #12
Don_Camillo
 
Ständig öffnen sich neue Internet-Fenster - Standard

Ständig öffnen sich neue Internet-Fenster



Hier die Fixlog-Datei:

Code:
ATTFilter
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:23-08-2015
durchgeführt von Markus Radosztics (2015-08-23 14:05:24) Run:1
Gestartet von C:\Users\Markus Radosztics\Downloads
Geladene Profile: Markus Radosztics (Verfügbare Profile: Markus Radosztics)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
C:\$Recycle.Bin
C:\Program Files\igfx32
C:\Program Files (x86)\00000000-1440101150-0000-0000-448A5BA07B78

C:\Program Files (x86)\AnyProtectEx\Uninstall.exe

C:\Program Files (x86)\baidu\Bind.exe

C:\Program Files (x86)\Cinem Plus 2.4cV20.08\1159fad3-7973-4be7-b312-c162e4e7bfd9.dll

C:\Program Files (x86)\CinemaP-1.9cV16.03\156eacdc-6be3-484e-958c-b1950c01381c.dll

C:\Program Files (x86)\GUPlayer\GUPlayerUninstaller.exe

C:\Program Files (x86)\OLBPre\OLBPre.exe

C:\Program Files (x86)\shopwit\shopwit\1.4.0.7\shopwit.exe

C:\Program Files (x86)\shopwit\shopwit\1.4.0.7\yjae1Hlm.dll

C:\ProgramData\ExtTag\Alphatrax.dll

C:\ProgramData\ExtTag\Biodandom.dll

C:\ProgramData\ExtTag\Blueplus.dll

C:\ProgramData\ExtTag\ExtTag.exe

C:\ProgramData\ExtTag\Greenstring.exe

C:\ProgramData\ExtTag\Jobzimtech.dll

C:\ProgramData\ExtTag\Keyfix.dll

C:\ProgramData\ExtTag\Overnix.dll

C:\ProgramData\ExtTag\Solin.dll

C:\ProgramData\ExtTag\Vilatam.dll

C:\ProgramData\ExtTag\Zimdox.dll

C:\Users\All Users\ExtTag\Alphatrax.dll

C:\Users\All Users\ExtTag\Biodandom.dll

C:\Users\All Users\ExtTag\Blueplus.dll

C:\Users\All Users\ExtTag\ExtTag.exe

C:\Users\All Users\ExtTag\Greenstring.exe

C:\Users\All Users\ExtTag\Jobzimtech.dll

C:\Users\All Users\ExtTag\Keyfix.dll

C:\Users\All Users\ExtTag\Overnix.dll

C:\Users\All Users\ExtTag\Solin.dll

C:\Users\All Users\ExtTag\Vilatam.dll

C:\Users\All Users\ExtTag\Zimdox.dll

C:\Users\Markus Radosztics\AppData\Local\nse80CC.tmp

C:\Users\Markus Radosztics\AppData\Local\nseE692.tmp

C:\Users\Markus Radosztics\AppData\Local\nss7098.tmp

C:\Users\Markus Radosztics\AppData\Local\nsv2DEB.tmp

C:\Users\Markus Radosztics\AppData\Local\00000000-1440108399-0000-0000-448A5BA07B78\rnsc5FED.exe

C:\Users\Markus Radosztics\AppData\Local\00000000-1440108399-0000-0000-448A5BA07B78\snsc5FEC.tmp

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\102.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\178.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\179.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\180.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\184.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\19.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\200.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\220.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\223.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\231.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\232.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\234.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\242.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\253.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\262.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\263.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\273.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\281.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\288.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\289.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\300.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\335.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\339.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\380.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\385.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\389.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\390.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\391.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\424.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\437.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\91.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\js\b6b7830c988806df88c32cfddd53fc99.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\js\api\1f71f589179f394711674e1bef2e79a8.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\js\api\a08bb5eaf593c92c0258a3aa5f5d9c10.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\js\api\e859f8ab59353a98b1ba776d4ab159a6.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\js\lib\04653a6705d18bce9815dba825dbd4f3.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\js\lib\1224091a7d8a03a01c84cfece5978749.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\js\lib\148ed776917d1394e64d3bee6bb0a7d0.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\js\lib\32e72a69456c7c6b07a2b8bb2a43a288.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\js\lib\8f9803aafd03bf9d3527c303aedc96e5.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\js\lib\b20ec6be3b71d58ac5b997701b1928fb.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\js\lib\d69da36dc93a45dd99574490876cba61.js

C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8187EMMG\1[1].zip

C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8187EMMG\1[2].zip

C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8187EMMG\AnyProtect[1].exe

C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8187EMMG\policyname[1].exe

C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8187EMMG\setup[1].exe

C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MWQCMX90\2[2].zip

C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MWQCMX90\AnyProtectSetup[1].exe

C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MWQCMX90\AnyProtect[1].exe

C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MWQCMX90\FinalInstaller_dotnet4[1].exe

C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MWQCMX90\SearchUpdater[1].exe

C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PYEKUK5B\2[1].zip

C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PYEKUK5B\Reimage[1].exe

C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PYEKUK5B\setup[1].exe

C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PYEKUK5B\setup_362[2].exe

C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XVRE7LXX\Reimage[1].exe

C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XVRE7LXX\VuuPC_VO2_8907[1].exe

C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1DM2S2NU\trojaner-board_de[1].htm

C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\RYADG1IT\afr[1].htm

C:\Users\Markus Radosztics\AppData\Local\Mozilla\Firefox\Profiles\febuujst.default\cache2\entries\1467BB079417F9F051FA6EA8C7391D9C03B46034

C:\Users\Markus Radosztics\AppData\Local\Mozilla\Firefox\Profiles\febuujst.default\cache2\entries\2513273621AEA92FDA7F197FE306C61AB57CD82C

C:\Users\Markus Radosztics\AppData\Local\Mozilla\Firefox\Profiles\febuujst.default\cache2\entries\2C5B5C32F614ABCE1B2E6F98262E134D3A471F55

C:\Users\Markus Radosztics\AppData\Local\Mozilla\Firefox\Profiles\febuujst.default\cache2\entries\3AFB6AD46657D59461FDAD66FB5F88F7E486DB73

C:\Users\Markus Radosztics\AppData\Local\Mozilla\Firefox\Profiles\febuujst.default\cache2\entries\4B011C0394440B2950D8F79F2239B6A410AA9ABA

C:\Users\Markus Radosztics\AppData\Local\Mozilla\Firefox\Profiles\febuujst.default\cache2\entries\5059E31C2C0B0CC7DDF6B50778335DDD090F02A3

C:\Users\Markus Radosztics\AppData\Local\Mozilla\Firefox\Profiles\febuujst.default\cache2\entries\7457893C1262DC14F9ACD39B0EDB0F4D9A3E4B74

C:\Users\Markus Radosztics\AppData\Local\Mozilla\Firefox\Profiles\febuujst.default\cache2\entries\76E89FA6682C33F128F828096B95BCA1714D8097

C:\Users\Markus Radosztics\AppData\Local\Mozilla\Firefox\Profiles\febuujst.default\cache2\entries\E2157AFFDC9A55B7C1F514C044F34F76759B5515

C:\Users\Markus Radosztics\AppData\Local\Mozilla\Firefox\Profiles\febuujst.default\cache2\entries\FEC3A29932E057A370B8C9524ABE8DA1A67FA8BD

C:\Users\Markus Radosztics\AppData\Local\Temp\2549.exe

C:\Users\Markus Radosztics\AppData\Local\Temp\5494.exe

C:\Users\Markus Radosztics\AppData\Local\Temp\976.exe

C:\Users\Markus Radosztics\AppData\Local\Temp\fsd6341.exe

C:\Users\Markus Radosztics\AppData\Local\Temp\fsd6B10.exe

C:\Users\Markus Radosztics\AppData\Local\Temp\fsdC449.exe

C:\Users\Markus Radosztics\AppData\Local\Temp\fsdD8AD.exe

C:\Users\Markus Radosztics\AppData\Local\Temp\ICReinstall_nsg2EF9.tmp

C:\Users\Markus Radosztics\AppData\Local\Temp\nsbB654.tmp

C:\Users\Markus Radosztics\AppData\Local\Temp\nsc7E69.exe

C:\Users\Markus Radosztics\AppData\Local\Temp\nscDA5A.tmp

C:\Users\Markus Radosztics\AppData\Local\Temp\nsdF6EC.tmp

C:\Users\Markus Radosztics\AppData\Local\Temp\nsg2EF9.tmp

C:\Users\Markus Radosztics\AppData\Local\Temp\nsi2FB1.tmp

C:\Users\Markus Radosztics\AppData\Local\Temp\nsj7B4.tmp

C:\Users\Markus Radosztics\AppData\Local\Temp\nsjAE42.tmp

C:\Users\Markus Radosztics\AppData\Local\Temp\nskE9B3.tmp

C:\Users\Markus Radosztics\AppData\Local\Temp\nso3242.tmp

C:\Users\Markus Radosztics\AppData\Local\Temp\nsoD141.tmp

C:\Users\Markus Radosztics\AppData\Local\Temp\nsq3687.tmp

C:\Users\Markus Radosztics\AppData\Local\Temp\nsr2E68.tmp

C:\Users\Markus Radosztics\AppData\Local\Temp\nsr38F9.tmp

C:\Users\Markus Radosztics\AppData\Local\Temp\nss10FC.tmp

C:\Users\Markus Radosztics\AppData\Local\Temp\nss8325.tmp

C:\Users\Markus Radosztics\AppData\Local\Temp\nssD54.tmp

C:\Users\Markus Radosztics\AppData\Local\Temp\nsuE86B.tmp

C:\Users\Markus Radosztics\AppData\Local\Temp\nsxF05A.tmp

C:\Users\Markus Radosztics\AppData\Local\Temp\nsy30AC.tmp

C:\Users\Markus Radosztics\AppData\Local\Temp\setup3.exe

C:\Users\Markus Radosztics\AppData\Local\Temp\shopup.exe

C:\Users\Markus Radosztics\AppData\Local\Temp\shpwt.exe

C:\Users\Markus Radosztics\AppData\Local\Temp\comh.374571\GoogleCrashHandler.exe

C:\Users\Markus Radosztics\AppData\Local\Temp\comh.374571\GoogleUpdate.exe

C:\Users\Markus Radosztics\AppData\Local\Temp\comh.374571\GoogleUpdateBroker.exe

C:\Users\Markus Radosztics\AppData\Local\Temp\comh.374571\GoogleUpdateOnDemand.exe

C:\Users\Markus Radosztics\AppData\Local\Temp\comh.374571\goopdate.dll

C:\Users\Markus Radosztics\AppData\Local\Temp\comh.374571\goopdateres_en.dll

C:\Users\Markus Radosztics\AppData\Local\Temp\comh.374571\npGoogleUpdate4.dll

C:\Users\Markus Radosztics\AppData\Local\Temp\comh.374571\psmachine.dll

C:\Users\Markus Radosztics\AppData\Local\Temp\comh.374571\psuser.dll

C:\Users\Markus Radosztics\AppData\Local\Temp\comh.476784\globalupdate.exe

C:\Users\Markus Radosztics\AppData\Local\Temp\comh.476784\globalupdateBroker.exe

C:\Users\Markus Radosztics\AppData\Local\Temp\comh.476784\globalupdateCrashHandler.exe

C:\Users\Markus Radosztics\AppData\Local\Temp\comh.476784\globalupdateOnDemand.exe

C:\Users\Markus Radosztics\AppData\Local\Temp\comh.476784\npglobalupdateUpdate4.dll

C:\Users\Markus Radosztics\AppData\Local\Temp\comh.476784\psmachine.dll

C:\Users\Markus Radosztics\AppData\Local\Temp\comh.476784\psuser.dll

C:\Users\Markus Radosztics\AppData\Local\Temp\comh.89854\globalupdate.exe

C:\Users\Markus Radosztics\AppData\Local\Temp\comh.89854\globalupdateBroker.exe

C:\Users\Markus Radosztics\AppData\Local\Temp\comh.89854\globalupdateCrashHandler.exe

C:\Users\Markus Radosztics\AppData\Local\Temp\comh.89854\globalupdateOnDemand.exe

C:\Users\Markus Radosztics\AppData\Local\Temp\comh.89854\npglobalupdateUpdate4.dll

C:\Users\Markus Radosztics\AppData\Local\Temp\comh.89854\psmachine.dll

C:\Users\Markus Radosztics\AppData\Local\Temp\comh.89854\psuser.dll

C:\Users\Markus Radosztics\AppData\Local\Temp\DMR\dmr_72.exe

C:\Users\Markus Radosztics\AppData\Local\Temp\f9626892-7a78-3199-abd2-97bbce96297b\adv_76.exe

C:\Users\Markus Radosztics\AppData\Local\Temp\f9626892-7a78-3199-abd2-97bbce96297b\OfferInstaller.exe

C:\Users\Markus Radosztics\AppData\Local\Temp\n2341\gusetup_pub.exe

C:\Users\Markus Radosztics\AppData\Local\Temp\n2341\Imalimedia_0308--b6ebc012.exe

C:\Users\Markus Radosztics\AppData\Local\Temp\n2582\BananaPhone_12_08--c5f0d88b.exe

C:\Users\Markus Radosztics\AppData\Roaming\4Kyh3h9rTUrqEq0XkfiBd

C:\Users\Markus Radosztics\AppData\Roaming\BYAIAMUF

C:\Users\Markus Radosztics\AppData\Roaming\Cus4wE9mf

C:\Users\Markus Radosztics\AppData\Roaming\GNOK

C:\Users\Markus Radosztics\AppData\Roaming\KcbELr9nVCvO5C9EQ1LmCgPDQK

C:\Users\Markus Radosztics\AppData\Roaming\mKEEssqw2b6jam0xKEJW

C:\Users\Markus Radosztics\AppData\Roaming\AnyProtectEx\swf\swfxZ.swf

C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\extensions\defsearchp@gmail.com\chrome\content\jquery-2.1.0.min.js

C:\Users\Markus Radosztics\AppData\Roaming\mystartsearch\UninstallManager.exe

C:\Users\Markus Radosztics\Downloads\Apple_Mobile_Device_USB_Driver.exe

C:\Users\Markus Radosztics\Downloads\CopyTrans Manager - CHIP-Installer.exe

C:\Users\Markus Radosztics\Downloads\kies-air.exe

C:\Windows\Temp\nse9CF.exe

C:\Windows\Temp\nsh6916.exe

C:\Windows\Temp\nsl66C4.exe

C:\Windows\Temp\nsp9C0.exe

C:\Windows\Temp\tmp6462.tmp

C:\Windows\Temp\tmp659A.tmp

C:\Windows\Temp\tmp720E.tmp
HKU\Markus Radosztics\...\Run: [Shop-wit] => C:\Program Files (x86)\shopwit\shopwit\1.4.0.7\shopwit.exe [689920 2015-08-20] ()
HKU\Markus Radosztics\...\Run: [apphide] => C:\Program Files (x86)\baidu\pps.exe
C:\Program Files (x86)\shopwit
C:\Program Files (x86)\baidu
AppInit_DLLs: C:\ProgramData\ExtTag\Zimdox.dll => C:\ProgramData\ExtTag\Zimdox.dll [135680 2015-08-21] ()
AppInit_DLLs-x32: C:\ProgramData\ExtTag\Biodandom.dll => C:\ProgramData\ExtTag\Biodandom.dll [121344 2015-08-21] ()
C:\ProgramData\ExtTag
Emptytemp:
         
*****************

C:\$Recycle.Bin => erfolgreich verschoben

"C:\Program Files\igfx32" Ordner verschieben:

Konnte nicht verschoben werden "C:\Program Files\igfx32" => ist geplant bei Neustart verschoben zu werden.


"C:\Program Files (x86)\00000000-1440101150-0000-0000-448A5BA07B78" Ordner verschieben:

Konnte nicht verschoben werden "C:\Program Files (x86)\00000000-1440101150-0000-0000-448A5BA07B78" => ist geplant bei Neustart verschoben zu werden.

Konnte nicht verschoben werden "C:\Program Files (x86)\AnyProtectEx\Uninstall.exe" => ist geplant bei Neustart verschoben zu werden.
"C:\Program Files (x86)\baidu\Bind.exe" => Datei/Ordner nicht gefunden.
Konnte nicht verschoben werden "C:\Program Files (x86)\Cinem Plus 2.4cV20.08\1159fad3-7973-4be7-b312-c162e4e7bfd9.dll" => ist geplant bei Neustart verschoben zu werden.
Konnte nicht verschoben werden "C:\Program Files (x86)\CinemaP-1.9cV16.03\156eacdc-6be3-484e-958c-b1950c01381c.dll" => ist geplant bei Neustart verschoben zu werden.
Konnte nicht verschoben werden "C:\Program Files (x86)\GUPlayer\GUPlayerUninstaller.exe" => ist geplant bei Neustart verschoben zu werden.
C:\Program Files (x86)\OLBPre\OLBPre.exe => erfolgreich verschoben
Konnte nicht verschoben werden "C:\Program Files (x86)\shopwit\shopwit\1.4.0.7\shopwit.exe" => ist geplant bei Neustart verschoben zu werden.
Konnte nicht verschoben werden "C:\Program Files (x86)\shopwit\shopwit\1.4.0.7\yjae1Hlm.dll" => ist geplant bei Neustart verschoben zu werden.
Konnte nicht verschoben werden "C:\ProgramData\ExtTag\Alphatrax.dll" => ist geplant bei Neustart verschoben zu werden.
Konnte nicht verschoben werden "C:\ProgramData\ExtTag\Biodandom.dll" => ist geplant bei Neustart verschoben zu werden.
Konnte nicht verschoben werden "C:\ProgramData\ExtTag\Blueplus.dll" => ist geplant bei Neustart verschoben zu werden.
Konnte nicht verschoben werden "C:\ProgramData\ExtTag\ExtTag.exe" => ist geplant bei Neustart verschoben zu werden.
Konnte nicht verschoben werden "C:\ProgramData\ExtTag\Greenstring.exe" => ist geplant bei Neustart verschoben zu werden.
Konnte nicht verschoben werden "C:\ProgramData\ExtTag\Jobzimtech.dll" => ist geplant bei Neustart verschoben zu werden.
Konnte nicht verschoben werden "C:\ProgramData\ExtTag\Keyfix.dll" => ist geplant bei Neustart verschoben zu werden.
Konnte nicht verschoben werden "C:\ProgramData\ExtTag\Overnix.dll" => ist geplant bei Neustart verschoben zu werden.
Konnte nicht verschoben werden "C:\ProgramData\ExtTag\Solin.dll" => ist geplant bei Neustart verschoben zu werden.
Konnte nicht verschoben werden "C:\ProgramData\ExtTag\Vilatam.dll" => ist geplant bei Neustart verschoben zu werden.
Konnte nicht verschoben werden "C:\ProgramData\ExtTag\Zimdox.dll" => ist geplant bei Neustart verschoben zu werden.
Konnte nicht verschoben werden "C:\Users\All Users\ExtTag\Alphatrax.dll" => ist geplant bei Neustart verschoben zu werden.
Konnte nicht verschoben werden "C:\Users\All Users\ExtTag\Biodandom.dll" => ist geplant bei Neustart verschoben zu werden.
Konnte nicht verschoben werden "C:\Users\All Users\ExtTag\Blueplus.dll" => ist geplant bei Neustart verschoben zu werden.
Konnte nicht verschoben werden "C:\Users\All Users\ExtTag\ExtTag.exe" => ist geplant bei Neustart verschoben zu werden.
Konnte nicht verschoben werden "C:\Users\All Users\ExtTag\Greenstring.exe" => ist geplant bei Neustart verschoben zu werden.
Konnte nicht verschoben werden "C:\Users\All Users\ExtTag\Jobzimtech.dll" => ist geplant bei Neustart verschoben zu werden.
Konnte nicht verschoben werden "C:\Users\All Users\ExtTag\Keyfix.dll" => ist geplant bei Neustart verschoben zu werden.
Konnte nicht verschoben werden "C:\Users\All Users\ExtTag\Overnix.dll" => ist geplant bei Neustart verschoben zu werden.
Konnte nicht verschoben werden "C:\Users\All Users\ExtTag\Solin.dll" => ist geplant bei Neustart verschoben zu werden.
Konnte nicht verschoben werden "C:\Users\All Users\ExtTag\Vilatam.dll" => ist geplant bei Neustart verschoben zu werden.
Konnte nicht verschoben werden "C:\Users\All Users\ExtTag\Zimdox.dll" => ist geplant bei Neustart verschoben zu werden.
C:\Users\Markus Radosztics\AppData\Local\nse80CC.tmp => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\nseE692.tmp => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\nss7098.tmp => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\nsv2DEB.tmp => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\00000000-1440108399-0000-0000-448A5BA07B78\rnsc5FED.exe => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\00000000-1440108399-0000-0000-448A5BA07B78\snsc5FEC.tmp => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\102.js => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\178.js => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\179.js => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\180.js => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\184.js => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\19.js => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\200.js => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\220.js => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\223.js => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\231.js => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\232.js => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\234.js => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\242.js => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\253.js => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\262.js => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\263.js => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\273.js => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\281.js => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\288.js => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\289.js => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\300.js => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\335.js => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\339.js => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\380.js => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\385.js => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\389.js => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\390.js => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\391.js => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\424.js => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\437.js => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\91.js => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\js\b6b7830c988806df88c32cfddd53fc99.js => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\js\api\1f71f589179f394711674e1bef2e79a8.js => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\js\api\a08bb5eaf593c92c0258a3aa5f5d9c10.js => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\js\api\e859f8ab59353a98b1ba776d4ab159a6.js => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\js\lib\04653a6705d18bce9815dba825dbd4f3.js => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\js\lib\1224091a7d8a03a01c84cfece5978749.js => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\js\lib\148ed776917d1394e64d3bee6bb0a7d0.js => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\js\lib\32e72a69456c7c6b07a2b8bb2a43a288.js => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\js\lib\8f9803aafd03bf9d3527c303aedc96e5.js => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\js\lib\b20ec6be3b71d58ac5b997701b1928fb.js => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\js\lib\d69da36dc93a45dd99574490876cba61.js => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8187EMMG\1[1].zip => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8187EMMG\1[2].zip => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8187EMMG\AnyProtect[1].exe => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8187EMMG\policyname[1].exe => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8187EMMG\setup[1].exe => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MWQCMX90\2[2].zip => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MWQCMX90\AnyProtectSetup[1].exe => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MWQCMX90\AnyProtect[1].exe => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MWQCMX90\FinalInstaller_dotnet4[1].exe => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MWQCMX90\SearchUpdater[1].exe => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PYEKUK5B\2[1].zip => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PYEKUK5B\Reimage[1].exe => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PYEKUK5B\setup[1].exe => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PYEKUK5B\setup_362[2].exe => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XVRE7LXX\Reimage[1].exe => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XVRE7LXX\VuuPC_VO2_8907[1].exe => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1DM2S2NU\trojaner-board_de[1].htm => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\RYADG1IT\afr[1].htm => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Mozilla\Firefox\Profiles\febuujst.default\cache2\entries\1467BB079417F9F051FA6EA8C7391D9C03B46034 => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Mozilla\Firefox\Profiles\febuujst.default\cache2\entries\2513273621AEA92FDA7F197FE306C61AB57CD82C => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Mozilla\Firefox\Profiles\febuujst.default\cache2\entries\2C5B5C32F614ABCE1B2E6F98262E134D3A471F55 => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Mozilla\Firefox\Profiles\febuujst.default\cache2\entries\3AFB6AD46657D59461FDAD66FB5F88F7E486DB73 => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Mozilla\Firefox\Profiles\febuujst.default\cache2\entries\4B011C0394440B2950D8F79F2239B6A410AA9ABA => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Mozilla\Firefox\Profiles\febuujst.default\cache2\entries\5059E31C2C0B0CC7DDF6B50778335DDD090F02A3 => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Mozilla\Firefox\Profiles\febuujst.default\cache2\entries\7457893C1262DC14F9ACD39B0EDB0F4D9A3E4B74 => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Mozilla\Firefox\Profiles\febuujst.default\cache2\entries\76E89FA6682C33F128F828096B95BCA1714D8097 => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Mozilla\Firefox\Profiles\febuujst.default\cache2\entries\E2157AFFDC9A55B7C1F514C044F34F76759B5515 => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Mozilla\Firefox\Profiles\febuujst.default\cache2\entries\FEC3A29932E057A370B8C9524ABE8DA1A67FA8BD => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Temp\2549.exe => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Temp\5494.exe => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Temp\976.exe => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Temp\fsd6341.exe => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Temp\fsd6B10.exe => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Temp\fsdC449.exe => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Temp\fsdD8AD.exe => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Temp\ICReinstall_nsg2EF9.tmp => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Temp\nsbB654.tmp => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Temp\nsc7E69.exe => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Temp\nscDA5A.tmp => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Temp\nsdF6EC.tmp => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Temp\nsg2EF9.tmp => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Temp\nsi2FB1.tmp => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Temp\nsj7B4.tmp => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Temp\nsjAE42.tmp => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Temp\nskE9B3.tmp => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Temp\nso3242.tmp => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Temp\nsoD141.tmp => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Temp\nsq3687.tmp => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Temp\nsr2E68.tmp => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Temp\nsr38F9.tmp => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Temp\nss10FC.tmp => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Temp\nss8325.tmp => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Temp\nssD54.tmp => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Temp\nsuE86B.tmp => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Temp\nsxF05A.tmp => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Temp\nsy30AC.tmp => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Temp\setup3.exe => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Temp\shopup.exe => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Temp\shpwt.exe => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Temp\comh.374571\GoogleCrashHandler.exe => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Temp\comh.374571\GoogleUpdate.exe => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Temp\comh.374571\GoogleUpdateBroker.exe => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Temp\comh.374571\GoogleUpdateOnDemand.exe => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Temp\comh.374571\goopdate.dll => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Temp\comh.374571\goopdateres_en.dll => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Temp\comh.374571\npGoogleUpdate4.dll => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Temp\comh.374571\psmachine.dll => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Temp\comh.374571\psuser.dll => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Temp\comh.476784\globalupdate.exe => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Temp\comh.476784\globalupdateBroker.exe => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Temp\comh.476784\globalupdateCrashHandler.exe => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Temp\comh.476784\globalupdateOnDemand.exe => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Temp\comh.476784\npglobalupdateUpdate4.dll => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Temp\comh.476784\psmachine.dll => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Temp\comh.476784\psuser.dll => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Temp\comh.89854\globalupdate.exe => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Temp\comh.89854\globalupdateBroker.exe => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Temp\comh.89854\globalupdateCrashHandler.exe => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Temp\comh.89854\globalupdateOnDemand.exe => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Temp\comh.89854\npglobalupdateUpdate4.dll => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Temp\comh.89854\psmachine.dll => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Temp\comh.89854\psuser.dll => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Temp\DMR\dmr_72.exe => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Temp\f9626892-7a78-3199-abd2-97bbce96297b\adv_76.exe => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Temp\f9626892-7a78-3199-abd2-97bbce96297b\OfferInstaller.exe => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Temp\n2341\gusetup_pub.exe => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Temp\n2341\Imalimedia_0308--b6ebc012.exe => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Local\Temp\n2582\BananaPhone_12_08--c5f0d88b.exe => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Roaming\4Kyh3h9rTUrqEq0XkfiBd => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Roaming\BYAIAMUF => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Roaming\Cus4wE9mf => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Roaming\GNOK => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Roaming\KcbELr9nVCvO5C9EQ1LmCgPDQK => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Roaming\mKEEssqw2b6jam0xKEJW => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Roaming\AnyProtectEx\swf\swfxZ.swf => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\extensions\defsearchp@gmail.com\chrome\content\jquery-2.1.0.min.js => erfolgreich verschoben
C:\Users\Markus Radosztics\AppData\Roaming\mystartsearch\UninstallManager.exe => erfolgreich verschoben
C:\Users\Markus Radosztics\Downloads\Apple_Mobile_Device_USB_Driver.exe => erfolgreich verschoben
C:\Users\Markus Radosztics\Downloads\CopyTrans Manager - CHIP-Installer.exe => erfolgreich verschoben
C:\Users\Markus Radosztics\Downloads\kies-air.exe => erfolgreich verschoben
Konnte nicht verschoben werden "C:\Windows\Temp\nse9CF.exe" => ist geplant bei Neustart verschoben zu werden.
Konnte nicht verschoben werden "C:\Windows\Temp\nsh6916.exe" => ist geplant bei Neustart verschoben zu werden.
Konnte nicht verschoben werden "C:\Windows\Temp\nsl66C4.exe" => ist geplant bei Neustart verschoben zu werden.
Konnte nicht verschoben werden "C:\Windows\Temp\nsp9C0.exe" => ist geplant bei Neustart verschoben zu werden.
"C:\Windows\Temp\tmp6462.tmp" => Datei/Ordner nicht gefunden.
"C:\Windows\Temp\tmp659A.tmp" => Datei/Ordner nicht gefunden.
"C:\Windows\Temp\tmp720E.tmp" => Datei/Ordner nicht gefunden.
HKU\Markus Radosztics\Software\Microsoft\Windows\CurrentVersion\Run\\Shop-wit => Wert nicht gefunden.
HKU\Markus Radosztics\Software\Microsoft\Windows\CurrentVersion\Run\\apphide => Wert nicht gefunden.

