Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Win 7 (64): Browser voller Toolbars, Startseite geändert, alles doppelt unterstrichen; MBAM startet nicht ...

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 03.07.2014, 16:00   #1
Riddle
 
Win 7 (64): Browser voller Toolbars, Startseite geändert, alles doppelt unterstrichen; MBAM startet nicht ... - Frage

Win 7 (64): Browser voller Toolbars, Startseite geändert, alles doppelt unterstrichen; MBAM startet nicht ...



Hallo zusammen,

auf ein Neues ... der Rechner eines Bekannten ... Bin mir noch nicht sicher, wo es überall "hakt".

ADWCleaner ist schon gelaufen; außerdem habe ich schon alle möglichen überflüssigen "Sicherheits-Tools" deinstalliert.

Scan mit Gmer, allerdings ohne die hier empfohlenen Einstellungen (habe ich zu spat gelesen).

FRST hat keine Addition.txt erstellt. ???

Danach sah einiges schon wieder besser aus, aber dass MBAM nicht korrekt läuft, macht mich stutzig. Das Programm startet zwar, bricht aber während des Aktualisierens ab. Abbruch erfolgt auch, wenn ich versuche ohne Update zu scannen. Das Gleiche abgesichert oder bei Chameleon.

Code:
ATTFilter
# AdwCleaner v3.214 - Bericht erstellt am 03/07/2014 um 13:23:06
# Aktualisiert 29/06/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Zxxx - Zxxx-PC
# Gestartet von : C:\Users\Zxxx\Desktop\Wartung\adwcleaner_3.214.exe
# Option : Suchen

***** [ Dienste ] *****

Dienst Gefunden : Update ResultsAlpha
Dienst Gefunden : Util ResultsAlpha

***** [ Dateien / Ordner ] *****

Datei Gefunden : C:\END
Datei Gefunden : C:\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv2.crx
Datei Gefunden : C:\Users\Zxxx\AppData\Roaming\Mozilla\Firefox\Profiles\807ywz5g.default\invalidprefs.js
Datei Gefunden : C:\Users\Zxxx\AppData\Roaming\Mozilla\Firefox\Profiles\807ywz5g.default\searchplugins\bingp.xml
Datei Gefunden : C:\Users\Zxxx\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_937869\searchplugins\Mysearchdial.xml
Datei Gefunden : C:\Users\Zxxx\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_937869\user.js
Datei Gefunden : C:\Users\Zxxx\Desktop\MySearchDial.url
Ordner Gefunden : C:\Program Files (x86)\Common Files\Spigot
Ordner Gefunden : C:\Program Files (x86)\Conduit
Ordner Gefunden : C:\Program Files (x86)\MyPC Backup
Ordner Gefunden : C:\Program Files (x86)\PC Speed Maximizer
Ordner Gefunden : C:\Program Files (x86)\Plus-HD-4.9
Ordner Gefunden : C:\Program Files (x86)\ResultsAlpha
Ordner Gefunden : C:\Program Files (x86)\SupTab
Ordner Gefunden : C:\Program Files (x86)\Uniblue
Ordner Gefunden : C:\Program Files (x86)\Uniblue\SpeedUpMyPC
Ordner Gefunden : C:\Program Files (x86)\Uninstaller
Ordner Gefunden : C:\ProgramData\Conduit
Ordner Gefunden : C:\ProgramData\IePluginService
Ordner Gefunden : C:\ProgramData\Kaspersky Lab\SafeBrowser
Ordner Gefunden : C:\ProgramData\WPM
Ordner Gefunden : C:\Users\Zxxx\AppData\Local\Conduit
Ordner Gefunden : C:\Users\Zxxx\AppData\Local\DownloadGuide
Ordner Gefunden : C:\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd
Ordner Gefunden : C:\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml
Ordner Gefunden : C:\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpiifgmgnfdiblgpaepbmfdkcheicgof
Ordner Gefunden : C:\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbcennhacfaagdopikcegfcobcadeocj
Ordner Gefunden : C:\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj
Ordner Gefunden : C:\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbaaieplnliapedmcbfgfijinolepige
Ordner Gefunden : C:\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbaaieplnliapedmcbfgfijinolepige
Ordner Gefunden : C:\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbaaieplnliapedmcbfgfijinolepige
Ordner Gefunden : C:\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbaaieplnliapedmcbfgfijinolepige
Ordner Gefunden : C:\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpoimibckejjdjcfbdnajaicnklhfplh
Ordner Gefunden : C:\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk
Ordner Gefunden : C:\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlcphjankhppgohedpkjonpadimhaoof
Ordner Gefunden : C:\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogfjmhfnldnajmfaofeiaepghjenbgjo
Ordner Gefunden : C:\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma
Ordner Gefunden : C:\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp
Ordner Gefunden : C:\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkndmigholgfjlniaohblojbhgjbkakn
Ordner Gefunden : C:\Users\Zxxx\AppData\Local\NativeMessaging
Ordner Gefunden : C:\Users\Zxxx\AppData\Local\Slick Savings
Ordner Gefunden : C:\Users\Zxxx\AppData\LocalLow\Conduit
Ordner Gefunden : C:\Users\Zxxx\AppData\LocalLow\Mysearchdial
Ordner Gefunden : C:\Users\Zxxx\AppData\LocalLow\PriceGong
Ordner Gefunden : C:\Users\Zxxx\AppData\Roaming\337Games
Ordner Gefunden : C:\Users\Zxxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\337Games
Ordner Gefunden : C:\Users\Zxxx\AppData\Roaming\Mozilla\Firefox\Profiles\807ywz5g.default\Smartbar
Ordner Gefunden : C:\Users\Zxxx\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_937869\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com
Ordner Gefunden : C:\Users\Zxxx\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_937869\Extensions\staged\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}
Ordner Gefunden : C:\Users\Zxxx\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_937869\Extensions\staged\ffxtlbr@mysearchdial.com
Ordner Gefunden : C:\Users\Zxxx\AppData\Roaming\Slick Savings
Ordner Gefunden : C:\Users\Zxxx\AppData\Roaming\Uniblue
Ordner Gefunden : C:\Users\Zxxx\AppData\Roaming\Uniblue\SpeedUpMyPC
Ordner Gefunden : C:\Users\Zxxx\Documents\PC Speed Maximizer
Ordner Gefunden : C:\windows\SysWOW64\SearchProtect

