Avira Trojaner Meldung bei Steam start! (TR/Dropper.Gen)

Luca Bley · 25.05.2014, 19:09

Hey Leute

Ich wollte heute Morgen auf mein steam Konto zugreifen, und während der installation eines neuen Update von Steam hat Avira einen Virus (Trojaner,Malware) entdeckt. C:/Program Files(x86)/Steam/.../GameOverlayUI.exe_

Ich habe die Datei natürlich zuerst in Quarantäne verschoben, danach habe ich 2 weitere Male versucht Steam zu aktualisieren wobei dass gleiche passierte.Ich hab Steam danach komplett gelöscht und neu installiert, musste dann aber feststellen das dies dass Problem nicht löste (gleiche Fehlermeldung).Bitte antwortet schnell ich hab in anderen Foren gelesen dass dies nur eine Überreaktion Aviras sei möchte mich darauf aber nicht verlassen vor allem weil ich Steam so nicht mehr starten kann.
Bitte höfflichst um Hilfe und Bedanke mich im Vorraus!

schrauber · 26.05.2014, 06:28

hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Luca Bley · 26.05.2014, 19:09

Ich bin mir leider nicht im Klaren wie ich diese Logs posten soll.

Ich bitte um ein Antwort und entschuldige mich für meine Unwissendheit

schrauber · 27.05.2014, 18:02

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Luca Bley · 27.05.2014, 18:15

Hier die FRST

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-05-2014 02
Ran by lucab_000 (administrator) on LUCA on 27-05-2014 19:01:58
Running from C:\Users\lucab_000\Desktop
Platform: Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
() C:\Users\lucab_000\AppData\Roaming\BupSystem\bup.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\ccsvchst.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\ccsvchst.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(Spotify Ltd) C:\Users\lucab_000\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
() C:\Users\lucab_000\AppData\Roaming\SystemMn\bin\SystemMn.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
() C:\Program Files (x86)\PricePeep\PricePeepUpdater.exe
() C:\Users\lucab_000\AppData\Roaming\SystemMn\cpmn\mnd.exe
(Microsoft Corporation) C:\Windows\System32\wscript.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
() C:\Users\lucab_000\AppData\Roaming\Microsoft\Windows\Temp\dllhost.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Wargaming.net) C:\Games\World_of_Tanks\WoTLauncher.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-07-22] (IDT, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916152 2012-08-24] (Synaptics Incorporated)
HKLM\...\Run: [MouseDriver] => C:\Windows\system32\TiltWheelMouse.exe [241152 2013-04-09] (Pixart Imaging Inc)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-08-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491320 2012-07-26] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [580512 2012-07-09] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HP CoolSense] => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1342008 2011-08-26] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [Iminent] => C:\Program Files (x86)\Iminent\Iminent.exe /warmup "F77F87E5-A6BD-4922-A530-EDF63D7E9F8C"
HKLM-x32\...\Run: [IminentMessenger] => C:\Program Files (x86)\Iminent\Iminent.Messengers.exe
HKLM-x32\...\Run: [spup] => C:\Users\lucab_000\AppData\Roaming\ShinyProfile\spup.exe [197664 2013-07-10] ()
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [385248 2013-01-23] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [4StoryPrePatch] => C:\Program Files (x86)\Gameforge4D\4Story_DE\PrePatch.exe
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-322448050-4293528468-1955477807-1001\...\Run: [RGSC] => C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
HKU\S-1-5-21-322448050-4293528468-1955477807-1001\...\Run: [Optimizer Pro] => C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe
HKU\S-1-5-21-322448050-4293528468-1955477807-1001\...\Run: [EA Core] => "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
HKU\S-1-5-21-322448050-4293528468-1955477807-1001\...\Run: [Spotify] => C:\Users\lucab_000\AppData\Roaming\Spotify\spotify.exe [6118400 2014-02-05] (Spotify Ltd)
HKU\S-1-5-21-322448050-4293528468-1955477807-1001\...\Run: [Spotify Web Helper] => C:\Users\lucab_000\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171968 2014-02-05] (Spotify Ltd)
HKU\S-1-5-21-322448050-4293528468-1955477807-1001\...\Run: [PCSpeedUp] => C:\Program Files (x86)\PC Speed Up\PCSUNotifier.exe
HKU\S-1-5-21-322448050-4293528468-1955477807-1001\...\Run: [SystemMn] => C:\Users\lucab_000\AppData\Roaming\SystemMn\bin\SystemMn.exe [149504 2014-02-05] ()
HKU\S-1-5-21-322448050-4293528468-1955477807-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\Overwolf.exe -silent
HKU\S-1-5-21-322448050-4293528468-1955477807-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-322448050-4293528468-1955477807-1001\...\Run: [Browser Infrastructure Helper] => C:\Users\lucab_000\AppData\Local\Smartbar\Application\Smartbar.exe startup
HKU\S-1-5-21-322448050-4293528468-1955477807-1001\...\RunOnce: [Temp] - C:\Users\lucab_000\AppData\Roaming\Microsoft\Windows\Temp\system.vbs [228 2013-12-01] ()
HKU\S-1-5-21-322448050-4293528468-1955477807-1001\...\Policies\Explorer: [DisallowRun] 1
IFEO\bitguard.exe: [Debugger] tasklist.exe
IFEO\bprotect.exe: [Debugger] tasklist.exe
IFEO\browserdefender.exe: [Debugger] tasklist.exe
IFEO\browserprotect.exe: [Debugger] tasklist.exe
Startup: C:\Users\lucab_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\lucab_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
ShortcutTarget: MyPC Backup.lnk -> C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe (No File)
Startup: C:\Users\lucab_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PricePeepUpdater.lnk
ShortcutTarget: PricePeepUpdater.lnk -> C:\Program Files (x86)\PricePeep\PricePeepUpdater.exe ()
Startup: C:\Users\lucab_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Severe Weather Alerts App.lnk
ShortcutTarget: Severe Weather Alerts App.lnk -> C:\Users\lucab_000\AppData\Local\SevereWeatherAlerts\SevereWeatherAlertsApp.exe (No File)
Startup: C:\Users\lucab_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Severe Weather Alerts.lnk
ShortcutTarget: Severe Weather Alerts.lnk -> C:\Users\lucab_000\AppData\Local\SevereWeatherAlerts\SevereWeatherAlerts.exe (No File)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT13/4
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnmBFfXNpYai-qrtzE90kMBmXNl4gAaZMcLIvQpNVIgPZqao-gxLk2B-2mGBW83JexLMeyRYds5CgAw-U6s6H3AlrzkJXi7AutAqLgXOpaoJlNTNaJI45UBu67pFLmHMM1YzCvglGrDnYx_gvXT81NFGxRdM,&q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.certified-toolbar.com?si=66807&tid=6724&ver=4.8&ts=1379973600000.000007&tguid=66807-6724-1380048835603-F3A081E4A0B2AA1CFB486DCA05041F61&st=chrome&q=
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnmBFfXNpYai-qrtzE90kMBmXNl4gAaZMcLIvQpNVIgPZqao-gxLk2B-2mGBW83JexLMeyRYds5CgAw-U6s6H3AlrzkJXi7AutAqLgXOpaoJlNTNaJI45UBu67pFLmHMM1YzCvglGrDnYx_gvXT81NFGxRdM,&q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.giga.de/androidnews/
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT13/4
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPNOT13/4
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.certified-toolbar.com?si=66807&tid=6724&ver=4.8&ts=1379973600000.000007&tguid=66807-6724-1380048835603-F3A081E4A0B2AA1CFB486DCA05041F61&st=chrome&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT13/4
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:newtab
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.certified-toolbar.com?si=66807&tid=6724&ver=4.8&ts=1379973600000.000007&tguid=66807-6724-1380048835603-F3A081E4A0B2AA1CFB486DCA05041F61&st=chrome&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.certified-toolbar.com?si=66807&tid=6724&ver=4.8&ts=1379973600000.000007&tguid=66807-6724-1380048835603-F3A081E4A0B2AA1CFB486DCA05041F61&st=chrome&q=
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
SearchScopes: HKLM - {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
SearchScopes: HKLM - {52db1893-8a90-4192-aede-08e00b8f8473} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=103&systemid=473&v=a9397-150&apn_uid=5704526191014023&apn_dtid=BND473&o=APN10640&apn_ptnrs=AG1&q={searchTerms}
SearchScopes: HKLM - {69E1476A-58EF-4583-BA7A-04B8D42B7497} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnmBFfXNpYai-qrtzE90kMBmXNl4gAaZMcLIvQpNVIgPZqao-gxLk2B-2mGBW83JexLMeyRYds5CgAw-U6s6H3AlrzkJXi7AutAqLgXOpaoJlNTNaJI45UBu67pFLmHMM1YzCvglGrDnYx_gvXT81NFGxRdM,&q={searchTerms}
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnmBFfXNpYai-qrtzE90kMBmXNl4gAaZMcLIvQpNVIgPZqao-gxLk2B-2mGBW83JexLMeyRYds5CgAw-U6s6H3AlrzkJXi7AutAqLgXOpaoJlNTNaJI45UBu67pFLmHMM1YzCvglGrDnYx_gvXT81NFGxRdM,&q={searchTerms}
SearchScopes: HKCU - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=securitascout
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=securitascout
BHO: Plus-HD-4.6 - {11111111-1111-1111-1111-110311961180} -  No File
BHO: a2zLyrics-1 - {11111111-1111-1111-1111-110411151154} -  No File
BHO: SmartbarInternetExplorerBHOEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: IMinent WebBooster (BHO) - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} -  No File
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: IEOptimizer - {10AD2C61-0898-4348-8600-14A342F22AC3} - C:\Program Files (x86)\SavingsBull\IEOptimizer.dll ()
BHO-x32: Plus-HD-4.6 - {11111111-1111-1111-1111-110311961180} -  No File
BHO-x32: a2zLyrics-1 - {11111111-1111-1111-1111-110411151154} -  No File
BHO-x32: SmartbarInternetExplorerBHOEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: No Name - {3444c3c5-6c56-4a16-a453-832b05bf6ea4} -  No File
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: WebSparkle - {9f56bab3-2739-40ed-a8d0-1451657a9742} -  No File
BHO-x32: No Name - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} -  No File
BHO-x32: Wajam - {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} -  No File
BHO-x32: ShinyProfile Class - {C8B7D03D-30D7-493A-95E5-6547E2FAC2FE} - C:\Users\lucab_000\AppData\Roaming\ShinyProfile\shinyprofile.dll (TODO: <Company name>)
BHO-x32: Re-markit - {d473bc6a-7249-4528-8482-ddf6a15704a1} -  No File
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
BHO-x32: No Name - {FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} -  No File
Toolbar: HKLM - Shopping Helper Smartbar - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - No Name - {3444c3c5-6c56-4a16-a453-832b05bf6ea4} -  No File
Toolbar: HKLM-x32 - Shopping Helper Smartbar - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default
FF NewTab: hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnmBFfXNpYai-qrtzE90kMBmXNl4gAaZMcLIvQpNVIgPZqao-gxLk2B-2mGBW83JexLMeyRYds5CgAw-U6s6H3AlrzkJXgXnrvO7nfsC3nVY8ZwUMadsuiiumcvHgPNrUv1LWx_dCAItWLpgH6XzwrDqVQzc,
FF DefaultSearchEngine: Web Search
FF SearchEngineOrder.1: Web Search
FF SelectedSearchEngine: Web Search
FF Homepage: hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnmBFfXNpYai-qrtzE90kMBmXNl4gAaZMcLIvQpNVIgPZqao-gxLk2B-2mGBW83JexLMeyRYds5CgAw-U6s6H3AlrzkJXh-K8R1XRQ-jiQfqMTWwQqzARAjmGBQIkI1Js_N-nDjNv3aS8tz8LGq3qWdGDPlI,|hxxp://www.giga.de/androidnews/
FF Keyword.URL: hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnmBFfXNpYai-qrtzE90kMBmXNl4gAaZMcLIvQpNVIgPZqao-gxLk2B-2mGBW83JexLMeyRYds5CgAw-U6s6H3AlrzkJXi7AutAqLgXOpaoJlNTNaJI45UBu67pFLmHMM1YzCvglGrDnYx_gvXT81NFGxRdM,&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF user.js: detected! => C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\user.js
FF SearchPlugin: C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\searchplugins\Web Search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\Ask.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Widget context - C:\Users\lucab_000\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{140A2D0E-85CC-4ed3-9BA5-8FA35DA7FABA}.xpi [2013-12-22]
FF Extension: Amazon-Icon - C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\Extensions\amazon-icon@giga.de [2014-04-14]
FF Extension: Securita Scout - C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\Extensions\isec@securitascout.com [2014-04-21]
FF Extension: SavingsBull - C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\Extensions\SavingsBull@jetpack [2014-02-23]
FF Extension: Adblock Plus - C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-02-10]
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\IPSFF [2013-10-10]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\coFFPlgn\ []
FF HKCU\...\Firefox\Extensions: [{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}] - C:\Program Files (x86)\Wajam\Firefox\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpi
FF HKCU\...\Firefox\Extensions: [{34756c3b-373e-4820-8ad0-0354e654ed07}] - C:\Program Files (x86)\Re-markit\135.xpi

Chrome: 
=======
CHR Extension: (Norton Identity Safe for Google Chrome™) - C:\Users\lucab_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bejnhdlplbjhffionohbdnpcbobfejcc [2014-05-19]
CHR Extension: (Amazon-Icon) - C:\Users\lucab_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkcedibhemacmilmkpndpkoidlnmgngg [2014-04-15]
CHR Extension: (Google Wallet) - C:\Users\lucab_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-14]
CHR HKLM-x32\...\Chrome\Extension: [bejnhdlplbjhffionohbdnpcbobfejcc] - C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\Exts\Chrome.crx [2014-05-02]
CHR HKLM-x32\...\Chrome\Extension: [dcpfhaghaadpjpgocojgnlhjcieeooel] - C:\Program Files (x86)\Re-markit\135.crx [2014-05-02]
CHR HKLM-x32\...\Chrome\Extension: [jpmbfleldcgkldadpdinhjjopdfpjfjp] - C:\Users\lucab_000\AppData\Local\Wajam\Chrome\wajam.crx [2014-05-02]
CHR HKLM-x32\...\Chrome\Extension: [mkcedibhemacmilmkpndpkoidlnmgngg] - C:\Users\lucab_000\ChromeExtensions\mkcedibhemacmilmkpndpkoidlnmgngg\amazon.crx [2014-04-14]

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [86752 2013-01-28] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [110816 2013-01-28] (Avira Operations GmbH & Co. KG)
S3 BRSptSvc; C:\ProgramData\BitRaider\BRSptSvc.exe [477960 2014-03-31] (BitRaider, LLC)
R2 bupService; C:\Users\lucab_000\AppData\Roaming\BupSystem\bup.exe [1005056 2014-04-14] ()
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2211000 2014-03-30] (Microsoft Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\ccSvcHst.exe [144368 2013-05-21] (Symantec Corporation)
R2 RzKLService; C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe [106472 2013-09-18] (Razer Inc.)
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [759192 2013-09-03] (Tunngle.net GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)
S2 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [X]
S2 IconMan_R; "C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe" [X]
S2 Level Quality Watcher; C:\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher64.exe run options=01110010010000000000000000000000 sourceguid=F59A0002-F007-46FB-97D3-3BC5D2551041 [X]
S2 LPTSystemUpdater; "C:\Program Files (x86)\LPT\srpts.exe" [X]
S3 OverwolfUpdaterService; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [X]
S2 PCSUService; C:\Program Files (x86)\PC Speed Up\PCSUService.exe [X]
S2 Update WebSparkle; "C:\Program Files (x86)\WebSparkle\updateWebSparkle.exe" [X]
S4 WajamUpdater; "C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe" [X]

==================== Drivers (Whitelisted) ====================

R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [35496 2012-07-10] (Advanced Micro Devices, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [99912 2012-12-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [129216 2012-12-03] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [27800 2012-11-16] (Avira Operations GmbH & Co. KG)
R3 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\BASHDefs\20131002.001\BHDrvx64.sys [1525848 2013-10-02] (Symantec Corporation)
S3 BRDriver64; C:\ProgramData\BitRaider\BRDriver64.sys [75048 2014-04-02] (BitRaider)
R3 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1405000.01C\ccSetx64.sys [169048 2013-04-16] (Symantec Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R3 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-08-27] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [140376 2013-08-27] (Symantec Corporation)
R3 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\IPSDefs\20131022.001\IDSvia64.sys [521816 2013-10-20] (Symantec Corporation)
S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\VirusDefs\20131022.040\ENG64.SYS [126040 2013-08-29] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\VirusDefs\20131022.040\EX64.SYS [2099288 2013-08-29] (Symantec Corporation)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-08-24] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-24] (Synaptics Incorporated)
S3 SRTSP; C:\Windows\System32\Drivers\NISx64\1405000.01C\SRTSP64.SYS [796760 2013-05-16] (Symantec Corporation)
R3 SRTSPX; C:\Windows\system32\drivers\NISx64\1405000.01C\SRTSPX64.SYS [36952 2013-03-05] (Symantec Corporation)
R3 SymDS; C:\Windows\system32\drivers\NISx64\1405000.01C\SYMDS64.SYS [493656 2013-05-21] (Symantec Corporation)
R3 SymEFA; C:\Windows\system32\drivers\NISx64\1405000.01C\SYMEFA64.SYS [1139800 2013-05-23] (Symantec Corporation)
S4 SymELAM; C:\Windows\system32\drivers\NISx64\1405000.01C\SymELAM.sys [23448 2012-06-20] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2013-07-08] (Symantec Corporation)
R3 SymIRON; C:\Windows\system32\drivers\NISx64\1405000.01C\Ironx64.SYS [224416 2013-03-05] (Symantec Corporation)
R3 SymNetS; C:\Windows\System32\Drivers\NISx64\1405000.01C\SYMNETS.SYS [433752 2013-04-25] (Symantec Corporation)
R3 tap0901t; C:\Windows\system32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
S3 t_mouse.sys; C:\Windows\system32\DRIVERS\t_mouse.sys [6144 2013-04-09] ()
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20288 2012-08-03] (Hewlett-Packard Development Company, L.P.)
U3 DfSdkS; 
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 RSP2STOR; \SystemRoot\system32\DRIVERS\RtsP2Stor.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-26 21:53 - 2014-05-26 21:53 - 00000000 ____D () C:\ProgramData\PopCap Games
2014-05-26 21:53 - 2014-05-26 21:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pflanzen gegen Zombies
2014-05-26 21:53 - 2014-05-26 21:53 - 00000000 ____D () C:\ProgramData\EA Core
2014-05-26 21:51 - 2014-05-26 21:52 - 00017627 _____ () C:\Windows\DirectX.log
2014-05-26 19:46 - 2014-05-26 19:46 - 00042737 _____ () C:\Users\lucab_000\Desktop\Addition.txt
2014-05-26 19:45 - 2014-05-27 19:01 - 00029563 _____ () C:\Users\lucab_000\Desktop\FRST.txt
2014-05-26 19:45 - 2014-05-27 19:01 - 00000000 ____D () C:\FRST
2014-05-26 19:44 - 2014-05-26 19:44 - 02066944 _____ (Farbar) C:\Users\lucab_000\Desktop\FRST64.exe
2014-05-25 20:55 - 2014-05-27 16:28 - 00300180 _____ () C:\Windows\WindowsUpdate.log
2014-05-25 12:10 - 2014-05-27 16:11 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-05-25 12:09 - 2014-05-25 12:09 - 01141680 _____ () C:\Users\lucab_000\Downloads\Steamv13Setup.exe
2014-05-18 00:55 - 2014-05-18 00:55 - 00000000 ____D () C:\Windows\System32\Tasks\Norton Internet Security
2014-05-17 21:11 - 2014-05-17 21:11 - 00466520 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll
2014-05-17 21:11 - 2014-05-17 21:11 - 00445016 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll
2014-05-17 21:11 - 2014-05-17 21:11 - 00123480 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll
2014-05-17 21:11 - 2014-05-17 21:11 - 00109144 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll
2014-05-17 21:11 - 2014-05-17 21:11 - 00000000 ____D () C:\Program Files (x86)\OpenAL
2014-05-11 09:54 - 2008-05-05 09:40 - 00344064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr70.dll
2014-05-11 09:54 - 2006-10-19 19:05 - 01060864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71.dll

==================== One Month Modified Files and Folders =======

2014-05-27 19:02 - 2014-05-26 19:45 - 00029563 _____ () C:\Users\lucab_000\Desktop\FRST.txt
2014-05-27 19:01 - 2014-05-26 19:45 - 00000000 ____D () C:\FRST
2014-05-27 19:01 - 2013-07-06 22:34 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-322448050-4293528468-1955477807-1001
2014-05-27 19:00 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\sru
2014-05-27 18:56 - 2014-05-25 20:55 - 00300180 _____ () C:\Windows\WindowsUpdate.log
2014-05-27 18:56 - 2014-04-14 19:43 - 00001122 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-27 18:56 - 2013-12-02 00:41 - 00002090 _____ () C:\Windows\Tasks\Plus-HD-4.6-firefoxinstaller.job
2014-05-27 18:56 - 2013-12-02 00:41 - 00001924 _____ () C:\Windows\Tasks\Plus-HD-4.6-chromeinstaller.job
2014-05-27 18:56 - 2013-12-02 00:41 - 00001314 _____ () C:\Windows\Tasks\Plus-HD-4.6-updater.job
2014-05-27 18:56 - 2013-12-02 00:41 - 00001216 _____ () C:\Windows\Tasks\Plus-HD-4.6-codedownloader.job
2014-05-27 18:56 - 2013-12-02 00:41 - 00001116 _____ () C:\Windows\Tasks\Plus-HD-4.6-enabler.job
2014-05-27 18:56 - 2013-12-01 19:43 - 00000402 _____ () C:\Windows\Tasks\Re-markit Update.job
2014-05-27 18:56 - 2013-12-01 19:09 - 00000354 _____ () C:\Windows\Tasks\spmonitor.job
2014-05-27 18:56 - 2013-12-01 19:09 - 00000276 _____ () C:\Windows\Tasks\SpeedUpMyPC.job
2014-05-27 18:56 - 2013-09-30 19:05 - 00001308 _____ () C:\Windows\Tasks\a2zLyrics-1-updater.job
2014-05-27 18:56 - 2013-09-30 19:05 - 00001212 _____ () C:\Windows\Tasks\a2zLyrics-1-codedownloader.job
2014-05-27 18:56 - 2013-09-30 19:05 - 00001112 _____ () C:\Windows\Tasks\a2zLyrics-1-enabler.job
2014-05-27 16:53 - 2014-04-14 19:43 - 00001126 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-27 16:49 - 2012-07-26 09:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-27 16:44 - 2013-10-10 16:16 - 00000000 ____D () C:\ProgramData\Tunngle
2014-05-27 16:44 - 2013-09-01 15:44 - 00000000 ____D () C:\Users\lucab_000\AppData\Roaming\Tunngle
2014-05-27 16:40 - 2012-07-26 07:26 - 01048576 ___SH () C:\Windows\system32\config\BBI
2014-05-27 16:11 - 2014-05-25 12:10 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-05-26 21:53 - 2014-05-26 21:53 - 00000000 ____D () C:\ProgramData\PopCap Games
2014-05-26 21:53 - 2014-05-26 21:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pflanzen gegen Zombies
2014-05-26 21:53 - 2014-05-26 21:53 - 00000000 ____D () C:\ProgramData\EA Core
2014-05-26 21:53 - 2014-02-01 01:32 - 00000000 ____D () C:\Users\lucab_000\AppData\Local\Origin
2014-05-26 21:52 - 2014-05-26 21:51 - 00017627 _____ () C:\Windows\DirectX.log
2014-05-26 21:48 - 2014-02-01 01:37 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-05-26 21:47 - 2014-02-01 01:12 - 00000000 ____D () C:\ProgramData\Origin
2014-05-26 21:45 - 2014-02-01 01:12 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-05-26 19:46 - 2014-05-26 19:46 - 00042737 _____ () C:\Users\lucab_000\Desktop\Addition.txt
2014-05-26 19:44 - 2014-05-26 19:44 - 02066944 _____ (Farbar) C:\Users\lucab_000\Desktop\FRST64.exe
2014-05-25 21:27 - 2013-07-06 22:17 - 00000000 ____D () C:\Users\lucab_000
2014-05-25 12:10 - 2013-07-06 23:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2014-05-25 12:09 - 2014-05-25 12:09 - 01141680 _____ () C:\Users\lucab_000\Downloads\Steamv13Setup.exe
2014-05-25 11:36 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-05-25 11:32 - 2012-08-18 02:55 - 00830120 _____ () C:\Windows\system32\perfh007.dat
2014-05-25 11:32 - 2012-08-18 02:55 - 00188224 _____ () C:\Windows\system32\perfc007.dat
2014-05-25 11:32 - 2012-07-26 09:28 - 01949368 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-25 11:19 - 2013-07-06 23:58 - 00000000 ____D () C:\Users\lucab_000\AppData\Roaming\Skype
2014-05-24 23:03 - 2014-02-04 00:16 - 00000358 _____ () C:\Windows\Tasks\PC SpeedUp Service Deactivator.job
2014-05-21 20:23 - 2013-07-07 16:32 - 00000000 ____D () C:\Users\lucab_000\AppData\Roaming\.minecraft
2014-05-20 15:01 - 2014-02-04 00:07 - 00000302 _____ () C:\Windows\Tasks\System Speedup_DEFAULT.job
2014-05-20 15:01 - 2014-02-04 00:07 - 00000294 _____ () C:\Windows\Tasks\RegClean Pro_DEFAULT.job
2014-05-19 19:29 - 2012-07-26 10:12 - 00000000 ___HD () C:\Windows\ELAMBKUP
2014-05-18 21:11 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-05-18 00:55 - 2014-05-18 00:55 - 00000000 ____D () C:\Windows\System32\Tasks\Norton Internet Security
2014-05-18 00:50 - 2012-09-08 06:44 - 00000000 ____D () C:\Windows\system32\Drivers\NISx64
2014-05-18 00:49 - 2013-12-11 22:51 - 00007597 _____ () C:\Users\lucab_000\AppData\Local\Resmon.ResmonCfg
2014-05-18 00:49 - 2012-09-08 06:45 - 00003234 _____ () C:\Windows\System32\Tasks\Norton WSC Integration
2014-05-18 00:49 - 2012-09-08 06:44 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
2014-05-17 21:11 - 2014-05-17 21:11 - 00466520 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll
2014-05-17 21:11 - 2014-05-17 21:11 - 00445016 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll
2014-05-17 21:11 - 2014-05-17 21:11 - 00123480 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll
2014-05-17 21:11 - 2014-05-17 21:11 - 00109144 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll
2014-05-17 21:11 - 2014-05-17 21:11 - 00000000 ____D () C:\Program Files (x86)\OpenAL
2014-05-16 21:46 - 2012-08-17 17:26 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-05-09 14:48 - 2014-04-14 19:43 - 00004098 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-09 14:48 - 2014-04-14 19:43 - 00003862 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-01 23:10 - 2014-03-31 20:17 - 00000000 ____D () C:\ProgramData\BitRaider

Files to move or delete:
====================
C:\Users\lucab_000\AppData\Roaming\EasyToolz.ini


Some content of TEMP:
====================
C:\Users\janab_000\AppData\Local\Temp\apptorun.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-05-21 21:59

==================== End Of Log ============================

--- --- ---

--- --- ---

Und die Addition

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-05-2014 02
Ran by lucab_000 at 2014-05-26 19:46:10
Running from C:\Users\lucab_000\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Internet Security (Disabled - Out of date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AV: Avira Desktop (Disabled - Out of date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Out of date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Norton Internet Security (Enabled - Out of date) {631E4324-D31C-783F-EC5C-35AD42B18466}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton Internet Security (Disabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}