"C:\Program Files (x86)\shopwit" Ordner verschieben:

Konnte nicht verschoben werden "C:\Program Files (x86)\shopwit" => ist geplant bei Neustart verschoben zu werden.

"C:\Program Files (x86)\baidu" => Datei/Ordner nicht gefunden.
"C:\ProgramData\ExtTag\Zimdox.dll" => Wert Datenkonnte nicht entfernt werden
"C:\ProgramData\ExtTag\Biodandom.dll" => Wert Datenkonnte nicht entfernt werden

"C:\ProgramData\ExtTag" Ordner verschieben:

Konnte nicht verschoben werden "C:\ProgramData\ExtTag" => ist geplant bei Neustart verschoben zu werden.

EmptyTemp: => 5.2 GB temporäre Dateien entfernt.

Ergebnis der geplanten Datei-Verschiebungen (Start-Modus: Normal) (Datum&Uhrzeit: 2015-08-23 14:13:49)<=

==> ACHTUNG: Das System wurde nicht neu gestartet.
"C:\Program Files\igfx32" => Konnte nicht verschoben werden
"C:\Program Files (x86)\00000000-1440101150-0000-0000-448A5BA07B78" => Konnte nicht verschoben werden
"C:\Program Files (x86)\AnyProtectEx\Uninstall.exe" => Konnte nicht verschoben werden
"C:\Program Files (x86)\Cinem Plus 2.4cV20.08\1159fad3-7973-4be7-b312-c162e4e7bfd9.dll" => Konnte nicht verschoben werden
"C:\Program Files (x86)\CinemaP-1.9cV16.03\156eacdc-6be3-484e-958c-b1950c01381c.dll" => Konnte nicht verschoben werden
"C:\Program Files (x86)\GUPlayer\GUPlayerUninstaller.exe" => Konnte nicht verschoben werden
"C:\Program Files (x86)\shopwit\shopwit\1.4.0.7\shopwit.exe" => Konnte nicht verschoben werden
"C:\Program Files (x86)\shopwit\shopwit\1.4.0.7\yjae1Hlm.dll" => Konnte nicht verschoben werden
"C:\ProgramData\ExtTag\Alphatrax.dll" => Konnte nicht verschoben werden
"C:\ProgramData\ExtTag\Biodandom.dll" => Konnte nicht verschoben werden
"C:\ProgramData\ExtTag\Blueplus.dll" => Konnte nicht verschoben werden
"C:\ProgramData\ExtTag\ExtTag.exe" => Konnte nicht verschoben werden
"C:\ProgramData\ExtTag\Greenstring.exe" => Konnte nicht verschoben werden
"C:\ProgramData\ExtTag\Jobzimtech.dll" => Konnte nicht verschoben werden
"C:\ProgramData\ExtTag\Keyfix.dll" => Konnte nicht verschoben werden
"C:\ProgramData\ExtTag\Overnix.dll" => Konnte nicht verschoben werden
"C:\ProgramData\ExtTag\Solin.dll" => Konnte nicht verschoben werden
"C:\ProgramData\ExtTag\Vilatam.dll" => Konnte nicht verschoben werden
"C:\ProgramData\ExtTag\Zimdox.dll" => Konnte nicht verschoben werden
"C:\Users\All Users\ExtTag\Alphatrax.dll" => Konnte nicht verschoben werden
"C:\Users\All Users\ExtTag\Biodandom.dll" => Konnte nicht verschoben werden
"C:\Users\All Users\ExtTag\Blueplus.dll" => Konnte nicht verschoben werden
"C:\Users\All Users\ExtTag\ExtTag.exe" => Konnte nicht verschoben werden
"C:\Users\All Users\ExtTag\Greenstring.exe" => Konnte nicht verschoben werden
"C:\Users\All Users\ExtTag\Jobzimtech.dll" => Konnte nicht verschoben werden
"C:\Users\All Users\ExtTag\Keyfix.dll" => Konnte nicht verschoben werden
"C:\Users\All Users\ExtTag\Overnix.dll" => Konnte nicht verschoben werden
"C:\Users\All Users\ExtTag\Solin.dll" => Konnte nicht verschoben werden
"C:\Users\All Users\ExtTag\Vilatam.dll" => Konnte nicht verschoben werden
"C:\Users\All Users\ExtTag\Zimdox.dll" => Konnte nicht verschoben werden
C:\Windows\Temp\nse9CF.exe => ist erfolgreich verschoben
C:\Windows\Temp\nsh6916.exe => ist erfolgreich verschoben
C:\Windows\Temp\nsl66C4.exe => ist erfolgreich verschoben
C:\Windows\Temp\nsp9C0.exe => ist erfolgreich verschoben
"C:\Program Files (x86)\shopwit" => Konnte nicht verschoben werden
"C:\ProgramData\ExtTag" => Konnte nicht verschoben werden

==== Ende von Fixlog 14:13:50 ====
         
lg Don Camillo

Alt 23.08.2015, 14:15   #13
Don_Camillo
 
Ständig öffnen sich neue Internet-Fenster - Standard

Ständig öffnen sich neue Internet-Fenster



Chrome wurde deinstalliert und neu installiert. Hier das frische FRST log:

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:23-08-2015
durchgeführt von Markus Radosztics (ACHTUNG: der angemeldete Benutzer ist kein Administrator) auf WAUT0001 (23-08-2015 15:11:24)
Gestartet von C:\Users\Markus Radosztics\Downloads
Geladene Profile: Markus Radosztics (Verfügbare Profile: Markus Radosztics)
Platform: Windows 8 Pro (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 10 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

konnte nicht auf den Prozess zugreifen -> smss.exe
konnte nicht auf den Prozess zugreifen -> csrss.exe
konnte nicht auf den Prozess zugreifen -> wininit.exe
konnte nicht auf den Prozess zugreifen -> csrss.exe
konnte nicht auf den Prozess zugreifen -> winlogon.exe
konnte nicht auf den Prozess zugreifen -> services.exe
konnte nicht auf den Prozess zugreifen -> lsass.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> nvvsvc.exe
konnte nicht auf den Prozess zugreifen -> nvSCPAPISvr.exe
konnte nicht auf den Prozess zugreifen -> QQPCRTP.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> RsMgrSvc.exe
konnte nicht auf den Prozess zugreifen -> dwm.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> nvxdsync.exe
konnte nicht auf den Prozess zugreifen -> nvvsvc.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> spoolsv.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> acengine.exe
konnte nicht auf den Prozess zugreifen -> AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6600\Bin\ScanToPCActivationApp.exe
(Tencent) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16600.237\QQPCTray.exe
(Open Source) C:\Users\Markus Radosztics\AppData\Roaming\cpuminer\sgminer\sgminer.exe
(Valve Corporation) D:\Games\Steam.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Valve Corporation) D:\Games\bin\steamwebhelper.exe
(Microsoft Corporation) C:\Users\Markus Radosztics\AppData\Local\Microsoft\OneDrive\OneDrive.exe
() C:\Program Files (x86)\shopwit\shopwit\1.4.0.7\shopwit.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.149\SSScheduler.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office15\ONENOTEM.EXE
(Dropbox, Inc.) C:\Users\Markus Radosztics\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(LogMeIn Inc.) D:\Games\LogMeIn Hamachi\hamachi-2-ui.exe
(LogMeIn, Inc.) D:\Games\LogMeIn Hamachi\LMIGuardianSvc.exe
(Beijing Rising Information Technology Co., Ltd.) C:\Program Files (x86)\Rising\RSD\popwndexe.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6600\Bin\HPNetworkCommunicator.exe
konnte nicht auf den Prozess zugreifen -> mDNSResponder.exe
konnte nicht auf den Prozess zugreifen -> SkypeC2CAutoUpdateSvc.exe
konnte nicht auf den Prozess zugreifen -> SkypeC2CPNRSvc.exe
konnte nicht auf den Prozess zugreifen -> officeclicktorun.exe
konnte nicht auf den Prozess zugreifen -> Salttex.exe
konnte nicht auf den Prozess zugreifen -> dasHost.exe
konnte nicht auf den Prozess zugreifen -> ExtTag.exe
konnte nicht auf den Prozess zugreifen -> igfx32.exe
konnte nicht auf den Prozess zugreifen -> ProtectService.exe
konnte nicht auf den Prozess zugreifen -> hnsf344.tmp
konnte nicht auf den Prozess zugreifen -> MSI_Trigger_Service.exe
konnte nicht auf den Prozess zugreifen -> NvNetworkService.exe
konnte nicht auf den Prozess zugreifen -> nvstreamsvc.exe
konnte nicht auf den Prozess zugreifen -> PnkBstrA.exe
konnte nicht auf den Prozess zugreifen -> plugincontainer.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> TeamViewer_Service.exe
konnte nicht auf den Prozess zugreifen -> TomTomHOMEService.exe
konnte nicht auf den Prozess zugreifen -> TuneUpUtilitiesService64.exe
konnte nicht auf den Prozess zugreifen -> updater.exe
konnte nicht auf den Prozess zugreifen -> hamachi-2.exe
konnte nicht auf den Prozess zugreifen -> LMIGuardianSvc.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
konnte nicht auf den Prozess zugreifen -> WmiPrvSE.exe
konnte nicht auf den Prozess zugreifen -> NixHost.exe
konnte nicht auf den Prozess zugreifen -> WmiPrvSE.exe
konnte nicht auf den Prozess zugreifen -> SearchIndexer.exe
konnte nicht auf den Prozess zugreifen -> nvstreamsvc.exe
konnte nicht auf den Prozess zugreifen -> conhost.exe
konnte nicht auf den Prozess zugreifen -> nvstreamsvc.exe
konnte nicht auf den Prozess zugreifen -> conhost.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> SteamService.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(Tencent) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16600.237\QMUsbGuard.exe
konnte nicht auf den Prozess zugreifen -> tv_w32.exe
konnte nicht auf den Prozess zugreifen -> tv_x64.exe
konnte nicht auf den Prozess zugreifen -> Greenstring.exe
konnte nicht auf den Prozess zugreifen -> WUDFHost.exe
konnte nicht auf den Prozess zugreifen -> Plugin.exe
konnte nicht auf den Prozess zugreifen -> Plugin.exe
konnte nicht auf den Prozess zugreifen -> Plugin.exe
konnte nicht auf den Prozess zugreifen -> Plugin.exe
() C:\ProgramData\d64c6aa4-9b30-4b06-8859-0cfa31bd50dc\plugins\7\Plugin.exe
konnte nicht auf den Prozess zugreifen -> Plugin.exe
() C:\ProgramData\d64c6aa4-9b30-4b06-8859-0cfa31bd50dc\plugins\3\Plugin.exe
() C:\ProgramData\d64c6aa4-9b30-4b06-8859-0cfa31bd50dc\plugins\12\Plugin.exe
konnte nicht auf den Prozess zugreifen -> Plugin.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Users\Markus Radosztics\Downloads\FRST64.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8466136 2015-04-30] (Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => "D:\Programme\iTunesHelper.exe"
HKLM\...\Run: [gpuminer] => C:\Users\Markus Radosztics\AppData\Roaming\cpuminer\sgminer\sgminer.cmd [218 2015-08-17] ()
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288 2010-10-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [36760 2010-10-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [821144 2010-10-25] (Adobe Systems Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-05-15] (Apple Inc.)
HKLM-x32\...\Run: [Nikon Message Center 2] => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [571392 2011-10-30] (Nikon Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [A1Servicecenter] => C:\Program Files (x86)\A1 Servicecenter\A1 Servicecenter\A1Servicecenter_Launcher.exe [11467864 2015-05-27] (A1)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => D:\Games\LogMeIn Hamachi\hamachi-2-ui.exe [5579624 2015-08-03] (LogMeIn Inc.)
HKLM-x32\...\Run: [ QQPCTray] => C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16600.237\QQPCTRAY.EXE [355296 2015-08-20] (Tencent)
HKLM-x32\...\Run: [RSDTRAY] => C:\Program Files (x86)\Rising\RSD\popwndexe.exe [126808 2012-09-25] (Beijing Rising Information Technology Co., Ltd.)
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\...\Run: [Voobly] => C:\Program Files (x86)\Voobly\voobly.exe [159744 2015-01-12] (Voobly)
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\...\Run: [HP Officejet 6600 (NET)] => C:\Program Files\HP\HP Officejet 6600\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\...\Run: [Steam] => D:\Games\Steam.exe [2899136 2015-08-19] (Valve Corporation)
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\...\Run: [TomTomHOME.exe] => C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [248176 2014-06-05] (TomTom)
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\...\Run: [Dropbox Update] => C:\Users\Markus Radosztics\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-18] (Dropbox, Inc.)
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\...\Run: [OneDrive] => C:\Users\Markus Radosztics\AppData\Local\Microsoft\OneDrive\OneDrive.exe [404064 2015-08-20] (Microsoft Corporation)
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\...\Run: [Shop-wit] => C:\Program Files (x86)\shopwit\shopwit\1.4.0.7\shopwit.exe [689920 2015-08-20] ()
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\...\Run: [apphide] => C:\Program Files (x86)\baidu\pps.exe
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\...\Run: [GoogleChromeAutoLaunch_FEA560871AAA9104DF8D8385F4A465BE] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [863560 2015-08-18] (Google Inc.)
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\...\RunOnce: [Uninstall C:\Users\Markus Radosztics\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Markus Radosztics\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64"
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\...\RunOnce: [Uninstall C:\Users\Markus Radosztics\AppData\Local\Microsoft\OneDrive\17.3.5907.0716] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Markus Radosztics\AppData\Local\Microsoft\OneDrive\17.3.5907.0716"
AppInit_DLLs: C:\ProgramData\ExtTag\Zimdox.dll => C:\ProgramData\ExtTag\Zimdox.dll [135680 2015-08-21] ()
AppInit_DLLs-x32: C:\ProgramData\ExtTag\Biodandom.dll => C:\ProgramData\ExtTag\Biodandom.dll [121344 2015-08-21] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2014-01-16]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.149\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Markus Radosztics\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2015-03-18]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files (x86)\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Markus Radosztics\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2013-10-13]
ShortcutTarget: Dropbox.lnk -> C:\Users\Markus Radosztics\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [.QMDeskTopGCIcon] -> {B7667919-3765-4815-A66D-98A09BE662D6} => C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16600.237\QMGCShellExt64.dll [2015-08-20] (Tencent)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Markus Radosztics\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Markus Radosztics\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Markus Radosztics\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Markus Radosztics\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Markus Radosztics\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Markus Radosztics\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Markus Radosztics\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.)
GroupPolicy: Gruppenrichtline auf Chrome erkannt <======= ACHTUNG
CHR HKLM\SOFTWARE\Policies\Google: Richtlinienbeschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)