***** [ Verknüpfungen ] *****

Verknüpfung Gefunden : C:\Users\Public\Desktop\Mozilla Firefox.lnk ( hxxp://www.delta-homes.com/?type=sc&ts=1402596804&from=wpm0612&uid=ST31000524AS_6VPJK2M6XXXX6VPJK2M6 )
Verknüpfung Gefunden : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk ( hxxp://www.delta-homes.com/?type=sc&ts=1402596804&from=wpm0612&uid=ST31000524AS_6VPJK2M6XXXX6VPJK2M6 )
Verknüpfung Gefunden : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk ( hxxp://www.awesomehp.com/?type=sc&ts=1390848851&from=tugs&uid=ST31000524AS_6VPJK2M6XXXX6VPJK2M6 )
Verknüpfung Gefunden : C:\Users\Zxxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk ( hxxp://www.awesomehp.com/?type=sc&ts=1390848851&from=tugs&uid=ST31000524AS_6VPJK2M6XXXX6VPJK2M6 )
Verknüpfung Gefunden : C:\Users\Zxxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk ( hxxp://www.awesomehp.com/?type=sc&ts=1390848851&from=tugs&uid=ST31000524AS_6VPJK2M6XXXX6VPJK2M6 )
Verknüpfung Gefunden : C:\Users\Zxxx\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk ( hxxp://www.awesomehp.com/?type=sc&ts=1390848851&from=tugs&uid=ST31000524AS_6VPJK2M6XXXX6VPJK2M6 )
Verknüpfung Gefunden : C:\Users\Zxxx\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk ( hxxp://www.awesomehp.com/?type=sc&ts=1390848851&from=tugs&uid=ST31000524AS_6VPJK2M6XXXX6VPJK2M6 )
Verknüpfung Gefunden : C:\Users\Zxxx\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk ( hxxp://www.awesomehp.com/?type=sc&ts=1390848851&from=tugs&uid=ST31000524AS_6VPJK2M6XXXX6VPJK2M6 )
Verknüpfung Gefunden : C:\Users\Zxxx\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk ( hxxp://www.delta-homes.com/?type=sc&ts=1402596804&from=wpm0612&uid=ST31000524AS_6VPJK2M6XXXX6VPJK2M6 )
Verknüpfung Gefunden : C:\Users\Zxxx\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Internet Explorer.lnk ( hxxp://www.awesomehp.com/?type=sc&ts=1390848851&from=tugs&uid=ST31000524AS_6VPJK2M6XXXX6VPJK2M6 )