==================== Installed Programs ======================

Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.43 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.5.635 - Adobe Systems, Inc.)
Advanced System Protector (HKLM-x32\...\00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Systweak_Ad~B9F029BF_is1) (Version: 2.1.1000.12580 - Systweak Software) <==== ATTENTION
AMD APP SDK Runtime (Version: 10.0.938.2 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{5977D04D-1D6A-952C-97AF-04D9D4C0AE56}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
Arma: Cold War Assault (HKLM-x32\...\Steam App 65790) (Version:  - Bohemia Interactive)
Ashampoo WinOptimizer 2014 v.1.0.0 (HKLM-x32\...\{4209F371-99CD-68CB-1C29-9910F8F9BD96}_is1) (Version: 1.0.0 - Ashampoo GmbH & Co. KG)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 13.0.0.3185 - Avira)
BitRaider Web Client (HKLM-x32\...\BitRaider Web Client) (Version: 1.1.9.9 - BitRaider, LLC)
Bundled software uninstaller (HKLM-x32\...\bi_uninstaller) (Version:  - ) <==== ATTENTION
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center (x32 Version: 2012.0806.1156.19437 - Ihr Firmenname) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2012.0806.1156.19437 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2012.0806.1156.19437 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2012.0806.1156.19437 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Profiles Mobile (x32 Version: 2012.0806.1156.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2012.0806.1156.19437 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.05 - Piriform)
Company of Heroes (New Steam Version) (HKLM-x32\...\Steam App 228200) (Version:  - Relic)
Connected Music powered by Universal Music Group version 1.0 (HKLM-x32\...\{46037DC7-F927-46DF-935F-D6F122BDD34B}_is1) (Version: 1.0 - Snowite)
Cry of Fear (HKLM-x32\...\Steam App 223710) (Version:  - Team Psykskallar)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1.5407 - CyberLink Corp.)
CyberLink LabelPrint (x32 Version: 2.5.1.5407 - CyberLink Corp.) Hidden
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.1.1916 - CyberLink Corp.)
CyberLink Media Suite 10 (x32 Version: 10.0.1.1916 - CyberLink Corp.) Hidden
CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.1.3119 - CyberLink Corp.)
CyberLink PhotoDirector (x32 Version: 2.0.1.3119 - CyberLink Corp.) Hidden
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.1.1926 - CyberLink Corp.)
CyberLink Power2Go 8 (x32 Version: 8.0.1.1926 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.1.1925 - CyberLink Corp.)
CyberLink PowerDirector 10 (x32 Version: 10.0.1.1925 - CyberLink Corp.) Hidden
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.6.4319 - CyberLink Corp.)
CyberLink PowerDVD (x32 Version: 10.0.6.4319 - CyberLink Corp.) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.4.5527 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 3.5.4.5527 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Energy Star (HKLM\...\{0FA995CC-C849-4755-B14B-5404CC75DC24}) (Version: 1.0.8 - Hewlett-Packard)
Fallout 3 (HKLM-x32\...\{974C4B12-4D02-4879-85E0-61C95CC63E9E}) (Version: 1.00.0000 - Bethesda Softworks)
Fallout Mod Manager 0.13.21 (HKLM-x32\...\Generic Mod Manager_is1) (Version:  - Q, Timeslip)
FilesFrog Update Checker (HKLM-x32\...\FilesFrog Update Checker) (Version:  - ) <==== ATTENTION
FLV Media Player version 1.3 (HKLM-x32\...\{0E08BAC8-845B-4327-8CDB-4B0F8C9857A5}_is1) (Version: 1.3 - FLVMPlayer)
Free YouTube to MP3 Converter version 3.12.9.725 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.9.725 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.114 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
Grand Theft Auto IV (HKLM-x32\...\{579BA58C-F33D-4970-9953-B94B43768AC3}) (Version: 1.00.0000 - Rockstar Games)
Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
Grand Theft Auto: Episodes From Liberty City (HKLM-x32\...\{61B8B2F9-D8DA-4B24-89A9-DB09F38A4899}) (Version: 1.1.0.0 - Rockstar Games)
Hewlett-Packard ACLM.NET v1.2.0.0 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM\...\{E7EB0FFE-B5E3-4163-A2A1-DD329380664A}) (Version: 4.2.5.1 - Hewlett-Packard Company)
HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: v1.0 - Meridian Audio Ltd)
HP CoolSense (HKLM-x32\...\{16B7BDA1-B967-4D2D-8B27-E12727C28350}) (Version: 2.10.3 - Hewlett-Packard Company)
HP Customer Experience Enhancements (x32 Version: 6.0.1.7 - Hewlett-Packard) Hidden
HP Documentation (HKLM-x32\...\{18DE31AE-70D0-43A7-9E3C-2ED7283ECE8A}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Postscript Converter (Version: 3.1.3554 - Hewlett-Packard) Hidden
HP Quick Launch (HKLM-x32\...\{4ED7050C-9332-4FB2-AB07-E94F25A53D39}) (Version: 3.0.3 - Hewlett-Packard Company)
HP Recovery Manager (x32 Version: 7.00 - Hewlett-Packard) Hidden
HP Registration Service (HKLM\...\{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}) (Version: 1.0.5976.4186 - Hewlett-Packard)
HP Software Framework (HKLM-x32\...\{94BB4B4F-BD6D-4166-A580-F868C8384CA6}) (Version: 4.6.8.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{B8019B54-F9BE-490A-9619-6D06F18F129F}) (Version: 7.0.32.44 - Hewlett-Packard Company)
HP Utility Center (HKLM-x32\...\{0C57987A-A03A-4B95-A309-D23F78F406CA}) (Version: 1.0.7 - Hewlett-Packard)
HP Wireless Button Driver (HKLM-x32\...\{941DE69D-6CEE-4171-8F1F-3D7E352AA498}) (Version: 1.0.5.1 - Hewlett-Packard Company)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6417.0 - IDT)
Iminent (x32 Version: 6.46.1.0 - Iminent) Hidden <==== ATTENTION
Intel(R) Display Audio Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 6.14.00.3097 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
Java 7 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417051FF}) (Version: 7.0.510 - Oracle)
LPT System Updater Service (x32 Version: 1.0.0.0 - LPT) Hidden <==== ATTENTION
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 15.0.4605.1003 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.60310.0 - Microsoft Corporation)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 17.0.2015.0811 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
Norton Internet Security (HKLM-x32\...\NIS) (Version: 20.5.0.28 - Symantec Corporation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.3 - Notepad++ Team)
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4605.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4605.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4605.1003 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 9.4.1.116 - Electronic Arts, Inc.)
Overwolf (HKLM-x32\...\{FE8E927E-8099-4C6B-A337-1CAB00E213C7}) (Version: 0.50.310 - Overwolf)
PlanetSide 2 (HKLM-x32\...\Steam App 218230) (Version:  - Sony Online Entertainment)
Play withSIX (HKLM-x32\...\{D7F3EEAD-183C-47DE-BDC5-593539573F97}) (Version: 1.30.0476 - SIX Networks)
PricePeep (HKLM-x32\...\PricePeep) (Version: 2.2.0.8 - betwikx LLC) <==== ATTENTION
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Razer Game Booster (HKLM-x32\...\Razer Game Booster_is1) (Version: 4.0.68.0 - Razer Inc.)
RegClean Pro (HKLM-x32\...\RegClean Pro_is1) (Version: 6.21 - Systweak Inc) <==== ATTENTION
S.T.A.L.K.E.R. - Call Of Pripyat [v1.6.01] (HKLM-x32\...\{406FB8A4-F539-48A9-809C-F94706F9C9F6}_is1) (Version: 1.6.01 - bitComposer Games)
SavingsBull (HKLM\...\Level Quality Watcher) (Version: SavingsBull - SavingsBull) <==== ATTENTION
SavingsBull (x32 Version: 1.0.0.0 - SavingsBull) Hidden <==== ATTENTION
Securita Scout (HKLM-x32\...\Securita Scout) (Version:  - )
Shopping Helper Smartbar (HKLM-x32\...\{7DD65DA0-AD4F-4974-AAC6-5834DD7F6841}) (Version: 11.43.63.16271 - ReSoft Ltd.) <==== ATTENTION
Shopping Helper Smartbar Engine (HKCU\...\{26280e6d-9d0e-4e7b-9792-4e3a8e802b34}) (Version: 11.43.63.16271 - ReSoft Ltd.) <==== ATTENTION
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 1.0.0.0 - Electronic Arts)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Spotify (HKCU\...\Spotify) (Version: 0.9.7.16.g4b197456 - Spotify AB)
Star Wars The Old Republic (HKLM-x32\...\swtor_swtor) (Version: 7.0.0.38 - Bioware/EA)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Supreme Commander - Forged Alliance (HKCU\...\{31D95937-B237-405D-920C-A3EF4E482395}) (Version: 1.00.0000 - Gas Powered Games)
Supreme Commander 2 (HKLM-x32\...\Steam App 40100) (Version:  - Gas Powered Games)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.10.12 - Synaptics Incorporated)
System Speedup (HKLM-x32\...\System Speedup_is1) (Version: 2.1 - systemspeedup.com)
TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)
Tunngle beta (HKLM-x32\...\Tunngle beta_is1) (Version:  - Tunngle.net GmbH)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version:  - Wargaming.net)

==================== Restore Points  =========================

29-04-2014 16:33:02 Geplanter Prüfpunkt
11-05-2014 07:49:55 Installiert Abenteuer auf dem Reiterhof - Die wilden Mustangs
16-05-2014 19:45:31 Entfernt Abenteuer auf dem Reiterhof - Die wilden Mustangs
25-05-2014 09:59:56 Steam wird entfernt

==================== Hosts content: ==========================

2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {1BB98B3F-C842-4166-9E69-97CF84E59C15} - System32\Tasks\RegClean Pro_DEFAULT => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe <==== ATTENTION
Task: {201CC6D1-E393-44A8-BAEE-39E479911811} - System32\Tasks\RegClean Pro => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe <==== ATTENTION
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {294F986D-CEEC-477F-A680-CA19E095E4AE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-14] (Google Inc.)
Task: {421595D7-C079-437C-8FDC-2DE2FC4553EF} - System32\Tasks\PC SpeedUp Service Deactivator => C:\Program Files (x86)\PC Speed Up\PCSUSD.exe <==== ATTENTION
Task: {435C3C7F-2A10-40A1-8291-FD3F8ADEC0CC} - System32\Tasks\Re-markit Update => C:\Program Files (x86)\Re-markit\ReMarkit_up.exe <==== ATTENTION
Task: {479CF4BD-FCCC-4AA8-8172-1B382453FD5A} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\SymErr.exe [2013-06-04] (Symantec Corporation)
Task: {4A774F57-56BA-42CE-A674-E7D94E0EBC51} - System32\Tasks\Plus-HD-4.6-codedownloader => C:\Program Files (x86)\Plus-HD-4.6\Plus-HD-4.6-codedownloader.exe <==== ATTENTION
Task: {4A91667D-FBDE-4B8A-9292-1AB87CF7DEBD} - System32\Tasks\System Speedup_DEFAULT => C:\Program Files (x86)\System Speedup\SystemSpeedup.exe
Task: {4AB7FD29-79EE-4759-8E44-BBC6A62233FB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2012-08-07] (Hewlett-Packard Company)
Task: {4B1E01CC-0ECC-4183-AC23-8F4BD7381684} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2012-07-27] (CyberLink)
Task: {4BE5963F-0BEF-4284-8B17-C1255FA25FD9} - System32\Tasks\Plus-HD-4.6-chromeinstaller => C:\Program Files (x86)\Plus-HD-4.6\Plus-HD-4.6-chromeinstaller.exe <==== ATTENTION
Task: {4F5F91B8-3AF2-4B92-9852-5B50F2E96799} - System32\Tasks\Plus-HD-4.6-enabler => C:\Program Files (x86)\Plus-HD-4.6\Plus-HD-4.6-enabler.exe <==== ATTENTION
Task: {565E65B2-23F3-4A18-99E1-280A6BDF082A} - System32\Tasks\Advanced System Protector_startup => C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe <==== ATTENTION
Task: {5C6EAB91-095B-4EE0-8A8B-8D3A439A0149} - System32\Tasks\Plus-HD-4.6-firefoxinstaller => C:\Program Files (x86)\Plus-HD-4.6\Plus-HD-4.6-firefoxinstaller.exe <==== ATTENTION
Task: {671A4AB9-CE30-4BD6-9AAF-8FC5C80A5926} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-08-10] (Hewlett-Packard Company)
Task: {6A0BCB50-C618-42A9-B29A-E8090169B380} - System32\Tasks\a2zLyrics-1-codedownloader => C:\Program Files (x86)\a2zLyrics-1\a2zLyrics-1-codedownloader.exe <==== ATTENTION
Task: {7F6F7CAA-C0F8-426D-9BA5-68670AB39FD6} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-08-21] (Piriform Ltd)
Task: {809FD59D-AB29-4026-ACD6-2084EC3EB8A5} - System32\Tasks\a2zLyrics-1-updater => C:\Program Files (x86)\a2zLyrics-1\a2zLyrics-1-updater.exe <==== ATTENTION
Task: {8ECAAE4A-221C-4B9C-9615-61EA86BCFF30} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-03-30] (Microsoft Corporation)
Task: {95C2D3DC-1638-45B1-9724-38B7B1556C13} - System32\Tasks\spmonitor => C:\Program Files (x86)\Uniblue\SpeedUpMyPC\spmonitor.exe
Task: {9A5ED0C7-DFFE-4B22-AA0F-13F0B36A861A} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-06-08] (CyberLink)
Task: {9F04A860-82E3-4A62-953D-462FAC821BE7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-14] (Google Inc.)
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {ABC801CF-5EFD-455E-B2FE-6A7C7F8B1680} - System32\Tasks\a2zLyrics-1-enabler => C:\Program Files (x86)\a2zLyrics-1\a2zLyrics-1-enabler.exe <==== ATTENTION
Task: {B8A5E844-DFCA-4221-A3BC-6A71A08255EE} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2013-08-16] (Microsoft Corporation)
Task: {B934CC71-78F0-4B04-9C5B-D0EB869B7AB3} - System32\Tasks\System Speedup_UPDATES => C:\Program Files (x86)\System Speedup\SystemSpeedup.exe
Task: {BB41DD5D-90A2-4F01-9B44-F7C450CC39B9} - System32\Tasks\System Speedup => C:\Program Files (x86)\System Speedup\SystemSpeedup.exe
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {D09022D2-B467-44F5-B8D6-96690FEED18E} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\SymErr.exe [2013-06-04] (Symantec Corporation)
Task: {DD45FF8F-EEB3-4572-BB4A-9480EF7F0FC9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-08-10] (Hewlett-Packard Company)
Task: {DF4A6934-5E8F-4DE1-9471-F0407212D789} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-04-14] (Microsoft Corporation)
Task: {E9C56780-E3E9-498A-86BB-E52C53FB55BB} - System32\Tasks\Advanced System Protector => C:\Program Files (x86)\RegClean Pro\SystweakASP.exe <==== ATTENTION
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {ED0C09DA-F851-43B1-9FCA-A9D67B635AD6} - System32\Tasks\SpeedUpMyPC => C:\Program Files (x86)\Uniblue\SpeedUpMyPC\sump.exe <==== ATTENTION
Task: {F1C8306C-660E-4516-B61C-3673B24B424F} - System32\Tasks\Plus-HD-4.6-updater => C:\Program Files (x86)\Plus-HD-4.6\Plus-HD-4.6-updater.exe <==== ATTENTION
Task: {FF0B5E36-1287-441B-B32D-DA67619BB459} - System32\Tasks\RegClean Pro_UPDATES => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe <==== ATTENTION
Task: {FFBC8949-2807-4B4E-86F7-CF2A76942D4A} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\WSCStub.exe [2014-04-29] (Symantec Corporation)
Task: C:\Windows\Tasks\a2zLyrics-1-codedownloader.job => C:\Program Files (x86)\a2zLyrics-1\a2zLyrics-1-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\a2zLyrics-1-enabler.job => C:\Program Files (x86)\a2zLyrics-1\a2zLyrics-1-enabler.exe <==== ATTENTION
Task: C:\Windows\Tasks\a2zLyrics-1-updater.job => C:\Program Files (x86)\a2zLyrics-1\a2zLyrics-1-updater.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\PC SpeedUp Service Deactivator.job => C:\Program Files (x86)\PC Speed Up\PCSUSD.exe
Task: C:\Windows\Tasks\Plus-HD-4.6-chromeinstaller.job => C:\Program Files (x86)\Plus-HD-4.6\Plus-HD-4.6-chromeinstaller.exe <==== ATTENTION
Task: C:\Windows\Tasks\Plus-HD-4.6-codedownloader.job => C:\Program Files (x86)\Plus-HD-4.6\Plus-HD-4.6-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\Plus-HD-4.6-enabler.job => C:\Program Files (x86)\Plus-HD-4.6\Plus-HD-4.6-enabler.exe <==== ATTENTION
Task: C:\Windows\Tasks\Plus-HD-4.6-firefoxinstaller.job => C:\Program Files (x86)\Plus-HD-4.6\Plus-HD-4.6-firefoxinstaller.exe <==== ATTENTION
Task: C:\Windows\Tasks\Plus-HD-4.6-updater.job => C:\Program Files (x86)\Plus-HD-4.6\Plus-HD-4.6-updater.exe <==== ATTENTION
Task: C:\Windows\Tasks\Re-markit Update.job => C:\Program Files (x86)\Re-markit\ReMarkit_up.exe <==== ATTENTION
Task: C:\Windows\Tasks\RegClean Pro_DEFAULT.job => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe <==== ATTENTION
Task: C:\Windows\Tasks\RegClean Pro_UPDATES.job => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe <==== ATTENTION
Task: C:\Windows\Tasks\SpeedUpMyPC.job => C:\Program Files (x86)\Uniblue\SpeedUpMyPC\sump.exe <==== ATTENTION
Task: C:\Windows\Tasks\spmonitor.job => C:\Program Files (x86)\Uniblue\SpeedUpMyPC\spmonitor.exe
Task: C:\Windows\Tasks\System Speedup_DEFAULT.job => C:\Program Files (x86)\System Speedup\SystemSpeedup.exe
Task: C:\Windows\Tasks\System Speedup_UPDATES.job => C:\Program Files (x86)\System Speedup\SystemSpeedup.exe

==================== Loaded Modules (whitelisted) =============

2014-04-14 21:55 - 2014-04-14 21:55 - 01005056 _____ () C:\Users\lucab_000\AppData\Roaming\BupSystem\bup.exe
2014-03-21 21:48 - 2013-10-31 18:13 - 00102568 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-11-14 15:32 - 2014-03-25 13:21 - 00629928 _____ () C:\Program Files\Microsoft Office 15\ClientX64\StreamServer.dll
2012-07-25 22:08 - 2012-07-25 22:08 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-02-05 10:01 - 2014-02-05 10:01 - 00149504 _____ () C:\Users\lucab_000\AppData\Roaming\SystemMn\bin\SystemMn.exe
2014-01-08 00:41 - 2014-01-08 00:41 - 00317720 ____N () C:\Program Files (x86)\PricePeep\PricePeepUpdater.exe
2013-07-18 11:06 - 2013-07-18 11:06 - 00187904 _____ () C:\Users\lucab_000\AppData\Roaming\SystemMn\cpmn\mnd.exe
2013-12-01 18:55 - 2013-11-29 05:39 - 00334848 _____ () C:\Users\lucab_000\AppData\Roaming\Microsoft\Windows\Temp\dllhost.exe
2012-08-06 11:54 - 2012-08-06 11:54 - 00369664 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\Temp:373E1720
AlternateDataStreams: C:\ProgramData\Temp:AD022376

==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============

Name: Realtek PCIE CardReader
Description: Realtek PCIE CardReader
Class Guid: {4d36e970-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek Semiconduct Corp.
Service: RSP2STOR
Problem: : Windows cannot load the device driver for this hardware. The driver may be corrupted or missing. (Code 39)
Resolution: Reasons for this error include a driver that is not present; a binary file that is corrupt; a file I/O problem, or a driver that references an entry point in another binary file that could not be loaded.
Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver.


==================== Event log errors: =========================

Application errors:
==================
Error: (05/26/2014 07:43:15 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm SystemSettings.exe, Version 6.2.9200.16420 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 11d4

Startzeit: 01cf7909ac44bf90

Endzeit: 4

Anwendungspfad: C:\Windows\ImmersiveControlPanel\SystemSettings.exe

Berichts-ID: 2de4e0ea-e4fd-11e3-bee4-28924a50a4b2

Vollständiger Name des fehlerhaften Pakets: windows.immersivecontrolpanel_6.2.0.0_neutral_neutral_cw5n1h2txyewy

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: microsoft.windows.immersivecontrolpanel

Error: (05/25/2014 08:26:23 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (05/25/2014 07:30:52 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073415161

Error: (05/25/2014 00:29:50 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (05/25/2014 00:10:05 PM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Error: Failed to poke open firewall

Error: (05/25/2014 11:59:57 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "ConvertStringSidToSid(S-1-5-21-322448050-4293528468-1955477807-1006.bak)" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070539, Die Struktur der Sicherheitskennung ist unzulässig.
.


Vorgang:
   OnIdentify-Ereignis
   Generatordaten werden gesammelt

Kontext:
   Ausführungskontext: Shadow Copy Optimization Writer
   Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Generatorname: Shadow Copy Optimization Writer
   Generatorinstanz-ID: {be328c57-5a90-41d1-8700-6c61f28d3ce7}

Error: (05/25/2014 11:24:00 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: explorer.exe, Version: 6.2.9200.16628, Zeitstempel: 0x51a94434
Name des fehlerhaften Moduls: USER32.dll, Version: 6.2.9200.16420, Zeitstempel: 0x505a9a92
Ausnahmecode: 0xc0000094
Fehleroffset: 0x0000000000011027
ID des fehlerhaften Prozesses: 0x1a70
Startzeit der fehlerhaften Anwendung: 0xexplorer.exe0
Pfad der fehlerhaften Anwendung: explorer.exe1
Pfad des fehlerhaften Moduls: explorer.exe2
Berichtskennung: explorer.exe3
Vollständiger Name des fehlerhaften Pakets: explorer.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: explorer.exe5

Error: (05/25/2014 11:23:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: explorer.exe, Version: 6.2.9200.16628, Zeitstempel: 0x51a94434
Name des fehlerhaften Moduls: USER32.dll, Version: 6.2.9200.16420, Zeitstempel: 0x505a9a92
Ausnahmecode: 0xc0000094
Fehleroffset: 0x0000000000011027
ID des fehlerhaften Prozesses: 0x1854
Startzeit der fehlerhaften Anwendung: 0xexplorer.exe0
Pfad der fehlerhaften Anwendung: explorer.exe1
Pfad des fehlerhaften Moduls: explorer.exe2
Berichtskennung: explorer.exe3
Vollständiger Name des fehlerhaften Pakets: explorer.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: explorer.exe5

Error: (05/25/2014 11:23:51 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: explorer.exe, Version: 6.2.9200.16628, Zeitstempel: 0x51a94434
Name des fehlerhaften Moduls: USER32.dll, Version: 6.2.9200.16420, Zeitstempel: 0x505a9a92
Ausnahmecode: 0xc0000094
Fehleroffset: 0x0000000000011027
ID des fehlerhaften Prozesses: 0x1834
Startzeit der fehlerhaften Anwendung: 0xexplorer.exe0
Pfad der fehlerhaften Anwendung: explorer.exe1
Pfad des fehlerhaften Moduls: explorer.exe2
Berichtskennung: explorer.exe3
Vollständiger Name des fehlerhaften Pakets: explorer.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: explorer.exe5

Error: (05/25/2014 11:23:47 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: explorer.exe, Version: 6.2.9200.16628, Zeitstempel: 0x51a94434
Name des fehlerhaften Moduls: USER32.dll, Version: 6.2.9200.16420, Zeitstempel: 0x505a9a92
Ausnahmecode: 0xc0000094
Fehleroffset: 0x0000000000011027
ID des fehlerhaften Prozesses: 0x165c
Startzeit der fehlerhaften Anwendung: 0xexplorer.exe0
Pfad der fehlerhaften Anwendung: explorer.exe1
Pfad des fehlerhaften Moduls: explorer.exe2
Berichtskennung: explorer.exe3
Vollständiger Name des fehlerhaften Pakets: explorer.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: explorer.exe5


System errors:
=============
Error: (05/26/2014 07:43:21 PM) (Source: DCOM) (EventID: 10000) (User: LUCA)
Description: C:\Windows\SysWOW64\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}31{06622D85-6856-4460-8DE1-A81921B41C4B}

Error: (05/25/2014 00:25:07 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (05/25/2014 00:25:07 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.

Error: (05/25/2014 11:33:26 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Norton Internet Security" wurde nicht richtig gestartet.

Error: (05/25/2014 11:30:30 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "IconMan_R" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (05/25/2014 11:25:52 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Update WebSparkle" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (05/25/2014 11:25:51 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "LPT System Updater Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (05/25/2014 11:25:51 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Level Quality Watcher" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (05/25/2014 11:25:50 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Computer Backup (MyPC Backup)" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (05/25/2014 11:25:47 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "PC Speed Up Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2


Microsoft Office Sessions:
=========================
Error: (05/26/2014 07:43:15 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: SystemSettings.exe6.2.9200.1642011d401cf7909ac44bf904C:\Windows\ImmersiveControlPanel\SystemSettings.exe2de4e0ea-e4fd-11e3-bee4-28924a50a4b2windows.immersivecontrolpanel_6.2.0.0_neutral_neutral_cw5n1h2txyewymicrosoft.windows.immersivecontrolpanel

Error: (05/25/2014 08:26:23 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (05/25/2014 07:30:52 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073415161

Error: (05/25/2014 00:29:50 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (05/25/2014 00:10:05 PM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Failed to poke open firewall

Error: (05/25/2014 11:59:57 AM) (Source: VSS) (EventID: 8193) (User: )
Description: ConvertStringSidToSid(S-1-5-21-322448050-4293528468-1955477807-1006.bak)0x80070539, Die Struktur der Sicherheitskennung ist unzulässig.


Vorgang:
   OnIdentify-Ereignis
   Generatordaten werden gesammelt

Kontext:
   Ausführungskontext: Shadow Copy Optimization Writer
   Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Generatorname: Shadow Copy Optimization Writer
   Generatorinstanz-ID: {be328c57-5a90-41d1-8700-6c61f28d3ce7}

Error: (05/25/2014 11:24:00 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: explorer.exe6.2.9200.1662851a94434USER32.dll6.2.9200.16420505a9a92c000009400000000000110271a7001cf77fb0e3d16e9C:\Windows\explorer.exeC:\Windows\system32\USER32.dll4d7f1c41-e3ee-11e3-bee3-28924a50a4b2

Error: (05/25/2014 11:23:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: explorer.exe6.2.9200.1662851a94434USER32.dll6.2.9200.16420505a9a92c00000940000000000011027185401cf77fb0b1e0bb7C:\Windows\explorer.exeC:\Windows\system32\USER32.dll4a5df53b-e3ee-11e3-bee3-28924a50a4b2

Error: (05/25/2014 11:23:51 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: explorer.exe6.2.9200.1662851a94434USER32.dll6.2.9200.16420505a9a92c00000940000000000011027183401cf77fb08fe9fbdC:\Windows\explorer.exeC:\Windows\system32\USER32.dll483a81c3-e3ee-11e3-bee3-28924a50a4b2

Error: (05/25/2014 11:23:47 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: explorer.exe6.2.9200.1662851a94434USER32.dll6.2.9200.16420505a9a92c00000940000000000011027165c01cf77fb067f8f6dC:\Windows\explorer.exeC:\Windows\system32\USER32.dll45c3bf53-e3ee-11e3-bee3-28924a50a4b2


CodeIntegrity Errors:
===================================
  Date: 2014-05-26 19:44:44.617
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-05-26 19:44:39.497
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-05-25 20:15:51.566
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-05-25 20:00:00.268
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-05-25 20:00:00.130
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-05-25 20:00:00.079
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-05-25 19:59:59.956
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-05-25 19:59:59.892
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-05-25 19:59:59.749
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-05-25 19:26:04.604
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info =========================== 

Percentage of memory in use: 36%
Total physical RAM: 6036.27 MB
Available physical RAM: 3843.7 MB
Total Pagefile: 21396.27 MB
Available Pagefile: 18924.52 MB
Total Virtual: 8192 MB
Available Virtual: 8191.77 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:449.01 GB) (Free:247.88 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:15.98 GB) (Free:2.06 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 466 GB) (Disk ID: A2FBD947)

Partition: GPT Partition Type.

==================== End Of Log ============================

schrauber · 28.05.2014, 12:02

Adware & Co. deinstallieren

Lade Dir bitte von hier Revo Uninstaller herunter.
Installiere und starte das Programm.
Suche im Uninstallerfeld nach den Programmen, die unter:

diesen Zusatz haben:
Wähle die Programme nacheinander aus und klicke jedesmal auf Uninstall.
Wähle anschließend den Modus "Moderat" aus.
Reste löschen:
Klicke auf dann auf und dann auf .

Solltest Du ein Programm nicht finden oder nicht deinstallieren können, mache bitte mit dem nächsten Schritt weiter:

Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

WICHTIG: Speichere Combofix auf deinem Desktop.

Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!

Wenn Combofix fertig ist, wird es ein Logfile erstellen.

Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

Luca Bley · 28.05.2014, 15:14

Nochmal eine Frage!

Da ich wirklich nichts falsch machen möchte und/oder ihnen die Arbeit an diesem Thema erschweren möchte, frage ich sie höflichst wie ich die Anti-Virus Software Avira vorübergehend deaktivieren kann.
Danke nochmal dass sie sich Zeit nehmen.

Luca Bley

schrauber · 29.05.2014, 14:02

Rechtsklick auf den Schirm, dann beenden wählen

Luca Bley · 29.05.2014, 15:22

Code:

ATTFilter

ComboFix 14-05-27.02 - lucab_000 29.05.2014  16:02:57.1.4 - x64
Microsoft Windows 8  6.2.9200.0.1252.49.1031.18.6036.3639 [GMT 2:00]
ausgeführt von:: c:\users\lucab_000\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Outdated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AV: Norton Internet Security *Disabled/Outdated* {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton Internet Security *Disabled* {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}
SP: Avira Desktop *Disabled/Outdated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Norton Internet Security *Disabled/Outdated* {631E4324-D31C-783F-EC5C-35AD42B18466}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\END
c:\program files (x86)\PricePeep
c:\program files (x86)\PricePeep\PricePeepUpdater.exe
c:\users\lucab_000\AppData\Local\lollipop
c:\windows\Tasks\SpeedUpMyPC.job
c:\windows\wininit.ini
.
.
(((((((((((((((((((((((((((((((((((((((   Treiber/Dienste   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_Level Quality Watcher
-------\Service_PCSUService
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-04-28 bis 2014-05-29  ))))))))))))))))))))))))))))))
.
.
2014-05-29 14:09 . 2014-05-29 14:09	--------	d-----w-	c:\users\TEMP\AppData\Local\temp
2014-05-29 14:09 . 2014-05-29 14:09	--------	d-----w-	c:\users\janab_000\AppData\Local\temp
2014-05-29 14:09 . 2014-05-29 14:09	--------	d-----w-	c:\users\Default\AppData\Local\temp
2014-05-28 13:16 . 2014-05-28 13:16	--------	d-----w-	c:\program files (x86)\VS Revo Group
2014-05-26 19:53 . 2014-05-26 19:53	--------	d-----w-	c:\programdata\PopCap Games
2014-05-26 19:53 . 2014-05-26 19:53	--------	d-----w-	c:\programdata\EA Logs
2014-05-26 19:53 . 2014-05-26 19:53	--------	d-----w-	c:\programdata\EA Core
2014-05-26 17:45 . 2014-05-27 17:02	--------	d-----w-	C:\FRST
2014-05-25 10:10 . 2014-05-28 18:35	--------	d-----w-	c:\program files (x86)\Steam
2014-05-17 19:11 . 2014-05-17 19:11	466520	----a-w-	c:\windows\system32\wrap_oal.dll
2014-05-17 19:11 . 2014-05-17 19:11	123480	----a-w-	c:\windows\system32\OpenAL32.dll
2014-05-17 19:11 . 2014-05-17 19:11	--------	d-----w-	c:\program files (x86)\OpenAL
2014-05-17 19:11 . 2014-05-17 19:11	445016	----a-w-	c:\windows\SysWow64\wrap_oal.dll
2014-05-17 19:11 . 2014-05-17 19:11	109144	----a-w-	c:\windows\SysWow64\OpenAL32.dll
2014-05-11 07:57 . 2014-05-16 19:46	--------	d-----w-	c:\programdata\Media Center Programs
2014-05-11 07:54 . 2008-05-05 07:40	344064	----a-w-	c:\windows\SysWow64\msvcr70.dll
2014-05-11 07:54 . 2006-10-19 17:05	1060864	----a-w-	c:\windows\SysWow64\mfc71.dll
2014-05-02 00:15 . 2014-05-17 22:44	--------	d-----w-	c:\windows\system32\drivers\NISx64\1405000.01C
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-04-14 17:50 . 2013-11-14 14:27	578256	----a-w-	c:\programdata\Microsoft\ClickToRun\{9AC08E99-230B-47e8-9721-4577B7F124EA}\integrator.exe
2014-03-16 18:22 . 2014-03-16 18:22	254640	----a-w-	c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10236.bin
2014-03-01 21:10 . 2014-03-01 21:11	312744	----a-w-	c:\windows\system32\javaws.exe
2014-03-01 21:10 . 2014-03-01 21:10	189352	----a-w-	c:\windows\system32\javaw.exe
2014-03-01 21:10 . 2014-03-01 21:10	108968	----a-w-	c:\windows\system32\WindowsAccessBridge-64.dll
2014-03-01 21:10 . 2014-03-01 21:10	189352	----a-w-	c:\windows\system32\java.exe
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{10AD2C61-0898-4348-8600-14A342F22AC3}]
2014-02-18 09:17	86800	----a-w-	c:\program files (x86)\SavingsBull\IEOptimizer.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{31ad400d-1b06-4e33-a59a-90c2c140cba0}]
2012-06-02 20:25	298568	----a-w-	c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{C8B7D03D-30D7-493A-95E5-6547E2FAC2FE}]
2013-08-09 08:17	122400	----a-w-	c:\users\lucab_000\AppData\Roaming\ShinyProfile\shinyprofile.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-11-14 15:11	222832	----a-w-	c:\users\lucab_000\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-11-14 15:11	222832	----a-w-	c:\users\lucab_000\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-11-14 15:11	222832	----a-w-	c:\users\lucab_000\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\SkyDriveShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Spotify"="c:\users\lucab_000\AppData\Roaming\Spotify\spotify.exe" [2014-02-05 6118400]
"Spotify Web Helper"="c:\users\lucab_000\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2014-02-05 1171968]
"SystemMn"="c:\users\lucab_000\AppData\Roaming\SystemMn\bin\SystemMn.exe" [2014-02-05 149504]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2014-02-10 20922016]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-08-06 642216]
"CLVirtualDrive"="c:\program files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" [2012-07-26 491320]
"RemoteControl10"="c:\program files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" [2012-03-28 91432]
"HP Quick Launch"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" [2012-07-09 580512]
"HP CoolSense"="c:\program files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe" [2011-08-26 1342008]
"spup"="c:\users\lucab_000\AppData\Roaming\ShinyProfile\spup.exe" [2013-07-10 197664]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2013-01-23 385248]
.
c:\users\lucab_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
An OneNote senden.lnk - c:\program files\Microsoft Office 15\root\office15\ONENOTEM.EXE /tsr [2014-3-19 194224]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"ConsentPromptBehaviorUser"= 3 (0x3)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer1"=wdmaud.drv
.
R2 BackupStack;Computer Backup (MyPC Backup);c:\program files (x86)\MyPC Backup\BackupStack.exe;c:\program files (x86)\MyPC Backup\BackupStack.exe [x]
R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
R2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [x]
R2 LPTSystemUpdater;LPT System Updater Service;c:\program files (x86)\LPT\srpts.exe;c:\program files (x86)\LPT\srpts.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 Update WebSparkle;Update WebSparkle;c:\program files (x86)\WebSparkle\updateWebSparkle.exe;c:\program files (x86)\WebSparkle\updateWebSparkle.exe [x]
R3 BRDriver64;BRDriver64;c:\programdata\BitRaider\BRDriver64.sys;c:\programdata\BitRaider\BRDriver64.sys [x]
R3 BRSptSvc;BitRaider Mini-Support Service;c:\programdata\BitRaider\BRSptSvc.exe;c:\programdata\BitRaider\BRSptSvc.exe [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 OverwolfUpdaterService;Overwolf Updater Service;c:\program files (x86)\Overwolf\OverwolfUpdater.exe;c:\program files (x86)\Overwolf\OverwolfUpdater.exe [x]
R3 RSP2STOR;Realtek PCIE CardReader Driver - P2;c:\windows\system32\DRIVERS\RtsP2Stor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsP2Stor.sys [x]
R3 SmbDrv;SmbDrv;c:\windows\System32\drivers\Smb_driver_AMDASF.sys;c:\windows\SYSNATIVE\drivers\Smb_driver_AMDASF.sys [x]
R3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 t_mouse.sys;HID-compliand device;c:\windows\system32\DRIVERS\t_mouse.sys;c:\windows\SYSNATIVE\DRIVERS\t_mouse.sys [x]
R3 TunngleService;TunngleService;c:\program files (x86)\Tunngle\TnglCtrl.exe;c:\program files (x86)\Tunngle\TnglCtrl.exe [x]
R3 WUDFWpdMtp;WUDFWpdMtp;c:\windows\system32\DRIVERS\WUDFRd.sys;c:\windows\SYSNATIVE\DRIVERS\WUDFRd.sys [x]
R4 SymELAM;Symantec ELAM Driver;c:\windows\system32\drivers\NISx64\1405000.01C\SymELAM.sys;c:\windows\SYSNATIVE\drivers\NISx64\1405000.01C\SymELAM.sys [x]
R4 WajamUpdater;WajamUpdater;c:\program files (x86)\Wajam\Updater\WajamUpdater.exe;c:\program files (x86)\Wajam\Updater\WajamUpdater.exe [x]
S0 amdkmpfd;AMD PCI Root Bus Lower Filter;c:\windows\System32\drivers\amdkmpfd.sys;c:\windows\SYSNATIVE\drivers\amdkmpfd.sys [x]
S0 iaStorA;iaStorA;c:\windows\System32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S1 CLVirtualDrive;CLVirtualDrive;c:\windows\system32\DRIVERS\CLVirtualDrive.sys;c:\windows\SYSNATIVE\DRIVERS\CLVirtualDrive.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 bupService;BUP Service;c:\users\lucab_000\AppData\Roaming\BupSystem\bup.exe;c:\users\lucab_000\AppData\Roaming\BupSystem\bup.exe [x]
S2 ClickToRunSvc;Microsoft Office-Klick-und-Los-Dienst;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [x]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe;c:\windows\SYSNATIVE\Hpservice.exe [x]
S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 NIS;Norton Internet Security;c:\program files (x86)\Norton Internet Security\Engine\20.5.0.28\ccSvcHst.exe;c:\program files (x86)\Norton Internet Security\Engine\20.5.0.28\ccSvcHst.exe [x]
S2 RzKLService;RzKLService;c:\program files (x86)\Razer\Razer Game Booster\RzKLService.exe;c:\program files (x86)\Razer\Razer Game Booster\RzKLService.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\BASHDefs\20131002.001\BHDrvx64.sys;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\BASHDefs\20131002.001\BHDrvx64.sys [x]
S3 ccSet_NIS;Norton Internet Security Settings Manager;c:\windows\system32\drivers\NISx64\1405000.01C\ccSetx64.sys;c:\windows\SYSNATIVE\drivers\NISx64\1405000.01C\ccSetx64.sys [x]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [x]
S3 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\IPSDefs\20131022.001\IDSvia64.sys;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\IPSDefs\20131022.001\IDSvia64.sys [x]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys;c:\windows\SYSNATIVE\DRIVERS\igdpmd64.sys [x]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys;c:\windows\SYSNATIVE\DRIVERS\netr28x.sys [x]
S3 RTL8168;Realtek 8168 NT Driver;c:\windows\system32\DRIVERS\Rt630x64.sys;c:\windows\SYSNATIVE\DRIVERS\Rt630x64.sys [x]
S3 SmbDrvI;SmbDrvI;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver_Intel.sys [x]
S3 SymDS;Symantec Data Store;c:\windows\system32\drivers\NISx64\1405000.01C\SYMDS64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1405000.01C\SYMDS64.SYS [x]
S3 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NISx64\1405000.01C\SYMEFA64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1405000.01C\SYMEFA64.SYS [x]
S3 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NISx64\1405000.01C\Ironx64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1405000.01C\Ironx64.SYS [x]
S3 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\NISx64\1405000.01C\SYMNETS.SYS;c:\windows\SYSNATIVE\Drivers\NISx64\1405000.01C\SYMNETS.SYS [x]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys;c:\windows\SYSNATIVE\DRIVERS\tap0901t.sys [x]
S3 WirelessButtonDriver;HP Wireless Button Driver Service;c:\windows\System32\drivers\WirelessButtonDriver64.sys;c:\windows\SYSNATIVE\drivers\WirelessButtonDriver64.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
apphost	REG_MULTI_SZ   	apphostsvc
iissvcs	REG_MULTI_SZ   	w3svc was
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-05-23 20:54	1091912	----a-w-	c:\program files (x86)\Google\Chrome\Application\35.0.1916.114\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2014-05-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-04-14 17:42]
.
2014-05-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-04-14 17:42]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-11-14 15:11	261744	----a-w-	c:\users\lucab_000\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-11-14 15:11	261744	----a-w-	c:\users\lucab_000\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-11-14 15:11	261744	----a-w-	c:\users\lucab_000\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2014-04-14 17:53	2333400	----a-w-	c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2014-04-14 17:53	2333400	----a-w-	c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2014-04-14 17:53	2333400	----a-w-	c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-07-25 170304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-07-25 398656]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-07-25 440640]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2012-07-22 1425408]
"MouseDriver"="TiltWheelMouse.exe" [2013-04-09 241152]
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = https://www.google.de/
uLocal Page = c:\windows\system32\blank.htm
uDefault_Search_URL = hxxp://search.certified-toolbar.com?si=66807&tid=6724&ver=4.8&ts=1379973600000.000007&tguid=66807-6724-1380048835603-F3A081E4A0B2AA1CFB486DCA05041F61&st=chrome&q=
mDefault_Search_URL = hxxp://search.certified-toolbar.com?si=66807&tid=6724&ver=4.8&ts=1379973600000.000007&tguid=66807-6724-1380048835603-F3A081E4A0B2AA1CFB486DCA05041F61&st=chrome&q=
mStart Page = about:newtab
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://search.certified-toolbar.com?si=66807&tid=6724&ver=4.8&ts=1379973600000.000007&tguid=66807-6724-1380048835603-F3A081E4A0B2AA1CFB486DCA05041F61&st=chrome&q=
mSearch Bar = hxxp://search.certified-toolbar.com?si=66807&tid=6724&ver=4.8&ts=1379973600000.000007&tguid=66807-6724-1380048835603-F3A081E4A0B2AA1CFB486DCA05041F61&st=chrome&q=
uSearchAssistant = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnmBFfXNpYai-qrtzE90kMBmXNl4gAaZMcLIvQpNVIgPZqao-gxLk2B-2mGBW83JexLMeyRYds5CgAw-U6s6H3AlrzkJXi7AutAqLgXOpaoJlNTNaJI45UBu67pFLmHMM1YzCvglGrDnYx_gvXT81NFGxRdM,&q={searchTerms}
IE: E&xport to Microsoft Excel - c:\program files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\program files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3312329&CUI=UN27037197793128317&UM=2&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Web Search
FF - prefs.js: browser.startup.homepage - hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnmBFfXNpYai-qrtzE90kMBmXNl4gAaZMcLIvQpNVIgPZqao-gxLk2B-2mGBW83JexLMeyRYds5CgAw-U6s6H3AlrzkJXh-K8R1XRQ-jiQfqMTWwQqzARAjmGBQIkI1Js_N-nDjNv3aS8tz8LGq3qWdGDPlI,|hxxp://www.giga.de/androidnews/
FF - prefs.js: keyword.URL - hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnmBFfXNpYai-qrtzE90kMBmXNl4gAaZMcLIvQpNVIgPZqao-gxLk2B-2mGBW83JexLMeyRYds5CgAw-U6s6H3AlrzkJXi7AutAqLgXOpaoJlNTNaJI45UBu67pFLmHMM1YzCvglGrDnYx_gvXT81NFGxRdM,&q=
FF - user.js: extensions.blocklist.enabled - false
FF - user.js: app.update.auto - false
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
BHO-{11111111-1111-1111-1111-110311961180} - (no file)
BHO-{11111111-1111-1111-1111-110411151154} - (no file)
BHO-{3444c3c5-6c56-4a16-a453-832b05bf6ea4} - (no file)
BHO-{9f56bab3-2739-40ed-a8d0-1451657a9742} - (no file)
BHO-{d473bc6a-7249-4528-8482-ddf6a15704a1} - (no file)
BHO-{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} - (no file)
Toolbar-{3444c3c5-6c56-4a16-a453-832b05bf6ea4} - (no file)
Toolbar-10 - (no file)
Wow6432Node-HKCU-Run-RGSC - c:\program files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe
Wow6432Node-HKCU-Run-EA Core - c:\program files (x86)\Electronic Arts\EADM\Core.exe
Wow6432Node-HKCU-Run-PCSpeedUp - c:\program files (x86)\PC Speed Up\PCSUNotifier.exe
Wow6432Node-HKCU-Run-Overwolf - c:\program files (x86)\Overwolf\Overwolf.exe
Wow6432Node-HKCU-Run-Browser Infrastructure Helper - c:\users\lucab_000\AppData\Local\Smartbar\Application\Smartbar.exe
Wow6432Node-HKLM-Run-Iminent - c:\program files (x86)\Iminent\Iminent.exe
Wow6432Node-HKLM-Run-IminentMessenger - c:\program files (x86)\Iminent\Iminent.Messengers.exe
Wow6432Node-HKLM-Run-4StoryPrePatch - c:\program files (x86)\Gameforge4D\4Story_DE\PrePatch.exe
c:\users\lucab_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk - c:\program files (x86)\MyPC Backup\MyPC Backup.exe
c:\users\lucab_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PricePeepUpdater.lnk - c:\program files (x86)\PricePeep\PricePeepUpdater.exe
c:\users\lucab_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Severe Weather Alerts App.lnk - c:\users\lucab_000\AppData\Local\SevereWeatherAlerts\SevereWeatherAlertsApp.exe
c:\users\lucab_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Severe Weather Alerts.lnk - c:\users\lucab_000\AppData\Local\SevereWeatherAlerts\SevereWeatherAlerts.exe /restart
Toolbar-10 - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Systweak_Ad~B9F029BF_is1 - c:\program files (x86)\Advanced System Protector\unins000.exe
AddRemove-PricePeep - c:\program files (x86)\PricePeep\uninstall.exe
AddRemove-RegClean Pro_is1 - c:\program files (x86)\RegClean Pro\unins000.exe
AddRemove-{0E08BAC8-845B-4327-8CDB-4B0F8C9857A5}_is1 - c:\program files (x86)\FLV Media Player\unins000.exe
AddRemove-{B8019B54-F9BE-490A-9619-6D06F18F129F} - c:\program files (x86)\InstallShield Installation Information\{B8019B54-F9BE-490A-9619-6D06F18F129F}\setup.exe
AddRemove-TeamSpeak 3 Client - c:\users\lucab_000\AppData\Local\TeamSpeak 3 Client\uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\NIS]
"ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\20.5.0.28\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files (x86)\Norton Internet Security\Engine\20.5.0.28\diMaster.dll\" /prefetch:1"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-322448050-4293528468-1955477807-1001CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\Software\SecuROM\License information*]
"datasecu"=hex:c4,8d,44,3d,7f,22,fd,78,73,95,99,bf,ae,73,82,f9,79,61,f6,11,65,
   33,92,51,a9,53,40,98,8e,5a,18,e1,f9,dc,02,1f,2d,39,e5,26,aa,57,ea,c1,7e,7d,\
"rkeysecu"=hex:d5,c5,1a,21,ad,17,dc,f1,38,bd,4f,a6,2d,e9,ee,a2
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
@SACL=(02 0000)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\CyberLink\YouCam\YCMMirage.exe
c:\program files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
c:\windows\System32\TiltWheelMouse.exe
c:\program files\Microsoft Office 15\root\office15\ONENOTEM.EXE
c:\users\lucab_000\AppData\Roaming\SystemMn\cpmn\mnd.exe
c:\program files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2014-05-29  16:19:19 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2014-05-29 14:19
.
Vor Suchlauf: 15 Verzeichnis(se), 268.568.428.544 Bytes frei
Nach Suchlauf: 21 Verzeichnis(se), 267.845.758.976 Bytes frei
.
- - End Of File - - 227C1BB8ED66E26029825DCC6F4EC34A

schrauber · 30.05.2014, 15:29

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

Luca Bley · 31.05.2014, 20:30

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 31.05.2014
Suchlauf-Zeit: 20:50:45
Logdatei: mbam.txt
Administrator: Ja

Version: 2.00.2.1012
Malware Datenbank: v2014.05.31.09
Rootkit Datenbank: v2014.05.21.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Self-protection: Deaktiviert

Betriebssystem: Windows 8
CPU: x64
Dateisystem: NTFS
Benutzer: lucab_000

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 373103
Verstrichene Zeit: 11 Min, 48 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 216
PUP.Optional.Wajam.A, HKLM\SOFTWARE\CLASSES\APPID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634}, In Quarantäne, [589d0b4ce09baa8ce845e5838b77936d], 
PUP.Optional.Wajam.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634}, In Quarantäne, [589d0b4ce09baa8ce845e5838b77936d], 
PUP.Optional.PricePeep.A, HKLM\SOFTWARE\CLASSES\APPID\{38A066B0-DD5F-4226-AC4F-6A27C1BFB892}, In Quarantäne, [40b510475e1d44f2dfe94c1bf80ab749], 
PUP.Optional.PricePeep.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{38A066B0-DD5F-4226-AC4F-6A27C1BFB892}, In Quarantäne, [40b510475e1d44f2dfe94c1bf80ab749], 
PUP.Optional.Wajam.A, HKLM\SOFTWARE\CLASSES\APPID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}, In Quarantäne, [4ea758ffceadbe7844ea392f0bf7d927], 
PUP.Optional.Wajam.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}, In Quarantäne, [4ea758ffceadbe7844ea392f0bf7d927], 
PUP.Optional.BrowseFox.A, HKLM\SOFTWARE\CLASSES\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}, In Quarantäne, [07ee99bef9822610a4d15116e022b34d], 
PUP.Optional.BrowseFox.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}, In Quarantäne, [07ee99bef9822610a4d15116e022b34d], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\CLSID\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}, In Quarantäne, [27ceea6d0f6c73c3a31fa2c44cb67a86], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\IminentWebBooster.BrowserHelperObject.1, In Quarantäne, [27ceea6d0f6c73c3a31fa2c44cb67a86], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\IminentWebBooster.BrowserHelperObject, In Quarantäne, [27ceea6d0f6c73c3a31fa2c44cb67a86], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\IminentWebBooster.BrowserHelperObject, In Quarantäne, [27ceea6d0f6c73c3a31fa2c44cb67a86], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}, In Quarantäne, [27ceea6d0f6c73c3a31fa2c44cb67a86], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}, In Quarantäne, [27ceea6d0f6c73c3a31fa2c44cb67a86], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\IminentWebBooster.BrowserHelperObject.1, In Quarantäne, [27ceea6d0f6c73c3a31fa2c44cb67a86], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{01A602A0-D0B9-445B-8081-719E4177C4A7}, In Quarantäne, [de1787d0651682b4f3860e597290d927], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.ShowControlCenterCommand, In Quarantäne, [de1787d0651682b4f3860e597290d927], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Mediator.Communication.DataContracts.ShowControlCenterCommand, In Quarantäne, [de1787d0651682b4f3860e597290d927], 
PUP.Optional.CouponDownloader.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{10AD2C61-0898-4348-8600-14A342F22AC3}, In Quarantäne, [bd3867f07efd53e3103feb440df53bc5], 
PUP.Optional.CouponDownloader.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{10AD2C61-0898-4348-8600-14A342F22AC3}, In Quarantäne, [bd3867f07efd53e3103feb440df53bc5], 
PUP.Optional.QuickShare.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}, In Quarantäne, [cd28b3a4bbc01b1b13d17aec17ebf50b], 
PUP.Optional.QuickShare.A, HKLM\SOFTWARE\CLASSES\IESmartBar.BHO, In Quarantäne, [cd28b3a4bbc01b1b13d17aec17ebf50b], 
PUP.Optional.QuickShare.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}, In Quarantäne, [cd28b3a4bbc01b1b13d17aec17ebf50b], 
PUP.Optional.QuickShare.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\IESmartBar.BHO, In Quarantäne, [cd28b3a4bbc01b1b13d17aec17ebf50b], 
PUP.Optional.Wajam.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{5D64294B-1341-4FE7-B6D8-7C36828D4DD5}, In Quarantäne, [1adb3324483305314fe03730b64c3cc4], 
PUP.Optional.Wajam.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{095BFD3C-4602-4FE1-96F1-AEFAFBFD067D}, In Quarantäne, [1adb3324483305314fe03730b64c3cc4], 
PUP.Optional.Wajam.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}, In Quarantäne, [1adb3324483305314fe03730b64c3cc4], 
PUP.Optional.Wajam.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}, In Quarantäne, [1adb3324483305314fe03730b64c3cc4], 
PUP.Optional.Wajam.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{095BFD3C-4602-4FE1-96F1-AEFAFBFD067D}, In Quarantäne, [1adb3324483305314fe03730b64c3cc4], 
PUP.Optional.Wajam.A, HKLM\SOFTWARE\CLASSES\wajam.WajamDownloader.1, In Quarantäne, [1adb3324483305314fe03730b64c3cc4], 
PUP.Optional.Wajam.A, HKLM\SOFTWARE\CLASSES\wajam.WajamDownloader, In Quarantäne, [1adb3324483305314fe03730b64c3cc4], 
PUP.Optional.Wajam.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\wajam.WajamDownloader, In Quarantäne, [1adb3324483305314fe03730b64c3cc4], 
PUP.Optional.Wajam.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\wajam.WajamDownloader.1, In Quarantäne, [1adb3324483305314fe03730b64c3cc4], 
PUP.Optional.WebSparkle.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{9f56bab3-2739-40ed-a8d0-1451657a9742}, In Quarantäne, [ac4966f1493238fe68f3f93be41e48b8], 
PUP.Optional.WebSparkle.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{9F56BAB3-2739-40ED-A8D0-1451657A9742}, In Quarantäne, [ac4966f1493238fe68f3f93be41e48b8], 
PUP.Optional.Wajam.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}, In Quarantäne, [9e57eb6cf18a3df96358280c44be817f], 
PUP.Optional.Wajam.A, HKLM\SOFTWARE\CLASSES\wajam.WajamBHO.1, In Quarantäne, [9e57eb6cf18a3df96358280c44be817f], 
PUP.Optional.Wajam.A, HKLM\SOFTWARE\CLASSES\wajam.WajamBHO, In Quarantäne, [9e57eb6cf18a3df96358280c44be817f], 
PUP.Optional.Wajam.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\wajam.WajamBHO, In Quarantäne, [9e57eb6cf18a3df96358280c44be817f], 
PUP.Optional.Wajam.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}, In Quarantäne, [9e57eb6cf18a3df96358280c44be817f], 
PUP.Optional.Wajam.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\wajam.WajamBHO.1, In Quarantäne, [9e57eb6cf18a3df96358280c44be817f], 
PUP.Optional.Wajam.A, HKU\S-1-5-21-322448050-4293528468-1955477807-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}, In Quarantäne, [9e57eb6cf18a3df96358280c44be817f], 
PUP.Optional.Wajam.A, HKU\S-1-5-21-322448050-4293528468-1955477807-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}, In Quarantäne, [9e57eb6cf18a3df96358280c44be817f], 
Adware.Agent, HKLM\SOFTWARE\CLASSES\TYPELIB\{3BF3DED5-0FC8-4207-AC09-AA7B5AF4E408}, In Quarantäne, [b342b7a0c3b8bf773511b87eb05233cd], 
Adware.Agent, HKLM\SOFTWARE\CLASSES\INTERFACE\{1B97A696-5576-43AC-A73B-E1D2C78F21E8}, In Quarantäne, [b342b7a0c3b8bf773511b87eb05233cd], 
Adware.Agent, HKLM\SOFTWARE\CLASSES\INTERFACE\{75BF416E-4326-45B5-8A2D-AE32D05B930B}, In Quarantäne, [b342b7a0c3b8bf773511b87eb05233cd], 
Adware.Agent, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{1B97A696-5576-43AC-A73B-E1D2C78F21E8}, In Quarantäne, [b342b7a0c3b8bf773511b87eb05233cd], 
Adware.Agent, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{75BF416E-4326-45B5-8A2D-AE32D05B930B}, In Quarantäne, [b342b7a0c3b8bf773511b87eb05233cd], 
Adware.Agent, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{3BF3DED5-0FC8-4207-AC09-AA7B5AF4E408}, In Quarantäne, [b342b7a0c3b8bf773511b87eb05233cd], 
PUP.Optional.OutBrowse, HKLM\SOFTWARE\CLASSES\TYPELIB\{DCABB943-792E-44C4-9029-ECBEE6265AF9}, In Quarantäne, [3fb620373744f343cd075ed4729014ec], 
PUP.Optional.OutBrowse, HKLM\SOFTWARE\CLASSES\INTERFACE\{3408AC0D-510E-4808-8F7B-6B70B1F88534}, In Quarantäne, [3fb620373744f343cd075ed4729014ec], 
PUP.Optional.OutBrowse, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{3408AC0D-510E-4808-8F7B-6B70B1F88534}, In Quarantäne, [3fb620373744f343cd075ed4729014ec], 
PUP.Optional.OutBrowse, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{DCABB943-792E-44C4-9029-ECBEE6265AF9}, In Quarantäne, [3fb620373744f343cd075ed4729014ec], 
PUP.Optional.MoviesToolBar.A, HKU\S-1-5-21-322448050-4293528468-1955477807-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{3444C3C5-6C56-4A16-A453-832B05BF6EA4}, In Quarantäne, [50a5d582bbc0e74fd6b3c8a0b74b54ac], 
PUP.Optional.MoviesToolBar.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{3444C3C5-6C56-4A16-A453-832B05BF6EA4}, In Quarantäne, [50a5d582bbc0e74fd6b3c8a0b74b54ac], 
PUP.Optional.MoviesToolBar.A, HKU\S-1-5-21-322448050-4293528468-1955477807-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{3444C3C5-6C56-4A16-A453-832B05BF6EA4}, In Quarantäne, [50a5d582bbc0e74fd6b3c8a0b74b54ac], 
PUP.Optional.MoviesToolBar.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3444C3C5-6C56-4A16-A453-832B05BF6EA4}, In Quarantäne, [50a5d582bbc0e74fd6b3c8a0b74b54ac], 
PUP.Optional.PricePeep.A, HKU\S-1-5-21-322448050-4293528468-1955477807-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}, In Quarantäne, [4baab1a6c9b292a4ebb9bcaaa2604ab6], 
PUP.Optional.PricePeep.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}, In Quarantäne, [4baab1a6c9b292a4ebb9bcaaa2604ab6], 
PUP.Optional.PricePeep.A, HKLM\SOFTWARE\CLASSES\PricePeep.PricePeepBho, In Quarantäne, [4baab1a6c9b292a4ebb9bcaaa2604ab6], 
PUP.Optional.PricePeep.A, HKLM\SOFTWARE\CLASSES\PricePeep.PricePeepBho.1, In Quarantäne, [4baab1a6c9b292a4ebb9bcaaa2604ab6], 
PUP.Optional.PricePeep.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\PricePeep.PricePeepBho, In Quarantäne, [4baab1a6c9b292a4ebb9bcaaa2604ab6], 
PUP.Optional.PricePeep.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\PricePeep.PricePeepBho.1, In Quarantäne, [4baab1a6c9b292a4ebb9bcaaa2604ab6], 
PUP.Optional.PricePeep.A, HKU\S-1-5-21-322448050-4293528468-1955477807-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}, In Quarantäne, [4baab1a6c9b292a4ebb9bcaaa2604ab6], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{0af350d9-3916-454b-ac53-0b0b65f41301}, In Quarantäne, [be37ee6929520c2abfdb1e49d42e0af6], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{68B81CCD-A80C-4060-8947-5AE69ED01199}, In Quarantäne, [b4414a0d87f4ff37b2e989dec1418b75], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E6B969FB-6D33-48d2-9061-8BBD4899EB08}, In Quarantäne, [ed08ef6855264ee8a2fa84e32cd6c53b], 
PUP.Optional.Somoto.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\FilesFrog Update Checker, In Quarantäne, [8d6867f08cef5adc3d138c8037cac23e], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\Iminent, In Quarantäne, [42b32136ed8e092d8f59cde01ae81be5], 
PUP.Optional.SavingsBull.A, HKLM\SOFTWARE\Savings Bull, In Quarantäne, [a154ed6a186353e36a637038be44ea16], 
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\CLASSES\CrossriderApp0039680.BHO, In Quarantäne, [cd2884d36d0e6cca7c6cd0f3f40fdc24], 
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\CLASSES\CrossriderApp0039680.Sandbox, In Quarantäne, [965f6cebff7c171ff5f37a49bd46d828], 
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\CLASSES\CrossriderApp0039680.Sandbox.1, In Quarantäne, [d421e176e49789ad5593f3d0996a0df3], 
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\CLASSES\CrossriderApp0041554.BHO, In Quarantäne, [aa4b05524e2d8fa776727e45867d39c7], 
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\CLASSES\CrossriderApp0041554.Sandbox, In Quarantäne, [728385d25625d56101e7358e18ebc63a], 
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\CLASSES\CrossriderApp0041554.Sandbox.1, In Quarantäne, [fdf8d6816615142223c5be055aa9c53b], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Business.Tinyfying.DownloadArgs, In Quarantäne, [1dd84611b9c2989e6e9303c13dc67d83], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Business.Tinyfying.LinkToPromoteArgs, In Quarantäne, [9f56154242398aac10f1cef6e71c728e], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Business.Tinyfying.RawDataArgs, In Quarantäne, [3eb72a2daad19f97728f0fb517ec7090], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Business.Tinyfying.TinyUrlArgs, In Quarantäne, [0fe63324f28981b5de236a5a7e850df3], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Business.Tinyfying.ViralLinkArgs, In Quarantäne, [4da80b4c0675aa8c4cb5576d5ca79b65], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.ClientCallback, In Quarantäne, [0ce9c1960a7182b48cd33f81dd2621df], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.ContractBase, In Quarantäne, [9164aaad96e567cf8ad5338d867df010], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.AddToUserContentCommand, In Quarantäne, [ea0b3225f08b1620233c9e22d42fa65a], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.CheckLoginStatusCommand, In Quarantäne, [ab4a391eafcc3afced728d33946ff10f], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.CleanCacheCommand, In Quarantäne, [4baa0e49106b5dd9ca95efd132d1d42c], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.GameOverCallback, In Quarantäne, [5a9b88cf7308f2440f5002be40c31ae6], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.GetCreditCommand, In Quarantäne, [f5006cebdaa143f37ae5309058ab16ea], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.GetInstallationContextCommand, In Quarantäne, [43b201562358c472a9b6259b748f58a8], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.GetLoginStatusCommand, In Quarantäne, [ca2b61f625569c9a5a052d93fc0749b7], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.GetLoginStatusResult, In Quarantäne, [7a7be275d7a421155906309051b2659b], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.GetVariableCommand, In Quarantäne, [0bea164102791323a8b74d7335cec937], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.GetVariableResult, In Quarantäne, [29cca5b25d1ea195cc93b50b5ca78779], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.InstallationContextResult, In Quarantäne, [47aedc7be4975cdab8a78e3223e0ba46], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.LoadContentCommand, In Quarantäne, [e31259fe2655c2749cc3e3ddee1523dd], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.LoadContentCommandResult, In Quarantäne, [569f62f56f0c87af223de5db7e855fa1], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.LoginCommand, In Quarantäne, [40b5a9ae0774270f203f5c642ed539c7], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.LoginStatusChangedCallback, In Quarantäne, [01f491c6a2d9c76f9ac52b952bd8f709], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.LogoutCommand, In Quarantäne, [04f15403f08b15217ce300c032d1e61a], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.MergeIdentityCommand, In Quarantäne, [a055c493f18a04323c23744cc93ab848], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.MyAccountCommand, In Quarantäne, [aa4b00575c1f2b0b2d32526e8d76a759], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.PlayContentCommand, In Quarantäne, [39bc2235136875c1a9b6358b28db1fe1], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.PostContentCallback, In Quarantäne, [9b5a35221e5db38388d77b451de6d030], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.RecycleViewsCommand, In Quarantäne, [47ae391e0d6e1620a7b8bf01956e10f0], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.SetVariableCommand, In Quarantäne, [92630057e4979d992738566a8380ef11], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.ShowBrowserWindowCommand, In Quarantäne, [09ec5502205b46f0bba4249c8e756c94], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.ShowPluginWindowCommand, In Quarantäne, [04f170e776056ccaa4bbd8e8847f08f8], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.TestContentCommand, In Quarantäne, [718431267b00f6402a35ecd482816d93], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.UserContentChangedCallback, In Quarantäne, [a154f067cead2d09411ea21ecd36d729], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.VariableChangedCallback, In Quarantäne, [18dda2b5c0bbc373abb4a31dd62d728e], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.WarmUpCommand, In Quarantäne, [c530ed6a6d0e0c2a93ccedd3ef1424dc], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.WelcomeCommand, In Quarantäne, [1adb0e4949323204134c7c44c241b54b], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.ServerCommand, In Quarantäne, [a253c394116a50e661fe11afe122a35d], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.ServerResult, In Quarantäne, [ee0714433b40ad891946d2ee50b34ab6], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.LightContent, In Quarantäne, [b44161f618633afcb2ad8b35e41fad53], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.LightUri, In Quarantäne, [e80d9eb9403b70c6253aefd10102e31d], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.MediatorServiceProxy, In Quarantäne, [bf3686d1413ac373e679615ff90a4ab6], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\IminentWebBooster.ScriptExtender, In Quarantäne, [3db827301e5d6fc753ad23a1d62d29d7], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\IminentWebBooster.ScriptExtender.1, In Quarantäne, [a5505afd4239ef474ab6d3f109faae52], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\APPID\Iminent.WebBooster.InternetExplorer.DLL, In Quarantäne, [b63fe86f68132c0a9d59f6d5927110f0], 
PUP.Optional.Wajam.A, HKLM\SOFTWARE\CLASSES\APPID\priam_bho.DLL, In Quarantäne, [e5101542e99243f3183e21a5f50ef50b], 
PUP.Optional.PricePeep.A, HKLM\SOFTWARE\CLASSES\APPID\PricePeep.DLL, In Quarantäne, [27ce4d0af388cc6a216f8b3931d25da3], 
PUP.Optional.A2ZLyrics.A, HKLM\SOFTWARE\WOW6432NODE\a2zLyrics-1, In Quarantäne, [d421a1b628537eb8e0d4d5f2a55e29d7], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\Iminent, In Quarantäne, [fafb1c3b2e4dfb3bab3d545911f149b7], 
PUP.Optional.PlusHD.A, HKLM\SOFTWARE\WOW6432NODE\Plus-HD-4.6, In Quarantäne, [40b50d4ad3a8cc6af5c477389b67837d], 
PUP.Optional.Wajam.A, HKLM\SOFTWARE\WOW6432NODE\Wajam, In Quarantäne, [04f193c4e6953ef8e9d5e0fd10f354ac], 
PUP.Optional.WebSparkle.A, HKLM\SOFTWARE\WOW6432NODE\WebSparkle, In Quarantäne, [27cedf78ef8c75c1075cad2d39ca4db3], 
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CrossriderApp0039680.BHO, In Quarantäne, [6590183f1f5cc3739b4de3e0ee15a858], 
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CrossriderApp0039680.Sandbox, In Quarantäne, [44b140171a61f244796f6c57a45fe020], 
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CrossriderApp0039680.Sandbox.1, In Quarantäne, [1dd8d3841d5e1b1baf396063a2610cf4], 
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CrossriderApp0041554.BHO, In Quarantäne, [2fc60c4b9edd2e08994f754e55ae53ad], 
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CrossriderApp0041554.Sandbox, In Quarantäne, [8f66da7d6c0fce685f89a41fa3600cf4], 
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CrossriderApp0041554.Sandbox.1, In Quarantäne, [b441094e74077abc30b8972ca85b7e82], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Business.Tinyfying.DownloadArgs, In Quarantäne, [e90c65f2314a92a4da27d5ef6d9625db], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Business.Tinyfying.LinkToPromoteArgs, In Quarantäne, [41b4da7db2c9dc5a8879259f44bfd32d], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Business.Tinyfying.RawDataArgs, In Quarantäne, [85703b1c49320f272cd516ae19ea0ff1], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Business.Tinyfying.TinyUrlArgs, In Quarantäne, [8372c691d6a5d36320e1ac189a69f808], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Business.Tinyfying.ViralLinkArgs, In Quarantäne, [2cc92d2ac3b81e18b74adbe922e1a957], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Mediator.Communication.ClientCallback, In Quarantäne, [03f2154223587db990cf9e22b44f5ca4], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Mediator.Communication.ContractBase, In Quarantäne, [e114cb8c4e2d67cf7ee1a21e60a3827e], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Mediator.Communication.DataContracts.AddToUserContentCommand, In Quarantäne, [08edcd8a5b20ae88ec73714fd82be51b], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Mediator.Communication.DataContracts.CheckLoginStatusCommand, In Quarantäne, [9d5877e0d3a8d1653b24536d8c77aa56], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Mediator.Communication.DataContracts.CleanCacheCommand, In Quarantäne, [36bf80d724579b9b09568d3306fd7e82], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Mediator.Communication.DataContracts.GameOverCallback, In Quarantäne, [678edb7c6a1193a32a35d9e76f946c94], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Mediator.Communication.DataContracts.GetCreditCommand, In Quarantäne, [2dc8afa8fa81280ed887952b867d09f7], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Mediator.Communication.DataContracts.GetInstallationContextCommand, In Quarantäne, [09ecc09774079d9971eed6eae023966a], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Mediator.Communication.DataContracts.GetLoginStatusCommand, In Quarantäne, [0aeb6aed760567cf64fbdfe1b64d4cb4], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Mediator.Communication.DataContracts.GetLoginStatusResult, In Quarantäne, [9c593c1bee8d73c3a5baf1cfee1505fb], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Mediator.Communication.DataContracts.GetVariableCommand, In Quarantäne, [eb0ab2a592e9a88e83dc12ae49ba748c], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Mediator.Communication.DataContracts.GetVariableResult, In Quarantäne, [8174cc8ba0dbd264cd925f61d42f619f], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Mediator.Communication.DataContracts.InstallationContextResult, In Quarantäne, [41b4a2b5c8b3db5be67960609c6749b7], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Mediator.Communication.DataContracts.LoadContentCommand, In Quarantäne, [767f06513c3f280e2e31b50b41c27d83], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Mediator.Communication.DataContracts.LoadContentCommandResult, In Quarantäne, [7283e4736516d0663c23566a48bb51af], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Mediator.Communication.DataContracts.LoginCommand, In Quarantäne, [01f40354a2d95adc4c1319a7b64d9b65], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Mediator.Communication.DataContracts.LoginStatusChangedCallback, In Quarantäne, [f0055ff87407b77f84db4878f70cc23e], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Mediator.Communication.DataContracts.LogoutCommand, In Quarantäne, [ba3b2a2d6f0c8bab253aead6fb08f30d], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Mediator.Communication.DataContracts.MergeIdentityCommand, In Quarantäne, [48adea6d5526d46279e6536d11f2926e], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Mediator.Communication.DataContracts.MyAccountCommand, In Quarantäne, [787d53044b30d85e520db010649f32ce], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Mediator.Communication.DataContracts.PlayContentCommand, In Quarantäne, [995cbf98df9c95a1124d10b0897a0bf5], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Mediator.Communication.DataContracts.PostContentCallback, In Quarantäne, [dc19c4930774ac8a0d524e723cc738c8], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Mediator.Communication.DataContracts.RecycleViewsCommand, In Quarantäne, [44b1f3647605f3435a05dde361a245bb], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Mediator.Communication.DataContracts.SetVariableCommand, In Quarantäne, [688d79def48732045b041ca4d42f5aa6], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Mediator.Communication.DataContracts.ShowBrowserWindowCommand, In Quarantäne, [c72e065134472016045b97294bb860a0], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Mediator.Communication.DataContracts.ShowPluginWindowCommand, In Quarantäne, [8d68b3a46e0d8ea8154a823e679c6c94], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Mediator.Communication.DataContracts.TestContentCommand, In Quarantäne, [876e7ddaf08b34024d12239d3cc7d729], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Mediator.Communication.DataContracts.UserContentChangedCallback, In Quarantäne, [24d197c0f685171f2b348d3313f05ca4], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Mediator.Communication.DataContracts.VariableChangedCallback, In Quarantäne, [569fb1a65a21ff3791ce794707fc8d73], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Mediator.Communication.DataContracts.WarmUpCommand, In Quarantäne, [70853621d2a90234b1ae48788083936d], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Mediator.Communication.DataContracts.WelcomeCommand, In Quarantäne, [5c990d4a5427cd69e37cfdc3e32042be], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Mediator.Communication.ServerCommand, In Quarantäne, [a253b3a46813e94dd58af4cc08fb936d], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Mediator.Communication.ServerResult, In Quarantäne, [a05579de05769a9c84db17a9937025db], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Mediator.LightContent, In Quarantäne, [ec091146077496a0aab5447c709322de], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Mediator.LightUri, In Quarantäne, [6f86ef68f88321159fc0bf01c93aa15f], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Mediator.MediatorServiceProxy, In Quarantäne, [d91ca4b3c2b90c2a5e01635d996a3cc4], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\IminentWebBooster.ScriptExtender, In Quarantäne, [a5500c4b85f68aacda26fcc863a0ef11], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\IminentWebBooster.ScriptExtender.1, In Quarantäne, [f8fdc88f9cdf4ee8b64a586c57ac7b85], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\Iminent.WebBooster.InternetExplorer.DLL, In Quarantäne, [d91cc98e2952d363b93d0fbc52b17789], 
PUP.Optional.Wajam.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\priam_bho.DLL, In Quarantäne, [b144b0a70d6e57df66f0497dc340eb15], 
PUP.Optional.PricePeep.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\PricePeep.DLL, In Quarantäne, [4da877e06318d26495fbcef69073ef11], 
PUP.Optional.ReMarkIt.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\dcpfhaghaadpjpgocojgnlhjcieeooel, In Quarantäne, [08edbb9c32493afc64075e72d62d6b95], 
PUP.Optional.Wajam.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\jpmbfleldcgkldadpdinhjjopdfpjfjp, In Quarantäne, [47ae4413ec8f7fb73df0a2046f930af6], 
PUP.Optional.PricePeep.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\PricePeep, In Quarantäne, [22d369eeee8db3838347c9c9ff03bc44], 
PUP.Optional.Linkury.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{BC0BF363-63AB-4FF7-8EF1-AE0D7F711B24}, In Quarantäne, [b73e1c3b3843da5ce0eb444e4ab88a76], 
PUP.Optional.Umbrella.A, HKLM\SOFTWARE\WOW6432NODE\UMBRELLA, In Quarantäne, [3bba81d61c5feb4bb7e09f257f84f907], 
PUP.Optional.Wajam.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WajamUpdater, In Quarantäne, [ce2702550e6d40f68c64ab1fcc37c838], 
PUP.Optional.Linkury.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\LPTSYSTEMUPDATER, In Quarantäne, [54a1431489f284b27e99e9be3bc7f60a], 
PUP.Optional.PlusHD.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Plus-HD-4.6, In Quarantäne, [ed08fb5c04777eb859b2188856ace719], 
PUP.Optional.Iminent.A, HKU\S-1-5-21-322448050-4293528468-1955477807-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Iminent, In Quarantäne, [15e083d452299e984b9ecde07f8348b8], 
PUP.Optional.SavingsBull.A, HKU\S-1-5-21-322448050-4293528468-1955477807-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SavingsBull, In Quarantäne, [5d983b1c1b6075c1dbe8fddee22105fb], 
PUP.Optional.SmartBar, HKU\S-1-5-21-322448050-4293528468-1955477807-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SmartbarBackup, In Quarantäne, [f7fe2c2b7dfeb383026bd00b5aa9bb45], 
PUP.Optional.SmartBar, HKU\S-1-5-21-322448050-4293528468-1955477807-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SmartbarLog, In Quarantäne, [7b7a1a3d1962a88e303c6d6e1be8b44c], 
PUP.Optional.WebSparkle.A, HKU\S-1-5-21-322448050-4293528468-1955477807-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\WebSparkle, In Quarantäne, [2ec7e572156667cfb0c87653778c629e], 
PUP.Optional.PlusHD.A, HKU\S-1-5-21-322448050-4293528468-1955477807-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Plus-HD-4.6, In Quarantäne, [0fe6f1661c5f2e0812f9cdd336ccd42c], 
PUP.Optional.SavingsBull.A, HKU\S-1-5-21-322448050-4293528468-1955477807-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Savings Bull, In Quarantäne, [53a23225e79451e5bb1123854bb7a957], 
PUP.Optional.SavingsBull.A, HKU\S-1-5-21-322448050-4293528468-1955477807-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\SavingsBull, In Quarantäne, [f9fcdf78116a1125edd583583cc7c53b], 
PUP.Optional.FilesFrog.A, HKU\S-1-5-21-322448050-4293528468-1955477807-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\BI, In Quarantäne, [16dfd285c6b57db9255ea523768d26da], 
PUP.Optional.InstallCore.A, HKU\S-1-5-21-322448050-4293528468-1955477807-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE\1I1T1Q1S, In Quarantäne, [3eb771e6275480b6856cb9f337cbbb45], 
PUP.Optional.InstallCore.A, HKU\S-1-5-21-322448050-4293528468-1955477807-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE, In Quarantäne, [9362282f1f5c2a0c7e80655db44f629e], 
PUP.Optional.PlusHD.A, HKU\S-1-5-21-322448050-4293528468-1955477807-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\Plus HD, In Quarantäne, [876ed87fa6d596a0c943663aac56ff01], 
PUP.Optional.Iminent.A, HKU\S-1-5-21-322448050-4293528468-1955477807-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOWREGISTRY\Iminent, In Quarantäne, [bd384d0a7cfffa3c3dc710887b873ac6], 
PUP.Optional.SevereWeatherAlerts.A, HKU\S-1-5-21-322448050-4293528468-1955477807-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\APP PATHS\SevereWeatherAlerts.exe, In Quarantäne, [c530de79502b8caa0533aa312ed5bb45], 
PUP.Optional.Softonic.A, HKU\S-1-5-21-322448050-4293528468-1955477807-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SOFTONIC\Universal Downloader, In Quarantäne, [f0054512e299f046a2ec0398966cea16], 
PUP.Optional.Somoto.A, HKU\S-1-5-21-322448050-4293528468-1955477807-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SOMOTO\SDP, In Quarantäne, [05f0d186cab1cd69b8fb7a4da85b55ab], 
PUP.Optional.AdvancedSystemProtector.A, HKU\S-1-5-21-322448050-4293528468-1955477807-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SYSTWEAK\Advanced System Protector, In Quarantäne, [47aeed6a1764e155565dc40446bd2fd1], 
PUP.Optional.RegCleanerPro.A, HKU\S-1-5-21-322448050-4293528468-1955477807-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SYSTWEAK\RegClean Pro, In Quarantäne, [b93c85d21b60d95db9fc12b6ba499a66], 
PUP.Optional.Wajam.A, HKU\S-1-5-21-322448050-4293528468-1955477807-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\WAJAM, In Quarantäne, [83722334f08bfe3822364284c53ea858], 
PUP.Optional.Iminent.A, HKU\S-1-5-21-322448050-4293528468-1955477807-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Iminent, In Quarantäne, [a4518dca403b2313b534e1cc857dd828], 
PUP.Optional.SavingsBull.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Level Quality Watcher, In Quarantäne, [01f479de87f4ec4ab89f6d111be76997], 
PUP.Optional.CrossRider.M, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{11111111-1111-1111-1111-110311961180}, In Quarantäne, [678e4710e09bab8bcf18035f53b1d12f], 
PUP.Optional.CrossRider.M, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{11111111-1111-1111-1111-110311961180}, In Quarantäne, [678e4710e09bab8bcf18035f53b1d12f], 
PUP.Optional.CrossRider.M, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{11111111-1111-1111-1111-110411151154}, In Quarantäne, [639247107209fa3c687f7fe32cd88c74], 
PUP.Optional.CrossRider.M, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{11111111-1111-1111-1111-110411151154}, In Quarantäne, [639247107209fa3c687f7fe32cd88c74], 
PUP.Optional.CrossRider.M, HKU\S-1-5-21-322448050-4293528468-1955477807-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{11111111-1111-1111-1111-110411151154}, In Quarantäne, [639247107209fa3c687f7fe32cd88c74], 
PUP.Optional.CrossRider.M, HKU\S-1-5-21-322448050-4293528468-1955477807-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{11111111-1111-1111-1111-110411151154}, In Quarantäne, [639247107209fa3c687f7fe32cd88c74], 
PUP.Optional.ReMarkIt.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{d473bc6a-7249-4528-8482-ddf6a15704a1}, In Quarantäne, [d12484d32a51bf776510243d996b1de3], 
PUP.Optional.ReMarkIt.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{D473BC6A-7249-4528-8482-DDF6A15704A1}, In Quarantäne, [d12484d32a51bf776510243d996b1de3], 