HKU\S-1-5-21-817472733-4082136947-4255886928-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Richtlinienbeschränkung <======= ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSE1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.hao123.com/?tn=99963976_hao_pg
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_Bz-FcOk_3gj-vPq5njNUqi6JvXMApaBQy6dI7-zBLqJIwww8hbEZ_D2j-OfsnCYPRYpkjrKE0B6yddsyT_z-DCS1yPXETxyhaNnvdxAsPQgSz3pdyHGIGPpqh1ZYU9NjUbI11dZ3i1WZYkJ6Nqn-MqE94IglK&q={searchTerms}
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.hao123.com/?tn=99963976_hao_pg
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.at.msn.com/
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_Bz-FcOk_3gj-vPq5njNUqi6JvXMApaBQy6dI7-zBLqJIwww8hbEZ_D2j-OfsnCYPRYpkjrKE0B6yddsyT_z-DCS1yPXETxyhaNnvdxAsPQgSz3pdyHGIGPpqh1ZYU9NjUbI11dZ3i1WZYkJ6Nqn-MqE94IglK&q={searchTerms}
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\Software\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_Bz-FcOk_3gj-vPq5njNUqi6JvXMApaBQy6dI7-zBLqJIwww8hbEZ_D2j-OfsnCYPRYpkjrKE0B6yddsyT_z-DCS1yPXETxyhaNnvdxAsPQgSz3pdyHGIGPpqh1ZYU9NjUbI11dZ3i1WZYkJ6Nqn-MqE94IglK&q={searchTerms}
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://at.yhs4.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_popjar_15_34&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dat%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyB0AyBzytCzyzytA0F0CyDtDyEtA0AyCtN0D0Tzu0StCtAtByBtN1L2XzutAtFtCtBtFyDtFtAtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyE0CyB0CzztAyE0BtGyByBzyzztGzzyD0D0CtGtDtB0C0DtG0EyCyE0ByEyBtBtDyC0DyBzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0F0DyE0DtD0CyE0BtGtCyEtAyEtGyEtAyDtAtGzztBtCtDtGtBtAtCyByDyC0BtC0A0A0B0C2QtN0A0LzutB%26cr%3D1829697096%26a%3Dwncy_popjar_15_34%26os%3DWindows%2B8%2BPro&p={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://at.yhs4.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_popjar_15_34&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dat%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyB0AyBzytCzyzytA0F0CyDtDyEtA0AyCtN0D0Tzu0StCtAtByBtN1L2XzutAtFtCtBtFyDtFtAtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyE0CyB0CzztAyE0BtGyByBzyzztGzzyD0D0CtGtDtB0C0DtG0EyCyE0ByEyBtBtDyC0DyBzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0F0DyE0DtD0CyE0BtGtCyEtAyEtGyEtAyDtAtGzztBtCtDtGtBtAtCyByDyC0BtC0A0A0B0C2QtN0A0LzutB%26cr%3D1829697096%26a%3Dwncy_popjar_15_34%26os%3DWindows%2B8%2BPro&p={searchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> DefaultScope {ielnksrch} URL = 
SearchScopes: HKLM-x32 -> ielnksrch URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_Bz-FcOk_3gj-vPq5njNUqi6JvXMApaBQy6dI7-zBLqJIwww8hbEZ_D2j-OfsnCYPRYpkjrKE0B6yddsyT_z-DCS1yPXETxyhaNnvdxAsPQgSz3pdyHGIGPpqh1ZYU9NjUbI11dZ3i1WZYkJ6Nqn-MqE94IglK&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-817472733-4082136947-4255886928-1001 -> DefaultScope {ielnksrch} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_Bz-FcOk_3gj-vPq5njNUqi6JvXMApaBQy6dI7-zBLqJIwww8hbEZ_D2j-OfsnCYPRYpkjrKE0B6yddsyT_z-DCS1yPXETxyhaNnvdxAsPQgSz3pdyHGIGPpqh1ZYU9NjUbI11dZ3i1WZYkJ6Nqn-MqE94IglK&q={searchTerms}
SearchScopes: HKU\S-1-5-21-817472733-4082136947-4255886928-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://at.yhs4.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_popjar_15_34&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dat%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyB0AyBzytCzyzytA0F0CyDtDyEtA0AyCtN0D0Tzu0StCtAtByBtN1L2XzutAtFtCtBtFyDtFtAtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyE0CyB0CzztAyE0BtGyByBzyzztGzzyD0D0CtGtDtB0C0DtG0EyCyE0ByEyBtBtDyC0DyBzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0F0DyE0DtD0CyE0BtGtCyEtAyEtGyEtAyDtAtGzztBtCtDtGtBtAtCyByDyC0BtC0A0A0B0C2QtN0A0LzutB%26cr%3D1829697096%26a%3Dwncy_popjar_15_34%26os%3DWindows%2B8%2BPro&p={searchTerms}
SearchScopes: HKU\S-1-5-21-817472733-4082136947-4255886928-1001 -> {ielnksrch} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_Bz-FcOk_3gj-vPq5njNUqi6JvXMApaBQy6dI7-zBLqJIwww8hbEZ_D2j-OfsnCYPRYpkjrKE0B6yddsyT_z-DCS1yPXETxyhaNnvdxAsPQgSz3pdyHGIGPpqh1ZYU9NjUbI11dZ3i1WZYkJ6Nqn-MqE94IglK&q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-07-14] (Microsoft Corporation)
BHO: 电脑管家网页防火墙 -> {7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B} -> C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16600.237\TSWebMon64.dat [2015-08-20] (Tencent)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-07-14] (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-10-25] (Adobe Systems Incorporated)
BHO-x32: Great Find -> {1cc2bb80-20ab-43e5-b958-432d72b546ca} -> C:\Program Files (x86)\Great Find\Extensions\1cc2bb80-20ab-43e5-b958-432d72b546ca.dll [2015-08-22] ()
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-07-14] (Microsoft Corporation)
BHO-x32: Ó¦Óñ¦Ò»¼ü°²×°²å¼þ -> {50F4150A-48B2-417A-BE4C-C83F580FB904} -> C:\Program Files (x86)\Common Files\Tencent\QQPhoneManager\2.0.201.3198\npQQPhoneManagerExt.dll [2014-05-30] (腾讯公司)
BHO-x32: af0.Adblock.BHO -> {90EFF544-3981-4d46-85C9-C0361D0931D6} -> C:\Windows\SysWOW64\mscoree.dll [2012-06-02] (Microsoft Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-10-25] (Adobe Systems Incorporated)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-07-14] (Microsoft Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-10-25] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-10-25] (Adobe Systems Incorporated)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-03-18] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Winsock: Catalog9 01 C:\Windows\SysWOW64\acengine.dll [299296 2015-08-20] (Abengine)
Winsock: Catalog9 02 C:\Windows\SysWOW64\acengine.dll [299296 2015-08-20] (Abengine)
Winsock: Catalog9 03 C:\Windows\SysWOW64\acengine.dll [299296 2015-08-20] (Abengine)
Winsock: Catalog9 04 C:\Windows\SysWOW64\acengine.dll [299296 2015-08-20] (Abengine)
Winsock: Catalog9 16 C:\Windows\SysWOW64\acengine.dll [299296 2015-08-20] (Abengine)
Hosts: 0.0.0.1	mssplus.mcafee.com
Tcpip\..\Interfaces\{0FFDF7C3-8718-450E-A4A2-9C59BD350F78}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{DD37C3EA-4E32-4412-AC18-EA239FC6029F}: [DhcpNameServer] 10.0.0.138
StartMenuInternet: IEXPLORE.EXE - c:\program files\internet explorer\iexplore.exe hxxp://www.mystartsearch.com/?type=sc&ts=1440141856&z=3fbd779b7c5a732cb4abd88gbz6zbeag3zcg1mawec&from=cmi&uid=SamsungXSSDX840XEVOX120GB_S1D5NEAD869028B

FireFox:
========
FF ProfilePath: C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default
FF NewTab: chrome://quick_start/content/index.html
FF DefaultSearchEngine: mystartsearch
FF SelectedSearchEngine: mystartsearch
FF Homepage: hxxp://www.istartsurf.com/?type=hp&ts=1440103432&z=81c380bb68d5eb130644762gezaz6e6gdedc7cbc7g&from=face&uid=SamsungXSSDX840XEVOX120GB_S1D5NEAD869028B
FF Keyword.URL: 
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-15] ()
FF Plugin: @iqiyi.com/npWebPlayer -> C:\IQIYI Video\LStyle\npWebPlayer.dll [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-15] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-07-30] ()
FF Plugin-x32: @iqiyi.com/npWebPlayer -> C:\IQIYI Video\LStyle\npWebPlayer.dll [Keine Datei]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-03-31] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-03-18] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-07-02] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-07-02] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [Keine Datei]
FF Plugin-x32: @qq.com/npAndroidAssistant -> C:\Program Files (x86)\Common Files\Tencent\QQPhoneManager\2.0.201.3198\npQQPhoneManagerExt.dll [2014-05-30] (腾讯公司)
FF Plugin-x32: @qq.com/QQPCMgr -> C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16600.237\npQMExtensionsMozilla.dll [2015-08-20] (Tencent Technology (Shenzhen) Company Limited)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin HKU\S-1-5-21-817472733-4082136947-4255886928-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Markus Radosztics\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2014-03-13] (Citrix Online)
FF Plugin HKU\S-1-5-21-817472733-4082136947-4255886928-1001: @iqiyi.com/npWebPlayer -> C:\IQIYI Video\LStyle\npWebPlayer.dll Keine Datei
FF Plugin HKU\S-1-5-21-817472733-4082136947-4255886928-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-06-21] ()
FF user.js: detected! => C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\user.js [2015-08-22]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-03-31] (Microsoft Corporation)
FF SearchPlugin: C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\searchplugins\findit.xml [2015-08-21]
FF SearchPlugin: C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\searchplugins\istartsurf.xml [2015-08-21]
FF SearchPlugin: C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\searchplugins\mystartsearch.xml [2015-08-23]
FF SearchPlugin: C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\searchplugins\search-provided-by-yahoo.xml [2015-08-20]
FF Extension: Default SearchProtected  - C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\Extensions\defsearchp@gmail.com [2015-08-19]
FF Extension: deskCut - C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\Extensions\deskCutv2@gmail.com [2015-08-19]
FF Extension: A1 Servicecenter - C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\Extensions\{594657B4-413A-41D0-8F85-A6D3F35C9BDF} [2015-06-03]
FF Extension: Download videos and MP3s from YouTube - C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\Extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900} [2014-10-06]
FF Extension: "Download Touch - C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\Extensions\@73ABDD53B667F486D5ACC6A263CED1CC73AB.xpi [2015-08-20]
FF Extension: Great Find - C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\Extensions\{0a4ee680-ecac-4e89-b625-5139f7130e30}.xpi [2015-08-22]
FF Extension: Kein Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-05-01]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2013-09-30]
FF HKLM-x32\...\Firefox\Extensions: [defsearchp@gmail.com] - C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\extensions\defsearchp@gmail.com
FF HKLM-x32\...\Firefox\Extensions: [deskCutv2@gmail.com] - C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\extensions\deskCutv2@gmail.com
FF HKU\S-1-5-21-817472733-4082136947-4255886928-1001\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2014-10-06]
StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe hxxp://www.mystartsearch.com/?type=sc&ts=1440141856&z=3fbd779b7c5a732cb4abd88gbz6zbeag3zcg1mawec&from=cmi&uid=SamsungXSSDX840XEVOX120GB_S1D5NEAD869028B
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\73ABDD53B667F486D5ACC6A263CED1CC73AB.js [2015-08-20]

Chrome: 
=======
CHR Profile: C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Chrome Web Store Payments) - C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-23]
CHR HKLM-x32\...\Chrome\Extension: [dnligehkhogpcngalffdoomehjcbecna] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gehmndecgbcffhmfjkenpamdgechcgpe] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 acengine; C:\Program Files (x86)\FastSearch\acengine.exe [1839728 2015-08-11] (Abengine) [Datei ist nicht signiert]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
S2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-07-04] ()
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2765496 2015-07-14] (Microsoft Corporation)
R2 eproduct; C:\Users\Markus Radosztics\AppData\Local\Salttex.exe [47616 2015-08-20] () [Datei ist nicht signiert]
R2 ExtTag; C:\ProgramData\ExtTag\ExtTag.exe [22528 2015-08-20] () [Datei ist nicht signiert]
R2 Hamachi2Svc; D:\Games\LogMeIn Hamachi\hamachi-2.exe [2545512 2015-08-03] (LogMeIn Inc.)
R2 igfx32; C:\Program Files\igfx32\igfx32.exe [379904 2015-08-19] () [Datei ist nicht signiert]
R2 IHProtect Service; C:\Program Files (x86)\MiniLite\ProtectService.exe [129688 2015-08-20] (XTab system)
R2 kefowydy; C:\Program Files (x86)\00000000-1440101150-0000-0000-448A5BA07B78\hnsf344.tmp [137728 2015-08-20] () [Datei ist nicht signiert]
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\LENOVO\easyplussdk\bin\EPHotspot64.exe [619776 2015-01-15] (Lenovo)
R2 lmhosts; C:\Windows\system32\svchost.exe [29696 2012-09-20] (Microsoft Corporation)
R2 lmhosts; C:\Windows\SysWOW64\svchost.exe [23040 2012-09-20] (Microsoft Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.149\McCHSvc.exe [289256 2015-06-26] (McAfee, Inc.)
R2 MSI_Trigger_Service; C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe [30240 2013-09-26] (MICRO-STAR INTERNATIONAL CO., LTD.)
R2 NlaSvc; C:\Windows\System32\svchost.exe [29696 2012-09-20] (Microsoft Corporation)
R2 NlaSvc; C:\Windows\SysWOW64\svchost.exe [23040 2012-09-20] (Microsoft Corporation)
R2 nsi; C:\Windows\system32\svchost.exe [29696 2012-09-20] (Microsoft Corporation)
R2 nsi; C:\Windows\SysWOW64\svchost.exe [23040 2012-09-20] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation)
S3 Origin Client Service; D:\Games\Origin\OriginClientService.exe [1931632 2015-05-15] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2015-05-23] ()
R2 QQPCRTP; C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16600.237\QQPCRtp.exe [297608 2015-08-20] (Tencent)
R2 RsMgrSvc; C:\Program Files (x86)\Rising\RSD\RsMgrSvc.exe [196288 2015-08-21] (Beijing Rising Information Technology Co., Ltd.)
R2 Service Mgr GreatFind; C:\ProgramData\d64c6aa4-9b30-4b06-8859-0cfa31bd50dc\plugincontainer.exe [1209056 2015-08-23] ()
S3 TAOFrame; C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16600.237\TAOFrame.exe [293856 2015-08-20] (Tencent)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2145080 2015-06-25] (TuneUp Software)
R2 Update Mgr GreatFind; C:\Program Files (x86)\Common Files\d64c6aa4-9b30-4b06-8859-0cfa31bd50dc\updater.exe [704224 2015-08-23] ()
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2015-07-06] (Microsoft Corporation)
S2 dojoluri; C:\Program Files (x86)\00000000-1440101150-0000-0000-448A5BA07B78\knsb4C96.tmp [X]
S2 hyverumu; C:\Program Files (x86)\00000000-1440101150-0000-0000-448A5BA07B78\jnsiE347.tmp [X]
S2 WindowsMangerProtect; C:\ProgramData\WWinManProW\ProtectWindowsManager.exe -service [X] <==== ACHTUNG