Registrierungswerte: 10
PUP.Optional.MoviesToolBar.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{3444C3C5-6C56-4A16-A453-832B05BF6EA4}, Movies Toolbar (Dist. by Somoto Ltd.), In Quarantäne, [50a5d582bbc0e74fd6b3c8a0b74b54ac]
PUP.Optional.MoviesToolBar.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\{3444c3c5-6c56-4a16-a453-832b05bf6ea4}, In Quarantäne, [d124094ef78449ed4247392fe71bc53b], 
PUP.Optional.Umbrella.A, HKLM\SOFTWARE\WOW6432NODE\UMBRELLA|MUpdBlock, {
   "MASSUPDATE" : {
      "CHROME_MBAR" : {
         "Checked" : 1,
         "RetryIdx" : 0,
         "Version" : 1
      },
      "FIREFOX_MBAR" : {
         "Checked" : 1,
         "RetryIdx" : 0,
         "Version" : 1
      },
      "IEXPLORE_BHO" : {
         "Checked" : 1,
         "RetryIdx" : 0,
         "Version" : 4
      }
   }
}
, In Quarantäne, [3bba81d61c5feb4bb7e09f257f84f907]
PUP.Optional.Wajam.A, HKLM\SOFTWARE\WOW6432NODE\WAJAM|red, 2, In Quarantäne, [bc39b99e3a41db5b86d3d9ed41c204fc]
PUP.Optional.Linkury.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\LPTSYSTEMUPDATER|ImagePath, "C:\Program Files (x86)\LPT\srpts.exe", In Quarantäne, [54a1431489f284b27e99e9be3bc7f60a]
PUP.Optional.FilesFrog.A, HKU\S-1-5-21-322448050-4293528468-1955477807-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\BI|ui_path_filesfrog, HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FilesFrog Update Checker, In Quarantäne, [16dfd285c6b57db9255ea523768d26da]
PUP.Optional.InstallCore.A, HKU\S-1-5-21-322448050-4293528468-1955477807-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE|tb, 0R0DtO0U1C1S1U1StR0J1Q2P1J1K1I2R, In Quarantäne, [9362282f1f5c2a0c7e80655db44f629e]
PUP.Optional.Wajam.A, HKU\S-1-5-21-322448050-4293528468-1955477807-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}, C:\Program Files (x86)\Wajam\Firefox\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpi, In Quarantäne, [07eec394116a55e1a8c6632ffe049c64]
PUP.Optional.Somoto.A, HKU\S-1-5-21-322448050-4293528468-1955477807-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SOMOTO\SDP|affid, network_inmediaincentflv_1, In Quarantäne, [05f0d186cab1cd69b8fb7a4da85b55ab]
PUP.Optional.Wajam.A, HKU\S-1-5-21-322448050-4293528468-1955477807-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\WAJAM|affiliate_id, 7006, In Quarantäne, [83722334f08bfe3822364284c53ea858]

Registrierungsdaten: 11
Hijack.SearchPage, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, hxxp://search.certified-toolbar.com?si=66807&tid=6724&ver=4.8&ts=1379973600000.000007&tguid=66807-6724-1380048835603-F3A081E4A0B2AA1CFB486DCA05041F61&st=chrome&q=, Gut: (hxxp://www.google.com), Schlecht: (hxxp://search.certified-toolbar.com?si=66807&tid=6724&ver=4.8&ts=1379973600000.000007&tguid=66807-6724-1380048835603-F3A081E4A0B2AA1CFB486DCA05041F61&st=chrome&q=),Ersetzt,[22d32235bfbcad89c5be1f3f5ea6a25e]
Hijack.SearchPage, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, hxxp://search.certified-toolbar.com?si=66807&tid=6724&ver=4.8&ts=1379973600000.000007&tguid=66807-6724-1380048835603-F3A081E4A0B2AA1CFB486DCA05041F61&st=chrome&q=, Gut: (hxxp://www.google.com), Schlecht: (hxxp://search.certified-toolbar.com?si=66807&tid=6724&ver=4.8&ts=1379973600000.000007&tguid=66807-6724-1380048835603-F3A081E4A0B2AA1CFB486DCA05041F61&st=chrome&q=),Ersetzt,[e70ea5b2a9d2d85ec8bd0856a55f54ac]
Hijack.SearchPage, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Bar, hxxp://search.certified-toolbar.com?si=66807&tid=6724&ver=4.8&ts=1379973600000.000007&tguid=66807-6724-1380048835603-F3A081E4A0B2AA1CFB486DCA05041F61&st=chrome&q=, Gut: (hxxp://www.google.com), Schlecht: (hxxp://search.certified-toolbar.com?si=66807&tid=6724&ver=4.8&ts=1379973600000.000007&tguid=66807-6724-1380048835603-F3A081E4A0B2AA1CFB486DCA05041F61&st=chrome&q=),Ersetzt,[7e771542a5d67abcfc88134b0202768a]
Hijack.SearchPage, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCH|Default_Search_URL, hxxp://search.certified-toolbar.com?si=66807&tid=6724&ver=4.8&ts=1379973600000.000007&tguid=66807-6724-1380048835603-F3A081E4A0B2AA1CFB486DCA05041F61&st=chrome&q=, Gut: (hxxp://www.google.com/), Schlecht: (hxxp://search.certified-toolbar.com?si=66807&tid=6724&ver=4.8&ts=1379973600000.000007&tguid=66807-6724-1380048835603-F3A081E4A0B2AA1CFB486DCA05041F61&st=chrome&q=),Ersetzt,[817493c43c3f64d2c9bdf36b6f95bc44]
PUP.Optional.SnapDo.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|Default, hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnmBFfXNpYai-qrtzE90kMBmXNl4gAaZMcLIvQpNVIgPZqao-gxLk2B-2mGBW83JexLMeyRYds5CgAw-U6s6H3AlrzkJXi7AutAqLgXOpaoJlNTNaJI45UBu67pFLmHMM1YzCvglGrDnYx_gvXT81NFGxRdM,&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnmBFfXNpYai-qrtzE90kMBmXNl4gAaZMcLIvQpNVIgPZqao-gxLk2B-2mGBW83JexLMeyRYds5CgAw-U6s6H3AlrzkJXi7AutAqLgXOpaoJlNTNaJI45UBu67pFLmHMM1YzCvglGrDnYx_gvXT81NFGxRdM,&q={searchTerms}),Ersetzt,[5c99fe590576d75fa74e2e273ec6af51]
Hijack.SearchPage, HKU\S-1-5-21-322448050-4293528468-1955477807-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, hxxp://search.certified-toolbar.com?si=66807&tid=6724&ver=4.8&ts=1379973600000.000007&tguid=66807-6724-1380048835603-F3A081E4A0B2AA1CFB486DCA05041F61&st=chrome&q=, Gut: (hxxp://www.google.com), Schlecht: (hxxp://search.certified-toolbar.com?si=66807&tid=6724&ver=4.8&ts=1379973600000.000007&tguid=66807-6724-1380048835603-F3A081E4A0B2AA1CFB486DCA05041F61&st=chrome&q=),Ersetzt,[b243a2b52259b680116fc797b153c53b]
PUP.Optional.Snapdo, HKU\S-1-5-21-322448050-4293528468-1955477807-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|Default_Search_URL, hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnmBFfXNpYai-qrtzE90kMBmXNl4gAaZMcLIvQpNVIgPZqao-gxLk2B-2mGBW83JexLMeyRYds5CgAw-U6s6H3AlrzkJXi7AutAqLgXOpaoJlNTNaJI45UBu67pFLmHMM1YzCvglGrDnYx_gvXT81NFGxRdM,&q={searchTerms}, Gut: (hxxp://www.google.com), Schlecht: (hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnmBFfXNpYai-qrtzE90kMBmXNl4gAaZMcLIvQpNVIgPZqao-gxLk2B-2mGBW83JexLMeyRYds5CgAw-U6s6H3AlrzkJXi7AutAqLgXOpaoJlNTNaJI45UBu67pFLmHMM1YzCvglGrDnYx_gvXT81NFGxRdM,&q={searchTerms}),Ersetzt,[8b6aa6b17dfec472aeaf3a25bf45da26]
PUP.Optional.Snapdo, HKU\S-1-5-21-322448050-4293528468-1955477807-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|SearchAssistant, hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnmBFfXNpYai-qrtzE90kMBmXNl4gAaZMcLIvQpNVIgPZqao-gxLk2B-2mGBW83JexLMeyRYds5CgAw-U6s6H3AlrzkJXi7AutAqLgXOpaoJlNTNaJI45UBu67pFLmHMM1YzCvglGrDnYx_gvXT81NFGxRdM,&q={searchTerms}, Gut: (hxxp://www.google.com), Schlecht: (hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnmBFfXNpYai-qrtzE90kMBmXNl4gAaZMcLIvQpNVIgPZqao-gxLk2B-2mGBW83JexLMeyRYds5CgAw-U6s6H3AlrzkJXi7AutAqLgXOpaoJlNTNaJI45UBu67pFLmHMM1YzCvglGrDnYx_gvXT81NFGxRdM,&q={searchTerms}),Ersetzt,[c33263f4dc9fd95da9b59fc0976d619f]
PUP.Optional.SearchCertifiedTB.A, HKU\S-1-5-21-322448050-4293528468-1955477807-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURI|(Default), hxxp://search.certified-toolbar.com?si=66807&st=bs&tid=6724&ver=4.8&ts=1379973600000.000007&tguid=66807-6724-1380048835603-F3A081E4A0B2AA1CFB486DCA05041F61&q=%s, Gut: (hxxp://www.google.com), Schlecht: (hxxp://search.certified-toolbar.com?si=66807&st=bs&tid=6724&ver=4.8&ts=1379973600000.000007&tguid=66807-6724-1380048835603-F3A081E4A0B2AA1CFB486DCA05041F61&q=%s),Ersetzt,[6b8a1344770446f0a7f8f16f05ff649c]
PUP.Optional.SearchCertifiedTB.A, HKU\S-1-5-21-322448050-4293528468-1955477807-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|(Default), hxxp://search.certified-toolbar.com?si=66807&st=bs&tid=6724&ver=4.8&ts=1379973600000.000007&tguid=66807-6724-1380048835603-F3A081E4A0B2AA1CFB486DCA05041F61&q=%s, Gut: (hxxp://www.google.com/), Schlecht: (hxxp://search.certified-toolbar.com?si=66807&st=bs&tid=6724&ver=4.8&ts=1379973600000.000007&tguid=66807-6724-1380048835603-F3A081E4A0B2AA1CFB486DCA05041F61&q=%s),Ersetzt,[cc29acabd2a9b284cdd32f31788c6c94]
PUP.Optional.SnapDo.A, HKU\S-1-5-21-322448050-4293528468-1955477807-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|Default, hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnmBFfXNpYai-qrtzE90kMBmXNl4gAaZMcLIvQpNVIgPZqao-gxLk2B-2mGBW83JexLMeyRYds5CgAw-U6s6H3AlrzkJXi7AutAqLgXOpaoJlNTNaJI45UBu67pFLmHMM1YzCvglGrDnYx_gvXT81NFGxRdM,&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnmBFfXNpYai-qrtzE90kMBmXNl4gAaZMcLIvQpNVIgPZqao-gxLk2B-2mGBW83JexLMeyRYds5CgAw-U6s6H3AlrzkJXi7AutAqLgXOpaoJlNTNaJI45UBu67pFLmHMM1YzCvglGrDnYx_gvXT81NFGxRdM,&q={searchTerms}),Ersetzt,[44b1f760710a69cd15e120356d974eb2]

Ordner: 57
PUP.Optional.RegCleanPro.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro, In Quarantäne, [33c28ccb96e5e74fd835e8ac6e94619f], 
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Protector, In Quarantäne, [fff6bf98fd7ec86eed2196fef012d12f], 
PUP.Optional.Linkury.A, C:\Users\lucab_000\AppData\Local\LPT, In Quarantäne, [678ed285215a39fdab69b5f23cc68c74], 
PUP.Optional.Linkury.A, C:\Users\lucab_000\AppData\Local\LPT\Configs, In Quarantäne, [678ed285215a39fdab69b5f23cc68c74], 
PUP.Optional.Linkury.A, C:\Users\lucab_000\AppData\Local\LPT\Resources, In Quarantäne, [678ed285215a39fdab69b5f23cc68c74], 
Adware.InstallBrain, C:\ProgramData\IBUpdaterService, In Quarantäne, [e31275e2a9d2191dd6fa089463a08977], 
PUP.Optional.Iminent.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Iminent, In Quarantäne, [6f8662f5e398be78c6db2b97d72c46ba], 
PUP.Optional.Iminent.A, C:\ProgramData\Iminent\Mediator, In Quarantäne, [25d0d97e87f4b68016098befe31fb050], 
PUP.Optional.Iminent.A, C:\ProgramData\Iminent\Mediator\Datas, In Quarantäne, [25d0d97e87f4b68016098befe31fb050], 
PUP.Optional.Iminent.A, C:\ProgramData\Iminent\Mediator\Datas\Cache, In Quarantäne, [25d0d97e87f4b68016098befe31fb050], 
PUP.Optional.Iminent.A, C:\ProgramData\Iminent\Mediator\Datas\Cache\apix.iminent.com, In Quarantäne, [25d0d97e87f4b68016098befe31fb050], 
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector, In Quarantäne, [85703b1cc7b4a88e5fd2e79347bbfb05], 
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\2.1.1000.12580, In Quarantäne, [85703b1cc7b4a88e5fd2e79347bbfb05], 
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\signatures, In Quarantäne, [85703b1cc7b4a88e5fd2e79347bbfb05], 
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\updates, In Quarantäne, [85703b1cc7b4a88e5fd2e79347bbfb05], 
PUP.Optional.AdvancedSystemProtector.A, C:\Users\lucab_000\AppData\Roaming\systweak\Advanced System Protector, In Quarantäne, [dd186dea5b208aac2c051a60ad550bf5], 
PUP.Optional.AdvancedSystemProtector.A, C:\Users\lucab_000\AppData\Roaming\systweak\Advanced System Protector\2.1.1000.12580, In Quarantäne, [dd186dea5b208aac2c051a60ad550bf5], 
PUP.Optional.FilesFrog.A, C:\Users\lucab_000\AppData\Local\FilesFrog Update Checker, In Quarantäne, [bd386ee91f5cdf57911a48321ae8e51b], 
PUP.Optional.FilesFrog.A, C:\Users\lucab_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker, In Quarantäne, [a84d1f38344773c3802c4e2ccf333dc3], 
PUP.Optional.SevereWeatherAlerts, C:\Users\lucab_000\AppData\Local\Weather_Notifications,_LL, In Quarantäne, [85707ed902792610dbdd2d4da45eb44c], 
PUP.Optional.SevereWeatherAlerts, C:\Users\lucab_000\AppData\Local\Weather_Notifications,_LL\SevereWeatherAlerts.exe_Url_lmkrdkx4bugjd51ue1zb4i1akoqdmb2k, In Quarantäne, [85707ed902792610dbdd2d4da45eb44c], 
PUP.Optional.SevereWeatherAlerts, C:\Users\lucab_000\AppData\Local\Weather_Notifications,_LL\SevereWeatherAlerts.exe_Url_lmkrdkx4bugjd51ue1zb4i1akoqdmb2k\1.21.0.0, In Quarantäne, [85707ed902792610dbdd2d4da45eb44c], 
PUP.Optional.MoviesToolBar.A, C:\Program Files (x86)\Movies Toolbar\SafetyNut, In Quarantäne, [d421fa5d7dfe8fa707c5e29846bc3dc3], 
PUP.Optional.MoviesToolBar.A, C:\Program Files (x86)\Movies Toolbar\SafetyNut\x64, In Quarantäne, [d421fa5d7dfe8fa707c5e29846bc3dc3], 
PUP.Optional.RegCleanerPro.A, C:\Users\lucab_000\AppData\Roaming\systweak\RegClean Pro, In Quarantäne, [0beae86fbcbf6bcb6f621664c53d58a8], 
PUP.Optional.RegCleanerPro.A, C:\Users\lucab_000\AppData\Roaming\systweak\RegClean Pro\Version 6.1, In Quarantäne, [0beae86fbcbf6bcb6f621664c53d58a8], 
PUP.Optional.Wajam.A, C:\Users\lucab_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam, In Quarantäne, [2cc9d1865f1c7bbb9c3593e847bbcb35], 
PUP.Optional.SavingsBull.A, C:\Program Files\SavingsBull, In Quarantäne, [01f479de87f4ec4ab89f6d111be76997], 
PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull, In Quarantäne, [cd281a3d94e756e0fa5d196546bc42be], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\defaults, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\defaults\preferences, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\locale, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\addon-kit, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\addon-kit\data, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\addon-kit\lib, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\data, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\event, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\addon, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\content, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\dom, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\events, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\l10n, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\private-browsing, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\system, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\tabs, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\traits, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\utils, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\window, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\windows, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\SavingsBull, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\SavingsBull\data, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\SavingsBull\lib, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\SavingsBull\tests, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 

Dateien: 183
PUP.Optional.CouponDownloader.A, C:\Program Files (x86)\SavingsBull\IEOptimizer.dll, In Quarantäne, [bd3867f07efd53e3103feb440df53bc5], 
Trojan.Miner, C:\Users\lucab_000\AppData\Roaming\SystemMn\cpmn\libcurl-4.dll, In Quarantäne, [f104cd8ab8c37bbbbf0c071aca388f71], 
PUP.BitCoinMiner, C:\Users\lucab_000\AppData\Roaming\SystemMn\cpmn\mnd.exe, In Quarantäne, [f5005ef9c8b377bf300b87885fa215eb], 
PUP.Optional.OptimumInstaller.A, C:\Users\lucab_000\Downloads\Player-Chrome.exe, In Quarantäne, [9d588bccf883f24413e07fcf02fff907], 
PUP.Optional.Somoto.A, C:\Users\lucab_000\AppData\Local\FilesFrog Update Checker\uninstall.exe, In Quarantäne, [8d6867f08cef5adc3d138c8037cac23e], 
PUP.Optional.FilesFrog.A, C:\Users\lucab_000\AppData\Local\FilesFrog Update Checker\update_checker.exe, In Quarantäne, [3db836210e6dec4a828c190a1be5ad53], 
PUP.Optional.Iminent.A, C:\Windows\Installer\20ff96.msi, In Quarantäne, [599cde79d8a34de90dd4d25c847dac54], 
PUP.Optional.SmartBar.A, C:\Windows\Installer\e2a85f8.msi, In Quarantäne, [995cfe59c1babb7bae2b0c1b16ea20e0], 
PUP.Optional.RegCleanPro.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro\Register RegClean Pro.lnk, In Quarantäne, [33c28ccb96e5e74fd835e8ac6e94619f], 
PUP.Optional.RegCleanPro.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro\RegClean Pro entfernen.lnk, In Quarantäne, [33c28ccb96e5e74fd835e8ac6e94619f], 
PUP.Optional.RegCleanPro.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro\RegClean Pro.lnk, In Quarantäne, [33c28ccb96e5e74fd835e8ac6e94619f], 
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Protector\Register Advanced System Protector.lnk, In Quarantäne, [fff6bf98fd7ec86eed2196fef012d12f], 
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Protector\Advanced System Protector entfernen.lnk, In Quarantäne, [fff6bf98fd7ec86eed2196fef012d12f], 
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Protector\Advanced System Protector Trouble Shooter.lnk, In Quarantäne, [fff6bf98fd7ec86eed2196fef012d12f], 
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Protector\Advanced System Protector.lnk, In Quarantäne, [fff6bf98fd7ec86eed2196fef012d12f], 
PUP.Optional.Iminent.A, C:\Users\janab_000\AppData\Roaming\Mozilla\Firefox\Profiles\vyus5trv.default\extensions\webbooster@iminent.com.xpi, In Quarantäne, [05f00f48433882b4064b564cc83abd43], 
PUP.Optional.WebSearch.A, C:\Users\janab_000\AppData\Roaming\Mozilla\Firefox\Profiles\vyus5trv.default\searchplugins\Web Search.xml, In Quarantäne, [fff62631bcbf60d62ed00c965da52fd1], 
PUP.Optional.WebSearch.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\searchplugins\Web Search.xml, In Quarantäne, [bc393e1995e6fc3a52ac1b87c33f7c84], 
PUP.Optional.PCPerformer.A, C:\Windows\System32\roboot64.exe, In Quarantäne, [807570e70b70999d706cc9dd32d018e8], 
PUP.Optional.Linkury.A, C:\Users\lucab_000\AppData\Local\LPT\PublisherSettings.xml, In Quarantäne, [678ed285215a39fdab69b5f23cc68c74], 
PUP.Optional.Linkury.A, C:\Users\lucab_000\AppData\Local\LPT\FiddlerCore.dll, In Quarantäne, [678ed285215a39fdab69b5f23cc68c74], 
PUP.Optional.Linkury.A, C:\Users\lucab_000\AppData\Local\LPT\HtmlAgilityPack.dll, In Quarantäne, [678ed285215a39fdab69b5f23cc68c74], 
PUP.Optional.Linkury.A, C:\Users\lucab_000\AppData\Local\LPT\linmsl.exe, In Quarantäne, [678ed285215a39fdab69b5f23cc68c74], 
PUP.Optional.Linkury.A, C:\Users\lucab_000\AppData\Local\LPT\LPTInstaller.msi, In Quarantäne, [678ed285215a39fdab69b5f23cc68c74], 
PUP.Optional.Linkury.A, C:\Users\lucab_000\AppData\Local\LPT\lrrot.dll, In Quarantäne, [678ed285215a39fdab69b5f23cc68c74], 
PUP.Optional.Linkury.A, C:\Users\lucab_000\AppData\Local\LPT\NewConfig.txt, In Quarantäne, [678ed285215a39fdab69b5f23cc68c74], 
PUP.Optional.Linkury.A, C:\Users\lucab_000\AppData\Local\LPT\Newtonsoft.Json.dll, In Quarantäne, [678ed285215a39fdab69b5f23cc68c74], 
PUP.Optional.Linkury.A, C:\Users\lucab_000\AppData\Local\LPT\Smartbar.Common.dll, In Quarantäne, [678ed285215a39fdab69b5f23cc68c74], 
PUP.Optional.Linkury.A, C:\Users\lucab_000\AppData\Local\LPT\Smartbar.Communication.dll, In Quarantäne, [678ed285215a39fdab69b5f23cc68c74], 
PUP.Optional.Linkury.A, C:\Users\lucab_000\AppData\Local\LPT\Smartbar.Communication.NamedPipe.dll, In Quarantäne, [678ed285215a39fdab69b5f23cc68c74], 
PUP.Optional.Linkury.A, C:\Users\lucab_000\AppData\Local\LPT\Smartbar.Infrastructure.Utilities.dll, In Quarantäne, [678ed285215a39fdab69b5f23cc68c74], 
PUP.Optional.Linkury.A, C:\Users\lucab_000\AppData\Local\LPT\Smartbar.Monetization.Proxy.ProxyRemover.exe, In Quarantäne, [678ed285215a39fdab69b5f23cc68c74], 
PUP.Optional.Linkury.A, C:\Users\lucab_000\AppData\Local\LPT\Smartbar.Monetization.Proxy.ProxyService.dll, In Quarantäne, [678ed285215a39fdab69b5f23cc68c74], 
PUP.Optional.Linkury.A, C:\Users\lucab_000\AppData\Local\LPT\Smartbar.Personalization.Common.dll, In Quarantäne, [678ed285215a39fdab69b5f23cc68c74], 
PUP.Optional.Linkury.A, C:\Users\lucab_000\AppData\Local\LPT\Smartbar.Resources.HistoryAndStatsWrapper.dll, In Quarantäne, [678ed285215a39fdab69b5f23cc68c74], 
PUP.Optional.Linkury.A, C:\Users\lucab_000\AppData\Local\LPT\sppsm.dll, In Quarantäne, [678ed285215a39fdab69b5f23cc68c74], 
PUP.Optional.Linkury.A, C:\Users\lucab_000\AppData\Local\LPT\spusm.dll, In Quarantäne, [678ed285215a39fdab69b5f23cc68c74], 
PUP.Optional.Linkury.A, C:\Users\lucab_000\AppData\Local\LPT\srbs.dll, In Quarantäne, [678ed285215a39fdab69b5f23cc68c74], 
PUP.Optional.Linkury.A, C:\Users\lucab_000\AppData\Local\LPT\srbu.dll, In Quarantäne, [678ed285215a39fdab69b5f23cc68c74], 
PUP.Optional.Linkury.A, C:\Users\lucab_000\AppData\Local\LPT\sreu.dll, In Quarantäne, [678ed285215a39fdab69b5f23cc68c74], 
PUP.Optional.Linkury.A, C:\Users\lucab_000\AppData\Local\LPT\srpdm.dll, In Quarantäne, [678ed285215a39fdab69b5f23cc68c74], 
PUP.Optional.Linkury.A, C:\Users\lucab_000\AppData\Local\LPT\srprl.dll, In Quarantäne, [678ed285215a39fdab69b5f23cc68c74], 
PUP.Optional.Linkury.A, C:\Users\lucab_000\AppData\Local\LPT\srpt.dll, In Quarantäne, [678ed285215a39fdab69b5f23cc68c74], 
PUP.Optional.Linkury.A, C:\Users\lucab_000\AppData\Local\LPT\srptc.dll, In Quarantäne, [678ed285215a39fdab69b5f23cc68c74], 
PUP.Optional.Linkury.A, C:\Users\lucab_000\AppData\Local\LPT\srptm.exe, In Quarantäne, [678ed285215a39fdab69b5f23cc68c74], 
PUP.Optional.Linkury.A, C:\Users\lucab_000\AppData\Local\LPT\srptm.exe.config, In Quarantäne, [678ed285215a39fdab69b5f23cc68c74], 
PUP.Optional.Linkury.A, C:\Users\lucab_000\AppData\Local\LPT\srut.dll, In Quarantäne, [678ed285215a39fdab69b5f23cc68c74], 
PUP.Optional.Linkury.A, C:\Users\lucab_000\AppData\Local\LPT\UserSettings.xml, In Quarantäne, [678ed285215a39fdab69b5f23cc68c74], 
PUP.Optional.Linkury.A, C:\Users\lucab_000\AppData\Local\LPT\XMLOperations.xml, In Quarantäne, [678ed285215a39fdab69b5f23cc68c74], 
PUP.Optional.Linkury.A, C:\Users\lucab_000\AppData\Local\LPT\Configs\BrowserSettings.xml, In Quarantäne, [678ed285215a39fdab69b5f23cc68c74], 
PUP.Optional.Linkury.A, C:\Users\lucab_000\AppData\Local\LPT\Configs\LPTMapping.xml, In Quarantäne, [678ed285215a39fdab69b5f23cc68c74], 
PUP.Optional.Linkury.A, C:\Users\lucab_000\AppData\Local\LPT\Configs\Timers.xml, In Quarantäne, [678ed285215a39fdab69b5f23cc68c74], 
PUP.Optional.Linkury.A, C:\Users\lucab_000\AppData\Local\LPT\Resources\LPT.xml, In Quarantäne, [678ed285215a39fdab69b5f23cc68c74], 
Adware.InstallBrain, C:\ProgramData\IBUpdaterService\repository.xml, In Quarantäne, [e31275e2a9d2191dd6fa089463a08977], 
PUP.Optional.Iminent.A, C:\Program Files (x86)\Mozilla Firefox\defaults\pref\all-iminent.js, In Quarantäne, [fff6d285e695f5415806d9e758abf20e], 
PUP.Optional.Iminent.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Iminent\SearchTheWeb.lnk, In Quarantäne, [6f8662f5e398be78c6db2b97d72c46ba], 
PUP.Optional.Iminent.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Iminent\Blog.lnk, In Quarantäne, [6f8662f5e398be78c6db2b97d72c46ba], 
PUP.Optional.Iminent.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Iminent\FAQ.lnk, In Quarantäne, [6f8662f5e398be78c6db2b97d72c46ba], 
PUP.Optional.Iminent.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Iminent\Help.lnk, In Quarantäne, [6f8662f5e398be78c6db2b97d72c46ba], 
PUP.Optional.Iminent.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Iminent\Iminent.lnk, In Quarantäne, [6f8662f5e398be78c6db2b97d72c46ba], 
PUP.Optional.Iminent.A, C:\ProgramData\Iminent\Mediator\Datas\Cache\apix.iminent.com\1033.11575f00-7bdc-4181-ba0a-b298aeab228c.dat, In Quarantäne, [25d0d97e87f4b68016098befe31fb050], 
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\AddonSafelist, In Quarantäne, [85703b1cc7b4a88e5fd2e79347bbfb05], 
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\log.xslt, In Quarantäne, [85703b1cc7b4a88e5fd2e79347bbfb05], 
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\updates\1545completedatabase.zip, In Quarantäne, [85703b1cc7b4a88e5fd2e79347bbfb05], 
PUP.Optional.AdvancedSystemProtector.A, C:\Users\lucab_000\AppData\Roaming\systweak\Advanced System Protector\QDetail.db, In Quarantäne, [dd186dea5b208aac2c051a60ad550bf5], 
PUP.Optional.AdvancedSystemProtector.A, C:\Users\lucab_000\AppData\Roaming\systweak\Advanced System Protector\Settings.db, In Quarantäne, [dd186dea5b208aac2c051a60ad550bf5], 
PUP.Optional.AdvancedSystemProtector.A, C:\Users\lucab_000\AppData\Roaming\systweak\Advanced System Protector\Update.ini, In Quarantäne, [dd186dea5b208aac2c051a60ad550bf5], 
PUP.Optional.AdvancedSystemProtector.A, C:\Users\lucab_000\AppData\Roaming\systweak\Advanced System Protector\2.1.1000.12580\ASPLog.txt, In Quarantäne, [dd186dea5b208aac2c051a60ad550bf5], 
PUP.Optional.SevereWeatherAlerts, C:\Users\lucab_000\AppData\Local\Weather_Notifications,_LL\SevereWeatherAlerts.exe_Url_lmkrdkx4bugjd51ue1zb4i1akoqdmb2k\1.21.0.0\user.config, In Quarantäne, [85707ed902792610dbdd2d4da45eb44c], 
PUP.Optional.MoviesToolBar.A, C:\Program Files (x86)\Movies Toolbar\SafetyNut\del_DM_LL_nsy93D.dll, In Quarantäne, [d421fa5d7dfe8fa707c5e29846bc3dc3], 
PUP.Optional.MoviesToolBar.A, C:\Program Files (x86)\Movies Toolbar\SafetyNut\x64\del_DM_LL_nsy93D.dll, In Quarantäne, [d421fa5d7dfe8fa707c5e29846bc3dc3], 
PUP.Optional.RegCleanerPro.A, C:\Users\lucab_000\AppData\Roaming\systweak\RegClean Pro\Version 6.1\bl.txt, In Quarantäne, [0beae86fbcbf6bcb6f621664c53d58a8], 
PUP.Optional.RegCleanerPro.A, C:\Users\lucab_000\AppData\Roaming\systweak\RegClean Pro\Version 6.1\German_rcp.dat, In Quarantäne, [0beae86fbcbf6bcb6f621664c53d58a8], 
PUP.Optional.RegCleanerPro.A, C:\Users\lucab_000\AppData\Roaming\systweak\RegClean Pro\Version 6.1\log_02-03-2014.log, In Quarantäne, [0beae86fbcbf6bcb6f621664c53d58a8], 
PUP.Optional.Wajam.A, C:\Users\lucab_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam\uninstall.lnk, In Quarantäne, [2cc9d1865f1c7bbb9c3593e847bbcb35], 
PUP.Optional.SavingsBull.A, C:\Program Files\SavingsBull\uninstaller.exe, In Quarantäne, [01f479de87f4ec4ab89f6d111be76997], 
PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\background.js, In Quarantäne, [cd281a3d94e756e0fa5d196546bc42be], 
PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\bootstrap.js, In Quarantäne, [cd281a3d94e756e0fa5d196546bc42be], 
PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\CustomActionInstall, In Quarantäne, [cd281a3d94e756e0fa5d196546bc42be], 
PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\CustomActionUninstall, In Quarantäne, [cd281a3d94e756e0fa5d196546bc42be], 
PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\icon128.png, In Quarantäne, [cd281a3d94e756e0fa5d196546bc42be], 
PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\icon16.png, In Quarantäne, [cd281a3d94e756e0fa5d196546bc42be], 
PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\icon32.png, In Quarantäne, [cd281a3d94e756e0fa5d196546bc42be], 
PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\icon48.png, In Quarantäne, [cd281a3d94e756e0fa5d196546bc42be], 
PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\icon64.png, In Quarantäne, [cd281a3d94e756e0fa5d196546bc42be], 
PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\icon8.png, In Quarantäne, [cd281a3d94e756e0fa5d196546bc42be], 
PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\IEOptimizer64.dll, In Quarantäne, [cd281a3d94e756e0fa5d196546bc42be], 
PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\manifest.json, In Quarantäne, [cd281a3d94e756e0fa5d196546bc42be], 
PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\marcopolo.js, In Quarantäne, [cd281a3d94e756e0fa5d196546bc42be], 
PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\Microsoft.Deployment.WindowsInstaller.dll, In Quarantäne, [cd281a3d94e756e0fa5d196546bc42be], 
PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\Microsoft.Deployment.WindowsInstaller.xml, In Quarantäne, [cd281a3d94e756e0fa5d196546bc42be], 
PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\SendJson.dll, In Quarantäne, [cd281a3d94e756e0fa5d196546bc42be], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\bootstrap.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\harness-options.json, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\icon.png, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\install.rdf, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\locales.json, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\defaults\preferences\prefs.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\addon-kit\lib\page-mod.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\addon-kit\lib\private-browsing.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\addon-kit\lib\request.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\addon-kit\lib\windows.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\observer-service.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\api-utils.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\base64.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\byte-streams.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\collection.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\content.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\cortex.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\cuddlefish.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\deprecate.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\environment.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\errors.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\events.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\file.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\functional.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\globals.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\heritage.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\hidden-frame.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\light-traits.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\list.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\loader.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\match-pattern.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\memory.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\namespace.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\plain-text-console.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\preferences-service.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\promise.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\querystring.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\runtime.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\sandbox.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\self.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\system.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\text-streams.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\timer.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\traceback.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\traits.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\unload.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\url.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\uuid.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\window-utils.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\xhr.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\xpcom.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\xul-app.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\event\core.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\event\target.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\addon\runner.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\content\content-proxy.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\content\content-worker.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\content\loader.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\content\symbiont.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\content\worker.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\dom\events.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\events\assembler.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\l10n\core.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\l10n\html.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\l10n\loader.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\l10n\locale.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\l10n\prefs.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\private-browsing\utils.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\system\events.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\tabs\events.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\tabs\observer.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\tabs\tab.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\tabs\utils.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\traits\core.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\utils\data.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\utils\object.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\utils\registry.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\utils\thumbnail.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\window\utils.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\windows\dom.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\windows\loader.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\windows\observer.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\windows\tabs.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\SavingsBull\data\icon64.png, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\SavingsBull\lib\main.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.CertifiedTB.A, C:\Users\janab_000\AppData\Roaming\Mozilla\Firefox\Profiles\vyus5trv.default\prefs.js, Gut: (), Schlecht: (user_pref("keyword.URL", "hxxp://search.certified-toolbar.com?si=66807&tid=6724&ver=4.8&ts=1379973600000.000007&tguid=66807-6724-1380048835603-F3A081E4A0B2AA1CFB486DCA05041F61&st=chrome&q=");), Ersetzt,[dc19afa891ea44f2c57996f7b64e2ad6]
PUP.Optional.SnapDo.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\prefs.js, Gut: (), Schlecht: (user_pref("browser.newtab.url", "hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnmBFfXNpYai-qrtzE90kMBmXNl4gAaZMcLIvQpNVIgPZqao-gxLk2B-2mGBW83JexLMeyRYds5CgAw-U6s6H3AlrzkJXgXnrvO7nfsC3nVY8ZwUMadsuiiumcvHgPNrUv1LWx_dCAItWLpgH6XzwrDqVQzc,");), Ersetzt,[738291c62a51b581993f98f444c013ed]
PUP.Optional.SnapDo.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\prefs.js, Gut: (), Schlecht: (user_pref("keyword.URL", "hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnmBFfXNpYai-qrtzE90kMBmXNl4gAaZMcLIvQpNVIgPZqao-gxLk2B-2mGBW83JexLMeyRYds5CgAw-U6s6H3AlrzkJXi7AutAqLgXOpaoJlNTNaJI45UBu67pFLmHMM1YzCvglGrDnYx_gvXT81NFGxRdM,&q=");), Ersetzt,[26cffd5a7cffd75fd009eaa2669e5ea2]
PUP.Optional.CrossRider.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.crossrider.bic", "141512fc7accc3e0223d77ef7c4daee1");), Ersetzt,[4baac98ec8b35bdbb03091fbb54f6c94]
PUP.Optional.Snapdo.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\prefs.js, Gut: (), Schlecht: (user_pref("browser.startup.homepage", "hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnmBFfXNpYai-qrtzE90kMBmXNl4gAaZMcLIvQpNVIgPZqao-gxLk2B-2mGBW83JexLMeyRYds5CgAw-U6s6H3AlrzkJXh-K8R1XRQ-jiQfqMTWwQqzARAjmGBQIkI1Js_N-nDjNv3aS8tz8LGq3qWdGDPlI,|hxxp://www.giga.de/androidnews/");), Ersetzt,[40b577e046359e9856d43e4f56aee41c]
PUP.Optional.Conduit.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\prefs.js, Gut: (), Schlecht: (user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3312329&CUI=UN27037197793128317&UM=2&SearchSource=3&q={searchTerms}");), Ersetzt,[03f244138dee0a2c0c49bcd1c4403ac6]

Physische Sektoren: 0
(No malicious items detected)


(end)

Luca Bley · 31.05.2014, 20:31

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 31.05.2014
Suchlauf-Zeit: 20:50:45
Logdatei: mbam.txt
Administrator: Ja

Version: 2.00.2.1012
Malware Datenbank: v2014.05.31.09
Rootkit Datenbank: v2014.05.21.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Self-protection: Deaktiviert