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 acwfp; C:\Windows\system32\Drivers\acwfp64.sys [45784 2015-08-13] (Abengine)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-21] ()
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
S3 e1dexpress; C:\Windows\system32\DRIVERS\e1d63x64.sys [468752 2013-02-27] (Intel Corporation)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2015-08-03] (LogMeIn Inc.)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-06-21] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R1 QMUdisk; C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16600.237\QMUdisk64.sys [62264 2015-08-20] (Tencent)
R2 QQSysMonX64; C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16600.237\QQSysMonX64.sys [138040 2015-08-20] (电脑管家)
R2 TAOAccelerator; C:\Windows\system32\Drivers\TAOAccelerator64.sys [74040 2015-08-20] (Tencent)
R2 TAOKernelDriver; C:\Windows\system32\drivers\TAOKernel64.sys [274232 2015-08-20] (Tencent Technology(Shenzhen) Company Limited)
R3 TFsFlt; C:\Windows\System32\Drivers\TFsFltX64.sys [87864 2015-08-20] (电脑管家)
R3 TS888x64; C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16600.237\TS888x64.sys [28984 2015-08-23] (Tencent)
R1 TSDefenseBt; C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16600.237\TsDefenseBT64.sys [28472 2015-08-20] (Tencent)
R1 TSSysKit; C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16600.237\TSSysKit64.sys [87352 2015-08-20] (电脑管家)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [31144 2015-06-04] (TuneUp Software)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2014-07-28] (Apple, Inc.) [Datei ist nicht signiert]
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [64000 2012-07-26] (Microsoft Corporation)
R1 {092386fb-9faf-4d52-817c-d4095ab6e5cd}Gw64; C:\Windows\System32\drivers\{092386fb-9faf-4d52-817c-d4095ab6e5cd}Gw64.sys [48784 2015-08-19] (StdLib)
R1 {8b8ff336-6f1d-48e8-bf3a-a8cbaafdd963}Gw64; C:\Windows\System32\drivers\{8b8ff336-6f1d-48e8-bf3a-a8cbaafdd963}Gw64.sys [48784 2015-08-20] (StdLib)
R1 {987371d1-e860-4e27-ba6a-35575fd33b7c}Gw64; C:\Windows\System32\drivers\{987371d1-e860-4e27-ba6a-35575fd33b7c}Gw64.sys [48784 2015-08-20] (StdLib)
S3 MSICDSetup; \??\E:\CDriver64.sys [X]
S3 NTIOLib_1_0_C; \??\E:\NTIOLib_X64.sys [X]
S1 rrfd_vw_1_10_0_22; system32\drivers\rrfd_vw_1_10_0_22.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-08-23 14:58 - 2015-08-23 14:58 - 00002253 _____ C:\Users\Markus Radosztics\Desktop\Google Chrome.lnk
2015-08-23 14:58 - 2015-08-23 14:58 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-08-23 14:56 - 2015-08-23 14:56 - 00931408 _____ (Google Inc.) C:\Users\Markus Radosztics\Downloads\ChromeSetup.exe
2015-08-23 14:33 - 2015-08-23 14:33 - 01260832 _____ C:\Users\Markus Radosztics\Downloads\Revo Uninstaller - CHIP-Installer.exe
2015-08-23 14:04 - 2015-08-23 14:04 - 00000000 ____D C:\Users\Markus Radosztics\Downloads\FRST-OlderVersion
2015-08-23 14:01 - 2015-08-23 15:11 - 00040469 _____ C:\Users\Markus Radosztics\Downloads\FRST.txt
2015-08-23 14:01 - 2015-08-23 14:02 - 00081428 _____ C:\Users\Markus Radosztics\Downloads\Addition.txt
2015-08-23 14:00 - 2015-08-23 14:00 - 00018325 _____ C:\Users\Markus Radosztics\Desktop\Fixlist.txt
2015-08-23 12:05 - 2015-08-23 15:05 - 00000320 _____ C:\Windows\Tasks\PC-Mechanic Maintenance.job
2015-08-23 12:05 - 2015-08-23 14:52 - 00000334 _____ C:\Windows\Tasks\PC-Mechanic Startup.job
2015-08-23 12:05 - 2015-08-23 12:05 - 00001171 _____ C:\Users\Public\Desktop\PC Mechanic.lnk
2015-08-23 12:05 - 2015-08-23 12:05 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\Uniblue
2015-08-23 12:05 - 2015-08-23 12:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue
2015-08-23 12:05 - 2015-08-23 12:05 - 00000000 ____D C:\Program Files (x86)\Uniblue
2015-08-22 17:34 - 2015-08-22 17:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\腾讯软件
2015-08-22 15:20 - 2015-08-22 15:20 - 00852684 _____ C:\Users\Markus Radosztics\Desktop\SecurityCheck.exe
2015-08-22 14:31 - 2015-08-23 12:10 - 00000000 ____D C:\ProgramData\d64c6aa4-9b30-4b06-8859-0cfa31bd50dc
2015-08-22 14:31 - 2015-08-22 14:31 - 00002215 _____ C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
2015-08-22 14:31 - 2015-08-22 14:31 - 00002207 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014.lnk
2015-08-22 14:31 - 2015-08-22 14:31 - 00002195 _____ C:\Users\Public\Desktop\TuneUp Utilities 2014.lnk
2015-08-22 14:31 - 2015-08-22 14:31 - 00000000 ____D C:\Program Files (x86)\Great Find
2015-08-22 14:31 - 2015-06-25 07:53 - 00040760 _____ (TuneUp Software) C:\Windows\system32\TURegOpt.exe
2015-08-22 14:31 - 2015-06-25 07:53 - 00029496 _____ (TuneUp Software) C:\Windows\system32\authuitu.dll
2015-08-22 14:31 - 2015-06-25 07:53 - 00025400 _____ (TuneUp Software) C:\Windows\SysWOW64\authuitu.dll
2015-08-22 14:30 - 2015-08-23 12:04 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\OpenCandy
2015-08-22 14:30 - 2015-08-22 14:31 - 00000000 ____D C:\Program Files (x86)\TuneUp Utilities 2014
2015-08-22 13:05 - 2015-08-22 13:05 - 02870984 _____ (ESET) C:\Users\Markus Radosztics\Downloads\esetsmartinstaller_deu.exe
2015-08-22 12:04 - 2015-08-22 12:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-08-21 23:42 - 2015-08-21 23:42 - 00002377 _____ C:\Windows\SysWOW64\findit.xml
2015-08-21 23:42 - 2015-08-21 23:42 - 00000000 ____D C:\ProgramData\ExtTags
2015-08-21 23:42 - 2015-08-21 23:42 - 00000000 ____D C:\ProgramData\ExtTag
2015-08-21 09:25 - 2015-08-21 09:25 - 00001051 _____ C:\Users\Markus Radosztics\Desktop\AnyProtect.lnk
2015-08-21 09:25 - 2015-08-21 09:25 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup
2015-08-21 09:24 - 2015-08-23 14:52 - 00000000 ____D C:\ProgramData\update
2015-08-21 09:24 - 2015-08-22 11:46 - 00000000 ____D C:\ProgramData\WWinManProW
2015-08-21 09:24 - 2015-08-21 09:25 - 00000000 ____D C:\Program Files (x86)\AnyProtectEx
2015-08-21 09:24 - 2015-08-21 09:24 - 00000000 ____D C:\Program Files (x86)\MiniLite
2015-08-21 09:14 - 2015-08-23 14:04 - 02173440 _____ C:\Users\Markus Radosztics\Downloads\FRST64.exe
2015-08-20 23:02 - 2015-08-20 23:02 - 00002250 _____ C:\Users\Markus Radosztics\AppData\Roaming\mKEEssqw2b6jam0xKEJW.exe.lnk
2015-08-20 23:02 - 2015-08-20 23:02 - 00002228 _____ C:\Users\Markus Radosztics\AppData\Roaming\Cus4wE9mf.exe.lnk
2015-08-20 22:58 - 2015-08-23 14:50 - 00028984 _____ (Tencent) C:\Windows\SysWOW64\Drivers\TS888x64.sys
2015-08-20 22:57 - 2015-08-21 08:25 - 00000298 _____ C:\Windows\Tasks\Tempo Runner yvegdufu.job
2015-08-20 22:57 - 2015-08-21 08:25 - 00000298 _____ C:\Windows\Tasks\Tempo Runner yveg6ufu.job
2015-08-20 22:51 - 2015-08-21 08:53 - 00000000 ____D C:\ProgramData\Rising
2015-08-20 22:51 - 2015-08-21 08:53 - 00000000 ____D C:\Program Files (x86)\Rising
2015-08-20 22:51 - 2015-08-21 00:36 - 00000000 ___RD C:\RavBin
2015-08-20 22:51 - 2014-07-30 04:44 - 00091928 ____N (Beijing Rising Information Technology Co., Ltd.) C:\Windows\SysWOW64\vpatch.dll
2015-08-20 22:50 - 2015-08-22 16:58 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\腾讯软件
2015-08-20 22:50 - 2015-08-20 22:50 - 00274232 _____ (Tencent Technology(Shenzhen) Company Limited) C:\Windows\system32\Drivers\TAOKernel64.sys
2015-08-20 22:50 - 2015-08-20 22:50 - 00087864 _____ (电脑管家) C:\Windows\system32\Drivers\TFsFltX64.sys
2015-08-20 22:50 - 2015-08-20 22:50 - 00074040 _____ (Tencent) C:\Windows\system32\Drivers\TAOAccelerator64.sys
2015-08-20 22:50 - 2015-08-20 22:50 - 00000000 ____D C:\ProgramData\TXQMPC
2015-08-20 22:50 - 2015-08-20 22:50 - 00000000 ____D C:\Program Files\Common Files\Tencent
2015-08-20 22:49 - 2015-08-20 23:31 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\Tencent
2015-08-20 22:49 - 2015-08-20 22:52 - 00000000 ____D C:\ProgramData\Tencent
2015-08-20 22:49 - 2015-08-20 22:49 - 00000000 ____D C:\Program Files (x86)\Tencent
2015-08-20 22:44 - 2015-08-20 22:44 - 00001113 _____ C:\Users\Markus Radosztics\Desktop\Continue Live Installation.lnk
2015-08-20 22:44 - 2015-08-20 22:44 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\istartsurf
2015-08-20 22:37 - 2015-08-20 22:37 - 00000000 _____ C:\dummy.htm
2015-08-20 22:32 - 2015-08-20 22:33 - 00000000 ____D C:\ProgramData\LocalStorage
2015-08-20 22:30 - 2015-08-20 22:30 - 00000000 ____D C:\Users\Markus Radosztics\.android
2015-08-20 22:29 - 2015-08-20 22:29 - 00001318 _____ C:\Users\Markus Radosztics\Desktop\全网影视.lnk
2015-08-20 22:29 - 2015-08-20 22:29 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\ppslog
2015-08-20 22:19 - 2015-08-21 08:25 - 00000378 _____ C:\Windows\Tasks\APSnotifierPP1.job
2015-08-20 22:19 - 2015-08-20 22:55 - 00000376 _____ C:\Windows\Tasks\APSnotifierPP2.job
2015-08-20 22:19 - 2015-08-20 22:49 - 00000376 _____ C:\Windows\Tasks\APSnotifierPP3.job
2015-08-20 22:17 - 2015-08-21 08:47 - 00000000 ____D C:\IQIYI Video
2015-08-20 22:17 - 2015-08-21 08:46 - 00000000 ____D C:\ProgramData\IQIYI Video
2015-08-20 22:17 - 2015-08-21 00:37 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\Unity
2015-08-20 22:17 - 2015-08-20 22:30 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\IQIYI Video
2015-08-20 22:17 - 2015-08-20 22:17 - 00000000 __SHD C:\Users\Markus Radosztics\AppData\Roaming\AnyProtectEx
2015-08-20 22:17 - 2015-08-20 22:17 - 00000000 ____D C:\Users\Public\QiYi
2015-08-20 22:17 - 2015-08-20 22:17 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\SysassistByHotWheel
2015-08-20 22:16 - 2015-08-20 22:16 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\node-webkit
2015-08-20 22:15 - 2015-08-21 00:37 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\cpuminer
2015-08-20 22:15 - 2015-08-20 22:15 - 00000217 _____ C:\task.vbs
2015-08-20 22:10 - 2015-08-20 22:10 - 29727656 _____ (Oracle Corporation) C:\Users\Markus Radosztics\Desktop\jre-8u25-windows-i586.exe
2015-08-20 22:09 - 2015-08-20 23:09 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\Gameo
2015-08-20 22:09 - 2015-08-20 22:26 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\Opera Software
2015-08-20 22:09 - 2015-08-20 22:26 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\Opera Software
2015-08-20 22:09 - 2015-08-20 22:09 - 00000185 _____ C:\Users\Markus Radosztics\Desktop\Play Games Online.url
2015-08-20 22:09 - 2015-08-20 22:09 - 00000185 _____ C:\Users\Markus Radosztics\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Play Games Online.url
2015-08-20 22:09 - 2015-08-20 22:09 - 00000000 ___HD C:\Users\Markus Radosztics\AppData\Roaming\GoldenGate
2015-08-20 22:09 - 2015-08-20 22:09 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\Gameo
2015-08-20 22:07 - 2015-08-21 00:37 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\WarThunder
2015-08-20 22:07 - 2015-08-20 22:07 - 29727656 _____ (Oracle Corporation) C:\Users\Markus Radosztics\Downloads\setup [1].exe
2015-08-20 22:06 - 2015-08-23 14:05 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\00000000-1440108399-0000-0000-448A5BA07B78
2015-08-20 22:06 - 2015-08-20 22:30 - 00000000 ____D C:\Program Files (x86)\Cinem Plus 2.4cV20.08
2015-08-20 22:06 - 2015-08-20 09:50 - 00048784 _____ (StdLib) C:\Windows\system32\Drivers\{8b8ff336-6f1d-48e8-bf3a-a8cbaafdd963}Gw64.sys
2015-08-20 22:06 - 2015-07-23 15:47 - 00000854 _____ C:\Windows\system32\Drivers\etc\hp.bak
2015-08-20 22:05 - 2015-08-23 14:05 - 00000000 ____D C:\Program Files (x86)\OLBPre
2015-08-20 22:05 - 2015-08-22 11:46 - 00000000 ____D C:\Program Files (x86)\00000000-1440101150-0000-0000-448A5BA07B78
2015-08-20 22:05 - 2015-08-20 23:02 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\{1A0B2C57-3EA3-40EF-533B-65077753999F}
2015-08-20 22:04 - 2015-08-21 08:27 - 00000000 ____D C:\Program Files\igfx32
2015-08-20 22:04 - 2015-08-20 22:26 - 00000000 ____D C:\Program Files (x86)\Opera
2015-08-20 22:04 - 2015-08-20 22:04 - 00047616 _____ C:\Users\Markus Radosztics\AppData\Local\Salttex.exe
2015-08-20 21:58 - 2015-08-20 21:58 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\Sun
2015-08-20 21:58 - 2015-08-20 21:58 - 00000000 ____D C:\Users\Markus Radosztics\.oracle_jre_usage
2015-08-20 20:37 - 2015-08-21 00:38 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\WindSolutions
2015-08-20 20:37 - 2015-08-20 20:44 - 00000000 ____D C:\ProgramData\WindSolutions
2015-08-20 12:29 - 2015-08-20 14:13 - 00000190 _____ C:\mylog.log
2015-08-20 12:29 - 2015-08-20 12:29 - 00000000 ____D C:\Program Files (x86)\MSI
2015-08-20 12:22 - 2015-08-20 12:22 - 00000000 ____D C:\Users\Markus Radosztics\Downloads\intel_usb30
2015-08-20 12:21 - 2015-08-20 12:21 - 06227267 _____ C:\Users\Markus Radosztics\Downloads\intel_usb30.zip
2015-08-20 12:19 - 2015-08-20 12:19 - 02837521 _____ C:\Users\Markus Radosztics\Downloads\intel_chipse_9_w10.zip
2015-08-20 12:19 - 2015-08-20 12:19 - 00000000 ____D C:\Users\Markus Radosztics\Downloads\intel_chipse_9_w10
2015-08-20 11:43 - 2015-08-20 22:55 - 00000004 _____ C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-08-20 11:43 - 2015-08-20 11:43 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\Download Touch
2015-08-20 11:39 - 2015-08-21 10:44 - 00000000 ____D C:\Program Files (x86)\globalUpdate
2015-08-20 11:39 - 2015-08-20 20:27 - 00000000 ____D C:\Program Files (x86)\CinemaP-1.9cV16.03
2015-08-20 11:39 - 2015-08-20 11:39 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\globalUpdate
2015-08-20 11:37 - 2015-08-20 11:37 - 19284168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-08-20 11:34 - 2015-08-22 15:27 - 00012280 _____ C:\Windows\SysWOW64\acengineOff.ini
2015-08-20 11:34 - 2015-08-22 15:27 - 00012280 _____ C:\Windows\system32\acengineOff.ini
2015-08-20 11:34 - 2015-08-13 14:49 - 00045784 _____ (Abengine) C:\Windows\system32\Drivers\acwfp64.sys
2015-08-20 11:34 - 2015-08-11 16:50 - 00299296 _____ (Abengine) C:\Windows\SysWOW64\acengine.dll
2015-08-20 11:15 - 2015-08-20 01:24 - 00048784 _____ (StdLib) C:\Windows\system32\Drivers\{987371d1-e860-4e27-ba6a-35575fd33b7c}Gw64.sys
2015-08-20 11:13 - 2015-08-20 11:13 - 00012839 _____ C:\Users\Markus Radosztics\Desktop\Apple_Mobile_Device_USB_Driver(1).msi
2015-08-20 11:12 - 2015-08-23 14:51 - 00000000 ____D C:\Program Files (x86)\FastSearch
2015-08-20 11:12 - 2015-08-20 11:38 - 00000000 ____D C:\Program Files (x86)\GUPlayer
2015-08-20 11:12 - 2015-08-20 11:34 - 00000002 _____ C:\END
2015-08-20 11:12 - 2015-08-20 11:12 - 00012839 _____ C:\Users\Markus Radosztics\Desktop\Apple_Mobile_Device_USB_Driver.msi
2015-08-20 11:12 - 2015-08-20 11:12 - 00000000 ____D C:\Program Files (x86)\shopwit
2015-08-20 11:12 - 2015-08-11 21:11 - 00349584 _____ (Abengine) C:\Windows\system32\acengine64.dll
2015-08-20 10:43 - 2015-08-20 10:43 - 00001456 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-08-20 10:43 - 2015-08-20 10:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-08-20 10:43 - 2015-08-20 10:43 - 00000000 ____D C:\Program Files\iPod
2015-08-20 10:43 - 2015-08-20 10:43 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-08-20 10:42 - 2015-08-20 10:42 - 00002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2015-08-20 10:42 - 2015-08-20 10:42 - 00000000 ____D C:\Program Files\Bonjour
2015-08-20 10:42 - 2015-08-20 10:42 - 00000000 ____D C:\Program Files (x86)\Bonjour
2015-08-20 10:42 - 2015-08-20 10:42 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2015-08-19 22:11 - 2015-08-20 00:33 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\MediaMonkey
2015-08-19 22:11 - 2015-08-19 22:11 - 00000695 _____ C:\Users\Public\Desktop\MediaMonkey.lnk
2015-08-19 22:11 - 2015-08-19 22:11 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\MediaMonkey
2015-08-19 22:11 - 2015-08-19 22:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MediaMonkey
2015-08-19 22:10 - 2015-08-19 22:10 - 00000000 ____D C:\ProgramData\MediaMonkey
2015-08-19 21:18 - 2015-08-13 14:34 - 19292160 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-08-19 21:18 - 2015-08-13 13:02 - 14383616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-08-19 21:18 - 2015-08-13 12:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-08-19 21:18 - 2015-08-13 12:44 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-08-19 20:48 - 2015-08-19 20:51 - 00000512 __RSH C:\ProgramData\ntuser.pol
2015-08-19 16:27 - 2015-08-19 02:39 - 00048784 _____ (StdLib) C:\Windows\system32\Drivers\{092386fb-9faf-4d52-817c-d4095ab6e5cd}Gw64.sys
2015-08-19 16:24 - 2015-08-23 14:06 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\mystartsearch
2015-08-19 16:24 - 2015-08-19 21:03 - 00000000 ____D C:\ProgramData\nWinManPron
2015-08-19 16:24 - 2015-08-19 16:24 - 00000000 _____ C:\Windows\prleth.sys
2015-08-19 16:24 - 2015-08-19 16:24 - 00000000 _____ C:\Windows\hgfs.sys
2015-08-19 16:22 - 2015-08-19 16:22 - 00000767 _____ C:\Users\Markus Radosztics\Desktop\MP3 Voice Recorder.lnk
2015-08-19 16:22 - 2015-08-19 16:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MP3 Voice Recorder
2015-08-19 16:22 - 2004-03-08 21:30 - 00212240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\richtx32.ocx
2015-08-16 18:23 - 2015-08-16 18:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2015-08-16 00:59 - 2015-07-30 15:11 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-16 00:59 - 2015-07-30 15:10 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-16 00:59 - 2015-07-13 23:05 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-08-16 00:59 - 2015-07-13 23:05 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-08-16 00:59 - 2015-07-09 23:46 - 05982208 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-08-16 00:59 - 2015-07-09 23:44 - 00322560 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2015-08-16 00:59 - 2015-07-09 22:17 - 05095424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-08-16 00:59 - 2015-07-09 22:16 - 00269824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-08-16 00:59 - 2015-07-06 18:16 - 00044560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2015-08-16 00:59 - 2015-07-06 16:32 - 00281944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2015-08-16 00:59 - 2015-07-01 15:00 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-08-16 00:59 - 2015-07-01 14:58 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-08-16 00:59 - 2015-07-01 13:42 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-08-16 00:59 - 2015-07-01 13:41 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-08-16 00:58 - 2015-07-28 18:25 - 00025776 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-08-16 00:58 - 2015-07-28 16:13 - 01116160 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-08-16 00:58 - 2015-07-28 16:13 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-08-16 00:58 - 2015-07-28 16:13 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-08-16 00:58 - 2015-07-28 16:13 - 00437248 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-08-16 00:58 - 2015-07-28 16:13 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-08-16 00:58 - 2015-07-28 15:12 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-08-16 00:58 - 2015-07-16 22:32 - 02239488 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-08-16 00:58 - 2015-07-16 22:32 - 01409024 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-08-16 00:58 - 2015-07-16 22:32 - 00601600 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-08-16 00:58 - 2015-07-16 22:31 - 03959808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-08-16 00:58 - 2015-07-16 22:31 - 00856064 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-08-16 00:58 - 2015-07-16 22:31 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-08-16 00:58 - 2015-07-16 22:30 - 15416320 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-08-16 00:58 - 2015-07-16 22:30 - 02657280 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-08-16 00:58 - 2015-07-16 22:30 - 00949760 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-08-16 00:58 - 2015-07-16 21:07 - 01763328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-08-16 00:58 - 2015-07-16 21:07 - 01181696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-08-16 00:58 - 2015-07-16 21:07 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-08-16 00:58 - 2015-07-16 21:06 - 13774848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-08-16 00:58 - 2015-07-16 21:06 - 02865664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-08-16 00:58 - 2015-07-16 21:06 - 02056704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-08-16 00:58 - 2015-07-16 21:06 - 00737280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-08-16 00:58 - 2015-07-16 21:06 - 00690176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-08-16 00:58 - 2015-07-16 21:06 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-08-16 00:58 - 2015-07-16 21:06 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-08-16 00:58 - 2015-07-16 21:06 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-08-16 00:58 - 2015-07-13 23:23 - 01744384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-08-16 00:58 - 2015-07-13 23:23 - 01422336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-08-16 00:58 - 2015-07-13 23:05 - 02340864 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-08-16 00:58 - 2015-07-13 23:05 - 01850880 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-08-16 00:55 - 2015-07-29 16:45 - 01412608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-08-16 00:55 - 2015-07-29 16:45 - 00035328 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-08-16 00:55 - 2015-07-29 15:52 - 01840640 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-08-16 00:55 - 2015-07-29 15:52 - 01280000 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-08-16 00:55 - 2015-07-29 15:52 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-08-16 00:55 - 2015-07-28 00:42 - 00304128 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-08-16 00:55 - 2015-07-28 00:40 - 04064768 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-08-16 00:55 - 2015-07-28 00:40 - 00366592 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-08-16 00:55 - 2015-07-15 18:09 - 06969688 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-08-16 00:55 - 2015-07-15 18:09 - 00095064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-08-16 00:55 - 2015-07-15 18:06 - 01824296 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-08-16 00:55 - 2015-07-15 15:49 - 01410000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-08-16 00:55 - 2015-07-15 15:29 - 01333248 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-08-16 00:55 - 2015-07-09 23:47 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-08-16 00:55 - 2015-07-09 23:47 - 00243712 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-08-16 00:55 - 2015-07-09 22:18 - 00233984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2015-08-16 00:55 - 2015-06-09 15:09 - 00411133 _____ C:\Windows\system32\ApnDatabase.xml
2015-08-15 11:14 - 2015-08-15 11:14 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-08-03 12:12 - 2015-08-03 12:12 - 00045680 ____H (LogMeIn Inc.) C:\Windows\system32\Drivers\Hamdrv.sys
2015-07-26 16:51 - 2015-07-26 16:51 - 00000803 _____ C:\Users\Public\Desktop\CDBurnerXP.lnk
2015-07-26 16:51 - 2015-07-26 16:51 - 00000741 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
2015-07-26 16:51 - 2015-07-26 16:51 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\Canneverbe Limited
2015-07-26 16:51 - 2015-07-26 16:51 - 00000000 ____D C:\ProgramData\Canneverbe Limited
2015-07-24 11:56 - 2015-07-30 18:24 - 00016603 _____ C:\Users\Markus Radosztics\Downloads\Schulsporthilfe-Vorschlag-2015.xlsx

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-08-23 15:11 - 2015-06-07 20:44 - 00000000 ____D C:\FRST
2015-08-23 15:04 - 2013-11-22 22:24 - 00000366 _____ C:\Windows\Tasks\HP Photo Creations Communicator.job
2015-08-23 15:02 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\sru
2015-08-23 15:01 - 2013-09-30 19:24 - 01442523 _____ C:\Windows\WindowsUpdate.log
2015-08-23 15:00 - 2015-06-18 06:45 - 00001290 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-817472733-4082136947-4255886928-1001UA.job
2015-08-23 14:56 - 2012-07-26 12:27 - 00751892 _____ C:\Windows\system32\perfh007.dat
2015-08-23 14:56 - 2012-07-26 12:27 - 00155620 _____ C:\Windows\system32\perfc007.dat
2015-08-23 14:56 - 2012-07-26 09:28 - 01745416 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-23 14:51 - 2013-11-19 21:28 - 00001136 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-23 14:50 - 2015-01-14 23:45 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\LogMeIn Hamachi
2015-08-23 14:50 - 2013-10-13 20:57 - 00000000 ___RD C:\Users\Markus Radosztics\Dropbox
2015-08-23 14:50 - 2013-10-13 20:55 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\Dropbox
2015-08-23 14:49 - 2014-12-27 12:46 - 00000000 ___RD C:\Users\Markus Radosztics\iCloudDrive
2015-08-23 14:49 - 2013-11-19 21:28 - 00001132 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-23 14:49 - 2013-10-01 21:22 - 00000000 ____D C:\ProgramData\NVIDIA
2015-08-23 14:49 - 2013-09-30 19:17 - 00278706 _____ C:\Windows\PFRO.log
2015-08-23 14:49 - 2012-07-26 09:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-23 14:37 - 2013-09-30 21:01 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-08-23 14:35 - 2015-06-07 21:40 - 00001270 _____ C:\Users\Markus Radosztics\Desktop\Revo Uninstaller.lnk
2015-08-23 14:35 - 2015-06-07 21:40 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2015-08-23 14:03 - 2014-12-27 12:45 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\36A80DEE-1AAD-4F7E-AA6A-4638F785B9B6.aplzod
2015-08-23 12:44 - 2014-02-01 13:30 - 00000000 ____D C:\Program Files (x86)\Java
2015-08-22 15:17 - 2014-08-06 12:17 - 00000000 ____D C:\ProgramData\TuneUp Software
2015-08-22 12:39 - 2013-10-02 17:05 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\Skype
2015-08-22 12:04 - 2015-02-23 20:21 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-08-22 12:04 - 2013-10-02 17:05 - 00000000 ____D C:\ProgramData\Skype
2015-08-22 11:00 - 2015-06-18 06:45 - 00001238 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-817472733-4082136947-4255886928-1001Core.job
2015-08-22 10:00 - 2015-03-18 18:45 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-08-21 23:42 - 2013-10-01 18:41 - 00001171 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-08-21 23:42 - 2013-09-30 19:24 - 00001450 _____ C:\Users\Markus Radosztics\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-08-21 15:10 - 2013-11-25 12:30 - 00000000 ____D C:\Windows\Minidump
2015-08-21 08:52 - 2015-03-20 10:39 - 00507984 _____ C:\Windows\system32\FNTCACHE.DAT
2015-08-20 22:50 - 2013-09-30 19:24 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\VirtualStore
2015-08-20 22:30 - 2013-09-30 19:24 - 00000000 ____D C:\Users\Markus Radosztics
2015-08-20 22:10 - 2014-02-01 13:30 - 00000000 ____D C:\ProgramData\Oracle
2015-08-20 22:06 - 2012-07-26 07:26 - 00000269 _____ C:\Windows\win.ini
2015-08-20 21:22 - 2014-11-19 18:47 - 00000000 ____D C:\Program Files (x86)\Samsung
2015-08-20 21:22 - 2013-12-19 13:46 - 00000000 ____D C:\Users\Markus Radosztics\Documents\samsung
2015-08-20 21:22 - 2013-12-19 13:46 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\Samsung
2015-08-20 21:18 - 2013-12-19 13:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2015-08-20 21:18 - 2013-09-30 19:32 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-08-20 20:58 - 2013-09-30 20:29 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\Downloaded Installations
2015-08-20 20:27 - 2015-06-03 20:07 - 00000000 ____D C:\Program Files (x86)\A1 Servicecenter
2015-08-20 14:09 - 2015-03-18 18:59 - 00002321 _____ C:\Users\Markus Radosztics\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-08-20 11:43 - 2014-06-25 17:28 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-20 10:43 - 2013-09-30 20:20 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-08-20 10:42 - 2013-09-30 20:20 - 00000000 ____D C:\ProgramData\Apple
2015-08-19 21:47 - 2013-09-30 19:24 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\Packages
2015-08-19 21:18 - 2012-07-26 09:59 - 00000000 ____D C:\Windows\CbsTemp
2015-08-19 17:27 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\GroupPolicy
2015-08-16 18:23 - 2015-07-14 21:02 - 00000650 _____ C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2015-08-16 18:22 - 2015-04-17 08:09 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-08-16 18:22 - 2015-04-17 08:09 - 00000000 ____D C:\Windows\system32\appraiser
2015-08-16 18:22 - 2013-09-30 19:57 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-08-16 18:22 - 2013-09-30 19:57 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-08-16 18:22 - 2012-07-26 10:12 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-16 18:22 - 2012-07-26 10:12 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-16 18:22 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows Defender
2015-08-16 18:22 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-08-16 10:55 - 2013-09-30 19:53 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-08-16 10:55 - 2013-09-30 19:52 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-08-16 10:54 - 2013-09-30 19:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-08-16 10:53 - 2013-09-30 22:57 - 00000000 ____D C:\Windows\system32\MRT
2015-08-16 10:51 - 2013-09-30 22:57 - 132483416 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-08-16 10:46 - 2012-07-26 10:12 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-16 10:46 - 2012-07-26 10:12 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-16 10:26 - 2013-10-01 18:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-15 11:11 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\AUInstallAgent
2015-08-08 04:27 - 2012-07-26 10:14 - 00793544 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-08-08 04:27 - 2012-07-26 10:14 - 00177632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-08-20 23:02 - 2015-08-20 23:02 - 0002228 _____ () C:\Users\Markus Radosztics\AppData\Roaming\Cus4wE9mf.exe.lnk
2015-08-20 23:02 - 2015-08-20 23:02 - 0002250 _____ () C:\Users\Markus Radosztics\AppData\Roaming\mKEEssqw2b6jam0xKEJW.exe.lnk
2013-09-30 20:29 - 2013-09-30 20:29 - 0000268 ___RH () C:\Users\Markus Radosztics\AppData\Roaming\String Ensemble
2013-09-30 20:30 - 2013-09-30 20:30 - 0000268 ___RH () C:\Users\Markus Radosztics\AppData\Roaming\Strings
2013-09-30 20:29 - 2013-09-30 20:29 - 0000268 ___RH () C:\Users\Markus Radosztics\AppData\Roaming\Super Strings
2013-09-30 20:29 - 2013-09-30 20:29 - 0000268 ___RH () C:\Users\Markus Radosztics\AppData\Roaming\Techno Kit
2014-02-05 18:38 - 2015-06-07 12:43 - 0000156 _____ () C:\Users\Markus Radosztics\AppData\Roaming\WB.CFG
2013-11-06 10:01 - 2014-08-12 18:27 - 0006144 _____ () C:\Users\Markus Radosztics\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-12-23 18:56 - 2014-12-23 18:56 - 0007606 _____ () C:\Users\Markus Radosztics\AppData\Local\Resmon.ResmonCfg
2015-08-20 22:04 - 2015-08-20 22:04 - 0047616 _____ () C:\Users\Markus Radosztics\AppData\Local\Salttex.exe
2015-08-20 22:04 - 2015-08-20 22:04 - 0000187 _____ () C:\Users\Markus Radosztics\AppData\Local\Salttex.exe.config
2013-10-02 17:42 - 2013-10-02 17:42 - 0000057 _____ () C:\ProgramData\Ament.ini
2014-07-07 09:16 - 2014-07-07 09:16 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2013-09-30 20:29 - 2013-09-30 20:29 - 0000012 ___RH () C:\ProgramData\howto
2013-09-30 20:29 - 2013-09-30 20:29 - 0000020 ____H () C:\ProgramData\PKP_DLeo.DAT
2013-09-30 20:30 - 2013-09-30 20:30 - 0000020 ____H () C:\ProgramData\PKP_DLes.DAT
2013-09-30 20:29 - 2013-09-30 20:30 - 0000020 ____H () C:\ProgramData\PKP_DLet.DAT
2013-09-30 20:29 - 2013-09-30 20:29 - 0000020 ____H () C:\ProgramData\PKP_DLev.DAT
2013-09-30 20:29 - 2013-09-30 20:29 - 0000268 ___RH () C:\ProgramData\Sync Schema
2013-09-30 20:30 - 2013-09-30 20:30 - 0000268 ___RH () C:\ProgramData\Sync Services
2013-09-30 20:29 - 2013-09-30 20:29 - 0000268 ___RH () C:\ProgramData\Synth Basics
2013-09-30 20:29 - 2013-09-30 20:29 - 0000012 ___RH () C:\ProgramData\Track Settings
2013-09-30 20:30 - 2013-09-30 20:30 - 0000012 ___RH () C:\ProgramData\Transportation
2013-09-30 20:29 - 2013-09-30 20:29 - 0000012 ___RH () C:\ProgramData\Tremolo

Einige Dateien in TEMP:
====================
C:\Users\Markus Radosztics\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmptzdgcj.dll
C:\Users\Markus Radosztics\AppData\Local\Temp\{04894008-2ACA-42DD-A2D4-C908F57B78AE}.dll
C:\Users\Markus Radosztics\AppData\Local\Temp\{E6D6A087-066C-4365-9901-0A96A75FF80E}.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


ACHTUNG: ==> Auf den BCD konnte nicht zugegriffen werden. Der Benutzer ist kein Administrator.

==================== Ende von Ergebnis ============================
         
lg Don Camillo

Alt 24.08.2015, 07:13   #14
schrauber
/// the machine
/// TB-Ausbilder
 

Ständig öffnen sich neue Internet-Fenster - Standard

Ständig öffnen sich neue Internet-Fenster



Fix und Scan wurden ohne Adminrechte gemacht, also nochmal bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 24.08.2015, 22:46   #15
Don_Camillo
 
Ständig öffnen sich neue Internet-Fenster - Standard

Ständig öffnen sich neue Internet-Fenster



Hier nochmals das Fix-Log, diesmal mit Admin-Rechten:

Code:
ATTFilter
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:24-08-2015
durchgeführt von Markus Radosztics (2015-08-24 23:37:48) Run:2
Gestartet von C:\Users\Markus Radosztics\Downloads
Geladene Profile: Markus Radosztics (Verfügbare Profile: Markus Radosztics)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
C:\$Recycle.Bin
C:\Program Files\igfx32
C:\Program Files (x86)\00000000-1440101150-0000-0000-448A5BA07B78

C:\Program Files (x86)\AnyProtectEx\Uninstall.exe

C:\Program Files (x86)\baidu\Bind.exe

C:\Program Files (x86)\Cinem Plus 2.4cV20.08\1159fad3-7973-4be7-b312-c162e4e7bfd9.dll

C:\Program Files (x86)\CinemaP-1.9cV16.03\156eacdc-6be3-484e-958c-b1950c01381c.dll

C:\Program Files (x86)\GUPlayer\GUPlayerUninstaller.exe

C:\Program Files (x86)\OLBPre\OLBPre.exe

C:\Program Files (x86)\shopwit\shopwit\1.4.0.7\shopwit.exe

C:\Program Files (x86)\shopwit\shopwit\1.4.0.7\yjae1Hlm.dll

C:\ProgramData\ExtTag\Alphatrax.dll

C:\ProgramData\ExtTag\Biodandom.dll

C:\ProgramData\ExtTag\Blueplus.dll

C:\ProgramData\ExtTag\ExtTag.exe

C:\ProgramData\ExtTag\Greenstring.exe

C:\ProgramData\ExtTag\Jobzimtech.dll

C:\ProgramData\ExtTag\Keyfix.dll

C:\ProgramData\ExtTag\Overnix.dll

C:\ProgramData\ExtTag\Solin.dll

C:\ProgramData\ExtTag\Vilatam.dll

C:\ProgramData\ExtTag\Zimdox.dll

C:\Users\All Users\ExtTag\Alphatrax.dll

C:\Users\All Users\ExtTag\Biodandom.dll

C:\Users\All Users\ExtTag\Blueplus.dll

C:\Users\All Users\ExtTag\ExtTag.exe

C:\Users\All Users\ExtTag\Greenstring.exe

C:\Users\All Users\ExtTag\Jobzimtech.dll

C:\Users\All Users\ExtTag\Keyfix.dll

C:\Users\All Users\ExtTag\Overnix.dll

C:\Users\All Users\ExtTag\Solin.dll

C:\Users\All Users\ExtTag\Vilatam.dll

C:\Users\All Users\ExtTag\Zimdox.dll

C:\Users\Markus Radosztics\AppData\Local\nse80CC.tmp

C:\Users\Markus Radosztics\AppData\Local\nseE692.tmp

C:\Users\Markus Radosztics\AppData\Local\nss7098.tmp

C:\Users\Markus Radosztics\AppData\Local\nsv2DEB.tmp

C:\Users\Markus Radosztics\AppData\Local\00000000-1440108399-0000-0000-448A5BA07B78\rnsc5FED.exe

C:\Users\Markus Radosztics\AppData\Local\00000000-1440108399-0000-0000-448A5BA07B78\snsc5FEC.tmp

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\102.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\178.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\179.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\180.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\184.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\19.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\200.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\220.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\223.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\231.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\232.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\234.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\242.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\253.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\262.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\263.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\273.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\281.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\288.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\289.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\300.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\335.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\339.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\380.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\385.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\389.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\390.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\391.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\424.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\437.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\91.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\js\b6b7830c988806df88c32cfddd53fc99.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\js\api\1f71f589179f394711674e1bef2e79a8.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\js\api\a08bb5eaf593c92c0258a3aa5f5d9c10.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\js\api\e859f8ab59353a98b1ba776d4ab159a6.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\js\lib\04653a6705d18bce9815dba825dbd4f3.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\js\lib\1224091a7d8a03a01c84cfece5978749.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\js\lib\148ed776917d1394e64d3bee6bb0a7d0.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\js\lib\32e72a69456c7c6b07a2b8bb2a43a288.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\js\lib\8f9803aafd03bf9d3527c303aedc96e5.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\js\lib\b20ec6be3b71d58ac5b997701b1928fb.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\js\lib\d69da36dc93a45dd99574490876cba61.js

C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8187EMMG\1[1].zip

C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8187EMMG\1[2].zip

C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8187EMMG\AnyProtect[1].exe

C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8187EMMG\policyname[1].exe

C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8187EMMG\setup[1].exe

C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MWQCMX90\2[2].zip

C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MWQCMX90\AnyProtectSetup[1].exe

C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MWQCMX90\AnyProtect[1].exe

C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MWQCMX90\FinalInstaller_dotnet4[1].exe

C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MWQCMX90\SearchUpdater[1].exe

C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PYEKUK5B\2[1].zip

C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PYEKUK5B\Reimage[1].exe

C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PYEKUK5B\setup[1].exe

C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PYEKUK5B\setup_362[2].exe

C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XVRE7LXX\Reimage[1].exe

C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XVRE7LXX\VuuPC_VO2_8907[1].exe

C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1DM2S2NU\trojaner-board_de[1].htm

C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\RYADG1IT\afr[1].htm

C:\Users\Markus Radosztics\AppData\Local\Mozilla\Firefox\Profiles\febuujst.default\cache2\entries\1467BB079417F9F051FA6EA8C7391D9C03B46034

C:\Users\Markus Radosztics\AppData\Local\Mozilla\Firefox\Profiles\febuujst.default\cache2\entries\2513273621AEA92FDA7F197FE306C61AB57CD82C

C:\Users\Markus Radosztics\AppData\Local\Mozilla\Firefox\Profiles\febuujst.default\cache2\entries\2C5B5C32F614ABCE1B2E6F98262E134D3A471F55

C:\Users\Markus Radosztics\AppData\Local\Mozilla\Firefox\Profiles\febuujst.default\cache2\entries\3AFB6AD46657D59461FDAD66FB5F88F7E486DB73

C:\Users\Markus Radosztics\AppData\Local\Mozilla\Firefox\Profiles\febuujst.default\cache2\entries\4B011C0394440B2950D8F79F2239B6A410AA9ABA

C:\Users\Markus Radosztics\AppData\Local\Mozilla\Firefox\Profiles\febuujst.default\cache2\entries\5059E31C2C0B0CC7DDF6B50778335DDD090F02A3

C:\Users\Markus Radosztics\AppData\Local\Mozilla\Firefox\Profiles\febuujst.default\cache2\entries\7457893C1262DC14F9ACD39B0EDB0F4D9A3E4B74

C:\Users\Markus Radosztics\AppData\Local\Mozilla\Firefox\Profiles\febuujst.default\cache2\entries\76E89FA6682C33F128F828096B95BCA1714D8097

C:\Users\Markus Radosztics\AppData\Local\Mozilla\Firefox\Profiles\febuujst.default\cache2\entries\E2157AFFDC9A55B7C1F514C044F34F76759B5515

C:\Users\Markus Radosztics\AppData\Local\Mozilla\Firefox\Profiles\febuujst.default\cache2\entries\FEC3A29932E057A370B8C9524ABE8DA1A67FA8BD

C:\Users\Markus Radosztics\AppData\Local\Temp\2549.exe

C:\Users\Markus Radosztics\AppData\Local\Temp\5494.exe

C:\Users\Markus Radosztics\AppData\Local\Temp\976.exe

C:\Users\Markus Radosztics\AppData\Local\Temp\fsd6341.exe

C:\Users\Markus Radosztics\AppData\Local\Temp\fsd6B10.exe

C:\Users\Markus Radosztics\AppData\Local\Temp\fsdC449.exe

C:\Users\Markus Radosztics\AppData\Local\Temp\fsdD8AD.exe

C:\Users\Markus Radosztics\AppData\Local\Temp\ICReinstall_nsg2EF9.tmp

C:\Users\Markus Radosztics\AppData\Local\Temp\nsbB654.tmp

C:\Users\Markus Radosztics\AppData\Local\Temp\nsc7E69.exe

C:\Users\Markus Radosztics\AppData\Local\Temp\nscDA5A.tmp

C:\Users\Markus Radosztics\AppData\Local\Temp\nsdF6EC.tmp

C:\Users\Markus Radosztics\AppData\Local\Temp\nsg2EF9.tmp

C:\Users\Markus Radosztics\AppData\Local\Temp\nsi2FB1.tmp

C:\Users\Markus Radosztics\AppData\Local\Temp\nsj7B4.tmp

C:\Users\Markus Radosztics\AppData\Local\Temp\nsjAE42.tmp

C:\Users\Markus Radosztics\AppData\Local\Temp\nskE9B3.tmp

C:\Users\Markus Radosztics\AppData\Local\Temp\nso3242.tmp

C:\Users\Markus Radosztics\AppData\Local\Temp\nsoD141.tmp

C:\Users\Markus Radosztics\AppData\Local\Temp\nsq3687.tmp

C:\Users\Markus Radosztics\AppData\Local\Temp\nsr2E68.tmp

C:\Users\Markus Radosztics\AppData\Local\Temp\nsr38F9.tmp

C:\Users\Markus Radosztics\AppData\Local\Temp\nss10FC.tmp

C:\Users\Markus Radosztics\AppData\Local\Temp\nss8325.tmp

C:\Users\Markus Radosztics\AppData\Local\Temp\nssD54.tmp

C:\Users\Markus Radosztics\AppData\Local\Temp\nsuE86B.tmp

C:\Users\Markus Radosztics\AppData\Local\Temp\nsxF05A.tmp

C:\Users\Markus Radosztics\AppData\Local\Temp\nsy30AC.tmp

C:\Users\Markus Radosztics\AppData\Local\Temp\setup3.exe

C:\Users\Markus Radosztics\AppData\Local\Temp\shopup.exe

C:\Users\Markus Radosztics\AppData\Local\Temp\shpwt.exe

C:\Users\Markus Radosztics\AppData\Local\Temp\comh.374571\GoogleCrashHandler.exe

C:\Users\Markus Radosztics\AppData\Local\Temp\comh.374571\GoogleUpdate.exe

C:\Users\Markus Radosztics\AppData\Local\Temp\comh.374571\GoogleUpdateBroker.exe

C:\Users\Markus Radosztics\AppData\Local\Temp\comh.374571\GoogleUpdateOnDemand.exe

C:\Users\Markus Radosztics\AppData\Local\Temp\comh.374571\goopdate.dll

C:\Users\Markus Radosztics\AppData\Local\Temp\comh.374571\goopdateres_en.dll

C:\Users\Markus Radosztics\AppData\Local\Temp\comh.374571\npGoogleUpdate4.dll

C:\Users\Markus Radosztics\AppData\Local\Temp\comh.374571\psmachine.dll

C:\Users\Markus Radosztics\AppData\Local\Temp\comh.374571\psuser.dll

C:\Users\Markus Radosztics\AppData\Local\Temp\comh.476784\globalupdate.exe

C:\Users\Markus Radosztics\AppData\Local\Temp\comh.476784\globalupdateBroker.exe

C:\Users\Markus Radosztics\AppData\Local\Temp\comh.476784\globalupdateCrashHandler.exe

C:\Users\Markus Radosztics\AppData\Local\Temp\comh.476784\globalupdateOnDemand.exe

C:\Users\Markus Radosztics\AppData\Local\Temp\comh.476784\npglobalupdateUpdate4.dll

C:\Users\Markus Radosztics\AppData\Local\Temp\comh.476784\psmachine.dll

C:\Users\Markus Radosztics\AppData\Local\Temp\comh.476784\psuser.dll

C:\Users\Markus Radosztics\AppData\Local\Temp\comh.89854\globalupdate.exe

C:\Users\Markus Radosztics\AppData\Local\Temp\comh.89854\globalupdateBroker.exe

C:\Users\Markus Radosztics\AppData\Local\Temp\comh.89854\globalupdateCrashHandler.exe

C:\Users\Markus Radosztics\AppData\Local\Temp\comh.89854\globalupdateOnDemand.exe

C:\Users\Markus Radosztics\AppData\Local\Temp\comh.89854\npglobalupdateUpdate4.dll

C:\Users\Markus Radosztics\AppData\Local\Temp\comh.89854\psmachine.dll

C:\Users\Markus Radosztics\AppData\Local\Temp\comh.89854\psuser.dll

C:\Users\Markus Radosztics\AppData\Local\Temp\DMR\dmr_72.exe

C:\Users\Markus Radosztics\AppData\Local\Temp\f9626892-7a78-3199-abd2-97bbce96297b\adv_76.exe

C:\Users\Markus Radosztics\AppData\Local\Temp\f9626892-7a78-3199-abd2-97bbce96297b\OfferInstaller.exe

C:\Users\Markus Radosztics\AppData\Local\Temp\n2341\gusetup_pub.exe

C:\Users\Markus Radosztics\AppData\Local\Temp\n2341\Imalimedia_0308--b6ebc012.exe

C:\Users\Markus Radosztics\AppData\Local\Temp\n2582\BananaPhone_12_08--c5f0d88b.exe

C:\Users\Markus Radosztics\AppData\Roaming\4Kyh3h9rTUrqEq0XkfiBd

C:\Users\Markus Radosztics\AppData\Roaming\BYAIAMUF

C:\Users\Markus Radosztics\AppData\Roaming\Cus4wE9mf

C:\Users\Markus Radosztics\AppData\Roaming\GNOK

C:\Users\Markus Radosztics\AppData\Roaming\KcbELr9nVCvO5C9EQ1LmCgPDQK

C:\Users\Markus Radosztics\AppData\Roaming\mKEEssqw2b6jam0xKEJW

C:\Users\Markus Radosztics\AppData\Roaming\AnyProtectEx\swf\swfxZ.swf

C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\extensions\defsearchp@gmail.com\chrome\content\jquery-2.1.0.min.js

C:\Users\Markus Radosztics\AppData\Roaming\mystartsearch\UninstallManager.exe

C:\Users\Markus Radosztics\Downloads\Apple_Mobile_Device_USB_Driver.exe

C:\Users\Markus Radosztics\Downloads\CopyTrans Manager - CHIP-Installer.exe

C:\Users\Markus Radosztics\Downloads\kies-air.exe

C:\Windows\Temp\nse9CF.exe

C:\Windows\Temp\nsh6916.exe

C:\Windows\Temp\nsl66C4.exe

C:\Windows\Temp\nsp9C0.exe

C:\Windows\Temp\tmp6462.tmp

C:\Windows\Temp\tmp659A.tmp

C:\Windows\Temp\tmp720E.tmp
HKU\Markus Radosztics\...\Run: [Shop-wit] => C:\Program Files (x86)\shopwit\shopwit\1.4.0.7\shopwit.exe [689920 2015-08-20] ()
HKU\Markus Radosztics\...\Run: [apphide] => C:\Program Files (x86)\baidu\pps.exe
C:\Program Files (x86)\shopwit
C:\Program Files (x86)\baidu
AppInit_DLLs: C:\ProgramData\ExtTag\Zimdox.dll => C:\ProgramData\ExtTag\Zimdox.dll [135680 2015-08-21] ()
AppInit_DLLs-x32: C:\ProgramData\ExtTag\Biodandom.dll => C:\ProgramData\ExtTag\Biodandom.dll [121344 2015-08-21] ()
C:\ProgramData\ExtTag
Emptytemp:
         
*****************

C:\$Recycle.Bin => erfolgreich verschoben
C:\Program Files\igfx32 => erfolgreich verschoben
C:\Program Files (x86)\00000000-1440101150-0000-0000-448A5BA07B78 => erfolgreich verschoben
C:\Program Files (x86)\AnyProtectEx\Uninstall.exe => erfolgreich verschoben
"C:\Program Files (x86)\baidu\Bind.exe" => Datei/Ordner nicht gefunden.
C:\Program Files (x86)\Cinem Plus 2.4cV20.08\1159fad3-7973-4be7-b312-c162e4e7bfd9.dll => erfolgreich verschoben
C:\Program Files (x86)\CinemaP-1.9cV16.03\156eacdc-6be3-484e-958c-b1950c01381c.dll => erfolgreich verschoben
C:\Program Files (x86)\GUPlayer\GUPlayerUninstaller.exe => erfolgreich verschoben
"C:\Program Files (x86)\OLBPre\OLBPre.exe" => Datei/Ordner nicht gefunden.
C:\Program Files (x86)\shopwit\shopwit\1.4.0.7\shopwit.exe => erfolgreich verschoben
C:\Program Files (x86)\shopwit\shopwit\1.4.0.7\yjae1Hlm.dll => erfolgreich verschoben
C:\ProgramData\ExtTag\Alphatrax.dll => erfolgreich verschoben
C:\ProgramData\ExtTag\Biodandom.dll => erfolgreich verschoben
C:\ProgramData\ExtTag\Blueplus.dll => erfolgreich verschoben
C:\ProgramData\ExtTag\ExtTag.exe => erfolgreich verschoben
C:\ProgramData\ExtTag\Greenstring.exe => erfolgreich verschoben
C:\ProgramData\ExtTag\Jobzimtech.dll => erfolgreich verschoben
C:\ProgramData\ExtTag\Keyfix.dll => erfolgreich verschoben
C:\ProgramData\ExtTag\Overnix.dll => erfolgreich verschoben
C:\ProgramData\ExtTag\Solin.dll => erfolgreich verschoben
C:\ProgramData\ExtTag\Vilatam.dll => erfolgreich verschoben
C:\ProgramData\ExtTag\Zimdox.dll => erfolgreich verschoben
"C:\Users\All Users\ExtTag\Alphatrax.dll" => Datei/Ordner nicht gefunden.
"C:\Users\All Users\ExtTag\Biodandom.dll" => Datei/Ordner nicht gefunden.
"C:\Users\All Users\ExtTag\Blueplus.dll" => Datei/Ordner nicht gefunden.
"C:\Users\All Users\ExtTag\ExtTag.exe" => Datei/Ordner nicht gefunden.
"C:\Users\All Users\ExtTag\Greenstring.exe" => Datei/Ordner nicht gefunden.
"C:\Users\All Users\ExtTag\Jobzimtech.dll" => Datei/Ordner nicht gefunden.
"C:\Users\All Users\ExtTag\Keyfix.dll" => Datei/Ordner nicht gefunden.
"C:\Users\All Users\ExtTag\Overnix.dll" => Datei/Ordner nicht gefunden.
"C:\Users\All Users\ExtTag\Solin.dll" => Datei/Ordner nicht gefunden.
"C:\Users\All Users\ExtTag\Vilatam.dll" => Datei/Ordner nicht gefunden.
"C:\Users\All Users\ExtTag\Zimdox.dll" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\nse80CC.tmp" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\nseE692.tmp" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\nss7098.tmp" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\nsv2DEB.tmp" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\00000000-1440108399-0000-0000-448A5BA07B78\rnsc5FED.exe" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\00000000-1440108399-0000-0000-448A5BA07B78\snsc5FEC.tmp" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\102.js" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\178.js" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\179.js" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\180.js" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\184.js" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\19.js" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\200.js" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\220.js" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\223.js" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\231.js" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\232.js" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\234.js" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\242.js" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\253.js" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\262.js" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\263.js" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\273.js" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\281.js" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\288.js" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\289.js" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\300.js" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\335.js" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\339.js" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\380.js" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\385.js" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\389.js" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\390.js" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\391.js" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\424.js" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\437.js" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\91.js" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\js\b6b7830c988806df88c32cfddd53fc99.js" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\js\api\1f71f589179f394711674e1bef2e79a8.js" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\js\api\a08bb5eaf593c92c0258a3aa5f5d9c10.js" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\js\api\e859f8ab59353a98b1ba776d4ab159a6.js" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\js\lib\04653a6705d18bce9815dba825dbd4f3.js" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\js\lib\1224091a7d8a03a01c84cfece5978749.js" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\js\lib\148ed776917d1394e64d3bee6bb0a7d0.js" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\js\lib\32e72a69456c7c6b07a2b8bb2a43a288.js" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\js\lib\8f9803aafd03bf9d3527c303aedc96e5.js" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\js\lib\b20ec6be3b71d58ac5b997701b1928fb.js" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\js\lib\d69da36dc93a45dd99574490876cba61.js" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8187EMMG\1[1].zip" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8187EMMG\1[2].zip" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8187EMMG\AnyProtect[1].exe" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8187EMMG\policyname[1].exe" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8187EMMG\setup[1].exe" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MWQCMX90\2[2].zip" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MWQCMX90\AnyProtectSetup[1].exe" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MWQCMX90\AnyProtect[1].exe" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MWQCMX90\FinalInstaller_dotnet4[1].exe" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MWQCMX90\SearchUpdater[1].exe" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PYEKUK5B\2[1].zip" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PYEKUK5B\Reimage[1].exe" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PYEKUK5B\setup[1].exe" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PYEKUK5B\setup_362[2].exe" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XVRE7LXX\Reimage[1].exe" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XVRE7LXX\VuuPC_VO2_8907[1].exe" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1DM2S2NU\trojaner-board_de[1].htm" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\RYADG1IT\afr[1].htm" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Mozilla\Firefox\Profiles\febuujst.default\cache2\entries\1467BB079417F9F051FA6EA8C7391D9C03B46034" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Mozilla\Firefox\Profiles\febuujst.default\cache2\entries\2513273621AEA92FDA7F197FE306C61AB57CD82C" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Mozilla\Firefox\Profiles\febuujst.default\cache2\entries\2C5B5C32F614ABCE1B2E6F98262E134D3A471F55" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Mozilla\Firefox\Profiles\febuujst.default\cache2\entries\3AFB6AD46657D59461FDAD66FB5F88F7E486DB73" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Mozilla\Firefox\Profiles\febuujst.default\cache2\entries\4B011C0394440B2950D8F79F2239B6A410AA9ABA" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Mozilla\Firefox\Profiles\febuujst.default\cache2\entries\5059E31C2C0B0CC7DDF6B50778335DDD090F02A3" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Mozilla\Firefox\Profiles\febuujst.default\cache2\entries\7457893C1262DC14F9ACD39B0EDB0F4D9A3E4B74" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Mozilla\Firefox\Profiles\febuujst.default\cache2\entries\76E89FA6682C33F128F828096B95BCA1714D8097" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Mozilla\Firefox\Profiles\febuujst.default\cache2\entries\E2157AFFDC9A55B7C1F514C044F34F76759B5515" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Mozilla\Firefox\Profiles\febuujst.default\cache2\entries\FEC3A29932E057A370B8C9524ABE8DA1A67FA8BD" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\2549.exe" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\5494.exe" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\976.exe" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\fsd6341.exe" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\fsd6B10.exe" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\fsdC449.exe" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\fsdD8AD.exe" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\ICReinstall_nsg2EF9.tmp" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\nsbB654.tmp" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\nsc7E69.exe" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\nscDA5A.tmp" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\nsdF6EC.tmp" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\nsg2EF9.tmp" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\nsi2FB1.tmp" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\nsj7B4.tmp" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\nsjAE42.tmp" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\nskE9B3.tmp" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\nso3242.tmp" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\nsoD141.tmp" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\nsq3687.tmp" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\nsr2E68.tmp" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\nsr38F9.tmp" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\nss10FC.tmp" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\nss8325.tmp" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\nssD54.tmp" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\nsuE86B.tmp" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\nsxF05A.tmp" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\nsy30AC.tmp" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\setup3.exe" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\shopup.exe" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\shpwt.exe" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\comh.374571\GoogleCrashHandler.exe" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\comh.374571\GoogleUpdate.exe" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\comh.374571\GoogleUpdateBroker.exe" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\comh.374571\GoogleUpdateOnDemand.exe" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\comh.374571\goopdate.dll" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\comh.374571\goopdateres_en.dll" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\comh.374571\npGoogleUpdate4.dll" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\comh.374571\psmachine.dll" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\comh.374571\psuser.dll" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\comh.476784\globalupdate.exe" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\comh.476784\globalupdateBroker.exe" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\comh.476784\globalupdateCrashHandler.exe" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\comh.476784\globalupdateOnDemand.exe" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\comh.476784\npglobalupdateUpdate4.dll" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\comh.476784\psmachine.dll" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\comh.476784\psuser.dll" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\comh.89854\globalupdate.exe" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\comh.89854\globalupdateBroker.exe" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\comh.89854\globalupdateCrashHandler.exe" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\comh.89854\globalupdateOnDemand.exe" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\comh.89854\npglobalupdateUpdate4.dll" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\comh.89854\psmachine.dll" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\comh.89854\psuser.dll" => Datei/Ordner nicht gefunden.
C:\Users\Markus Radosztics\AppData\Local\Temp\DMR\dmr_72.exe => erfolgreich verschoben
"C:\Users\Markus Radosztics\AppData\Local\Temp\f9626892-7a78-3199-abd2-97bbce96297b\adv_76.exe" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\f9626892-7a78-3199-abd2-97bbce96297b\OfferInstaller.exe" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\n2341\gusetup_pub.exe" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\n2341\Imalimedia_0308--b6ebc012.exe" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\n2582\BananaPhone_12_08--c5f0d88b.exe" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Roaming\4Kyh3h9rTUrqEq0XkfiBd" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Roaming\BYAIAMUF" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Roaming\Cus4wE9mf" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Roaming\GNOK" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Roaming\KcbELr9nVCvO5C9EQ1LmCgPDQK" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Roaming\mKEEssqw2b6jam0xKEJW" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Roaming\AnyProtectEx\swf\swfxZ.swf" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\extensions\defsearchp@gmail.com\chrome\content\jquery-2.1.0.min.js" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Roaming\mystartsearch\UninstallManager.exe" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\Downloads\Apple_Mobile_Device_USB_Driver.exe" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\Downloads\CopyTrans Manager - CHIP-Installer.exe" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\Downloads\kies-air.exe" => Datei/Ordner nicht gefunden.
C:\Windows\Temp\nse9CF.exe => erfolgreich verschoben
C:\Windows\Temp\nsh6916.exe => erfolgreich verschoben
C:\Windows\Temp\nsl66C4.exe => erfolgreich verschoben
C:\Windows\Temp\nsp9C0.exe => erfolgreich verschoben
C:\Windows\Temp\tmp6462.tmp => erfolgreich verschoben
C:\Windows\Temp\tmp659A.tmp => erfolgreich verschoben
C:\Windows\Temp\tmp720E.tmp => erfolgreich verschoben
HKU\Markus Radosztics\Software\Microsoft\Windows\CurrentVersion\Run\\Shop-wit => Wert nicht gefunden.
HKU\Markus Radosztics\Software\Microsoft\Windows\CurrentVersion\Run\\apphide => Wert nicht gefunden.