Betriebssystem: Windows 8
CPU: x64
Dateisystem: NTFS
Benutzer: lucab_000

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 373103
Verstrichene Zeit: 11 Min, 48 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 216
PUP.Optional.Wajam.A, HKLM\SOFTWARE\CLASSES\APPID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634}, In Quarantäne, [589d0b4ce09baa8ce845e5838b77936d], 
PUP.Optional.Wajam.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634}, In Quarantäne, [589d0b4ce09baa8ce845e5838b77936d], 
PUP.Optional.PricePeep.A, HKLM\SOFTWARE\CLASSES\APPID\{38A066B0-DD5F-4226-AC4F-6A27C1BFB892}, In Quarantäne, [40b510475e1d44f2dfe94c1bf80ab749], 
PUP.Optional.PricePeep.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{38A066B0-DD5F-4226-AC4F-6A27C1BFB892}, In Quarantäne, [40b510475e1d44f2dfe94c1bf80ab749], 
PUP.Optional.Wajam.A, HKLM\SOFTWARE\CLASSES\APPID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}, In Quarantäne, [4ea758ffceadbe7844ea392f0bf7d927], 
PUP.Optional.Wajam.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}, In Quarantäne, [4ea758ffceadbe7844ea392f0bf7d927], 
PUP.Optional.BrowseFox.A, HKLM\SOFTWARE\CLASSES\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}, In Quarantäne, [07ee99bef9822610a4d15116e022b34d], 
PUP.Optional.BrowseFox.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}, In Quarantäne, [07ee99bef9822610a4d15116e022b34d], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\CLSID\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}, In Quarantäne, [27ceea6d0f6c73c3a31fa2c44cb67a86], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\IminentWebBooster.BrowserHelperObject.1, In Quarantäne, [27ceea6d0f6c73c3a31fa2c44cb67a86], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\IminentWebBooster.BrowserHelperObject, In Quarantäne, [27ceea6d0f6c73c3a31fa2c44cb67a86], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\IminentWebBooster.BrowserHelperObject, In Quarantäne, [27ceea6d0f6c73c3a31fa2c44cb67a86], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}, In Quarantäne, [27ceea6d0f6c73c3a31fa2c44cb67a86], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}, In Quarantäne, [27ceea6d0f6c73c3a31fa2c44cb67a86], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\IminentWebBooster.BrowserHelperObject.1, In Quarantäne, [27ceea6d0f6c73c3a31fa2c44cb67a86], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{01A602A0-D0B9-445B-8081-719E4177C4A7}, In Quarantäne, [de1787d0651682b4f3860e597290d927], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.ShowControlCenterCommand, In Quarantäne, [de1787d0651682b4f3860e597290d927], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Mediator.Communication.DataContracts.ShowControlCenterCommand, In Quarantäne, [de1787d0651682b4f3860e597290d927], 
PUP.Optional.CouponDownloader.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{10AD2C61-0898-4348-8600-14A342F22AC3}, In Quarantäne, [bd3867f07efd53e3103feb440df53bc5], 
PUP.Optional.CouponDownloader.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{10AD2C61-0898-4348-8600-14A342F22AC3}, In Quarantäne, [bd3867f07efd53e3103feb440df53bc5], 
PUP.Optional.QuickShare.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}, In Quarantäne, [cd28b3a4bbc01b1b13d17aec17ebf50b], 
PUP.Optional.QuickShare.A, HKLM\SOFTWARE\CLASSES\IESmartBar.BHO, In Quarantäne, [cd28b3a4bbc01b1b13d17aec17ebf50b], 
PUP.Optional.QuickShare.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}, In Quarantäne, [cd28b3a4bbc01b1b13d17aec17ebf50b], 
PUP.Optional.QuickShare.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\IESmartBar.BHO, In Quarantäne, [cd28b3a4bbc01b1b13d17aec17ebf50b], 
PUP.Optional.Wajam.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{5D64294B-1341-4FE7-B6D8-7C36828D4DD5}, In Quarantäne, [1adb3324483305314fe03730b64c3cc4], 
PUP.Optional.Wajam.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{095BFD3C-4602-4FE1-96F1-AEFAFBFD067D}, In Quarantäne, [1adb3324483305314fe03730b64c3cc4], 
PUP.Optional.Wajam.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}, In Quarantäne, [1adb3324483305314fe03730b64c3cc4], 
PUP.Optional.Wajam.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}, In Quarantäne, [1adb3324483305314fe03730b64c3cc4], 
PUP.Optional.Wajam.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{095BFD3C-4602-4FE1-96F1-AEFAFBFD067D}, In Quarantäne, [1adb3324483305314fe03730b64c3cc4], 
PUP.Optional.Wajam.A, HKLM\SOFTWARE\CLASSES\wajam.WajamDownloader.1, In Quarantäne, [1adb3324483305314fe03730b64c3cc4], 
PUP.Optional.Wajam.A, HKLM\SOFTWARE\CLASSES\wajam.WajamDownloader, In Quarantäne, [1adb3324483305314fe03730b64c3cc4], 
PUP.Optional.Wajam.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\wajam.WajamDownloader, In Quarantäne, [1adb3324483305314fe03730b64c3cc4], 
PUP.Optional.Wajam.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\wajam.WajamDownloader.1, In Quarantäne, [1adb3324483305314fe03730b64c3cc4], 
PUP.Optional.WebSparkle.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{9f56bab3-2739-40ed-a8d0-1451657a9742}, In Quarantäne, [ac4966f1493238fe68f3f93be41e48b8], 
PUP.Optional.WebSparkle.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{9F56BAB3-2739-40ED-A8D0-1451657A9742}, In Quarantäne, [ac4966f1493238fe68f3f93be41e48b8], 
PUP.Optional.Wajam.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}, In Quarantäne, [9e57eb6cf18a3df96358280c44be817f], 
PUP.Optional.Wajam.A, HKLM\SOFTWARE\CLASSES\wajam.WajamBHO.1, In Quarantäne, [9e57eb6cf18a3df96358280c44be817f], 
PUP.Optional.Wajam.A, HKLM\SOFTWARE\CLASSES\wajam.WajamBHO, In Quarantäne, [9e57eb6cf18a3df96358280c44be817f], 
PUP.Optional.Wajam.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\wajam.WajamBHO, In Quarantäne, [9e57eb6cf18a3df96358280c44be817f], 
PUP.Optional.Wajam.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}, In Quarantäne, [9e57eb6cf18a3df96358280c44be817f], 
PUP.Optional.Wajam.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\wajam.WajamBHO.1, In Quarantäne, [9e57eb6cf18a3df96358280c44be817f], 
PUP.Optional.Wajam.A, HKU\S-1-5-21-322448050-4293528468-1955477807-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}, In Quarantäne, [9e57eb6cf18a3df96358280c44be817f], 
PUP.Optional.Wajam.A, HKU\S-1-5-21-322448050-4293528468-1955477807-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}, In Quarantäne, [9e57eb6cf18a3df96358280c44be817f], 
Adware.Agent, HKLM\SOFTWARE\CLASSES\TYPELIB\{3BF3DED5-0FC8-4207-AC09-AA7B5AF4E408}, In Quarantäne, [b342b7a0c3b8bf773511b87eb05233cd], 
Adware.Agent, HKLM\SOFTWARE\CLASSES\INTERFACE\{1B97A696-5576-43AC-A73B-E1D2C78F21E8}, In Quarantäne, [b342b7a0c3b8bf773511b87eb05233cd], 
Adware.Agent, HKLM\SOFTWARE\CLASSES\INTERFACE\{75BF416E-4326-45B5-8A2D-AE32D05B930B}, In Quarantäne, [b342b7a0c3b8bf773511b87eb05233cd], 
Adware.Agent, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{1B97A696-5576-43AC-A73B-E1D2C78F21E8}, In Quarantäne, [b342b7a0c3b8bf773511b87eb05233cd], 
Adware.Agent, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{75BF416E-4326-45B5-8A2D-AE32D05B930B}, In Quarantäne, [b342b7a0c3b8bf773511b87eb05233cd], 
Adware.Agent, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{3BF3DED5-0FC8-4207-AC09-AA7B5AF4E408}, In Quarantäne, [b342b7a0c3b8bf773511b87eb05233cd], 
PUP.Optional.OutBrowse, HKLM\SOFTWARE\CLASSES\TYPELIB\{DCABB943-792E-44C4-9029-ECBEE6265AF9}, In Quarantäne, [3fb620373744f343cd075ed4729014ec], 
PUP.Optional.OutBrowse, HKLM\SOFTWARE\CLASSES\INTERFACE\{3408AC0D-510E-4808-8F7B-6B70B1F88534}, In Quarantäne, [3fb620373744f343cd075ed4729014ec], 
PUP.Optional.OutBrowse, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{3408AC0D-510E-4808-8F7B-6B70B1F88534}, In Quarantäne, [3fb620373744f343cd075ed4729014ec], 
PUP.Optional.OutBrowse, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{DCABB943-792E-44C4-9029-ECBEE6265AF9}, In Quarantäne, [3fb620373744f343cd075ed4729014ec], 
PUP.Optional.MoviesToolBar.A, HKU\S-1-5-21-322448050-4293528468-1955477807-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{3444C3C5-6C56-4A16-A453-832B05BF6EA4}, In Quarantäne, [50a5d582bbc0e74fd6b3c8a0b74b54ac], 
PUP.Optional.MoviesToolBar.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{3444C3C5-6C56-4A16-A453-832B05BF6EA4}, In Quarantäne, [50a5d582bbc0e74fd6b3c8a0b74b54ac], 
PUP.Optional.MoviesToolBar.A, HKU\S-1-5-21-322448050-4293528468-1955477807-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{3444C3C5-6C56-4A16-A453-832B05BF6EA4}, In Quarantäne, [50a5d582bbc0e74fd6b3c8a0b74b54ac], 
PUP.Optional.MoviesToolBar.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3444C3C5-6C56-4A16-A453-832B05BF6EA4}, In Quarantäne, [50a5d582bbc0e74fd6b3c8a0b74b54ac], 
PUP.Optional.PricePeep.A, HKU\S-1-5-21-322448050-4293528468-1955477807-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}, In Quarantäne, [4baab1a6c9b292a4ebb9bcaaa2604ab6], 
PUP.Optional.PricePeep.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}, In Quarantäne, [4baab1a6c9b292a4ebb9bcaaa2604ab6], 
PUP.Optional.PricePeep.A, HKLM\SOFTWARE\CLASSES\PricePeep.PricePeepBho, In Quarantäne, [4baab1a6c9b292a4ebb9bcaaa2604ab6], 
PUP.Optional.PricePeep.A, HKLM\SOFTWARE\CLASSES\PricePeep.PricePeepBho.1, In Quarantäne, [4baab1a6c9b292a4ebb9bcaaa2604ab6], 
PUP.Optional.PricePeep.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\PricePeep.PricePeepBho, In Quarantäne, [4baab1a6c9b292a4ebb9bcaaa2604ab6], 
PUP.Optional.PricePeep.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\PricePeep.PricePeepBho.1, In Quarantäne, [4baab1a6c9b292a4ebb9bcaaa2604ab6], 
PUP.Optional.PricePeep.A, HKU\S-1-5-21-322448050-4293528468-1955477807-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}, In Quarantäne, [4baab1a6c9b292a4ebb9bcaaa2604ab6], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{0af350d9-3916-454b-ac53-0b0b65f41301}, In Quarantäne, [be37ee6929520c2abfdb1e49d42e0af6], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{68B81CCD-A80C-4060-8947-5AE69ED01199}, In Quarantäne, [b4414a0d87f4ff37b2e989dec1418b75], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E6B969FB-6D33-48d2-9061-8BBD4899EB08}, In Quarantäne, [ed08ef6855264ee8a2fa84e32cd6c53b], 
PUP.Optional.Somoto.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\FilesFrog Update Checker, In Quarantäne, [8d6867f08cef5adc3d138c8037cac23e], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\Iminent, In Quarantäne, [42b32136ed8e092d8f59cde01ae81be5], 
PUP.Optional.SavingsBull.A, HKLM\SOFTWARE\Savings Bull, In Quarantäne, [a154ed6a186353e36a637038be44ea16], 
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\CLASSES\CrossriderApp0039680.BHO, In Quarantäne, [cd2884d36d0e6cca7c6cd0f3f40fdc24], 
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\CLASSES\CrossriderApp0039680.Sandbox, In Quarantäne, [965f6cebff7c171ff5f37a49bd46d828], 
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\CLASSES\CrossriderApp0039680.Sandbox.1, In Quarantäne, [d421e176e49789ad5593f3d0996a0df3], 
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\CLASSES\CrossriderApp0041554.BHO, In Quarantäne, [aa4b05524e2d8fa776727e45867d39c7], 
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\CLASSES\CrossriderApp0041554.Sandbox, In Quarantäne, [728385d25625d56101e7358e18ebc63a], 
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\CLASSES\CrossriderApp0041554.Sandbox.1, In Quarantäne, [fdf8d6816615142223c5be055aa9c53b], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Business.Tinyfying.DownloadArgs, In Quarantäne, [1dd84611b9c2989e6e9303c13dc67d83], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Business.Tinyfying.LinkToPromoteArgs, In Quarantäne, [9f56154242398aac10f1cef6e71c728e], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Business.Tinyfying.RawDataArgs, In Quarantäne, [3eb72a2daad19f97728f0fb517ec7090], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Business.Tinyfying.TinyUrlArgs, In Quarantäne, [0fe63324f28981b5de236a5a7e850df3], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Business.Tinyfying.ViralLinkArgs, In Quarantäne, [4da80b4c0675aa8c4cb5576d5ca79b65], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.ClientCallback, In Quarantäne, [0ce9c1960a7182b48cd33f81dd2621df], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.ContractBase, In Quarantäne, [9164aaad96e567cf8ad5338d867df010], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.AddToUserContentCommand, In Quarantäne, [ea0b3225f08b1620233c9e22d42fa65a], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.CheckLoginStatusCommand, In Quarantäne, [ab4a391eafcc3afced728d33946ff10f], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.CleanCacheCommand, In Quarantäne, [4baa0e49106b5dd9ca95efd132d1d42c], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.GameOverCallback, In Quarantäne, [5a9b88cf7308f2440f5002be40c31ae6], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.GetCreditCommand, In Quarantäne, [f5006cebdaa143f37ae5309058ab16ea], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.GetInstallationContextCommand, In Quarantäne, [43b201562358c472a9b6259b748f58a8], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.GetLoginStatusCommand, In Quarantäne, [ca2b61f625569c9a5a052d93fc0749b7], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.GetLoginStatusResult, In Quarantäne, [7a7be275d7a421155906309051b2659b], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.GetVariableCommand, In Quarantäne, [0bea164102791323a8b74d7335cec937], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.GetVariableResult, In Quarantäne, [29cca5b25d1ea195cc93b50b5ca78779], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.InstallationContextResult, In Quarantäne, [47aedc7be4975cdab8a78e3223e0ba46], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.LoadContentCommand, In Quarantäne, [e31259fe2655c2749cc3e3ddee1523dd], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.LoadContentCommandResult, In Quarantäne, [569f62f56f0c87af223de5db7e855fa1], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.LoginCommand, In Quarantäne, [40b5a9ae0774270f203f5c642ed539c7], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.LoginStatusChangedCallback, In Quarantäne, [01f491c6a2d9c76f9ac52b952bd8f709], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.LogoutCommand, In Quarantäne, [04f15403f08b15217ce300c032d1e61a], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.MergeIdentityCommand, In Quarantäne, [a055c493f18a04323c23744cc93ab848], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.MyAccountCommand, In Quarantäne, [aa4b00575c1f2b0b2d32526e8d76a759], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.PlayContentCommand, In Quarantäne, [39bc2235136875c1a9b6358b28db1fe1], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.PostContentCallback, In Quarantäne, [9b5a35221e5db38388d77b451de6d030], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.RecycleViewsCommand, In Quarantäne, [47ae391e0d6e1620a7b8bf01956e10f0], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.SetVariableCommand, In Quarantäne, [92630057e4979d992738566a8380ef11], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.ShowBrowserWindowCommand, In Quarantäne, [09ec5502205b46f0bba4249c8e756c94], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.ShowPluginWindowCommand, In Quarantäne, [04f170e776056ccaa4bbd8e8847f08f8], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.TestContentCommand, In Quarantäne, [718431267b00f6402a35ecd482816d93], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.UserContentChangedCallback, In Quarantäne, [a154f067cead2d09411ea21ecd36d729], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.VariableChangedCallback, In Quarantäne, [18dda2b5c0bbc373abb4a31dd62d728e], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.WarmUpCommand, In Quarantäne, [c530ed6a6d0e0c2a93ccedd3ef1424dc], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.WelcomeCommand, In Quarantäne, [1adb0e4949323204134c7c44c241b54b], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.ServerCommand, In Quarantäne, [a253c394116a50e661fe11afe122a35d], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.ServerResult, In Quarantäne, [ee0714433b40ad891946d2ee50b34ab6], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.LightContent, In Quarantäne, [b44161f618633afcb2ad8b35e41fad53], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.LightUri, In Quarantäne, [e80d9eb9403b70c6253aefd10102e31d], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.MediatorServiceProxy, In Quarantäne, [bf3686d1413ac373e679615ff90a4ab6], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\IminentWebBooster.ScriptExtender, In Quarantäne, [3db827301e5d6fc753ad23a1d62d29d7], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\IminentWebBooster.ScriptExtender.1, In Quarantäne, [a5505afd4239ef474ab6d3f109faae52], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\APPID\Iminent.WebBooster.InternetExplorer.DLL, In Quarantäne, [b63fe86f68132c0a9d59f6d5927110f0], 
PUP.Optional.Wajam.A, HKLM\SOFTWARE\CLASSES\APPID\priam_bho.DLL, In Quarantäne, [e5101542e99243f3183e21a5f50ef50b], 
PUP.Optional.PricePeep.A, HKLM\SOFTWARE\CLASSES\APPID\PricePeep.DLL, In Quarantäne, [27ce4d0af388cc6a216f8b3931d25da3], 
PUP.Optional.A2ZLyrics.A, HKLM\SOFTWARE\WOW6432NODE\a2zLyrics-1, In Quarantäne, [d421a1b628537eb8e0d4d5f2a55e29d7], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\Iminent, In Quarantäne, [fafb1c3b2e4dfb3bab3d545911f149b7], 
PUP.Optional.PlusHD.A, HKLM\SOFTWARE\WOW6432NODE\Plus-HD-4.6, In Quarantäne, [40b50d4ad3a8cc6af5c477389b67837d], 
PUP.Optional.Wajam.A, HKLM\SOFTWARE\WOW6432NODE\Wajam, In Quarantäne, [04f193c4e6953ef8e9d5e0fd10f354ac], 
PUP.Optional.WebSparkle.A, HKLM\SOFTWARE\WOW6432NODE\WebSparkle, In Quarantäne, [27cedf78ef8c75c1075cad2d39ca4db3], 
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CrossriderApp0039680.BHO, In Quarantäne, [6590183f1f5cc3739b4de3e0ee15a858], 
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CrossriderApp0039680.Sandbox, In Quarantäne, [44b140171a61f244796f6c57a45fe020], 
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CrossriderApp0039680.Sandbox.1, In Quarantäne, [1dd8d3841d5e1b1baf396063a2610cf4], 
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CrossriderApp0041554.BHO, In Quarantäne, [2fc60c4b9edd2e08994f754e55ae53ad], 
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CrossriderApp0041554.Sandbox, In Quarantäne, [8f66da7d6c0fce685f89a41fa3600cf4], 
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CrossriderApp0041554.Sandbox.1, In Quarantäne, [b441094e74077abc30b8972ca85b7e82], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Business.Tinyfying.DownloadArgs, In Quarantäne, [e90c65f2314a92a4da27d5ef6d9625db], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Business.Tinyfying.LinkToPromoteArgs, In Quarantäne, [41b4da7db2c9dc5a8879259f44bfd32d], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Business.Tinyfying.RawDataArgs, In Quarantäne, [85703b1c49320f272cd516ae19ea0ff1], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Business.Tinyfying.TinyUrlArgs, In Quarantäne, [8372c691d6a5d36320e1ac189a69f808], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Business.Tinyfying.ViralLinkArgs, In Quarantäne, [2cc92d2ac3b81e18b74adbe922e1a957], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Mediator.Communication.ClientCallback, In Quarantäne, [03f2154223587db990cf9e22b44f5ca4], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Mediator.Communication.ContractBase, In Quarantäne, [e114cb8c4e2d67cf7ee1a21e60a3827e], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Mediator.Communication.DataContracts.AddToUserContentCommand, In Quarantäne, [08edcd8a5b20ae88ec73714fd82be51b], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Mediator.Communication.DataContracts.CheckLoginStatusCommand, In Quarantäne, [9d5877e0d3a8d1653b24536d8c77aa56], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Mediator.Communication.DataContracts.CleanCacheCommand, In Quarantäne, [36bf80d724579b9b09568d3306fd7e82], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Mediator.Communication.DataContracts.GameOverCallback, In Quarantäne, [678edb7c6a1193a32a35d9e76f946c94], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Mediator.Communication.DataContracts.GetCreditCommand, In Quarantäne, [2dc8afa8fa81280ed887952b867d09f7], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Mediator.Communication.DataContracts.GetInstallationContextCommand, In Quarantäne, [09ecc09774079d9971eed6eae023966a], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Mediator.Communication.DataContracts.GetLoginStatusCommand, In Quarantäne, [0aeb6aed760567cf64fbdfe1b64d4cb4], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Mediator.Communication.DataContracts.GetLoginStatusResult, In Quarantäne, [9c593c1bee8d73c3a5baf1cfee1505fb], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Mediator.Communication.DataContracts.GetVariableCommand, In Quarantäne, [eb0ab2a592e9a88e83dc12ae49ba748c], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Mediator.Communication.DataContracts.GetVariableResult, In Quarantäne, [8174cc8ba0dbd264cd925f61d42f619f], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Mediator.Communication.DataContracts.InstallationContextResult, In Quarantäne, [41b4a2b5c8b3db5be67960609c6749b7], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Mediator.Communication.DataContracts.LoadContentCommand, In Quarantäne, [767f06513c3f280e2e31b50b41c27d83], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Mediator.Communication.DataContracts.LoadContentCommandResult, In Quarantäne, [7283e4736516d0663c23566a48bb51af], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Mediator.Communication.DataContracts.LoginCommand, In Quarantäne, [01f40354a2d95adc4c1319a7b64d9b65], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Mediator.Communication.DataContracts.LoginStatusChangedCallback, In Quarantäne, [f0055ff87407b77f84db4878f70cc23e], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Mediator.Communication.DataContracts.LogoutCommand, In Quarantäne, [ba3b2a2d6f0c8bab253aead6fb08f30d], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Mediator.Communication.DataContracts.MergeIdentityCommand, In Quarantäne, [48adea6d5526d46279e6536d11f2926e], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Mediator.Communication.DataContracts.MyAccountCommand, In Quarantäne, [787d53044b30d85e520db010649f32ce], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Mediator.Communication.DataContracts.PlayContentCommand, In Quarantäne, [995cbf98df9c95a1124d10b0897a0bf5], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Mediator.Communication.DataContracts.PostContentCallback, In Quarantäne, [dc19c4930774ac8a0d524e723cc738c8], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Mediator.Communication.DataContracts.RecycleViewsCommand, In Quarantäne, [44b1f3647605f3435a05dde361a245bb], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Mediator.Communication.DataContracts.SetVariableCommand, In Quarantäne, [688d79def48732045b041ca4d42f5aa6], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Mediator.Communication.DataContracts.ShowBrowserWindowCommand, In Quarantäne, [c72e065134472016045b97294bb860a0], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Mediator.Communication.DataContracts.ShowPluginWindowCommand, In Quarantäne, [8d68b3a46e0d8ea8154a823e679c6c94], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Mediator.Communication.DataContracts.TestContentCommand, In Quarantäne, [876e7ddaf08b34024d12239d3cc7d729], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Mediator.Communication.DataContracts.UserContentChangedCallback, In Quarantäne, [24d197c0f685171f2b348d3313f05ca4], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Mediator.Communication.DataContracts.VariableChangedCallback, In Quarantäne, [569fb1a65a21ff3791ce794707fc8d73], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Mediator.Communication.DataContracts.WarmUpCommand, In Quarantäne, [70853621d2a90234b1ae48788083936d], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Mediator.Communication.DataContracts.WelcomeCommand, In Quarantäne, [5c990d4a5427cd69e37cfdc3e32042be], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Mediator.Communication.ServerCommand, In Quarantäne, [a253b3a46813e94dd58af4cc08fb936d], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Mediator.Communication.ServerResult, In Quarantäne, [a05579de05769a9c84db17a9937025db], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Mediator.LightContent, In Quarantäne, [ec091146077496a0aab5447c709322de], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Mediator.LightUri, In Quarantäne, [6f86ef68f88321159fc0bf01c93aa15f], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Mediator.MediatorServiceProxy, In Quarantäne, [d91ca4b3c2b90c2a5e01635d996a3cc4], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\IminentWebBooster.ScriptExtender, In Quarantäne, [a5500c4b85f68aacda26fcc863a0ef11], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\IminentWebBooster.ScriptExtender.1, In Quarantäne, [f8fdc88f9cdf4ee8b64a586c57ac7b85], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\Iminent.WebBooster.InternetExplorer.DLL, In Quarantäne, [d91cc98e2952d363b93d0fbc52b17789], 
PUP.Optional.Wajam.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\priam_bho.DLL, In Quarantäne, [b144b0a70d6e57df66f0497dc340eb15], 
PUP.Optional.PricePeep.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\PricePeep.DLL, In Quarantäne, [4da877e06318d26495fbcef69073ef11], 
PUP.Optional.ReMarkIt.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\dcpfhaghaadpjpgocojgnlhjcieeooel, In Quarantäne, [08edbb9c32493afc64075e72d62d6b95], 
PUP.Optional.Wajam.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\jpmbfleldcgkldadpdinhjjopdfpjfjp, In Quarantäne, [47ae4413ec8f7fb73df0a2046f930af6], 
PUP.Optional.PricePeep.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\PricePeep, In Quarantäne, [22d369eeee8db3838347c9c9ff03bc44], 
PUP.Optional.Linkury.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{BC0BF363-63AB-4FF7-8EF1-AE0D7F711B24}, In Quarantäne, [b73e1c3b3843da5ce0eb444e4ab88a76], 
PUP.Optional.Umbrella.A, HKLM\SOFTWARE\WOW6432NODE\UMBRELLA, In Quarantäne, [3bba81d61c5feb4bb7e09f257f84f907], 
PUP.Optional.Wajam.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WajamUpdater, In Quarantäne, [ce2702550e6d40f68c64ab1fcc37c838], 
PUP.Optional.Linkury.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\LPTSYSTEMUPDATER, In Quarantäne, [54a1431489f284b27e99e9be3bc7f60a], 
PUP.Optional.PlusHD.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Plus-HD-4.6, In Quarantäne, [ed08fb5c04777eb859b2188856ace719], 
PUP.Optional.Iminent.A, HKU\S-1-5-21-322448050-4293528468-1955477807-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Iminent, In Quarantäne, [15e083d452299e984b9ecde07f8348b8], 
PUP.Optional.SavingsBull.A, HKU\S-1-5-21-322448050-4293528468-1955477807-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SavingsBull, In Quarantäne, [5d983b1c1b6075c1dbe8fddee22105fb], 
PUP.Optional.SmartBar, HKU\S-1-5-21-322448050-4293528468-1955477807-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SmartbarBackup, In Quarantäne, [f7fe2c2b7dfeb383026bd00b5aa9bb45], 
PUP.Optional.SmartBar, HKU\S-1-5-21-322448050-4293528468-1955477807-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SmartbarLog, In Quarantäne, [7b7a1a3d1962a88e303c6d6e1be8b44c], 
PUP.Optional.WebSparkle.A, HKU\S-1-5-21-322448050-4293528468-1955477807-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\WebSparkle, In Quarantäne, [2ec7e572156667cfb0c87653778c629e], 
PUP.Optional.PlusHD.A, HKU\S-1-5-21-322448050-4293528468-1955477807-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Plus-HD-4.6, In Quarantäne, [0fe6f1661c5f2e0812f9cdd336ccd42c], 
PUP.Optional.SavingsBull.A, HKU\S-1-5-21-322448050-4293528468-1955477807-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Savings Bull, In Quarantäne, [53a23225e79451e5bb1123854bb7a957], 
PUP.Optional.SavingsBull.A, HKU\S-1-5-21-322448050-4293528468-1955477807-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\SavingsBull, In Quarantäne, [f9fcdf78116a1125edd583583cc7c53b], 
PUP.Optional.FilesFrog.A, HKU\S-1-5-21-322448050-4293528468-1955477807-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\BI, In Quarantäne, [16dfd285c6b57db9255ea523768d26da], 
PUP.Optional.InstallCore.A, HKU\S-1-5-21-322448050-4293528468-1955477807-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE\1I1T1Q1S, In Quarantäne, [3eb771e6275480b6856cb9f337cbbb45], 
PUP.Optional.InstallCore.A, HKU\S-1-5-21-322448050-4293528468-1955477807-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE, In Quarantäne, [9362282f1f5c2a0c7e80655db44f629e], 
PUP.Optional.PlusHD.A, HKU\S-1-5-21-322448050-4293528468-1955477807-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\Plus HD, In Quarantäne, [876ed87fa6d596a0c943663aac56ff01], 
PUP.Optional.Iminent.A, HKU\S-1-5-21-322448050-4293528468-1955477807-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOWREGISTRY\Iminent, In Quarantäne, [bd384d0a7cfffa3c3dc710887b873ac6], 
PUP.Optional.SevereWeatherAlerts.A, HKU\S-1-5-21-322448050-4293528468-1955477807-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\APP PATHS\SevereWeatherAlerts.exe, In Quarantäne, [c530de79502b8caa0533aa312ed5bb45], 
PUP.Optional.Softonic.A, HKU\S-1-5-21-322448050-4293528468-1955477807-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SOFTONIC\Universal Downloader, In Quarantäne, [f0054512e299f046a2ec0398966cea16], 
PUP.Optional.Somoto.A, HKU\S-1-5-21-322448050-4293528468-1955477807-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SOMOTO\SDP, In Quarantäne, [05f0d186cab1cd69b8fb7a4da85b55ab], 
PUP.Optional.AdvancedSystemProtector.A, HKU\S-1-5-21-322448050-4293528468-1955477807-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SYSTWEAK\Advanced System Protector, In Quarantäne, [47aeed6a1764e155565dc40446bd2fd1], 
PUP.Optional.RegCleanerPro.A, HKU\S-1-5-21-322448050-4293528468-1955477807-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SYSTWEAK\RegClean Pro, In Quarantäne, [b93c85d21b60d95db9fc12b6ba499a66], 
PUP.Optional.Wajam.A, HKU\S-1-5-21-322448050-4293528468-1955477807-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\WAJAM, In Quarantäne, [83722334f08bfe3822364284c53ea858], 
PUP.Optional.Iminent.A, HKU\S-1-5-21-322448050-4293528468-1955477807-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Iminent, In Quarantäne, [a4518dca403b2313b534e1cc857dd828], 
PUP.Optional.SavingsBull.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Level Quality Watcher, In Quarantäne, [01f479de87f4ec4ab89f6d111be76997], 
PUP.Optional.CrossRider.M, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{11111111-1111-1111-1111-110311961180}, In Quarantäne, [678e4710e09bab8bcf18035f53b1d12f], 
PUP.Optional.CrossRider.M, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{11111111-1111-1111-1111-110311961180}, In Quarantäne, [678e4710e09bab8bcf18035f53b1d12f], 
PUP.Optional.CrossRider.M, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{11111111-1111-1111-1111-110411151154}, In Quarantäne, [639247107209fa3c687f7fe32cd88c74], 
PUP.Optional.CrossRider.M, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{11111111-1111-1111-1111-110411151154}, In Quarantäne, [639247107209fa3c687f7fe32cd88c74], 
PUP.Optional.CrossRider.M, HKU\S-1-5-21-322448050-4293528468-1955477807-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{11111111-1111-1111-1111-110411151154}, In Quarantäne, [639247107209fa3c687f7fe32cd88c74], 
PUP.Optional.CrossRider.M, HKU\S-1-5-21-322448050-4293528468-1955477807-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{11111111-1111-1111-1111-110411151154}, In Quarantäne, [639247107209fa3c687f7fe32cd88c74], 
PUP.Optional.ReMarkIt.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{d473bc6a-7249-4528-8482-ddf6a15704a1}, In Quarantäne, [d12484d32a51bf776510243d996b1de3], 
PUP.Optional.ReMarkIt.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{D473BC6A-7249-4528-8482-DDF6A15704A1}, In Quarantäne, [d12484d32a51bf776510243d996b1de3], 

Registrierungswerte: 10
PUP.Optional.MoviesToolBar.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{3444C3C5-6C56-4A16-A453-832B05BF6EA4}, Movies Toolbar (Dist. by Somoto Ltd.), In Quarantäne, [50a5d582bbc0e74fd6b3c8a0b74b54ac]
PUP.Optional.MoviesToolBar.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\{3444c3c5-6c56-4a16-a453-832b05bf6ea4}, In Quarantäne, [d124094ef78449ed4247392fe71bc53b], 
PUP.Optional.Umbrella.A, HKLM\SOFTWARE\WOW6432NODE\UMBRELLA|MUpdBlock, {
   "MASSUPDATE" : {
      "CHROME_MBAR" : {
         "Checked" : 1,
         "RetryIdx" : 0,
         "Version" : 1
      },
      "FIREFOX_MBAR" : {
         "Checked" : 1,
         "RetryIdx" : 0,
         "Version" : 1
      },
      "IEXPLORE_BHO" : {
         "Checked" : 1,
         "RetryIdx" : 0,
         "Version" : 4
      }
   }
}
, In Quarantäne, [3bba81d61c5feb4bb7e09f257f84f907]
PUP.Optional.Wajam.A, HKLM\SOFTWARE\WOW6432NODE\WAJAM|red, 2, In Quarantäne, [bc39b99e3a41db5b86d3d9ed41c204fc]
PUP.Optional.Linkury.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\LPTSYSTEMUPDATER|ImagePath, "C:\Program Files (x86)\LPT\srpts.exe", In Quarantäne, [54a1431489f284b27e99e9be3bc7f60a]
PUP.Optional.FilesFrog.A, HKU\S-1-5-21-322448050-4293528468-1955477807-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\BI|ui_path_filesfrog, HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FilesFrog Update Checker, In Quarantäne, [16dfd285c6b57db9255ea523768d26da]
PUP.Optional.InstallCore.A, HKU\S-1-5-21-322448050-4293528468-1955477807-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE|tb, 0R0DtO0U1C1S1U1StR0J1Q2P1J1K1I2R, In Quarantäne, [9362282f1f5c2a0c7e80655db44f629e]
PUP.Optional.Wajam.A, HKU\S-1-5-21-322448050-4293528468-1955477807-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}, C:\Program Files (x86)\Wajam\Firefox\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpi, In Quarantäne, [07eec394116a55e1a8c6632ffe049c64]
PUP.Optional.Somoto.A, HKU\S-1-5-21-322448050-4293528468-1955477807-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SOMOTO\SDP|affid, network_inmediaincentflv_1, In Quarantäne, [05f0d186cab1cd69b8fb7a4da85b55ab]
PUP.Optional.Wajam.A, HKU\S-1-5-21-322448050-4293528468-1955477807-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\WAJAM|affiliate_id, 7006, In Quarantäne, [83722334f08bfe3822364284c53ea858]

Registrierungsdaten: 11
Hijack.SearchPage, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, hxxp://search.certified-toolbar.com?si=66807&tid=6724&ver=4.8&ts=1379973600000.000007&tguid=66807-6724-1380048835603-F3A081E4A0B2AA1CFB486DCA05041F61&st=chrome&q=, Gut: (hxxp://www.google.com), Schlecht: (hxxp://search.certified-toolbar.com?si=66807&tid=6724&ver=4.8&ts=1379973600000.000007&tguid=66807-6724-1380048835603-F3A081E4A0B2AA1CFB486DCA05041F61&st=chrome&q=),Ersetzt,[22d32235bfbcad89c5be1f3f5ea6a25e]
Hijack.SearchPage, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, hxxp://search.certified-toolbar.com?si=66807&tid=6724&ver=4.8&ts=1379973600000.000007&tguid=66807-6724-1380048835603-F3A081E4A0B2AA1CFB486DCA05041F61&st=chrome&q=, Gut: (hxxp://www.google.com), Schlecht: (hxxp://search.certified-toolbar.com?si=66807&tid=6724&ver=4.8&ts=1379973600000.000007&tguid=66807-6724-1380048835603-F3A081E4A0B2AA1CFB486DCA05041F61&st=chrome&q=),Ersetzt,[e70ea5b2a9d2d85ec8bd0856a55f54ac]
Hijack.SearchPage, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Bar, hxxp://search.certified-toolbar.com?si=66807&tid=6724&ver=4.8&ts=1379973600000.000007&tguid=66807-6724-1380048835603-F3A081E4A0B2AA1CFB486DCA05041F61&st=chrome&q=, Gut: (hxxp://www.google.com), Schlecht: (hxxp://search.certified-toolbar.com?si=66807&tid=6724&ver=4.8&ts=1379973600000.000007&tguid=66807-6724-1380048835603-F3A081E4A0B2AA1CFB486DCA05041F61&st=chrome&q=),Ersetzt,[7e771542a5d67abcfc88134b0202768a]
Hijack.SearchPage, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCH|Default_Search_URL, hxxp://search.certified-toolbar.com?si=66807&tid=6724&ver=4.8&ts=1379973600000.000007&tguid=66807-6724-1380048835603-F3A081E4A0B2AA1CFB486DCA05041F61&st=chrome&q=, Gut: (hxxp://www.google.com/), Schlecht: (hxxp://search.certified-toolbar.com?si=66807&tid=6724&ver=4.8&ts=1379973600000.000007&tguid=66807-6724-1380048835603-F3A081E4A0B2AA1CFB486DCA05041F61&st=chrome&q=),Ersetzt,[817493c43c3f64d2c9bdf36b6f95bc44]
PUP.Optional.SnapDo.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|Default, hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnmBFfXNpYai-qrtzE90kMBmXNl4gAaZMcLIvQpNVIgPZqao-gxLk2B-2mGBW83JexLMeyRYds5CgAw-U6s6H3AlrzkJXi7AutAqLgXOpaoJlNTNaJI45UBu67pFLmHMM1YzCvglGrDnYx_gvXT81NFGxRdM,&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnmBFfXNpYai-qrtzE90kMBmXNl4gAaZMcLIvQpNVIgPZqao-gxLk2B-2mGBW83JexLMeyRYds5CgAw-U6s6H3AlrzkJXi7AutAqLgXOpaoJlNTNaJI45UBu67pFLmHMM1YzCvglGrDnYx_gvXT81NFGxRdM,&q={searchTerms}),Ersetzt,[5c99fe590576d75fa74e2e273ec6af51]
Hijack.SearchPage, HKU\S-1-5-21-322448050-4293528468-1955477807-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, hxxp://search.certified-toolbar.com?si=66807&tid=6724&ver=4.8&ts=1379973600000.000007&tguid=66807-6724-1380048835603-F3A081E4A0B2AA1CFB486DCA05041F61&st=chrome&q=, Gut: (hxxp://www.google.com), Schlecht: (hxxp://search.certified-toolbar.com?si=66807&tid=6724&ver=4.8&ts=1379973600000.000007&tguid=66807-6724-1380048835603-F3A081E4A0B2AA1CFB486DCA05041F61&st=chrome&q=),Ersetzt,[b243a2b52259b680116fc797b153c53b]
PUP.Optional.Snapdo, HKU\S-1-5-21-322448050-4293528468-1955477807-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|Default_Search_URL, hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnmBFfXNpYai-qrtzE90kMBmXNl4gAaZMcLIvQpNVIgPZqao-gxLk2B-2mGBW83JexLMeyRYds5CgAw-U6s6H3AlrzkJXi7AutAqLgXOpaoJlNTNaJI45UBu67pFLmHMM1YzCvglGrDnYx_gvXT81NFGxRdM,&q={searchTerms}, Gut: (hxxp://www.google.com), Schlecht: (hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnmBFfXNpYai-qrtzE90kMBmXNl4gAaZMcLIvQpNVIgPZqao-gxLk2B-2mGBW83JexLMeyRYds5CgAw-U6s6H3AlrzkJXi7AutAqLgXOpaoJlNTNaJI45UBu67pFLmHMM1YzCvglGrDnYx_gvXT81NFGxRdM,&q={searchTerms}),Ersetzt,[8b6aa6b17dfec472aeaf3a25bf45da26]
PUP.Optional.Snapdo, HKU\S-1-5-21-322448050-4293528468-1955477807-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|SearchAssistant, hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnmBFfXNpYai-qrtzE90kMBmXNl4gAaZMcLIvQpNVIgPZqao-gxLk2B-2mGBW83JexLMeyRYds5CgAw-U6s6H3AlrzkJXi7AutAqLgXOpaoJlNTNaJI45UBu67pFLmHMM1YzCvglGrDnYx_gvXT81NFGxRdM,&q={searchTerms}, Gut: (hxxp://www.google.com), Schlecht: (hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnmBFfXNpYai-qrtzE90kMBmXNl4gAaZMcLIvQpNVIgPZqao-gxLk2B-2mGBW83JexLMeyRYds5CgAw-U6s6H3AlrzkJXi7AutAqLgXOpaoJlNTNaJI45UBu67pFLmHMM1YzCvglGrDnYx_gvXT81NFGxRdM,&q={searchTerms}),Ersetzt,[c33263f4dc9fd95da9b59fc0976d619f]
PUP.Optional.SearchCertifiedTB.A, HKU\S-1-5-21-322448050-4293528468-1955477807-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURI|(Default), hxxp://search.certified-toolbar.com?si=66807&st=bs&tid=6724&ver=4.8&ts=1379973600000.000007&tguid=66807-6724-1380048835603-F3A081E4A0B2AA1CFB486DCA05041F61&q=%s, Gut: (hxxp://www.google.com), Schlecht: (hxxp://search.certified-toolbar.com?si=66807&st=bs&tid=6724&ver=4.8&ts=1379973600000.000007&tguid=66807-6724-1380048835603-F3A081E4A0B2AA1CFB486DCA05041F61&q=%s),Ersetzt,[6b8a1344770446f0a7f8f16f05ff649c]
PUP.Optional.SearchCertifiedTB.A, HKU\S-1-5-21-322448050-4293528468-1955477807-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|(Default), hxxp://search.certified-toolbar.com?si=66807&st=bs&tid=6724&ver=4.8&ts=1379973600000.000007&tguid=66807-6724-1380048835603-F3A081E4A0B2AA1CFB486DCA05041F61&q=%s, Gut: (hxxp://www.google.com/), Schlecht: (hxxp://search.certified-toolbar.com?si=66807&st=bs&tid=6724&ver=4.8&ts=1379973600000.000007&tguid=66807-6724-1380048835603-F3A081E4A0B2AA1CFB486DCA05041F61&q=%s),Ersetzt,[cc29acabd2a9b284cdd32f31788c6c94]
PUP.Optional.SnapDo.A, HKU\S-1-5-21-322448050-4293528468-1955477807-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|Default, hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnmBFfXNpYai-qrtzE90kMBmXNl4gAaZMcLIvQpNVIgPZqao-gxLk2B-2mGBW83JexLMeyRYds5CgAw-U6s6H3AlrzkJXi7AutAqLgXOpaoJlNTNaJI45UBu67pFLmHMM1YzCvglGrDnYx_gvXT81NFGxRdM,&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnmBFfXNpYai-qrtzE90kMBmXNl4gAaZMcLIvQpNVIgPZqao-gxLk2B-2mGBW83JexLMeyRYds5CgAw-U6s6H3AlrzkJXi7AutAqLgXOpaoJlNTNaJI45UBu67pFLmHMM1YzCvglGrDnYx_gvXT81NFGxRdM,&q={searchTerms}),Ersetzt,[44b1f760710a69cd15e120356d974eb2]

Ordner: 57
PUP.Optional.RegCleanPro.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro, In Quarantäne, [33c28ccb96e5e74fd835e8ac6e94619f], 
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Protector, In Quarantäne, [fff6bf98fd7ec86eed2196fef012d12f], 
PUP.Optional.Linkury.A, C:\Users\lucab_000\AppData\Local\LPT, In Quarantäne, [678ed285215a39fdab69b5f23cc68c74], 
PUP.Optional.Linkury.A, C:\Users\lucab_000\AppData\Local\LPT\Configs, In Quarantäne, [678ed285215a39fdab69b5f23cc68c74], 
PUP.Optional.Linkury.A, C:\Users\lucab_000\AppData\Local\LPT\Resources, In Quarantäne, [678ed285215a39fdab69b5f23cc68c74], 
Adware.InstallBrain, C:\ProgramData\IBUpdaterService, In Quarantäne, [e31275e2a9d2191dd6fa089463a08977], 
PUP.Optional.Iminent.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Iminent, In Quarantäne, [6f8662f5e398be78c6db2b97d72c46ba], 
PUP.Optional.Iminent.A, C:\ProgramData\Iminent\Mediator, In Quarantäne, [25d0d97e87f4b68016098befe31fb050], 
PUP.Optional.Iminent.A, C:\ProgramData\Iminent\Mediator\Datas, In Quarantäne, [25d0d97e87f4b68016098befe31fb050], 
PUP.Optional.Iminent.A, C:\ProgramData\Iminent\Mediator\Datas\Cache, In Quarantäne, [25d0d97e87f4b68016098befe31fb050], 
PUP.Optional.Iminent.A, C:\ProgramData\Iminent\Mediator\Datas\Cache\apix.iminent.com, In Quarantäne, [25d0d97e87f4b68016098befe31fb050], 
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector, In Quarantäne, [85703b1cc7b4a88e5fd2e79347bbfb05], 
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\2.1.1000.12580, In Quarantäne, [85703b1cc7b4a88e5fd2e79347bbfb05], 
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\signatures, In Quarantäne, [85703b1cc7b4a88e5fd2e79347bbfb05], 
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\updates, In Quarantäne, [85703b1cc7b4a88e5fd2e79347bbfb05], 
PUP.Optional.AdvancedSystemProtector.A, C:\Users\lucab_000\AppData\Roaming\systweak\Advanced System Protector, In Quarantäne, [dd186dea5b208aac2c051a60ad550bf5], 
PUP.Optional.AdvancedSystemProtector.A, C:\Users\lucab_000\AppData\Roaming\systweak\Advanced System Protector\2.1.1000.12580, In Quarantäne, [dd186dea5b208aac2c051a60ad550bf5], 
PUP.Optional.FilesFrog.A, C:\Users\lucab_000\AppData\Local\FilesFrog Update Checker, In Quarantäne, [bd386ee91f5cdf57911a48321ae8e51b], 
PUP.Optional.FilesFrog.A, C:\Users\lucab_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker, In Quarantäne, [a84d1f38344773c3802c4e2ccf333dc3], 
PUP.Optional.SevereWeatherAlerts, C:\Users\lucab_000\AppData\Local\Weather_Notifications,_LL, In Quarantäne, [85707ed902792610dbdd2d4da45eb44c], 
PUP.Optional.SevereWeatherAlerts, C:\Users\lucab_000\AppData\Local\Weather_Notifications,_LL\SevereWeatherAlerts.exe_Url_lmkrdkx4bugjd51ue1zb4i1akoqdmb2k, In Quarantäne, [85707ed902792610dbdd2d4da45eb44c], 
PUP.Optional.SevereWeatherAlerts, C:\Users\lucab_000\AppData\Local\Weather_Notifications,_LL\SevereWeatherAlerts.exe_Url_lmkrdkx4bugjd51ue1zb4i1akoqdmb2k\1.21.0.0, In Quarantäne, [85707ed902792610dbdd2d4da45eb44c], 
PUP.Optional.MoviesToolBar.A, C:\Program Files (x86)\Movies Toolbar\SafetyNut, In Quarantäne, [d421fa5d7dfe8fa707c5e29846bc3dc3], 
PUP.Optional.MoviesToolBar.A, C:\Program Files (x86)\Movies Toolbar\SafetyNut\x64, In Quarantäne, [d421fa5d7dfe8fa707c5e29846bc3dc3], 
PUP.Optional.RegCleanerPro.A, C:\Users\lucab_000\AppData\Roaming\systweak\RegClean Pro, In Quarantäne, [0beae86fbcbf6bcb6f621664c53d58a8], 
PUP.Optional.RegCleanerPro.A, C:\Users\lucab_000\AppData\Roaming\systweak\RegClean Pro\Version 6.1, In Quarantäne, [0beae86fbcbf6bcb6f621664c53d58a8], 
PUP.Optional.Wajam.A, C:\Users\lucab_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam, In Quarantäne, [2cc9d1865f1c7bbb9c3593e847bbcb35], 
PUP.Optional.SavingsBull.A, C:\Program Files\SavingsBull, In Quarantäne, [01f479de87f4ec4ab89f6d111be76997], 
PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull, In Quarantäne, [cd281a3d94e756e0fa5d196546bc42be], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\defaults, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\defaults\preferences, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\locale, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\addon-kit, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\addon-kit\data, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\addon-kit\lib, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\data, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\event, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\addon, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\content, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\dom, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\events, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\l10n, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\private-browsing, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\system, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\tabs, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\traits, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\utils, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\window, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\windows, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\SavingsBull, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\SavingsBull\data, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\SavingsBull\lib, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\SavingsBull\tests, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 

Dateien: 183
PUP.Optional.CouponDownloader.A, C:\Program Files (x86)\SavingsBull\IEOptimizer.dll, In Quarantäne, [bd3867f07efd53e3103feb440df53bc5], 
Trojan.Miner, C:\Users\lucab_000\AppData\Roaming\SystemMn\cpmn\libcurl-4.dll, In Quarantäne, [f104cd8ab8c37bbbbf0c071aca388f71], 
PUP.BitCoinMiner, C:\Users\lucab_000\AppData\Roaming\SystemMn\cpmn\mnd.exe, In Quarantäne, [f5005ef9c8b377bf300b87885fa215eb], 
PUP.Optional.OptimumInstaller.A, C:\Users\lucab_000\Downloads\Player-Chrome.exe, In Quarantäne, [9d588bccf883f24413e07fcf02fff907], 
PUP.Optional.Somoto.A, C:\Users\lucab_000\AppData\Local\FilesFrog Update Checker\uninstall.exe, In Quarantäne, [8d6867f08cef5adc3d138c8037cac23e], 
PUP.Optional.FilesFrog.A, C:\Users\lucab_000\AppData\Local\FilesFrog Update Checker\update_checker.exe, In Quarantäne, [3db836210e6dec4a828c190a1be5ad53], 
PUP.Optional.Iminent.A, C:\Windows\Installer\20ff96.msi, In Quarantäne, [599cde79d8a34de90dd4d25c847dac54], 
PUP.Optional.SmartBar.A, C:\Windows\Installer\e2a85f8.msi, In Quarantäne, [995cfe59c1babb7bae2b0c1b16ea20e0], 
PUP.Optional.RegCleanPro.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro\Register RegClean Pro.lnk, In Quarantäne, [33c28ccb96e5e74fd835e8ac6e94619f], 
PUP.Optional.RegCleanPro.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro\RegClean Pro entfernen.lnk, In Quarantäne, [33c28ccb96e5e74fd835e8ac6e94619f], 
PUP.Optional.RegCleanPro.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro\RegClean Pro.lnk, In Quarantäne, [33c28ccb96e5e74fd835e8ac6e94619f], 
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Protector\Register Advanced System Protector.lnk, In Quarantäne, [fff6bf98fd7ec86eed2196fef012d12f], 
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Protector\Advanced System Protector entfernen.lnk, In Quarantäne, [fff6bf98fd7ec86eed2196fef012d12f], 
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Protector\Advanced System Protector Trouble Shooter.lnk, In Quarantäne, [fff6bf98fd7ec86eed2196fef012d12f], 
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Protector\Advanced System Protector.lnk, In Quarantäne, [fff6bf98fd7ec86eed2196fef012d12f], 
PUP.Optional.Iminent.A, C:\Users\janab_000\AppData\Roaming\Mozilla\Firefox\Profiles\vyus5trv.default\extensions\webbooster@iminent.com.xpi, In Quarantäne, [05f00f48433882b4064b564cc83abd43], 
PUP.Optional.WebSearch.A, C:\Users\janab_000\AppData\Roaming\Mozilla\Firefox\Profiles\vyus5trv.default\searchplugins\Web Search.xml, In Quarantäne, [fff62631bcbf60d62ed00c965da52fd1], 
PUP.Optional.WebSearch.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\searchplugins\Web Search.xml, In Quarantäne, [bc393e1995e6fc3a52ac1b87c33f7c84], 
PUP.Optional.PCPerformer.A, C:\Windows\System32\roboot64.exe, In Quarantäne, [807570e70b70999d706cc9dd32d018e8], 
PUP.Optional.Linkury.A, C:\Users\lucab_000\AppData\Local\LPT\PublisherSettings.xml, In Quarantäne, [678ed285215a39fdab69b5f23cc68c74], 
PUP.Optional.Linkury.A, C:\Users\lucab_000\AppData\Local\LPT\FiddlerCore.dll, In Quarantäne, [678ed285215a39fdab69b5f23cc68c74], 
PUP.Optional.Linkury.A, C:\Users\lucab_000\AppData\Local\LPT\HtmlAgilityPack.dll, In Quarantäne, [678ed285215a39fdab69b5f23cc68c74], 
PUP.Optional.Linkury.A, C:\Users\lucab_000\AppData\Local\LPT\linmsl.exe, In Quarantäne, [678ed285215a39fdab69b5f23cc68c74], 
PUP.Optional.Linkury.A, C:\Users\lucab_000\AppData\Local\LPT\LPTInstaller.msi, In Quarantäne, [678ed285215a39fdab69b5f23cc68c74], 
PUP.Optional.Linkury.A, C:\Users\lucab_000\AppData\Local\LPT\lrrot.dll, In Quarantäne, [678ed285215a39fdab69b5f23cc68c74], 
PUP.Optional.Linkury.A, C:\Users\lucab_000\AppData\Local\LPT\NewConfig.txt, In Quarantäne, [678ed285215a39fdab69b5f23cc68c74], 
PUP.Optional.Linkury.A, C:\Users\lucab_000\AppData\Local\LPT\Newtonsoft.Json.dll, In Quarantäne, [678ed285215a39fdab69b5f23cc68c74], 
PUP.Optional.Linkury.A, C:\Users\lucab_000\AppData\Local\LPT\Smartbar.Common.dll, In Quarantäne, [678ed285215a39fdab69b5f23cc68c74], 
PUP.Optional.Linkury.A, C:\Users\lucab_000\AppData\Local\LPT\Smartbar.Communication.dll, In Quarantäne, [678ed285215a39fdab69b5f23cc68c74], 
PUP.Optional.Linkury.A, C:\Users\lucab_000\AppData\Local\LPT\Smartbar.Communication.NamedPipe.dll, In Quarantäne, [678ed285215a39fdab69b5f23cc68c74], 
PUP.Optional.Linkury.A, C:\Users\lucab_000\AppData\Local\LPT\Smartbar.Infrastructure.Utilities.dll, In Quarantäne, [678ed285215a39fdab69b5f23cc68c74], 
PUP.Optional.Linkury.A, C:\Users\lucab_000\AppData\Local\LPT\Smartbar.Monetization.Proxy.ProxyRemover.exe, In Quarantäne, [678ed285215a39fdab69b5f23cc68c74], 
PUP.Optional.Linkury.A, C:\Users\lucab_000\AppData\Local\LPT\Smartbar.Monetization.Proxy.ProxyService.dll, In Quarantäne, [678ed285215a39fdab69b5f23cc68c74], 
PUP.Optional.Linkury.A, C:\Users\lucab_000\AppData\Local\LPT\Smartbar.Personalization.Common.dll, In Quarantäne, [678ed285215a39fdab69b5f23cc68c74], 
PUP.Optional.Linkury.A, C:\Users\lucab_000\AppData\Local\LPT\Smartbar.Resources.HistoryAndStatsWrapper.dll, In Quarantäne, [678ed285215a39fdab69b5f23cc68c74], 
PUP.Optional.Linkury.A, C:\Users\lucab_000\AppData\Local\LPT\sppsm.dll, In Quarantäne, [678ed285215a39fdab69b5f23cc68c74], 
PUP.Optional.Linkury.A, C:\Users\lucab_000\AppData\Local\LPT\spusm.dll, In Quarantäne, [678ed285215a39fdab69b5f23cc68c74], 
PUP.Optional.Linkury.A, C:\Users\lucab_000\AppData\Local\LPT\srbs.dll, In Quarantäne, [678ed285215a39fdab69b5f23cc68c74], 
PUP.Optional.Linkury.A, C:\Users\lucab_000\AppData\Local\LPT\srbu.dll, In Quarantäne, [678ed285215a39fdab69b5f23cc68c74], 
PUP.Optional.Linkury.A, C:\Users\lucab_000\AppData\Local\LPT\sreu.dll, In Quarantäne, [678ed285215a39fdab69b5f23cc68c74], 
PUP.Optional.Linkury.A, C:\Users\lucab_000\AppData\Local\LPT\srpdm.dll, In Quarantäne, [678ed285215a39fdab69b5f23cc68c74], 
PUP.Optional.Linkury.A, C:\Users\lucab_000\AppData\Local\LPT\srprl.dll, In Quarantäne, [678ed285215a39fdab69b5f23cc68c74], 
PUP.Optional.Linkury.A, C:\Users\lucab_000\AppData\Local\LPT\srpt.dll, In Quarantäne, [678ed285215a39fdab69b5f23cc68c74], 
PUP.Optional.Linkury.A, C:\Users\lucab_000\AppData\Local\LPT\srptc.dll, In Quarantäne, [678ed285215a39fdab69b5f23cc68c74], 
PUP.Optional.Linkury.A, C:\Users\lucab_000\AppData\Local\LPT\srptm.exe, In Quarantäne, [678ed285215a39fdab69b5f23cc68c74], 
PUP.Optional.Linkury.A, C:\Users\lucab_000\AppData\Local\LPT\srptm.exe.config, In Quarantäne, [678ed285215a39fdab69b5f23cc68c74], 
PUP.Optional.Linkury.A, C:\Users\lucab_000\AppData\Local\LPT\srut.dll, In Quarantäne, [678ed285215a39fdab69b5f23cc68c74], 
PUP.Optional.Linkury.A, C:\Users\lucab_000\AppData\Local\LPT\UserSettings.xml, In Quarantäne, [678ed285215a39fdab69b5f23cc68c74], 
PUP.Optional.Linkury.A, C:\Users\lucab_000\AppData\Local\LPT\XMLOperations.xml, In Quarantäne, [678ed285215a39fdab69b5f23cc68c74], 
PUP.Optional.Linkury.A, C:\Users\lucab_000\AppData\Local\LPT\Configs\BrowserSettings.xml, In Quarantäne, [678ed285215a39fdab69b5f23cc68c74], 
PUP.Optional.Linkury.A, C:\Users\lucab_000\AppData\Local\LPT\Configs\LPTMapping.xml, In Quarantäne, [678ed285215a39fdab69b5f23cc68c74], 
PUP.Optional.Linkury.A, C:\Users\lucab_000\AppData\Local\LPT\Configs\Timers.xml, In Quarantäne, [678ed285215a39fdab69b5f23cc68c74], 
PUP.Optional.Linkury.A, C:\Users\lucab_000\AppData\Local\LPT\Resources\LPT.xml, In Quarantäne, [678ed285215a39fdab69b5f23cc68c74], 
Adware.InstallBrain, C:\ProgramData\IBUpdaterService\repository.xml, In Quarantäne, [e31275e2a9d2191dd6fa089463a08977], 
PUP.Optional.Iminent.A, C:\Program Files (x86)\Mozilla Firefox\defaults\pref\all-iminent.js, In Quarantäne, [fff6d285e695f5415806d9e758abf20e], 
PUP.Optional.Iminent.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Iminent\SearchTheWeb.lnk, In Quarantäne, [6f8662f5e398be78c6db2b97d72c46ba], 
PUP.Optional.Iminent.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Iminent\Blog.lnk, In Quarantäne, [6f8662f5e398be78c6db2b97d72c46ba], 
PUP.Optional.Iminent.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Iminent\FAQ.lnk, In Quarantäne, [6f8662f5e398be78c6db2b97d72c46ba], 
PUP.Optional.Iminent.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Iminent\Help.lnk, In Quarantäne, [6f8662f5e398be78c6db2b97d72c46ba], 
PUP.Optional.Iminent.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Iminent\Iminent.lnk, In Quarantäne, [6f8662f5e398be78c6db2b97d72c46ba], 
PUP.Optional.Iminent.A, C:\ProgramData\Iminent\Mediator\Datas\Cache\apix.iminent.com\1033.11575f00-7bdc-4181-ba0a-b298aeab228c.dat, In Quarantäne, [25d0d97e87f4b68016098befe31fb050], 
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\AddonSafelist, In Quarantäne, [85703b1cc7b4a88e5fd2e79347bbfb05], 
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\log.xslt, In Quarantäne, [85703b1cc7b4a88e5fd2e79347bbfb05], 
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\updates\1545completedatabase.zip, In Quarantäne, [85703b1cc7b4a88e5fd2e79347bbfb05], 
PUP.Optional.AdvancedSystemProtector.A, C:\Users\lucab_000\AppData\Roaming\systweak\Advanced System Protector\QDetail.db, In Quarantäne, [dd186dea5b208aac2c051a60ad550bf5], 
PUP.Optional.AdvancedSystemProtector.A, C:\Users\lucab_000\AppData\Roaming\systweak\Advanced System Protector\Settings.db, In Quarantäne, [dd186dea5b208aac2c051a60ad550bf5], 
PUP.Optional.AdvancedSystemProtector.A, C:\Users\lucab_000\AppData\Roaming\systweak\Advanced System Protector\Update.ini, In Quarantäne, [dd186dea5b208aac2c051a60ad550bf5], 
PUP.Optional.AdvancedSystemProtector.A, C:\Users\lucab_000\AppData\Roaming\systweak\Advanced System Protector\2.1.1000.12580\ASPLog.txt, In Quarantäne, [dd186dea5b208aac2c051a60ad550bf5], 
PUP.Optional.SevereWeatherAlerts, C:\Users\lucab_000\AppData\Local\Weather_Notifications,_LL\SevereWeatherAlerts.exe_Url_lmkrdkx4bugjd51ue1zb4i1akoqdmb2k\1.21.0.0\user.config, In Quarantäne, [85707ed902792610dbdd2d4da45eb44c], 
PUP.Optional.MoviesToolBar.A, C:\Program Files (x86)\Movies Toolbar\SafetyNut\del_DM_LL_nsy93D.dll, In Quarantäne, [d421fa5d7dfe8fa707c5e29846bc3dc3], 
PUP.Optional.MoviesToolBar.A, C:\Program Files (x86)\Movies Toolbar\SafetyNut\x64\del_DM_LL_nsy93D.dll, In Quarantäne, [d421fa5d7dfe8fa707c5e29846bc3dc3], 
PUP.Optional.RegCleanerPro.A, C:\Users\lucab_000\AppData\Roaming\systweak\RegClean Pro\Version 6.1\bl.txt, In Quarantäne, [0beae86fbcbf6bcb6f621664c53d58a8], 
PUP.Optional.RegCleanerPro.A, C:\Users\lucab_000\AppData\Roaming\systweak\RegClean Pro\Version 6.1\German_rcp.dat, In Quarantäne, [0beae86fbcbf6bcb6f621664c53d58a8], 
PUP.Optional.RegCleanerPro.A, C:\Users\lucab_000\AppData\Roaming\systweak\RegClean Pro\Version 6.1\log_02-03-2014.log, In Quarantäne, [0beae86fbcbf6bcb6f621664c53d58a8], 
PUP.Optional.Wajam.A, C:\Users\lucab_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam\uninstall.lnk, In Quarantäne, [2cc9d1865f1c7bbb9c3593e847bbcb35], 
PUP.Optional.SavingsBull.A, C:\Program Files\SavingsBull\uninstaller.exe, In Quarantäne, [01f479de87f4ec4ab89f6d111be76997], 
PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\background.js, In Quarantäne, [cd281a3d94e756e0fa5d196546bc42be], 
PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\bootstrap.js, In Quarantäne, [cd281a3d94e756e0fa5d196546bc42be], 
PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\CustomActionInstall, In Quarantäne, [cd281a3d94e756e0fa5d196546bc42be], 
PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\CustomActionUninstall, In Quarantäne, [cd281a3d94e756e0fa5d196546bc42be], 
PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\icon128.png, In Quarantäne, [cd281a3d94e756e0fa5d196546bc42be], 
PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\icon16.png, In Quarantäne, [cd281a3d94e756e0fa5d196546bc42be], 
PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\icon32.png, In Quarantäne, [cd281a3d94e756e0fa5d196546bc42be], 
PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\icon48.png, In Quarantäne, [cd281a3d94e756e0fa5d196546bc42be], 
PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\icon64.png, In Quarantäne, [cd281a3d94e756e0fa5d196546bc42be], 
PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\icon8.png, In Quarantäne, [cd281a3d94e756e0fa5d196546bc42be], 
PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\IEOptimizer64.dll, In Quarantäne, [cd281a3d94e756e0fa5d196546bc42be], 
PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\manifest.json, In Quarantäne, [cd281a3d94e756e0fa5d196546bc42be], 
PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\marcopolo.js, In Quarantäne, [cd281a3d94e756e0fa5d196546bc42be], 
PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\Microsoft.Deployment.WindowsInstaller.dll, In Quarantäne, [cd281a3d94e756e0fa5d196546bc42be], 
PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\Microsoft.Deployment.WindowsInstaller.xml, In Quarantäne, [cd281a3d94e756e0fa5d196546bc42be], 
PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\SendJson.dll, In Quarantäne, [cd281a3d94e756e0fa5d196546bc42be], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\bootstrap.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\harness-options.json, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\icon.png, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\install.rdf, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\locales.json, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\defaults\preferences\prefs.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\addon-kit\lib\page-mod.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\addon-kit\lib\private-browsing.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\addon-kit\lib\request.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\addon-kit\lib\windows.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\observer-service.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\api-utils.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\base64.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\byte-streams.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\collection.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\content.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\cortex.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\cuddlefish.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\deprecate.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\environment.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\errors.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\events.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\file.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\functional.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\globals.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\heritage.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\hidden-frame.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\light-traits.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\list.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\loader.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\match-pattern.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\memory.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\namespace.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\plain-text-console.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\preferences-service.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\promise.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\querystring.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\runtime.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\sandbox.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\self.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\system.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\text-streams.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\timer.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\traceback.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\traits.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\unload.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\url.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\uuid.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\window-utils.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\xhr.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\xpcom.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\xul-app.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\event\core.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\event\target.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\addon\runner.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\content\content-proxy.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\content\content-worker.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\content\loader.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\content\symbiont.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\content\worker.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\dom\events.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\events\assembler.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\l10n\core.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\l10n\html.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\l10n\loader.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\l10n\locale.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\l10n\prefs.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\private-browsing\utils.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\system\events.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\tabs\events.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\tabs\observer.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\tabs\tab.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\tabs\utils.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\traits\core.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\utils\data.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\utils\object.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\utils\registry.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\utils\thumbnail.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\window\utils.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\windows\dom.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\windows\loader.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\windows\observer.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\windows\tabs.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\SavingsBull\data\icon64.png, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.SavingsBull.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\extensions\SavingsBull@jetpack\resources\SavingsBull\lib\main.js, In Quarantäne, [649107506912f64039f8b9c7867c11ef], 
PUP.Optional.CertifiedTB.A, C:\Users\janab_000\AppData\Roaming\Mozilla\Firefox\Profiles\vyus5trv.default\prefs.js, Gut: (), Schlecht: (user_pref("keyword.URL", "hxxp://search.certified-toolbar.com?si=66807&tid=6724&ver=4.8&ts=1379973600000.000007&tguid=66807-6724-1380048835603-F3A081E4A0B2AA1CFB486DCA05041F61&st=chrome&q=");), Ersetzt,[dc19afa891ea44f2c57996f7b64e2ad6]
PUP.Optional.SnapDo.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\prefs.js, Gut: (), Schlecht: (user_pref("browser.newtab.url", "hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnmBFfXNpYai-qrtzE90kMBmXNl4gAaZMcLIvQpNVIgPZqao-gxLk2B-2mGBW83JexLMeyRYds5CgAw-U6s6H3AlrzkJXgXnrvO7nfsC3nVY8ZwUMadsuiiumcvHgPNrUv1LWx_dCAItWLpgH6XzwrDqVQzc,");), Ersetzt,[738291c62a51b581993f98f444c013ed]
PUP.Optional.SnapDo.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\prefs.js, Gut: (), Schlecht: (user_pref("keyword.URL", "hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnmBFfXNpYai-qrtzE90kMBmXNl4gAaZMcLIvQpNVIgPZqao-gxLk2B-2mGBW83JexLMeyRYds5CgAw-U6s6H3AlrzkJXi7AutAqLgXOpaoJlNTNaJI45UBu67pFLmHMM1YzCvglGrDnYx_gvXT81NFGxRdM,&q=");), Ersetzt,[26cffd5a7cffd75fd009eaa2669e5ea2]
PUP.Optional.CrossRider.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.crossrider.bic", "141512fc7accc3e0223d77ef7c4daee1");), Ersetzt,[4baac98ec8b35bdbb03091fbb54f6c94]
PUP.Optional.Snapdo.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\prefs.js, Gut: (), Schlecht: (user_pref("browser.startup.homepage", "hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnmBFfXNpYai-qrtzE90kMBmXNl4gAaZMcLIvQpNVIgPZqao-gxLk2B-2mGBW83JexLMeyRYds5CgAw-U6s6H3AlrzkJXh-K8R1XRQ-jiQfqMTWwQqzARAjmGBQIkI1Js_N-nDjNv3aS8tz8LGq3qWdGDPlI,|hxxp://www.giga.de/androidnews/");), Ersetzt,[40b577e046359e9856d43e4f56aee41c]
PUP.Optional.Conduit.A, C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\prefs.js, Gut: (), Schlecht: (user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3312329&CUI=UN27037197793128317&UM=2&SearchSource=3&q={searchTerms}");), Ersetzt,[03f244138dee0a2c0c49bcd1c4403ac6]

Physische Sektoren: 0
(No malicious items detected)


(end)

Luca Bley · 31.05.2014, 20:39

Code:

ATTFilter

# AdwCleaner v3.211 - Bericht erstellt am 31/05/2014 um 21:17:31
# Aktualisiert 26/05/2014 von Xplode
# Betriebssystem : Windows 8  (64 bits)
# Benutzername : lucab_000 - LUCA
# Gestartet von : C:\Users\lucab_000\Desktop\adwcleaner_3.211.exe
# Option : Löschen

***** [ Dienste ] *****

[#] Dienst Gelöscht : bupService

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\BitGuard
Ordner Gelöscht : C:\ProgramData\Browser Manager
Ordner Gelöscht : C:\ProgramData\BrowserProtect
Ordner Gelöscht : C:\ProgramData\Iminent
Ordner Gelöscht : C:\ProgramData\Systweak
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\pc speed up
Ordner Gelöscht : C:\Program Files (x86)\Movies Toolbar
Ordner Gelöscht : C:\Program Files (x86)\Common Files\Umbrella
Ordner Gelöscht : C:\Windows\Installer\{6DDE8071-E4BA-461B-8A96-990DFAA0EBD1}
Ordner Gelöscht : C:\Users\janab_000\AppData\LocalLow\DataMngr
Ordner Gelöscht : C:\Users\janab_000\AppData\LocalLow\HomeTab
Ordner Gelöscht : C:\Users\janab_000\AppData\LocalLow\SimplyTech
Ordner Gelöscht : C:\Users\lucab_000\AppData\LocalLow\DataMngr
Ordner Gelöscht : C:\Users\lucab_000\AppData\LocalLow\Smartbar
Ordner Gelöscht : C:\Users\lucab_000\AppData\Roaming\BupSystem
Ordner Gelöscht : C:\Users\lucab_000\AppData\Roaming\Optimizer Pro
Ordner Gelöscht : C:\Users\lucab_000\AppData\Roaming\SeeSimilar
Ordner Gelöscht : C:\Users\lucab_000\AppData\Roaming\System Speedup
Ordner Gelöscht : C:\Users\lucab_000\AppData\Roaming\Systweak
Ordner Gelöscht : C:\Users\lucab_000\AppData\Roaming\Uniblue
Ordner Gelöscht : C:\Users\lucab_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
Ordner Gelöscht : C:\Users\lucab_000\Documents\PC Speed Maximizer
Ordner Gelöscht : C:\Users\lucab_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkcedibhemacmilmkpndpkoidlnmgngg
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\browser\nsprotector.js
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\Ask.xml
Datei Gelöscht : C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\user.js
Datei Gelöscht : C:\Windows\System32\Tasks\Advanced System Protector
Datei Gelöscht : C:\Windows\System32\Tasks\Advanced System Protector_startup
Datei Gelöscht : C:\Windows\System32\Tasks\RegClean Pro
Datei Gelöscht : C:\Windows\System32\Tasks\SpeedUpMyPC

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\mkcedibhemacmilmkpndpkoidlnmgngg
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.bandobjectattribute
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.dockingpanel
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbarbandobject
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.smartbardisplaystate
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.smartbarmenuform
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\HomeTab_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\HomeTab_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\smartbar_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\smartbar_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\updateWebSparkle_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\updateWebSparkle_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\mypc backup
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{01994268-3C10-4044-A1EA-7A9C1B739A11}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02C9C7B0-C7C8-4AAC-A9E4-55295BF60F8F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{0398B101-6DA7-473F-A290-17D2FBC88CC0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{0CC36196-8589-4B80-A771-D659411D7F90}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{143D96F9-EB64-48B3-B192-91C2C41A1F43}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{14F7D91F-F669-45C9-9F42-BACBFDB86EAD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{187A6488-6E71-4A2A-B118-7BEFBFE58257}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{2D065204-A024-4C39-8A38-EE7078EC7ACF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{30F5476C-677B-4DB0-B397-51F5BFD86840}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3223F2FB-D9B9-45FC-9D66-CD717FFA4EE5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{351798B1-C1D2-45AB-92B4-4D6C2D6AB5AF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3AEA1BEF-6195-46F4-ACA2-0ED14F7EFA1B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3D7F9AC3-BAC3-4E51-81D7-D121D79E550A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4498C5E9-93C6-4142-B6BE-F0C6DC48B77A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{479BF2D6-E362-4A99-B1AB-BC764D7B97AE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{492A108F-51D0-4BD8-899D-AD4AB2893064}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4B6D6E60-FBD2-4E79-BF4B-886BC98F1797}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5C176BA0-6FC0-4EBD-8ACF-24AC592506B6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{60893E02-2E5B-43F9-A93A-BAD60C2DF6EF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6D39931F-451E-4BDD-BAF4-37FB96DBBA5D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{76C684D2-C35D-4284-976A-D862F53ADB81}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{796D822A-C3F9-4A97-BAAB-42FE7628EA63}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{79EF3691-EC1A-4705-A01A-D2E36EC11758}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{82F41418-8E64-47EB-A7F1-4702A974D289}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{85D920CE-63A7-46DC-8992-41D1D2E07FAD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{895ED5E8-ABB4-40C3-A0CA-2571964268E2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{8AAC123A-1959-4A45-BFC5-E2D50783098A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A07956CD-81F8-4A03-B524-5D87E690DC83}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{B5E3B26B-6E5C-4865-A63D-58D04B10E245}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{B84D2DC5-42B2-4E5E-BF61-7B48152FF8EF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{B89D5309-0367-4494-A92F-3D4C94F88307}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{B89F5C49-51DB-4974-AB5A-E25901AA339C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C014EBF8-8854-448B-B5A4-557C4090EDCE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C31191DB-2F64-464C-B97C-6AC81ACB7AAC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C342C7A7-F622-4EF3-8B7F-ABB9FBE73F14}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C4765B07-BC2F-477B-925C-B2BF24887823}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C875C0A1-09E3-48D5-9F8E-BD337796FD14}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CD126DA6-FF5B-4181-AC13-54A62240D2FA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{DD438708-AAB4-422D-A322-B619589F5680}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E812AE43-7799-4E67-8CF8-4104297A2D16}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E9B5B0D2-D08A-49FC-8B5C-159B60BAA268}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F0BAAEC7-9AE0-49FF-9C4B-86E774FF397F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F92193FD-2243-4401-9ACC-49FF30885898}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FD21B8A2-910B-45AC-9C10-45E6A8B84984}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220322962280}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220422152254}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550355965580}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550455155554}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660366966680}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660466156654}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{A9CAF365-EA35-45DA-BD8B-2EFA09D374AC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CFD485F0-96BD-47CD-BB6D-CD7DDA95F102}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{5C176BA0-6FC0-4EBD-8ACF-24AC592506B6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220322962280}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220422152254}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550355965580}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550455155554}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660366966680}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660466156654}
Wert Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Schlüssel Gelöscht : HKCU\Software\installedbrowserextensions
Schlüssel Gelöscht : HKCU\Software\InstalledThirdPartyPrograms
Schlüssel Gelöscht : HKCU\Software\lollipop
Schlüssel Gelöscht : HKCU\Software\Optimizer Pro
Schlüssel Gelöscht : HKCU\Software\powerpack
Schlüssel Gelöscht : HKCU\Software\simplytech
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\Somoto
Schlüssel Gelöscht : HKCU\Software\systweak
Schlüssel Gelöscht : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software
Schlüssel Gelöscht : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Schlüssel Gelöscht : HKLM\Software\SafetyNut
Schlüssel Gelöscht : HKLM\Software\Speedchecker Limited
Schlüssel Gelöscht : HKLM\Software\systweak
Schlüssel Gelöscht : HKLM\Software\Uniblue
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{6DDE8071-E4BA-461B-8A96-990DFAA0EBD1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Systweak_Ad~B9F029BF_is1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RegClean Pro_is1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\InstalledThirdPartyPrograms
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\LevelQualityWatcher
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Speedchecker Limited
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Features\1708EDD6AB4EB164A86999D0AF0ABE1D
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Products\1708EDD6AB4EB164A86999D0AF0ABE1D