"C:\Program Files (x86)\shopwit" Ordner verschieben:

Konnte nicht verschoben werden "C:\Program Files (x86)\shopwit" => ist geplant bei Neustart verschoben zu werden.

"C:\Program Files (x86)\baidu" => Datei/Ordner nicht gefunden.
"C:\ProgramData\ExtTag\Zimdox.dll" => Wert Daten erfolgreich entfernt.
"C:\ProgramData\ExtTag\Biodandom.dll" => Wert Daten erfolgreich entfernt.

"C:\ProgramData\ExtTag" Ordner verschieben:

Konnte nicht verschoben werden "C:\ProgramData\ExtTag" => ist geplant bei Neustart verschoben zu werden.

EmptyTemp: => 428.2 MB temporäre Dateien entfernt.

Ergebnis der geplanten Datei-Verschiebungen (Start-Modus: Normal) (Datum&Uhrzeit: 2015-08-24 23:40:39)<=

C:\Program Files (x86)\shopwit => erfolgreich verschoben
C:\ProgramData\ExtTag => erfolgreich verschoben

==== Ende von Fixlog 23:40:39 ====
         
lg Don Camillo

Und nochmals ein FRST-Log als Admin:

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:24-08-2015
durchgeführt von Markus Radosztics (Administrator) auf WAUT0001 (24-08-2015 23:45:31)
Gestartet von C:\Users\Markus Radosztics\Downloads
Geladene Profile: Markus Radosztics (Verfügbare Profile: Markus Radosztics)
Platform: Windows 8 Pro (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 10 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Tencent) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16600.237\QQPCRTP.exe
(Beijing Rising Information Technology Co., Ltd.) C:\Program Files (x86)\Rising\RSD\RsMgrSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Abengine) C:\Program Files (x86)\FastSearch\acengine.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
() C:\Users\Markus Radosztics\AppData\Local\Salttex.exe
(XTab system) C:\Program Files (x86)\MiniLite\ProtectService.exe
(MICRO-STAR INTERNATIONAL CO., LTD.) C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\ProgramData\d64c6aa4-9b30-4b06-8859-0cfa31bd50dc\plugincontainer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
() C:\Program Files (x86)\Common Files\d64c6aa4-9b30-4b06-8859-0cfa31bd50dc\updater.exe
(LogMeIn Inc.) D:\Games\LogMeIn Hamachi\hamachi-2.exe
(LogMeIn, Inc.) D:\Games\LogMeIn Hamachi\LMIGuardianSvc.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\msosync.exe
(LogMeIn Inc.) D:\Games\LogMeIn Hamachi\hamachi-2-ui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(LogMeIn, Inc.) D:\Games\LogMeIn Hamachi\LMIGuardianSvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(Tencent) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16600.237\QQPCTray.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(Tencent) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16600.237\QMUsbGuard.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6600\Bin\ScanToPCActivationApp.exe
(Valve Corporation) D:\Games\Steam.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Open Source) C:\Users\Markus Radosztics\AppData\Roaming\cpuminer\sgminer\sgminer.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Valve Corporation) D:\Games\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Microsoft Corporation) C:\Users\Markus Radosztics\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.149\SSScheduler.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office15\ONENOTEM.EXE
(Dropbox, Inc.) C:\Users\Markus Radosztics\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Beijing Rising Information Technology Co., Ltd.) C:\Program Files (x86)\Rising\RSD\popwndexe.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6600\Bin\HPNetworkCommunicator.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
() C:\ProgramData\d64c6aa4-9b30-4b06-8859-0cfa31bd50dc\plugins\3\Plugin.exe
() C:\ProgramData\d64c6aa4-9b30-4b06-8859-0cfa31bd50dc\plugins\5\Plugin.exe
() C:\ProgramData\d64c6aa4-9b30-4b06-8859-0cfa31bd50dc\plugins\10\Plugin.exe
() C:\ProgramData\d64c6aa4-9b30-4b06-8859-0cfa31bd50dc\plugins\8\Plugin.exe
() C:\ProgramData\d64c6aa4-9b30-4b06-8859-0cfa31bd50dc\plugins\7\Plugin.exe
() C:\ProgramData\d64c6aa4-9b30-4b06-8859-0cfa31bd50dc\plugins\12\Plugin.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
() C:\ProgramData\d64c6aa4-9b30-4b06-8859-0cfa31bd50dc\plugins\7\Plugin.exe
() C:\ProgramData\d64c6aa4-9b30-4b06-8859-0cfa31bd50dc\plugins\3\Plugin.exe
() C:\ProgramData\d64c6aa4-9b30-4b06-8859-0cfa31bd50dc\plugins\12\Plugin.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8466136 2015-04-30] (Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => "D:\Programme\iTunesHelper.exe"
HKLM\...\Run: [gpuminer] => C:\Users\Markus Radosztics\AppData\Roaming\cpuminer\sgminer\sgminer.cmd [218 2015-08-17] ()
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288 2010-10-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [36760 2010-10-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [821144 2010-10-25] (Adobe Systems Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-05-15] (Apple Inc.)
HKLM-x32\...\Run: [Nikon Message Center 2] => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [571392 2011-10-30] (Nikon Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [A1Servicecenter] => C:\Program Files (x86)\A1 Servicecenter\A1 Servicecenter\A1Servicecenter_Launcher.exe [11467864 2015-05-27] (A1)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => D:\Games\LogMeIn Hamachi\hamachi-2-ui.exe [5579624 2015-08-03] (LogMeIn Inc.)
HKLM-x32\...\Run: [ QQPCTray] => C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16600.237\QQPCTRAY.EXE [355296 2015-08-20] (Tencent)
HKLM-x32\...\Run: [RSDTRAY] => C:\Program Files (x86)\Rising\RSD\popwndexe.exe [126808 2012-09-25] (Beijing Rising Information Technology Co., Ltd.)
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\...\Run: [Voobly] => C:\Program Files (x86)\Voobly\voobly.exe [159744 2015-01-12] (Voobly)
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\...\Run: [HP Officejet 6600 (NET)] => C:\Program Files\HP\HP Officejet 6600\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\...\Run: [Steam] => D:\Games\Steam.exe [2899136 2015-08-19] (Valve Corporation)
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\...\Run: [TomTomHOME.exe] => C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [248176 2014-06-05] (TomTom)
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\...\Run: [Dropbox Update] => C:\Users\Markus Radosztics\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-18] (Dropbox, Inc.)
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\...\Run: [OneDrive] => C:\Users\Markus Radosztics\AppData\Local\Microsoft\OneDrive\OneDrive.exe [404064 2015-08-20] (Microsoft Corporation)
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\...\Run: [Shop-wit] => C:\Program Files (x86)\shopwit\shopwit\1.4.0.7\shopwit.exe
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\...\Run: [apphide] => C:\Program Files (x86)\baidu\pps.exe
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\...\Run: [GoogleChromeAutoLaunch_FEA560871AAA9104DF8D8385F4A465BE] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [863560 2015-08-18] (Google Inc.)
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\...\RunOnce: [Uninstall C:\Users\Markus Radosztics\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Markus Radosztics\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64"
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\...\RunOnce: [Uninstall C:\Users\Markus Radosztics\AppData\Local\Microsoft\OneDrive\17.3.5907.0716] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Markus Radosztics\AppData\Local\Microsoft\OneDrive\17.3.5907.0716"
AppInit_DLLs: C:\ProgramData\ExtTag\Zimdox.dll => C:\ProgramData\ExtTag\Zimdox.dll Datei nicht gefunden
AppInit_DLLs-x32: C:\ProgramData\ExtTag\Biodandom.dll => "C:\ProgramData\ExtTag\Biodandom.dll" Datei nicht gefunden
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2014-01-16]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.149\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Markus Radosztics\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2015-03-18]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files (x86)\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Markus Radosztics\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2013-10-13]
ShortcutTarget: Dropbox.lnk -> C:\Users\Markus Radosztics\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [.QMDeskTopGCIcon] -> {B7667919-3765-4815-A66D-98A09BE662D6} => C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16600.237\QMGCShellExt64.dll [2015-08-20] (Tencent)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Markus Radosztics\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Markus Radosztics\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Markus Radosztics\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Markus Radosztics\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Markus Radosztics\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Markus Radosztics\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Markus Radosztics\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.)
GroupPolicy: Gruppenrichtline auf Chrome erkannt <======= ACHTUNG
CHR HKLM\SOFTWARE\Policies\Google: Richtlinienbeschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)

HKU\S-1-5-21-817472733-4082136947-4255886928-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Richtlinienbeschränkung <======= ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSE1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.hao123.com/?tn=99963976_hao_pg
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_Bz-FcOk_3gj-vPq5njNUqi6JvXMApaBQy6dI7-zBLqJIwww8hbEZ_D2j-OfsnCYPRYpkjrKE0B6yddsyT_z-DCS1yPXETxyhaNnvdxAsPQgSz3pdyHGIGPpqh1ZYU9NjUbI11dZ3i1WZYkJ6Nqn-MqE94IglK&q={searchTerms}
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.hao123.com/?tn=99963976_hao_pg
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.at.msn.com/
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_Bz-FcOk_3gj-vPq5njNUqi6JvXMApaBQy6dI7-zBLqJIwww8hbEZ_D2j-OfsnCYPRYpkjrKE0B6yddsyT_z-DCS1yPXETxyhaNnvdxAsPQgSz3pdyHGIGPpqh1ZYU9NjUbI11dZ3i1WZYkJ6Nqn-MqE94IglK&q={searchTerms}
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\Software\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_Bz-FcOk_3gj-vPq5njNUqi6JvXMApaBQy6dI7-zBLqJIwww8hbEZ_D2j-OfsnCYPRYpkjrKE0B6yddsyT_z-DCS1yPXETxyhaNnvdxAsPQgSz3pdyHGIGPpqh1ZYU9NjUbI11dZ3i1WZYkJ6Nqn-MqE94IglK&q={searchTerms}
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://at.yhs4.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_popjar_15_34&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dat%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyB0AyBzytCzyzytA0F0CyDtDyEtA0AyCtN0D0Tzu0StCtAtByBtN1L2XzutAtFtCtBtFyDtFtAtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyE0CyB0CzztAyE0BtGyByBzyzztGzzyD0D0CtGtDtB0C0DtG0EyCyE0ByEyBtBtDyC0DyBzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0F0DyE0DtD0CyE0BtGtCyEtAyEtGyEtAyDtAtGzztBtCtDtGtBtAtCyByDyC0BtC0A0A0B0C2QtN0A0LzutB%26cr%3D1829697096%26a%3Dwncy_popjar_15_34%26os%3DWindows%2B8%2BPro&p={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://at.yhs4.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_popjar_15_34&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dat%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyB0AyBzytCzyzytA0F0CyDtDyEtA0AyCtN0D0Tzu0StCtAtByBtN1L2XzutAtFtCtBtFyDtFtAtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyE0CyB0CzztAyE0BtGyByBzyzztGzzyD0D0CtGtDtB0C0DtG0EyCyE0ByEyBtBtDyC0DyBzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0F0DyE0DtD0CyE0BtGtCyEtAyEtGyEtAyDtAtGzztBtCtDtGtBtAtCyByDyC0BtC0A0A0B0C2QtN0A0LzutB%26cr%3D1829697096%26a%3Dwncy_popjar_15_34%26os%3DWindows%2B8%2BPro&p={searchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> DefaultScope {ielnksrch} URL = 
SearchScopes: HKLM-x32 -> ielnksrch URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_Bz-FcOk_3gj-vPq5njNUqi6JvXMApaBQy6dI7-zBLqJIwww8hbEZ_D2j-OfsnCYPRYpkjrKE0B6yddsyT_z-DCS1yPXETxyhaNnvdxAsPQgSz3pdyHGIGPpqh1ZYU9NjUbI11dZ3i1WZYkJ6Nqn-MqE94IglK&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-817472733-4082136947-4255886928-1001 -> DefaultScope {ielnksrch} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_Bz-FcOk_3gj-vPq5njNUqi6JvXMApaBQy6dI7-zBLqJIwww8hbEZ_D2j-OfsnCYPRYpkjrKE0B6yddsyT_z-DCS1yPXETxyhaNnvdxAsPQgSz3pdyHGIGPpqh1ZYU9NjUbI11dZ3i1WZYkJ6Nqn-MqE94IglK&q={searchTerms}
SearchScopes: HKU\S-1-5-21-817472733-4082136947-4255886928-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://at.yhs4.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_popjar_15_34&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dat%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyB0AyBzytCzyzytA0F0CyDtDyEtA0AyCtN0D0Tzu0StCtAtByBtN1L2XzutAtFtCtBtFyDtFtAtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyE0CyB0CzztAyE0BtGyByBzyzztGzzyD0D0CtGtDtB0C0DtG0EyCyE0ByEyBtBtDyC0DyBzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0F0DyE0DtD0CyE0BtGtCyEtAyEtGyEtAyDtAtGzztBtCtDtGtBtAtCyByDyC0BtC0A0A0B0C2QtN0A0LzutB%26cr%3D1829697096%26a%3Dwncy_popjar_15_34%26os%3DWindows%2B8%2BPro&p={searchTerms}
SearchScopes: HKU\S-1-5-21-817472733-4082136947-4255886928-1001 -> {ielnksrch} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_Bz-FcOk_3gj-vPq5njNUqi6JvXMApaBQy6dI7-zBLqJIwww8hbEZ_D2j-OfsnCYPRYpkjrKE0B6yddsyT_z-DCS1yPXETxyhaNnvdxAsPQgSz3pdyHGIGPpqh1ZYU9NjUbI11dZ3i1WZYkJ6Nqn-MqE94IglK&q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-07-14] (Microsoft Corporation)
BHO: 电脑管家网页防火墙 -> {7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B} -> C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16600.237\TSWebMon64.dat [2015-08-20] (Tencent)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-07-14] (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-10-25] (Adobe Systems Incorporated)
BHO-x32: Great Find -> {1cc2bb80-20ab-43e5-b958-432d72b546ca} -> C:\Program Files (x86)\Great Find\Extensions\1cc2bb80-20ab-43e5-b958-432d72b546ca.dll Keine Datei
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-07-14] (Microsoft Corporation)
BHO-x32: Ó¦Óñ¦Ò»¼ü°²×°²å¼þ -> {50F4150A-48B2-417A-BE4C-C83F580FB904} -> C:\Program Files (x86)\Common Files\Tencent\QQPhoneManager\2.0.201.3198\npQQPhoneManagerExt.dll [2014-05-30] (腾讯公司)
BHO-x32: af0.Adblock.BHO -> {90EFF544-3981-4d46-85C9-C0361D0931D6} -> C:\Windows\SysWOW64\mscoree.dll [2012-06-02] (Microsoft Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-10-25] (Adobe Systems Incorporated)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-07-14] (Microsoft Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-10-25] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-10-25] (Adobe Systems Incorporated)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-03-18] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Winsock: Catalog9 01 C:\Windows\SysWOW64\acengine.dll [299296 2015-08-20] (Abengine)
Winsock: Catalog9 02 C:\Windows\SysWOW64\acengine.dll [299296 2015-08-20] (Abengine)
Winsock: Catalog9 03 C:\Windows\SysWOW64\acengine.dll [299296 2015-08-20] (Abengine)
Winsock: Catalog9 04 C:\Windows\SysWOW64\acengine.dll [299296 2015-08-20] (Abengine)
Winsock: Catalog9 16 C:\Windows\SysWOW64\acengine.dll [299296 2015-08-20] (Abengine)
Hosts: 0.0.0.1	mssplus.mcafee.com
Tcpip\..\Interfaces\{0FFDF7C3-8718-450E-A4A2-9C59BD350F78}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{DD37C3EA-4E32-4412-AC18-EA239FC6029F}: [DhcpNameServer] 10.0.0.138
StartMenuInternet: IEXPLORE.EXE - c:\program files\internet explorer\iexplore.exe hxxp://www.mystartsearch.com/?type=sc&ts=1440141856&z=3fbd779b7c5a732cb4abd88gbz6zbeag3zcg1mawec&from=cmi&uid=SamsungXSSDX840XEVOX120GB_S1D5NEAD869028B

FireFox:
========
FF ProfilePath: C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default
FF NewTab: chrome://quick_start/content/index.html
FF DefaultSearchEngine: mystartsearch
FF SelectedSearchEngine: mystartsearch
FF Homepage: hxxp://www.istartsurf.com/?type=hp&ts=1440103432&z=81c380bb68d5eb130644762gezaz6e6gdedc7cbc7g&from=face&uid=SamsungXSSDX840XEVOX120GB_S1D5NEAD869028B
FF Keyword.URL: 
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-15] ()
FF Plugin: @iqiyi.com/npWebPlayer -> C:\IQIYI Video\LStyle\npWebPlayer.dll [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-15] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-07-30] ()
FF Plugin-x32: @iqiyi.com/npWebPlayer -> C:\IQIYI Video\LStyle\npWebPlayer.dll [Keine Datei]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-03-31] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-03-18] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-07-02] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-07-02] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [Keine Datei]
FF Plugin-x32: @qq.com/npAndroidAssistant -> C:\Program Files (x86)\Common Files\Tencent\QQPhoneManager\2.0.201.3198\npQQPhoneManagerExt.dll [2014-05-30] (腾讯公司)
FF Plugin-x32: @qq.com/QQPCMgr -> C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16600.237\npQMExtensionsMozilla.dll [2015-08-20] (Tencent Technology (Shenzhen) Company Limited)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin HKU\S-1-5-21-817472733-4082136947-4255886928-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Markus Radosztics\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2014-03-13] (Citrix Online)
FF Plugin HKU\S-1-5-21-817472733-4082136947-4255886928-1001: @iqiyi.com/npWebPlayer -> C:\IQIYI Video\LStyle\npWebPlayer.dll Keine Datei
FF Plugin HKU\S-1-5-21-817472733-4082136947-4255886928-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-06-21] ()
FF user.js: detected! => C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\user.js [2015-08-22]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-03-31] (Microsoft Corporation)
FF SearchPlugin: C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\searchplugins\findit.xml [2015-08-21]
FF SearchPlugin: C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\searchplugins\istartsurf.xml [2015-08-21]
FF SearchPlugin: C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\searchplugins\mystartsearch.xml [2015-08-23]
FF SearchPlugin: C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\searchplugins\search-provided-by-yahoo.xml [2015-08-20]
FF Extension: Default SearchProtected  - C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\Extensions\defsearchp@gmail.com [2015-08-19]
FF Extension: deskCut - C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\Extensions\deskCutv2@gmail.com [2015-08-19]
FF Extension: A1 Servicecenter - C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\Extensions\{594657B4-413A-41D0-8F85-A6D3F35C9BDF} [2015-06-03]
FF Extension: Download videos and MP3s from YouTube - C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\Extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900} [2014-10-06]
FF Extension: "Download Touch - C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\Extensions\@73ABDD53B667F486D5ACC6A263CED1CC73AB.xpi [2015-08-20]
FF Extension: Great Find - C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\Extensions\{0a4ee680-ecac-4e89-b625-5139f7130e30}.xpi [2015-08-22]
FF Extension: Kein Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-05-01]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2013-09-30]
FF HKLM-x32\...\Firefox\Extensions: [defsearchp@gmail.com] - C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\extensions\defsearchp@gmail.com
FF HKLM-x32\...\Firefox\Extensions: [deskCutv2@gmail.com] - C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\extensions\deskCutv2@gmail.com
FF HKU\S-1-5-21-817472733-4082136947-4255886928-1001\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2014-10-06]
StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe hxxp://www.mystartsearch.com/?type=sc&ts=1440141856&z=3fbd779b7c5a732cb4abd88gbz6zbeag3zcg1mawec&from=cmi&uid=SamsungXSSDX840XEVOX120GB_S1D5NEAD869028B
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\73ABDD53B667F486D5ACC6A263CED1CC73AB.js [2015-08-20]

Chrome: 
=======
CHR Profile: C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-08-24]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-23]
CHR HKLM-x32\...\Chrome\Extension: [dnligehkhogpcngalffdoomehjcbecna] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gehmndecgbcffhmfjkenpamdgechcgpe] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 acengine; C:\Program Files (x86)\FastSearch\acengine.exe [1839728 2015-08-11] (Abengine) [Datei ist nicht signiert]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
S2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-07-04] ()
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2765496 2015-07-14] (Microsoft Corporation)
R2 eproduct; C:\Users\Markus Radosztics\AppData\Local\Salttex.exe [47616 2015-08-20] () [Datei ist nicht signiert]
R2 Hamachi2Svc; D:\Games\LogMeIn Hamachi\hamachi-2.exe [2545512 2015-08-03] (LogMeIn Inc.)
R2 IHProtect Service; C:\Program Files (x86)\MiniLite\ProtectService.exe [129688 2015-08-20] (XTab system)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\LENOVO\easyplussdk\bin\EPHotspot64.exe [619776 2015-01-15] (Lenovo)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.149\McCHSvc.exe [289256 2015-06-26] (McAfee, Inc.)
R2 MSI_Trigger_Service; C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe [30240 2013-09-26] (MICRO-STAR INTERNATIONAL CO., LTD.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation)
S3 Origin Client Service; D:\Games\Origin\OriginClientService.exe [1931632 2015-05-15] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2015-05-23] ()
R2 QQPCRTP; C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16600.237\QQPCRTP.exe [297608 2015-08-20] (Tencent)
R2 RsMgrSvc; C:\Program Files (x86)\Rising\RSD\RsMgrSvc.exe [196288 2015-08-21] (Beijing Rising Information Technology Co., Ltd.)
R2 Service Mgr GreatFind; C:\ProgramData\d64c6aa4-9b30-4b06-8859-0cfa31bd50dc\plugincontainer.exe [1205472 2015-08-24] ()
S3 TAOFrame; C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16600.237\TAOFrame.exe [293856 2015-08-20] (Tencent)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2145080 2015-06-25] (TuneUp Software)
R2 Update Mgr GreatFind; C:\Program Files (x86)\Common Files\d64c6aa4-9b30-4b06-8859-0cfa31bd50dc\updater.exe [703712 2015-08-24] ()
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2015-07-06] (Microsoft Corporation)
S2 dojoluri; C:\Program Files (x86)\00000000-1440101150-0000-0000-448A5BA07B78\knsb4C96.tmp [X]
S2 ExtTag; C:\ProgramData\ExtTag\ExtTag.exe [X]
S2 hyverumu; C:\Program Files (x86)\00000000-1440101150-0000-0000-448A5BA07B78\jnsiE347.tmp [X]
S2 igfx32; "C:\Program Files\igfx32\igfx32.exe" /s iid=2679535 did=Missing sid= ref= id=047e6a478a9cd5449350448a9fe4f569a5544d0a771fdc73cd2034f9b95a9549 [X]
S2 kefowydy; C:\Program Files (x86)\00000000-1440101150-0000-0000-448A5BA07B78\hnsf344.tmp [X]
S2 WindowsMangerProtect; C:\ProgramData\WWinManProW\ProtectWindowsManager.exe -service [X] <==== ACHTUNG

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 acwfp; C:\Windows\system32\Drivers\acwfp64.sys [45784 2015-08-13] (Abengine)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-21] ()
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
S3 e1dexpress; C:\Windows\system32\DRIVERS\e1d63x64.sys [468752 2013-02-27] (Intel Corporation)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2015-08-03] (LogMeIn Inc.)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-06-21] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R1 QMUdisk; C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16600.237\QMUdisk64.sys [62264 2015-08-20] (Tencent)
R2 QQSysMonX64; C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16600.237\QQSysMonX64.sys [138040 2015-08-20] (电脑管家)
R2 TAOAccelerator; C:\Windows\system32\Drivers\TAOAccelerator64.sys [74040 2015-08-20] (Tencent)
R2 TAOKernelDriver; C:\Windows\system32\drivers\TAOKernel64.sys [274232 2015-08-20] (Tencent Technology(Shenzhen) Company Limited)
R3 TFsFlt; C:\Windows\System32\Drivers\TFsFltX64.sys [87864 2015-08-20] (电脑管家)
R3 TS888x64; C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16600.237\TS888x64.sys [28984 2015-08-24] (Tencent)
R1 TSDefenseBt; C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16600.237\TSDefenseBT64.sys [28472 2015-08-20] (Tencent)
R1 TSSysKit; C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16600.237\TSSysKit64.sys [87352 2015-08-20] (电脑管家)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [31144 2015-06-04] (TuneUp Software)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2014-07-28] (Apple, Inc.) [Datei ist nicht signiert]
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [64000 2012-07-26] (Microsoft Corporation)
R1 {092386fb-9faf-4d52-817c-d4095ab6e5cd}Gw64; C:\Windows\System32\drivers\{092386fb-9faf-4d52-817c-d4095ab6e5cd}Gw64.sys [48784 2015-08-19] (StdLib)
R1 {8b8ff336-6f1d-48e8-bf3a-a8cbaafdd963}Gw64; C:\Windows\System32\drivers\{8b8ff336-6f1d-48e8-bf3a-a8cbaafdd963}Gw64.sys [48784 2015-08-20] (StdLib)
R1 {987371d1-e860-4e27-ba6a-35575fd33b7c}Gw64; C:\Windows\System32\drivers\{987371d1-e860-4e27-ba6a-35575fd33b7c}Gw64.sys [48784 2015-08-20] (StdLib)
S3 MSICDSetup; \??\E:\CDriver64.sys [X]
S3 NTIOLib_1_0_C; \??\E:\NTIOLib_X64.sys [X]
S1 rrfd_vw_1_10_0_22; system32\drivers\rrfd_vw_1_10_0_22.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-08-23 14:58 - 2015-08-24 07:40 - 00002253 _____ C:\Users\Markus Radosztics\Desktop\Google Chrome.lnk
2015-08-23 14:58 - 2015-08-23 14:58 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-08-23 14:56 - 2015-08-23 14:56 - 00931408 _____ (Google Inc.) C:\Users\Markus Radosztics\Downloads\ChromeSetup.exe
2015-08-23 14:33 - 2015-08-23 14:33 - 01260832 _____ C:\Users\Markus Radosztics\Downloads\Revo Uninstaller - CHIP-Installer.exe
2015-08-23 14:04 - 2015-08-24 23:35 - 00000000 ____D C:\Users\Markus Radosztics\Downloads\FRST-OlderVersion
2015-08-23 14:01 - 2015-08-24 23:45 - 00039254 _____ C:\Users\Markus Radosztics\Downloads\FRST.txt
2015-08-23 14:01 - 2015-08-23 14:02 - 00081428 _____ C:\Users\Markus Radosztics\Downloads\Addition.txt
2015-08-23 14:00 - 2015-08-23 14:00 - 00018325 _____ C:\Users\Markus Radosztics\Desktop\Fixlist.txt
2015-08-23 12:05 - 2015-08-24 23:40 - 00000334 _____ C:\Windows\Tasks\PC-Mechanic Startup.job
2015-08-23 12:05 - 2015-08-24 23:35 - 00000320 _____ C:\Windows\Tasks\PC-Mechanic Maintenance.job
2015-08-23 12:05 - 2015-08-23 12:05 - 00003248 _____ C:\Windows\System32\Tasks\PC-Mechanic Maintenance
2015-08-23 12:05 - 2015-08-23 12:05 - 00002630 _____ C:\Windows\System32\Tasks\PC-Mechanic Startup
2015-08-23 12:05 - 2015-08-23 12:05 - 00001171 _____ C:\Users\Public\Desktop\PC Mechanic.lnk
2015-08-23 12:05 - 2015-08-23 12:05 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\Uniblue
2015-08-23 12:05 - 2015-08-23 12:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue
2015-08-23 12:05 - 2015-08-23 12:05 - 00000000 ____D C:\Program Files (x86)\Uniblue
2015-08-22 17:34 - 2015-08-22 17:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\腾讯软件
2015-08-22 15:20 - 2015-08-22 15:20 - 00852684 _____ C:\Users\Markus Radosztics\Desktop\SecurityCheck.exe
2015-08-22 14:31 - 2015-08-24 22:55 - 00000000 ____D C:\ProgramData\d64c6aa4-9b30-4b06-8859-0cfa31bd50dc
2015-08-22 14:31 - 2015-08-22 14:31 - 00002215 _____ C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
2015-08-22 14:31 - 2015-08-22 14:31 - 00002207 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014.lnk
2015-08-22 14:31 - 2015-08-22 14:31 - 00002195 _____ C:\Users\Public\Desktop\TuneUp Utilities 2014.lnk
2015-08-22 14:31 - 2015-08-22 14:31 - 00000000 ____D C:\Program Files (x86)\Great Find
2015-08-22 14:31 - 2015-06-25 07:53 - 00040760 _____ (TuneUp Software) C:\Windows\system32\TURegOpt.exe
2015-08-22 14:31 - 2015-06-25 07:53 - 00029496 _____ (TuneUp Software) C:\Windows\system32\authuitu.dll
2015-08-22 14:31 - 2015-06-25 07:53 - 00025400 _____ (TuneUp Software) C:\Windows\SysWOW64\authuitu.dll
2015-08-22 14:30 - 2015-08-23 12:04 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\OpenCandy
2015-08-22 14:30 - 2015-08-22 14:31 - 00000000 ____D C:\Program Files (x86)\TuneUp Utilities 2014
2015-08-22 13:05 - 2015-08-22 13:05 - 02870984 _____ (ESET) C:\Users\Markus Radosztics\Downloads\esetsmartinstaller_deu.exe
2015-08-22 12:04 - 2015-08-22 12:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-08-21 23:42 - 2015-08-21 23:42 - 00002377 _____ C:\Windows\SysWOW64\findit.xml
2015-08-21 23:42 - 2015-08-21 23:42 - 00000000 ____D C:\ProgramData\ExtTags
2015-08-21 15:10 - 2015-08-21 15:10 - 00957064 _____ C:\Windows\Minidump\082115-9765-01.dmp
2015-08-21 10:36 - 2015-08-21 10:36 - 01162256 _____ C:\Windows\Minidump\082115-8296-01.dmp
2015-08-21 09:25 - 2015-08-21 09:25 - 00001051 _____ C:\Users\Markus Radosztics\Desktop\AnyProtect.lnk
2015-08-21 09:25 - 2015-08-21 09:25 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup
2015-08-21 09:24 - 2015-08-24 23:42 - 00000000 ____D C:\ProgramData\update
2015-08-21 09:24 - 2015-08-24 23:37 - 00000000 ____D C:\Program Files (x86)\AnyProtectEx
2015-08-21 09:24 - 2015-08-22 11:46 - 00000000 ____D C:\ProgramData\WWinManProW
2015-08-21 09:24 - 2015-08-21 09:24 - 00000000 ____D C:\Program Files (x86)\MiniLite
2015-08-21 09:14 - 2015-08-24 23:35 - 02186752 _____ (Farbar) C:\Users\Markus Radosztics\Downloads\FRST64.exe
2015-08-20 23:02 - 2015-08-20 23:02 - 00002250 _____ C:\Users\Markus Radosztics\AppData\Roaming\mKEEssqw2b6jam0xKEJW.exe.lnk
2015-08-20 23:02 - 2015-08-20 23:02 - 00002228 _____ C:\Users\Markus Radosztics\AppData\Roaming\Cus4wE9mf.exe.lnk
2015-08-20 22:58 - 2015-08-24 23:40 - 00028984 _____ (Tencent) C:\Windows\SysWOW64\Drivers\TS888x64.sys
2015-08-20 22:58 - 2015-08-20 22:58 - 00003338 _____ C:\Windows\System32\Tasks\RsDelayLauncher_{8A34248E-7D35-4832-8378-7659E0B0A380}
2015-08-20 22:57 - 2015-08-21 08:25 - 00000298 _____ C:\Windows\Tasks\Tempo Runner yvegdufu.job
2015-08-20 22:57 - 2015-08-21 08:25 - 00000298 _____ C:\Windows\Tasks\Tempo Runner yveg6ufu.job
2015-08-20 22:57 - 2015-08-20 22:57 - 00002442 _____ C:\Windows\System32\Tasks\Tempo Runner yvegdufu
2015-08-20 22:57 - 2015-08-20 22:57 - 00002442 _____ C:\Windows\System32\Tasks\Tempo Runner yveg6ufu
2015-08-20 22:51 - 2015-08-21 08:53 - 00000000 ____D C:\ProgramData\Rising
2015-08-20 22:51 - 2015-08-21 08:53 - 00000000 ____D C:\Program Files (x86)\Rising
2015-08-20 22:51 - 2015-08-21 00:36 - 00000000 ___RD C:\RavBin
2015-08-20 22:51 - 2014-07-30 04:44 - 00091928 ____N (Beijing Rising Information Technology Co., Ltd.) C:\Windows\SysWOW64\vpatch.dll
2015-08-20 22:50 - 2015-08-22 16:58 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\腾讯软件
2015-08-20 22:50 - 2015-08-20 22:50 - 00274232 _____ (Tencent Technology(Shenzhen) Company Limited) C:\Windows\system32\Drivers\TAOKernel64.sys
2015-08-20 22:50 - 2015-08-20 22:50 - 00087864 _____ (电脑管家) C:\Windows\system32\Drivers\TFsFltX64.sys
2015-08-20 22:50 - 2015-08-20 22:50 - 00074040 _____ (Tencent) C:\Windows\system32\Drivers\TAOAccelerator64.sys
2015-08-20 22:50 - 2015-08-20 22:50 - 00000000 ____D C:\ProgramData\TXQMPC
2015-08-20 22:50 - 2015-08-20 22:50 - 00000000 ____D C:\Program Files\Common Files\Tencent
2015-08-20 22:49 - 2015-08-20 23:31 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\Tencent
2015-08-20 22:49 - 2015-08-20 22:52 - 00000000 ____D C:\ProgramData\Tencent
2015-08-20 22:49 - 2015-08-20 22:49 - 00000000 ____D C:\Program Files (x86)\Tencent
2015-08-20 22:44 - 2015-08-20 22:44 - 00001113 _____ C:\Users\Markus Radosztics\Desktop\Continue Live Installation.lnk
2015-08-20 22:44 - 2015-08-20 22:44 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\istartsurf
2015-08-20 22:37 - 2015-08-20 22:37 - 00000000 _____ C:\dummy.htm
2015-08-20 22:32 - 2015-08-20 22:33 - 00000000 ____D C:\ProgramData\LocalStorage
2015-08-20 22:30 - 2015-08-20 22:30 - 00000000 ____D C:\Users\Markus Radosztics\.android
2015-08-20 22:29 - 2015-08-20 22:29 - 00001318 _____ C:\Users\Markus Radosztics\Desktop\全网影视.lnk
2015-08-20 22:29 - 2015-08-20 22:29 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\ppslog
2015-08-20 22:19 - 2015-08-21 08:25 - 00000378 _____ C:\Windows\Tasks\APSnotifierPP1.job
2015-08-20 22:19 - 2015-08-20 22:55 - 00000376 _____ C:\Windows\Tasks\APSnotifierPP2.job
2015-08-20 22:19 - 2015-08-20 22:49 - 00002832 _____ C:\Windows\System32\Tasks\APSnotifierPP1
2015-08-20 22:19 - 2015-08-20 22:49 - 00002830 _____ C:\Windows\System32\Tasks\APSnotifierPP3
2015-08-20 22:19 - 2015-08-20 22:49 - 00002830 _____ C:\Windows\System32\Tasks\APSnotifierPP2
2015-08-20 22:19 - 2015-08-20 22:49 - 00000376 _____ C:\Windows\Tasks\APSnotifierPP3.job
2015-08-20 22:17 - 2015-08-21 08:47 - 00000000 ____D C:\IQIYI Video
2015-08-20 22:17 - 2015-08-21 08:46 - 00000000 ____D C:\ProgramData\IQIYI Video
2015-08-20 22:17 - 2015-08-21 00:37 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\Unity
2015-08-20 22:17 - 2015-08-20 22:30 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\IQIYI Video
2015-08-20 22:17 - 2015-08-20 22:17 - 00000000 __SHD C:\Users\Markus Radosztics\AppData\Roaming\AnyProtectEx
2015-08-20 22:17 - 2015-08-20 22:17 - 00000000 ____D C:\Users\Public\QiYi
2015-08-20 22:17 - 2015-08-20 22:17 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\SysassistByHotWheel
2015-08-20 22:16 - 2015-08-20 22:16 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\node-webkit
2015-08-20 22:15 - 2015-08-21 00:37 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\cpuminer
2015-08-20 22:15 - 2015-08-20 22:15 - 00000217 _____ C:\task.vbs
2015-08-20 22:10 - 2015-08-20 22:10 - 29727656 _____ (Oracle Corporation) C:\Users\Markus Radosztics\Desktop\jre-8u25-windows-i586.exe
2015-08-20 22:09 - 2015-08-20 23:09 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\Gameo
2015-08-20 22:09 - 2015-08-20 22:26 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\Opera Software
2015-08-20 22:09 - 2015-08-20 22:26 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\Opera Software
2015-08-20 22:09 - 2015-08-20 22:09 - 00000185 _____ C:\Users\Markus Radosztics\Desktop\Play Games Online.url
2015-08-20 22:09 - 2015-08-20 22:09 - 00000185 _____ C:\Users\Markus Radosztics\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Play Games Online.url
2015-08-20 22:09 - 2015-08-20 22:09 - 00000000 ___HD C:\Users\Markus Radosztics\AppData\Roaming\GoldenGate
2015-08-20 22:09 - 2015-08-20 22:09 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\Gameo
2015-08-20 22:07 - 2015-08-21 00:37 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\WarThunder
2015-08-20 22:07 - 2015-08-20 22:07 - 29727656 _____ (Oracle Corporation) C:\Users\Markus Radosztics\Downloads\setup [1].exe
2015-08-20 22:06 - 2015-08-24 23:37 - 00000000 ____D C:\Program Files (x86)\Cinem Plus 2.4cV20.08
2015-08-20 22:06 - 2015-08-23 14:05 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\00000000-1440108399-0000-0000-448A5BA07B78
2015-08-20 22:06 - 2015-08-20 09:50 - 00048784 _____ (StdLib) C:\Windows\system32\Drivers\{8b8ff336-6f1d-48e8-bf3a-a8cbaafdd963}Gw64.sys
2015-08-20 22:06 - 2015-07-23 15:47 - 00000854 _____ C:\Windows\system32\Drivers\etc\hp.bak
2015-08-20 22:05 - 2015-08-23 14:05 - 00000000 ____D C:\Program Files (x86)\OLBPre
2015-08-20 22:05 - 2015-08-20 23:02 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\{1A0B2C57-3EA3-40EF-533B-65077753999F}
2015-08-20 22:05 - 2015-08-20 22:05 - 00004008 _____ C:\Windows\System32\Tasks\LaunchPreSignup
2015-08-20 22:04 - 2015-08-20 22:26 - 00000000 ____D C:\Program Files (x86)\Opera
2015-08-20 22:04 - 2015-08-20 22:04 - 00047616 _____ C:\Users\Markus Radosztics\AppData\Local\Salttex.exe
2015-08-20 21:58 - 2015-08-20 21:58 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\Sun
2015-08-20 21:58 - 2015-08-20 21:58 - 00000000 ____D C:\Users\Markus Radosztics\.oracle_jre_usage
2015-08-20 20:37 - 2015-08-21 00:38 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\WindSolutions
2015-08-20 20:37 - 2015-08-20 20:44 - 00000000 ____D C:\ProgramData\WindSolutions
2015-08-20 12:29 - 2015-08-20 14:13 - 00000190 _____ C:\mylog.log
2015-08-20 12:29 - 2015-08-20 12:29 - 00000000 ____D C:\Program Files (x86)\MSI
2015-08-20 12:22 - 2015-08-20 12:22 - 00000000 ____D C:\Users\Markus Radosztics\Downloads\intel_usb30
2015-08-20 12:21 - 2015-08-20 12:21 - 06227267 _____ C:\Users\Markus Radosztics\Downloads\intel_usb30.zip
2015-08-20 12:19 - 2015-08-20 12:19 - 02837521 _____ C:\Users\Markus Radosztics\Downloads\intel_chipse_9_w10.zip
2015-08-20 12:19 - 2015-08-20 12:19 - 00000000 ____D C:\Users\Markus Radosztics\Downloads\intel_chipse_9_w10
2015-08-20 11:43 - 2015-08-20 22:55 - 00000004 _____ C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-08-20 11:43 - 2015-08-20 11:43 - 00003156 _____ C:\Windows\System32\Tasks\Download Touch
2015-08-20 11:43 - 2015-08-20 11:43 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\Download Touch
2015-08-20 11:39 - 2015-08-24 23:37 - 00000000 ____D C:\Program Files (x86)\CinemaP-1.9cV16.03
2015-08-20 11:39 - 2015-08-21 10:44 - 00000000 ____D C:\Program Files (x86)\globalUpdate
2015-08-20 11:39 - 2015-08-20 11:39 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\globalUpdate
2015-08-20 11:37 - 2015-08-20 11:37 - 19284168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-08-20 11:34 - 2015-08-22 15:27 - 00012280 _____ C:\Windows\SysWOW64\acengineOff.ini
2015-08-20 11:34 - 2015-08-22 15:27 - 00012280 _____ C:\Windows\system32\acengineOff.ini
2015-08-20 11:34 - 2015-08-13 14:49 - 00045784 _____ (Abengine) C:\Windows\system32\Drivers\acwfp64.sys
2015-08-20 11:34 - 2015-08-11 16:50 - 00299296 _____ (Abengine) C:\Windows\SysWOW64\acengine.dll
2015-08-20 11:15 - 2015-08-20 01:24 - 00048784 _____ (StdLib) C:\Windows\system32\Drivers\{987371d1-e860-4e27-ba6a-35575fd33b7c}Gw64.sys
2015-08-20 11:13 - 2015-08-20 11:13 - 00012839 _____ C:\Users\Markus Radosztics\Desktop\Apple_Mobile_Device_USB_Driver(1).msi
2015-08-20 11:12 - 2015-08-24 23:40 - 00000000 ____D C:\Program Files (x86)\FastSearch
2015-08-20 11:12 - 2015-08-24 23:37 - 00000000 ____D C:\Program Files (x86)\GUPlayer
2015-08-20 11:12 - 2015-08-20 11:34 - 00000002 _____ C:\END
2015-08-20 11:12 - 2015-08-20 11:12 - 00012839 _____ C:\Users\Markus Radosztics\Desktop\Apple_Mobile_Device_USB_Driver.msi
2015-08-20 11:12 - 2015-08-20 11:12 - 00003578 _____ C:\Windows\System32\Tasks\Shop-wit Updater
2015-08-20 11:12 - 2015-08-20 11:12 - 00003112 _____ C:\Windows\System32\Tasks\cfr3011
2015-08-20 11:12 - 2015-08-11 21:11 - 00349584 _____ (Abengine) C:\Windows\system32\acengine64.dll
2015-08-20 10:43 - 2015-08-20 10:43 - 00001456 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-08-20 10:43 - 2015-08-20 10:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-08-20 10:43 - 2015-08-20 10:43 - 00000000 ____D C:\Program Files\iPod
2015-08-20 10:43 - 2015-08-20 10:43 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-08-20 10:42 - 2015-08-20 10:42 - 00002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2015-08-20 10:42 - 2015-08-20 10:42 - 00000000 ____D C:\Windows\System32\Tasks\Apple
2015-08-20 10:42 - 2015-08-20 10:42 - 00000000 ____D C:\Program Files\Bonjour
2015-08-20 10:42 - 2015-08-20 10:42 - 00000000 ____D C:\Program Files (x86)\Bonjour
2015-08-20 10:42 - 2015-08-20 10:42 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2015-08-19 22:11 - 2015-08-20 00:33 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\MediaMonkey
2015-08-19 22:11 - 2015-08-19 22:11 - 00000695 _____ C:\Users\Public\Desktop\MediaMonkey.lnk
2015-08-19 22:11 - 2015-08-19 22:11 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\MediaMonkey
2015-08-19 22:11 - 2015-08-19 22:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MediaMonkey
2015-08-19 22:10 - 2015-08-19 22:10 - 00000000 ____D C:\ProgramData\MediaMonkey
2015-08-19 21:18 - 2015-08-13 14:34 - 19292160 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-08-19 21:18 - 2015-08-13 13:02 - 14383616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-08-19 21:18 - 2015-08-13 12:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-08-19 21:18 - 2015-08-13 12:44 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-08-19 20:48 - 2015-08-19 20:51 - 00000512 __RSH C:\ProgramData\ntuser.pol
2015-08-19 20:46 - 2015-08-19 20:46 - 01135152 _____ C:\Windows\Minidump\081915-12953-01.dmp
2015-08-19 16:27 - 2015-08-19 02:39 - 00048784 _____ (StdLib) C:\Windows\system32\Drivers\{092386fb-9faf-4d52-817c-d4095ab6e5cd}Gw64.sys
2015-08-19 16:24 - 2015-08-23 14:06 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\mystartsearch
2015-08-19 16:24 - 2015-08-19 21:03 - 00000000 ____D C:\ProgramData\nWinManPron
2015-08-19 16:24 - 2015-08-19 16:24 - 00000000 _____ C:\Windows\prleth.sys
2015-08-19 16:24 - 2015-08-19 16:24 - 00000000 _____ C:\Windows\hgfs.sys
2015-08-19 16:22 - 2015-08-19 16:22 - 00000767 _____ C:\Users\Markus Radosztics\Desktop\MP3 Voice Recorder.lnk
2015-08-19 16:22 - 2015-08-19 16:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MP3 Voice Recorder
2015-08-19 16:22 - 2004-03-08 21:30 - 00212240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\richtx32.ocx
2015-08-16 18:23 - 2015-08-16 18:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2015-08-16 00:59 - 2015-07-30 15:11 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-16 00:59 - 2015-07-30 15:10 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-16 00:59 - 2015-07-13 23:05 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-08-16 00:59 - 2015-07-13 23:05 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-08-16 00:59 - 2015-07-09 23:46 - 05982208 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-08-16 00:59 - 2015-07-09 23:44 - 00322560 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2015-08-16 00:59 - 2015-07-09 22:17 - 05095424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-08-16 00:59 - 2015-07-09 22:16 - 00269824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-08-16 00:59 - 2015-07-06 18:16 - 00044560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2015-08-16 00:59 - 2015-07-06 16:32 - 00281944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2015-08-16 00:59 - 2015-07-01 15:00 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-08-16 00:59 - 2015-07-01 14:58 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-08-16 00:59 - 2015-07-01 13:42 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-08-16 00:59 - 2015-07-01 13:41 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-08-16 00:58 - 2015-07-28 18:25 - 00025776 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-08-16 00:58 - 2015-07-28 16:13 - 01116160 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-08-16 00:58 - 2015-07-28 16:13 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-08-16 00:58 - 2015-07-28 16:13 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-08-16 00:58 - 2015-07-28 16:13 - 00437248 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-08-16 00:58 - 2015-07-28 16:13 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-08-16 00:58 - 2015-07-28 15:12 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-08-16 00:58 - 2015-07-16 22:32 - 02239488 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-08-16 00:58 - 2015-07-16 22:32 - 01409024 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-08-16 00:58 - 2015-07-16 22:32 - 00601600 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-08-16 00:58 - 2015-07-16 22:31 - 03959808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-08-16 00:58 - 2015-07-16 22:31 - 00856064 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-08-16 00:58 - 2015-07-16 22:31 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-08-16 00:58 - 2015-07-16 22:30 - 15416320 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-08-16 00:58 - 2015-07-16 22:30 - 02657280 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-08-16 00:58 - 2015-07-16 22:30 - 00949760 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-08-16 00:58 - 2015-07-16 21:07 - 01763328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-08-16 00:58 - 2015-07-16 21:07 - 01181696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-08-16 00:58 - 2015-07-16 21:07 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-08-16 00:58 - 2015-07-16 21:06 - 13774848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-08-16 00:58 - 2015-07-16 21:06 - 02865664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-08-16 00:58 - 2015-07-16 21:06 - 02056704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-08-16 00:58 - 2015-07-16 21:06 - 00737280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-08-16 00:58 - 2015-07-16 21:06 - 00690176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-08-16 00:58 - 2015-07-16 21:06 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-08-16 00:58 - 2015-07-16 21:06 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-08-16 00:58 - 2015-07-16 21:06 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-08-16 00:58 - 2015-07-13 23:23 - 01744384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-08-16 00:58 - 2015-07-13 23:23 - 01422336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-08-16 00:58 - 2015-07-13 23:05 - 02340864 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-08-16 00:58 - 2015-07-13 23:05 - 01850880 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-08-16 00:55 - 2015-07-29 16:45 - 01412608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-08-16 00:55 - 2015-07-29 16:45 - 00035328 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-08-16 00:55 - 2015-07-29 15:52 - 01840640 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-08-16 00:55 - 2015-07-29 15:52 - 01280000 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-08-16 00:55 - 2015-07-29 15:52 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-08-16 00:55 - 2015-07-28 00:42 - 00304128 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-08-16 00:55 - 2015-07-28 00:40 - 04064768 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-08-16 00:55 - 2015-07-28 00:40 - 00366592 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-08-16 00:55 - 2015-07-15 18:09 - 06969688 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-08-16 00:55 - 2015-07-15 18:09 - 00095064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-08-16 00:55 - 2015-07-15 18:06 - 01824296 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-08-16 00:55 - 2015-07-15 15:49 - 01410000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-08-16 00:55 - 2015-07-15 15:29 - 01333248 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-08-16 00:55 - 2015-07-09 23:47 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-08-16 00:55 - 2015-07-09 23:47 - 00243712 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-08-16 00:55 - 2015-07-09 22:18 - 00233984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2015-08-16 00:55 - 2015-06-09 15:09 - 00411133 _____ C:\Windows\system32\ApnDatabase.xml
2015-08-15 11:14 - 2015-08-15 11:14 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-08-03 12:12 - 2015-08-03 12:12 - 00045680 ____H (LogMeIn Inc.) C:\Windows\system32\Drivers\Hamdrv.sys
2015-07-29 15:41 - 2015-07-29 15:41 - 01373000 _____ C:\Windows\Minidump\072915-9968-01.dmp
2015-07-26 16:51 - 2015-07-26 16:51 - 00000803 _____ C:\Users\Public\Desktop\CDBurnerXP.lnk
2015-07-26 16:51 - 2015-07-26 16:51 - 00000741 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
2015-07-26 16:51 - 2015-07-26 16:51 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\Canneverbe Limited
2015-07-26 16:51 - 2015-07-26 16:51 - 00000000 ____D C:\ProgramData\Canneverbe Limited