***** [ Browser ] *****

-\\ Internet Explorer v10.0.9200.16537

Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [Search Bar]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [Search Page]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Search Bar]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Search Page]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [(Default)]

-\\ Mozilla Firefox v28.0 (de)

[ Datei : C:\Users\janab_000\AppData\Roaming\Mozilla\Firefox\Profiles\vyus5trv.default\prefs.js ]

Zeile gelöscht : user_pref("browser.search.defaultengine", "Web Search");
Zeile gelöscht : user_pref("browser.search.defaultenginename", "Web Search");
Zeile gelöscht : user_pref("browser.search.order.1", "Web Search");

[ Datei : C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\prefs.js ]

Zeile gelöscht : user_pref("CT3312329.FF19Solved", "true");
Zeile gelöscht : user_pref("CT3312329.UserID", "UN27037197793128317");
Zeile gelöscht : user_pref("CT3312329.browser.search.defaultthis.engineName", "true");
Zeile gelöscht : user_pref("CT3312329.fullUserID", "UN27037197793128317.IN.20131021205026");
Zeile gelöscht : user_pref("CT3312329.installDate", "21/10/2013 20:50:28");
Zeile gelöscht : user_pref("CT3312329.installSessionId", "{8C1CF3F4-503C-4135-8789-23C093E2BD0B}");
Zeile gelöscht : user_pref("CT3312329.installSp", "TRUE");
Zeile gelöscht : user_pref("CT3312329.installerVersion", "1.7.1.7");
Zeile gelöscht : user_pref("CT3312329.keyword", "true");
Zeile gelöscht : user_pref("CT3312329.originalHomepage", "about:home");
Zeile gelöscht : user_pref("CT3312329.originalSearchAddressUrl", "hxxp://search.certified-toolbar.com?si=66807&tid=6724&ver=4.7&ts=1379973600000.000007&tguid=66807-6724-1380048835603-F3A081E4A0B2AA1CFB486DCA05041F61&s[...]
Zeile gelöscht : user_pref("CT3312329.originalSearchEngine", "Web Search");
Zeile gelöscht : user_pref("CT3312329.originalSearchEngineName", "Web Search");
Zeile gelöscht : user_pref("CT3312329.searchRevert", "false");
Zeile gelöscht : user_pref("CT3312329.searchUserMode", "2");
Zeile gelöscht : user_pref("CT3312329.smartbar.homepage", "true");
Zeile gelöscht : user_pref("CT3312329.versionFromInstaller", "10.20.3.20");
Zeile gelöscht : user_pref("CT3312329.xpeMode", "0");
Zeile gelöscht : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "hxxp://search.certified-toolbar.com?si=66807&tid=6724&ver=4.7&ts=1379973600000.000007&tguid=66807-6724-1380048835603-F3A081E4A0B2AA1CFB486DCA05041F6[...]
Zeile gelöscht : user_pref("browser.search.defaultengine", "Web Search");
Zeile gelöscht : user_pref("browser.search.defaultenginename", "Web Search");
Zeile gelöscht : user_pref("browser.search.defaultthis.engineName", "appbarioDE 1 Customized Web Search");
Zeile gelöscht : user_pref("browser.search.order.1", "Web Search");
Zeile gelöscht : user_pref("browser.search.selectedEngine", "Web Search");
Zeile gelöscht : user_pref("extensions.helperbar.BackPageActive", true);
Zeile gelöscht : user_pref("extensions.helperbar.DockingPositionDown", false);
Zeile gelöscht : user_pref("extensions.helperbar.LastHiddenTime", 23284724);
Zeile gelöscht : user_pref("extensions.helperbar.SmartbarDisabled", true);
Zeile gelöscht : user_pref("extensions.helperbar.SmartbarStateMinimaized", false);
Zeile gelöscht : user_pref("extensions.helperbar.Visibility", true);
Zeile gelöscht : user_pref("extensions.helperbar.backPageCapacity", 3);
Zeile gelöscht : user_pref("extensions.helperbar.backPageCounter", 0);
Zeile gelöscht : user_pref("extensions.helperbar.backPageDay", 10);
Zeile gelöscht : user_pref("extensions.helperbar.backPageLastEvent", "1396910485988");
Zeile gelöscht : user_pref("extensions.helperbar.backPageMinInterval", 15);
Zeile gelöscht : user_pref("extensions.helperbar.barcodeid", "127891");
Zeile gelöscht : user_pref("extensions.helperbar.countryiso", "de");
Zeile gelöscht : user_pref("extensions.helperbar.downloadprovider", "ry_4867_ch");
Zeile gelöscht : user_pref("extensions.helperbar.externalJsFiles", "{\"d\":\"[{\\\"ExcludeDomains\\\":[\\\"snap.do\\\",\\\"snapdo.com\\\"],\\\"hxxpInjection\\\":\\\"hxxp:\\\\\\/\\\\\\/www.superfish.com\\\\\\/ws\\\\\\/[...]
Zeile gelöscht : user_pref("extensions.helperbar.fromautoupdate", "false");
Zeile gelöscht : user_pref("extensions.helperbar.installationid", "8949b2c0-7341-e425-67ac-7812aff468c3");
Zeile gelöscht : user_pref("extensions.helperbar.installdate", "09/04/2014");
Zeile gelöscht : user_pref("extensions.helperbar.keepAliveLastevent", "1397083284");
Zeile gelöscht : user_pref("extensions.helperbar.lastExternalJsUpdate", "1397083439903");
Zeile gelöscht : user_pref("extensions.helperbar.publisher", "shoppinghelper");
Zeile gelöscht : user_pref("extensions.kango.storage.m2_k1", "0");
Zeile gelöscht : user_pref("extensions.kango.storage.m2_k2", "0");
Zeile gelöscht : user_pref("extensions.kango.storage.m2_k3", "0");
Zeile gelöscht : user_pref("extensions.kango.storage.m2_k4", "1380704885454");
Zeile gelöscht : user_pref("extensions.kango.storage.m2_k5", "1380571143638");
Zeile gelöscht : user_pref("extensions.kango.storage.minibar.config", "{\"name\":\"AppsHat\",\"description\":\"AppsHat\",\"button\":{\"tooltip\":\"Visit AppsHat.com\",\"icon\":\"hxxp://www.bigspeedpro.com/button/%affi[...]
Zeile gelöscht : user_pref("extensions.kango.storage.nero_options", "\"{\\\"m1\\\":{\\\"ads\\\":{\\\"n1\\\":{\\\"url\\\":\\\"//ulayout.com/nero/hatter/google_post_results_728x90.html?aff_slug=appshat\\\",\\\"width\\\"[...]
Zeile gelöscht : user_pref("extensions.kango.storage.ui.button.iconCache", "\"data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABMAAAATCAYAAAByUDbMAAADlElEQVQ4jb3S3U9adxwG8F/BuooQAQscXj0cOIC8nANUPYjoHDClvqAoZ04gpqsZKmrUV[...]
Zeile gelöscht : user_pref("iminent.LayoutId", "1");
Zeile gelöscht : user_pref("iminent.ShowThankyouPixel", "0");
Zeile gelöscht : user_pref("iminent.adapters", "{\"youtube\":{\"CountryCode\":\"DE\",\"NoAds\":false,\"Status\":1,\"expireTime\":\"1385918243552259200\"},\"zippyshare\":{\"CountryCode\":\"DE\",\"NoAds\":false,\"Status[...]
Zeile gelöscht : user_pref("iminent.newtabredirect", "false");
Zeile gelöscht : user_pref("iminent.registerToolbarEvent101", "1386014894836");
Zeile gelöscht : user_pref("iminent.registerToolbarEvent102", "1386010012215");
Zeile gelöscht : user_pref("iminent.registerToolbarEvent140", "1386010063271");
Zeile gelöscht : user_pref("iminent.searchindex", "1");
Zeile gelöscht : user_pref("iminent.version", "7.48.1.1");
Zeile gelöscht : user_pref("iminent.versioning", "{\"CurrentVersion\":\"7.48.1.1\",\"InstallEventCTime\":1386015067291}");
Zeile gelöscht : user_pref("smartbar.addressBarOwnerCTID", "CT3312329");
Zeile gelöscht : user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT3312329&CUI=UN27037197793128317&UM=2&SearchSource=13");
Zeile gelöscht : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3312329&SearchSource=2&CUI=UN27037197793128317&UM=2&q=");
Zeile gelöscht : user_pref("smartbar.defaultSearchOwnerCTID", "CT3312329");
Zeile gelöscht : user_pref("smartbar.homePageOwnerCTID", "CT3312329");
Zeile gelöscht : user_pref("smartbar.machineId", "JXCLHZLFW6VXY7BQJIRB53XGYGXSAEMDQWTHXLNC29ATNDPCYONXULSRNE24HZBK/NCPFURQWCO884MDK90IKA");

-\\ Google Chrome v35.0.1916.114

[ Datei : C:\Users\lucab_000\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gelöscht [Extension] : mkcedibhemacmilmkpndpkoidlnmgngg

*************************

AdwCleaner[R0].txt - [31944 octets] - [31/05/2014 21:16:17]
AdwCleaner[R1].txt - [32033 octets] - [31/05/2014 21:17:09]
AdwCleaner[S0].txt - [331 octets] - [31/05/2014 21:16:52]
AdwCleaner[S1].txt - [30102 octets] - [31/05/2014 21:17:31]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [30163 octets] ##########

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 8 x64
Ran by lucab_000 on 31.05.2014 at 21:23:05,79
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services

Successfully stopped: [Service] update websparkle 
Successfully deleted: [Service] update websparkle 



~~~ Registry Values



~~~ Registry Keys



~~~ Files

Successfully deleted: [File] "C:\Users\lucab_000\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\speedupmypc.lnk"



~~~ Folders



~~~ FireFox

Successfully deleted: [File] C:\user.js
Emptied folder: C:\Users\lucab_000\AppData\Roaming\mozilla\firefox\profiles\da5ngcuz.default\minidumps [9 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 31.05.2014 at 21:28:31,94
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

FRST Logfile:

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-05-2014 02
Ran by lucab_000 (administrator) on LUCA on 31-05-2014 21:29:02
Running from C:\Users\lucab_000\Desktop
Platform: Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(Spotify Ltd) C:\Users\lucab_000\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
() C:\Users\lucab_000\AppData\Roaming\SystemMn\bin\SystemMn.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-07-22] (IDT, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916152 2012-08-24] (Synaptics Incorporated)
HKLM\...\Run: [MouseDriver] => C:\Windows\system32\TiltWheelMouse.exe [241152 2013-04-09] (Pixart Imaging Inc)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-08-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491320 2012-07-26] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [580512 2012-07-09] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HP CoolSense] => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1342008 2011-08-26] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [spup] => C:\Users\lucab_000\AppData\Roaming\ShinyProfile\spup.exe [197664 2013-07-10] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-322448050-4293528468-1955477807-1001\...\Run: [Spotify] => C:\Users\lucab_000\AppData\Roaming\Spotify\spotify.exe [6118400 2014-02-05] (Spotify Ltd)
HKU\S-1-5-21-322448050-4293528468-1955477807-1001\...\Run: [Spotify Web Helper] => C:\Users\lucab_000\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171968 2014-02-05] (Spotify Ltd)
HKU\S-1-5-21-322448050-4293528468-1955477807-1001\...\Run: [SystemMn] => C:\Users\lucab_000\AppData\Roaming\SystemMn\bin\SystemMn.exe [149504 2014-02-05] ()
HKU\S-1-5-21-322448050-4293528468-1955477807-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)
Startup: C:\Users\lucab_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPNOT13/4
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT13/4
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:newtab
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
SearchScopes: HKLM - {52db1893-8a90-4192-aede-08e00b8f8473} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=103&systemid=473&v=a9397-150&apn_uid=5704526191014023&apn_dtid=BND473&o=APN10640&apn_ptnrs=AG1&q={searchTerms}
SearchScopes: HKLM - {69E1476A-58EF-4583-BA7A-04B8D42B7497} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: ShinyProfile Class - {C8B7D03D-30D7-493A-95E5-6547E2FAC2FE} - C:\Users\lucab_000\AppData\Roaming\ShinyProfile\shinyprofile.dll (TODO: <Company name>)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 - C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Widget context - C:\Users\lucab_000\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{140A2D0E-85CC-4ed3-9BA5-8FA35DA7FABA}.xpi [2013-12-22]
FF Extension: Amazon-Icon - C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\Extensions\amazon-icon@giga.de [2014-04-14]
FF Extension: Securita Scout - C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\Extensions\isec@securitascout.com [2014-04-21]
FF Extension: Adblock Plus - C:\Users\lucab_000\AppData\Roaming\Mozilla\Firefox\Profiles\da5ngcuz.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-02-10]
FF HKCU\...\Firefox\Extensions: [{34756c3b-373e-4820-8ad0-0354e654ed07}] - C:\Program Files (x86)\Re-markit\135.xpi

Chrome: 
=======
CHR HomePage: 
CHR Extension: (Google Wallet) - C:\Users\lucab_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-14]

==================== Services (Whitelisted) =================

S3 BRSptSvc; C:\ProgramData\BitRaider\BRSptSvc.exe [477960 2014-03-31] (BitRaider, LLC)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2266296 2014-05-16] (Microsoft Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-05-31] ()
R2 RzKLService; C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe [106472 2013-09-18] (Razer Inc.)
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [759192 2013-09-03] (Tunngle.net GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)
S2 IconMan_R; "C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe" [X]
S3 OverwolfUpdaterService; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [X]

==================== Drivers (Whitelisted) ====================

R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [35496 2012-07-10] (Advanced Micro Devices, Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [29696 2012-09-20] (Microsoft Corporation)
S3 BRDriver64; C:\ProgramData\BitRaider\BRDriver64.sys [75048 2014-04-02] (BitRaider)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-05-31] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2014-05-12] (Malwarebytes Corporation)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-08-24] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-24] (Synaptics Incorporated)
R3 tap0901t; C:\Windows\system32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
S3 t_mouse.sys; C:\Windows\system32\DRIVERS\t_mouse.sys [6144 2013-04-09] ()
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20288 2012-08-03] (Hewlett-Packard Development Company, L.P.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
U3 DfSdkS; 
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 RSP2STOR; \SystemRoot\system32\DRIVERS\RtsP2Stor.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-31 21:28 - 2014-05-31 21:28 - 00001024 _____ () C:\Users\lucab_000\Desktop\JRT.txt
2014-05-31 21:22 - 2014-05-31 21:22 - 01016261 _____ (Thisisu) C:\Users\lucab_000\Desktop\JRT.exe
2014-05-31 21:22 - 2014-05-31 21:22 - 00000000 ____D () C:\Windows\ERUNT
2014-05-31 21:16 - 2014-05-31 21:17 - 00000000 ____D () C:\AdwCleaner
2014-05-31 21:16 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-05-31 21:14 - 2014-05-31 21:15 - 01327971 _____ () C:\Users\lucab_000\Desktop\adwcleaner_3.211.exe
2014-05-31 21:10 - 2014-05-31 21:10 - 00091147 _____ () C:\Users\lucab_000\Desktop\mbam.txt
2014-05-31 20:50 - 2014-05-31 21:20 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-31 20:49 - 2014-05-31 20:49 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-05-31 20:49 - 2014-05-31 20:49 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-31 20:49 - 2014-05-31 20:49 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-05-31 20:49 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-31 20:49 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-31 20:49 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-31 20:48 - 2014-05-31 20:48 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\lucab_000\Desktop\mbam-setup-2.0.2.1012.exe
2014-05-31 15:20 - 2014-05-31 15:20 - 00000000 ____D () C:\Users\lucab_000\Documents\Battlefield 3
2014-05-31 15:19 - 2014-05-31 15:19 - 00000000 ____D () C:\Users\lucab_000\AppData\Local\ESN
2014-05-31 15:18 - 2014-05-31 15:18 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2014-05-31 15:17 - 2014-05-31 15:18 - 02247960 _____ () C:\Users\lucab_000\Downloads\battlelog-web-plugins_2.4.0_141.exe
2014-05-31 14:38 - 2014-05-31 18:30 - 00290184 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-05-31 14:38 - 2014-05-31 15:25 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-05-31 14:38 - 2014-05-31 14:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 3
2014-05-29 20:50 - 2014-05-29 20:50 - 10983288 _____ (Wargaming.net ) C:\Users\lucab_000\Downloads\WoT_internet_install_ct.exe
2014-05-29 17:29 - 2014-05-29 17:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2014-05-29 16:19 - 2014-05-29 16:19 - 00026447 _____ () C:\Users\lucab_000\Desktop\ComboFix.txt
2014-05-29 16:10 - 2014-05-31 21:19 - 00552372 _____ () C:\Windows\PFRO.log
2014-05-28 16:00 - 2014-05-29 16:19 - 00000000 ____D () C:\Qoobox
2014-05-28 16:00 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-05-28 16:00 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-05-28 16:00 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-05-28 16:00 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-05-28 16:00 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-05-28 16:00 - 2000-08-31 02:00 - 00212480 _____ (SteelWerX) C:\Windows\SWXCACLS.exe
2014-05-28 16:00 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-05-28 16:00 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-05-28 16:00 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-05-28 15:59 - 2014-05-29 16:16 - 00000000 ____D () C:\Windows\erdnt
2014-05-28 15:48 - 2014-05-28 15:48 - 05203612 ____R (Swearware) C:\Users\lucab_000\Desktop\ComboFix.exe
2014-05-28 15:16 - 2014-05-28 15:16 - 00001264 _____ () C:\Users\lucab_000\Desktop\Revo Uninstaller.lnk
2014-05-28 15:16 - 2014-05-28 15:16 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-05-28 15:15 - 2014-05-28 15:15 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\lucab_000\Desktop\revosetup95.exe
2014-05-26 21:53 - 2014-05-26 21:53 - 00000000 ____D () C:\ProgramData\PopCap Games
2014-05-26 21:53 - 2014-05-26 21:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pflanzen gegen Zombies
2014-05-26 21:53 - 2014-05-26 21:53 - 00000000 ____D () C:\ProgramData\EA Core
2014-05-26 21:51 - 2014-05-31 14:37 - 00035254 _____ () C:\Windows\DirectX.log
2014-05-26 19:46 - 2014-05-26 19:46 - 00042737 _____ () C:\Users\lucab_000\Desktop\Addition.txt
2014-05-26 19:45 - 2014-05-31 21:29 - 00015586 _____ () C:\Users\lucab_000\Desktop\FRST.txt
2014-05-26 19:45 - 2014-05-31 21:28 - 00000000 ____D () C:\FRST
2014-05-26 19:44 - 2014-05-26 19:44 - 02066944 _____ (Farbar) C:\Users\lucab_000\Desktop\FRST64.exe
2014-05-25 20:55 - 2014-05-31 21:18 - 01646181 _____ () C:\Windows\WindowsUpdate.log
2014-05-25 12:10 - 2014-05-31 20:58 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-05-25 12:09 - 2014-05-25 12:09 - 01141680 _____ () C:\Users\lucab_000\Downloads\Steamv13Setup.exe
2014-05-17 21:11 - 2014-05-17 21:11 - 00466520 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll
2014-05-17 21:11 - 2014-05-17 21:11 - 00445016 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll
2014-05-17 21:11 - 2014-05-17 21:11 - 00123480 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll
2014-05-17 21:11 - 2014-05-17 21:11 - 00109144 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll
2014-05-17 21:11 - 2014-05-17 21:11 - 00000000 ____D () C:\Program Files (x86)\OpenAL
2014-05-11 09:54 - 2008-05-05 09:40 - 00344064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr70.dll
2014-05-11 09:54 - 2006-10-19 19:05 - 01060864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71.dll

==================== One Month Modified Files and Folders =======

2014-05-31 21:29 - 2014-05-26 19:45 - 00015586 _____ () C:\Users\lucab_000\Desktop\FRST.txt
2014-05-31 21:29 - 2014-05-26 19:45 - 00000000 ____D () C:\FRST
2014-05-31 21:28 - 2014-05-31 21:28 - 00001024 _____ () C:\Users\lucab_000\Desktop\JRT.txt
2014-05-31 21:22 - 2014-05-31 21:22 - 01016261 _____ (Thisisu) C:\Users\lucab_000\Desktop\JRT.exe
2014-05-31 21:22 - 2014-05-31 21:22 - 00000000 ____D () C:\Windows\ERUNT
2014-05-31 21:20 - 2014-05-31 20:50 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-31 21:20 - 2014-04-14 19:43 - 00001122 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-31 21:19 - 2014-05-29 16:10 - 00552372 _____ () C:\Windows\PFRO.log
2014-05-31 21:19 - 2012-07-26 09:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-31 21:18 - 2014-05-25 20:55 - 01646181 _____ () C:\Windows\WindowsUpdate.log
2014-05-31 21:17 - 2014-05-31 21:16 - 00000000 ____D () C:\AdwCleaner
2014-05-31 21:15 - 2014-05-31 21:14 - 01327971 _____ () C:\Users\lucab_000\Desktop\adwcleaner_3.211.exe
2014-05-31 21:11 - 2013-07-06 22:34 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-322448050-4293528468-1955477807-1001
2014-05-31 21:10 - 2014-05-31 21:10 - 00091147 _____ () C:\Users\lucab_000\Desktop\mbam.txt
2014-05-31 21:05 - 2012-07-26 07:26 - 01048576 ___SH () C:\Windows\system32\config\BBI
2014-05-31 21:02 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\sru
2014-05-31 20:58 - 2014-05-25 12:10 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-05-31 20:53 - 2014-04-14 19:43 - 00001126 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-31 20:49 - 2014-05-31 20:49 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-05-31 20:49 - 2014-05-31 20:49 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-31 20:49 - 2014-05-31 20:49 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-05-31 20:48 - 2014-05-31 20:48 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\lucab_000\Desktop\mbam-setup-2.0.2.1012.exe
2014-05-31 19:47 - 2013-07-06 23:58 - 00000000 ____D () C:\Users\lucab_000\AppData\Roaming\Skype
2014-05-31 18:30 - 2014-05-31 14:38 - 00290184 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-05-31 18:30 - 2013-09-10 17:10 - 00290184 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-05-31 18:30 - 2013-09-09 14:52 - 00280904 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-05-31 18:25 - 2014-02-01 01:12 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-05-31 18:17 - 2013-07-07 16:32 - 00000000 ____D () C:\Users\lucab_000\AppData\Roaming\.minecraft
2014-05-31 15:25 - 2014-05-31 14:38 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-05-31 15:20 - 2014-05-31 15:20 - 00000000 ____D () C:\Users\lucab_000\Documents\Battlefield 3
2014-05-31 15:20 - 2013-09-10 17:10 - 00000000 ____D () C:\Users\lucab_000\AppData\Local\PunkBuster
2014-05-31 15:19 - 2014-05-31 15:19 - 00000000 ____D () C:\Users\lucab_000\AppData\Local\ESN
2014-05-31 15:18 - 2014-05-31 15:18 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2014-05-31 15:18 - 2014-05-31 15:17 - 02247960 _____ () C:\Users\lucab_000\Downloads\battlelog-web-plugins_2.4.0_141.exe
2014-05-31 14:38 - 2014-05-31 14:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 3
2014-05-31 14:37 - 2014-05-26 21:51 - 00035254 _____ () C:\Windows\DirectX.log
2014-05-30 18:38 - 2014-02-01 01:12 - 00000000 ____D () C:\ProgramData\Origin
2014-05-29 23:29 - 2014-02-01 01:37 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-05-29 21:14 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-05-29 20:52 - 2013-07-26 18:14 - 00000000 ___HD () C:\Windows\msdownld.tmp
2014-05-29 20:52 - 2013-07-26 18:14 - 00000000 ____D () C:\Games
2014-05-29 20:50 - 2014-05-29 20:50 - 10983288 _____ (Wargaming.net ) C:\Users\lucab_000\Downloads\WoT_internet_install_ct.exe
2014-05-29 18:44 - 2012-09-08 06:44 - 00000000 ____D () C:\ProgramData\Norton
2014-05-29 18:01 - 2012-08-18 02:55 - 00830120 _____ () C:\Windows\system32\perfh007.dat
2014-05-29 18:01 - 2012-08-18 02:55 - 00188224 _____ () C:\Windows\system32\perfc007.dat
2014-05-29 18:01 - 2012-07-26 09:28 - 01949368 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-29 17:29 - 2014-05-29 17:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2014-05-29 17:12 - 2013-11-14 15:31 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-05-29 16:19 - 2014-05-29 16:19 - 00026447 _____ () C:\Users\lucab_000\Desktop\ComboFix.txt
2014-05-29 16:19 - 2014-05-28 16:00 - 00000000 ____D () C:\Qoobox
2014-05-29 16:17 - 2013-07-06 22:27 - 00000000 ___RD () C:\Users\lucab_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-29 16:16 - 2014-05-28 15:59 - 00000000 ____D () C:\Windows\erdnt
2014-05-29 16:11 - 2012-07-26 07:26 - 00000215 _____ () C:\Windows\system.ini
2014-05-29 16:10 - 2012-07-26 07:26 - 79691776 _____ () C:\Windows\system32\config\SOFTWARE.bak
2014-05-29 16:10 - 2012-07-26 07:26 - 41943040 _____ () C:\Windows\system32\config\SYSTEM.bak
2014-05-29 16:10 - 2012-07-26 07:26 - 00524288 _____ () C:\Windows\system32\config\DEFAULT.bak
2014-05-29 16:10 - 2012-07-26 07:26 - 00262144 _____ () C:\Windows\system32\config\SECURITY.bak
2014-05-29 16:10 - 2012-07-26 07:26 - 00139264 _____ () C:\Windows\system32\config\SAM.bak
2014-05-29 15:52 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-05-28 15:48 - 2014-05-28 15:48 - 05203612 ____R (Swearware) C:\Users\lucab_000\Desktop\ComboFix.exe
2014-05-28 15:16 - 2014-05-28 15:16 - 00001264 _____ () C:\Users\lucab_000\Desktop\Revo Uninstaller.lnk
2014-05-28 15:16 - 2014-05-28 15:16 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-05-28 15:15 - 2014-05-28 15:15 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\lucab_000\Desktop\revosetup95.exe
2014-05-27 16:44 - 2013-10-10 16:16 - 00000000 ____D () C:\ProgramData\Tunngle
2014-05-27 16:44 - 2013-09-01 15:44 - 00000000 ____D () C:\Users\lucab_000\AppData\Roaming\Tunngle
2014-05-26 21:53 - 2014-05-26 21:53 - 00000000 ____D () C:\ProgramData\PopCap Games
2014-05-26 21:53 - 2014-05-26 21:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pflanzen gegen Zombies
2014-05-26 21:53 - 2014-05-26 21:53 - 00000000 ____D () C:\ProgramData\EA Core
2014-05-26 21:53 - 2014-02-01 01:32 - 00000000 ____D () C:\Users\lucab_000\AppData\Local\Origin
2014-05-26 19:46 - 2014-05-26 19:46 - 00042737 _____ () C:\Users\lucab_000\Desktop\Addition.txt
2014-05-26 19:44 - 2014-05-26 19:44 - 02066944 _____ (Farbar) C:\Users\lucab_000\Desktop\FRST64.exe
2014-05-25 21:27 - 2013-07-06 22:17 - 00000000 ____D () C:\Users\lucab_000
2014-05-25 12:09 - 2014-05-25 12:09 - 01141680 _____ () C:\Users\lucab_000\Downloads\Steamv13Setup.exe
2014-05-19 19:29 - 2012-07-26 10:12 - 00000000 ___HD () C:\Windows\ELAMBKUP
2014-05-18 00:49 - 2013-12-11 22:51 - 00007597 _____ () C:\Users\lucab_000\AppData\Local\Resmon.ResmonCfg
2014-05-17 21:11 - 2014-05-17 21:11 - 00466520 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll
2014-05-17 21:11 - 2014-05-17 21:11 - 00445016 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll
2014-05-17 21:11 - 2014-05-17 21:11 - 00123480 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll
2014-05-17 21:11 - 2014-05-17 21:11 - 00109144 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll
2014-05-17 21:11 - 2014-05-17 21:11 - 00000000 ____D () C:\Program Files (x86)\OpenAL
2014-05-16 21:46 - 2012-08-17 17:26 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-05-12 07:26 - 2014-05-31 20:49 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-12 07:26 - 2014-05-31 20:49 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-12 07:25 - 2014-05-31 20:49 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-09 14:48 - 2014-04-14 19:43 - 00004098 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-09 14:48 - 2014-04-14 19:43 - 00003862 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-01 23:10 - 2014-03-31 20:17 - 00000000 ____D () C:\ProgramData\BitRaider

Files to move or delete:
====================
C:\Users\lucab_000\AppData\Roaming\EasyToolz.ini


Some content of TEMP:
====================
C:\Users\lucab_000\AppData\Local\temp\AskSLib.dll
C:\Users\lucab_000\AppData\Local\temp\Quarantine.exe
C:\Users\lucab_000\AppData\Local\temp\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}_NIS_10089.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-05-27 20:24

==================== End Of Log ============================

--- --- ---

--- --- ---

--- --- ---

Nochmal ne Frage

Seit dem mbam Scan kriege ich jedes mal wenn ich den Rechner hochfahre eine Meldung das irgendein Eintrag nicht gefunden werden kann.

Kann ich dass irgendwie weg bekommen, stört mich irgendwie etwas

.

schrauber · 01.06.2014, 21:55

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?

29.05.2014, 14:02	#8
schrauber /// the machine /// TB-Ausbilder	Avira Trojaner Meldung bei Steam start! (TR/Dropper.Gen) Rechtsklick auf den Schirm, dann beenden wählen __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

Avira Trojaner Meldung bei Steam start! (TR/Dropper.Gen)

Plagegeister aller Art und deren Bekämpfung: Avira Trojaner Meldung bei Steam start! (TR/Dropper.Gen)