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-08-24 23:45 - 2015-06-07 20:44 - 00000000 ____D C:\FRST
2015-08-24 23:41 - 2015-01-14 23:45 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\LogMeIn Hamachi
2015-08-24 23:41 - 2014-12-27 12:46 - 00000000 ___RD C:\Users\Markus Radosztics\iCloudDrive
2015-08-24 23:41 - 2013-10-13 20:57 - 00000000 ___RD C:\Users\Markus Radosztics\Dropbox
2015-08-24 23:41 - 2013-10-13 20:55 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\Dropbox
2015-08-24 23:39 - 2013-11-19 21:28 - 00001132 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-24 23:39 - 2013-10-01 21:22 - 00000000 ____D C:\ProgramData\NVIDIA
2015-08-24 23:39 - 2013-09-30 19:17 - 00282404 _____ C:\Windows\PFRO.log
2015-08-24 23:39 - 2012-07-26 09:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-24 23:37 - 2013-09-30 21:01 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-08-24 23:24 - 2013-09-30 19:24 - 01595079 _____ C:\Windows\WindowsUpdate.log
2015-08-24 23:04 - 2013-11-22 22:24 - 00000366 _____ C:\Windows\Tasks\HP Photo Creations Communicator.job
2015-08-24 23:00 - 2015-06-18 06:45 - 00001290 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-817472733-4082136947-4255886928-1001UA.job
2015-08-24 23:00 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\sru
2015-08-24 22:51 - 2013-11-19 21:28 - 00001136 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-24 21:55 - 2013-09-30 19:30 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-817472733-4082136947-4255886928-1001
2015-08-24 21:55 - 2012-07-26 12:27 - 00751892 _____ C:\Windows\system32\perfh007.dat
2015-08-24 21:55 - 2012-07-26 12:27 - 00155620 _____ C:\Windows\system32\perfc007.dat
2015-08-24 21:55 - 2012-07-26 09:28 - 01745416 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-24 21:49 - 2014-12-27 12:45 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\36A80DEE-1AAD-4F7E-AA6A-4638F785B9B6.aplzod
2015-08-23 14:35 - 2015-06-07 21:40 - 00001270 _____ C:\Users\Markus Radosztics\Desktop\Revo Uninstaller.lnk
2015-08-23 14:35 - 2015-06-07 21:40 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2015-08-23 12:44 - 2014-02-01 13:30 - 00000000 ____D C:\Program Files (x86)\Java
2015-08-22 15:17 - 2014-08-06 12:17 - 00000000 ____D C:\ProgramData\TuneUp Software
2015-08-22 12:39 - 2013-10-02 17:05 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\Skype
2015-08-22 12:04 - 2015-02-23 20:21 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-08-22 12:04 - 2013-10-02 17:05 - 00000000 ____D C:\ProgramData\Skype
2015-08-22 11:00 - 2015-06-18 06:45 - 00001238 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-817472733-4082136947-4255886928-1001Core.job
2015-08-22 10:00 - 2015-03-18 18:45 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-08-22 10:00 - 2014-06-17 22:52 - 00005182 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for WAUT0001-Markus Radosztics WAUT0001
2015-08-21 23:42 - 2013-10-01 18:41 - 00001171 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-08-21 23:42 - 2013-09-30 19:24 - 00001450 _____ C:\Users\Markus Radosztics\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-08-21 15:10 - 2013-11-25 12:30 - 00000000 ____D C:\Windows\Minidump
2015-08-21 08:52 - 2015-03-20 10:39 - 00507984 _____ C:\Windows\system32\FNTCACHE.DAT
2015-08-20 22:50 - 2013-09-30 19:24 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\VirtualStore
2015-08-20 22:30 - 2013-09-30 19:24 - 00000000 ____D C:\Users\Markus Radosztics
2015-08-20 22:10 - 2014-02-01 13:30 - 00000000 ____D C:\ProgramData\Oracle
2015-08-20 22:06 - 2012-07-26 07:26 - 00000269 _____ C:\Windows\win.ini
2015-08-20 21:22 - 2014-11-19 18:47 - 00000000 ____D C:\Program Files (x86)\Samsung
2015-08-20 21:22 - 2013-12-19 13:46 - 00000000 ____D C:\Users\Markus Radosztics\Documents\samsung
2015-08-20 21:22 - 2013-12-19 13:46 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\Samsung
2015-08-20 21:18 - 2013-12-19 13:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2015-08-20 21:18 - 2013-09-30 19:32 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-08-20 20:58 - 2013-09-30 20:29 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\Downloaded Installations
2015-08-20 20:27 - 2015-06-03 20:07 - 00000000 ____D C:\Program Files (x86)\A1 Servicecenter
2015-08-20 14:09 - 2015-03-18 18:59 - 00002321 _____ C:\Users\Markus Radosztics\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-08-20 11:43 - 2014-06-25 17:28 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-20 11:37 - 2013-09-30 21:01 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-08-20 10:43 - 2013-09-30 20:20 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-08-20 10:42 - 2013-09-30 20:20 - 00000000 ____D C:\ProgramData\Apple
2015-08-19 21:47 - 2013-09-30 19:24 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\Packages
2015-08-19 21:18 - 2012-07-26 09:59 - 00000000 ____D C:\Windows\CbsTemp
2015-08-19 17:27 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\GroupPolicy
2015-08-16 18:23 - 2015-07-14 21:02 - 00000650 _____ C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2015-08-16 18:22 - 2015-04-17 08:09 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-08-16 18:22 - 2015-04-17 08:09 - 00000000 ____D C:\Windows\system32\appraiser
2015-08-16 18:22 - 2013-09-30 19:57 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-08-16 18:22 - 2013-09-30 19:57 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-08-16 18:22 - 2012-07-26 10:12 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-16 18:22 - 2012-07-26 10:12 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-16 18:22 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows Defender
2015-08-16 18:22 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-08-16 10:55 - 2013-09-30 19:53 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-08-16 10:55 - 2013-09-30 19:52 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-08-16 10:54 - 2013-09-30 19:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-08-16 10:53 - 2013-09-30 22:57 - 00000000 ____D C:\Windows\system32\MRT
2015-08-16 10:51 - 2013-09-30 22:57 - 132483416 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-08-16 10:46 - 2012-07-26 10:12 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-16 10:46 - 2012-07-26 10:12 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-16 10:26 - 2013-10-01 18:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-15 11:11 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\AUInstallAgent
2015-08-08 04:27 - 2012-07-26 10:14 - 00793544 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-08-08 04:27 - 2012-07-26 10:14 - 00177632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-30 18:24 - 2015-07-24 11:56 - 00016603 _____ C:\Users\Markus Radosztics\Downloads\Schulsporthilfe-Vorschlag-2015.xlsx

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-08-20 23:02 - 2015-08-20 23:02 - 0002228 _____ () C:\Users\Markus Radosztics\AppData\Roaming\Cus4wE9mf.exe.lnk
2015-08-20 23:02 - 2015-08-20 23:02 - 0002250 _____ () C:\Users\Markus Radosztics\AppData\Roaming\mKEEssqw2b6jam0xKEJW.exe.lnk
2013-09-30 20:29 - 2013-09-30 20:29 - 0000268 ___RH () C:\Users\Markus Radosztics\AppData\Roaming\String Ensemble
2013-09-30 20:30 - 2013-09-30 20:30 - 0000268 ___RH () C:\Users\Markus Radosztics\AppData\Roaming\Strings
2013-09-30 20:29 - 2013-09-30 20:29 - 0000268 ___RH () C:\Users\Markus Radosztics\AppData\Roaming\Super Strings
2013-09-30 20:29 - 2013-09-30 20:29 - 0000268 ___RH () C:\Users\Markus Radosztics\AppData\Roaming\Techno Kit
2014-02-05 18:38 - 2015-06-07 12:43 - 0000156 _____ () C:\Users\Markus Radosztics\AppData\Roaming\WB.CFG
2013-11-06 10:01 - 2014-08-12 18:27 - 0006144 _____ () C:\Users\Markus Radosztics\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-12-23 18:56 - 2014-12-23 18:56 - 0007606 _____ () C:\Users\Markus Radosztics\AppData\Local\Resmon.ResmonCfg
2015-08-20 22:04 - 2015-08-20 22:04 - 0047616 _____ () C:\Users\Markus Radosztics\AppData\Local\Salttex.exe
2015-08-20 22:04 - 2015-08-20 22:04 - 0000187 _____ () C:\Users\Markus Radosztics\AppData\Local\Salttex.exe.config
2013-10-02 17:42 - 2013-10-02 17:42 - 0000057 _____ () C:\ProgramData\Ament.ini
2014-07-07 09:16 - 2014-07-07 09:16 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2013-09-30 20:29 - 2013-09-30 20:29 - 0000012 ___RH () C:\ProgramData\howto
2013-09-30 20:29 - 2013-09-30 20:29 - 0000020 ____H () C:\ProgramData\PKP_DLeo.DAT
2013-09-30 20:30 - 2013-09-30 20:30 - 0000020 ____H () C:\ProgramData\PKP_DLes.DAT
2013-09-30 20:29 - 2013-09-30 20:30 - 0000020 ____H () C:\ProgramData\PKP_DLet.DAT
2013-09-30 20:29 - 2013-09-30 20:29 - 0000020 ____H () C:\ProgramData\PKP_DLev.DAT
2013-09-30 20:29 - 2013-09-30 20:29 - 0000268 ___RH () C:\ProgramData\Sync Schema
2013-09-30 20:30 - 2013-09-30 20:30 - 0000268 ___RH () C:\ProgramData\Sync Services
2013-09-30 20:29 - 2013-09-30 20:29 - 0000268 ___RH () C:\ProgramData\Synth Basics
2013-09-30 20:29 - 2013-09-30 20:29 - 0000012 ___RH () C:\ProgramData\Track Settings
2013-09-30 20:30 - 2013-09-30 20:30 - 0000012 ___RH () C:\ProgramData\Transportation
2013-09-30 20:29 - 2013-09-30 20:29 - 0000012 ___RH () C:\ProgramData\Tremolo

Einige Dateien in TEMP:
====================
C:\Users\Markus Radosztics\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpdki6wl.dll
C:\Users\Markus Radosztics\AppData\Local\Temp\{641C3654-92C7-4617-90B7-9AF5AE18A063}.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-08-16 18:02

==================== Ende von FRST.txt ============================
         
lg Don Camillo

Antwort

Themen zu Ständig öffnen sich neue Internet-Fenster
feedback, hotspot, im internet öffnen sich ständig neue fenster, newtab, officejet, pup.optional.conduit.a, pup.optional.iepluginservice.a, pup.optional.iepluginservices.a, pup.optional.installcore.a, pup.optional.megabrowse.a, pup.optional.mixvideoplayer.a, pup.optional.mysearchdial.a, pup.optional.opencandy, pup.optional.optimizerpro.a, pup.optional.qone8, pup.optional.safefinder.a, pup.optional.savesence.a, pup.optional.savesense, pup.optional.savesense.a, pup.optional.searchprotect, pup.optional.searchprotect.a, pup.optional.smartbar, pup.optional.snapdo.t, pup.optional.suptab.a, pup.optional.sweetpage.a, pup.optional.trovi.a, pup.optional.trovi.c, pup.optional.wajam.a, rogue.multiple, super, windowsapps



Ähnliche Themen: Ständig öffnen sich neue Internet-Fenster


  1. Internet Explorer und Firefox öffnen ständig neue Fenster und Tabs.
    Log-Analyse und Auswertung - 21.06.2015 (47)
  2. Windows 7: Ständig neue Werbeanzeigen sowie neue Fenster öffnen sich in Chrome
    Plagegeister aller Art und deren Bekämpfung - 12.03.2015 (15)
  3. Chrome und Internet Explorer öffnen ständig neue Seiten
    Plagegeister aller Art und deren Bekämpfung - 17.01.2015 (5)
  4. Windows 7: Ständig neue Werbeanzeigen sowie neue Fenster öffnen sich in Chrome.
    Plagegeister aller Art und deren Bekämpfung - 13.01.2015 (10)
  5. windows 7 es öffnen sich ständig neue fenster rechner ist sehr langsam, ist auch schon mit blue screen abgestürtzt
    Log-Analyse und Auswertung - 09.09.2014 (1)
  6. neue Fenster, die sich sekundenweise beim surfen öffnen
    Plagegeister aller Art und deren Bekämpfung - 02.08.2014 (15)
  7. Windows 8 / Mozilla Firefox : Ständig öffnen sich neue Fenster und Tabs mit Werbung und Warnhinweisen
    Log-Analyse und Auswertung - 28.05.2014 (7)
  8. Unter Firefox öffnen sich ständig neue Fenster.
    Log-Analyse und Auswertung - 22.04.2014 (3)
  9. Es öffnen sich ständig neue Fenster und Tabs
    Plagegeister aller Art und deren Bekämpfung - 17.03.2014 (4)
  10. Internet-Browser öffnet ständig neue Fenster
    Log-Analyse und Auswertung - 23.08.2011 (23)
  11. Internet Explorer Werbung-Fenster öffnen sich ständig
    Plagegeister aller Art und deren Bekämpfung - 05.05.2011 (1)
  12. Internet Explorer öffnet ständig neue Fenster
    Plagegeister aller Art und deren Bekämpfung - 04.07.2010 (28)
  13. Firefox öffnet ständig neue Fenster und Internet Explorer dreht auch durch
    Log-Analyse und Auswertung - 08.01.2010 (13)
  14. Ständig öffnen sich unerwünscht neue Fenster/Internet-Seiten
    Log-Analyse und Auswertung - 05.12.2009 (5)
  15. ff und ie öffnen ständig neue fenster
    Log-Analyse und Auswertung - 22.01.2009 (11)
  16. internet explorer öffnet ständig neue fenster! virus ?
    Log-Analyse und Auswertung - 16.01.2009 (35)
  17. fenster öffnen sich ständig...
    Plagegeister aller Art und deren Bekämpfung - 01.12.2006 (1)

Zum Thema Ständig öffnen sich neue Internet-Fenster - Hallo an das Forum. Ich hoffe, ihr könnt mir helfen. Auf meinem PC mit Windows 8 öffnen sich ständig neue Internet-Fenster, was sehr nervig ist. Ich habe mir mal FRST - Ständig öffnen sich neue Internet-Fenster...
Archiv
Du betrachtest: Ständig öffnen sich neue Internet-Fenster auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.