***** [ Registrierungsdatenbank ] *****

Daten Gefunden : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command [(Default)] - "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" hxxp://www.delta-homes.com/?type=sc&ts=1402596804&from=wpm0612&uid=ST31000524AS_6VPJK2M6XXXX6VPJK2M6
Daten Gefunden : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command [(Default)] - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.awesomehp.com/?type=sc&ts=1390848851&from=tugs&uid=ST31000524AS_6VPJK2M6XXXX6VPJK2M6
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\BackgroundContainer
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\Conduit
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\PriceGong
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\Re_Markable
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\Search Settings
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\SmartBar
Schlüssel Gefunden : HKCU\Software\Conduit
Schlüssel Gefunden : HKCU\Software\Google\Chrome\Extensions\jbaaieplnliapedmcbfgfijinolepige
Schlüssel Gefunden : HKCU\Software\Google\Chrome\Extensions\jbaaieplnliapedmcbfgfijinolepige
Schlüssel Gefunden : HKCU\Software\Google\Chrome\Extensions\jbaaieplnliapedmcbfgfijinolepige
Schlüssel Gefunden : HKCU\Software\Google\Chrome\Extensions\jbaaieplnliapedmcbfgfijinolepige
Schlüssel Gefunden : HKCU\Software\InstallCore
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Schlüssel Gefunden : HKCU\Software\mysearchdial
Schlüssel Gefunden : HKCU\Software\mysearchdial.com
Schlüssel Gefunden : HKCU\Software\ResultsAlpha
Schlüssel Gefunden : HKCU\Software\Tbccint_HKLM
Schlüssel Gefunden : [x64] HKCU\Software\Conduit
Schlüssel Gefunden : [x64] HKCU\Software\InstallCore
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Schlüssel Gefunden : [x64] HKCU\Software\mysearchdial
Schlüssel Gefunden : [x64] HKCU\Software\mysearchdial.com
Schlüssel Gefunden : [x64] HKCU\Software\ResultsAlpha
Schlüssel Gefunden : [x64] HKCU\Software\Tbccint_HKLM
Schlüssel Gefunden : HKLM\Software\awesomehpSoftware
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AmiBs.Installer
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{3004627E-F8E9-4E8B-909D-316753CBA923}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{4ED063C9-4A0B-4B44-A9DC-23AFF424A0D3}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{6DDA37BA-0553-499A-AE0D-BEBA67204548}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{82E74373-58AB-47EB-B0F0-A1D82BB8EB5C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{C358B3D0-B911-41E3-A276-E7D43A6BA56D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\escort.escortIEPane
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\esrv.mysearchdialesrvc
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\esrv.mysearchdialesrvc.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{0400EBCA-042C-4000-AA89-9713FBEDB671}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{0BD19251-4B4B-4B94-AB16-617106245BB7}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{3281114F-BCAB-45E3-80D9-A6CD64D4E636}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{44533FCB-F9FB-436A-8B6B-CF637B2D465A}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{44B29DDD-CF7A-454A-A275-A322A398D93F}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{A4DE94DB-DF03-45A3-8A5D-D1B7464B242D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{AA0F50A8-2618-4AE4-A779-9F7378555A8F}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{B2DB115C-8278-4947-9A07-57B53D1C4215}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{B97FC455-DB33-431D-84DB-6F1514110BD5}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{C67281E0-78F5-4E49-9FAE-4B1B2ADAF17B}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{D54C859C-6066-4F31-8FE0-2AAEDCAE67D7}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{E72E9312-0367-4216-BFC7-21485FA8390B}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{F6CCB6C9-127E-44AE-8552-B94356F39FFE}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{FFD25630-2734-4AE9-88E6-21BF6525F3FE}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialappCore
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialappCore.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialdskBnd
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialdskBnd.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialHlpr
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialHlpr.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Toolbar.CT3317893
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{FBC322D5-407E-4854-8C0B-555B951FD8E3}
Schlüssel Gefunden : HKLM\Software\Conduit
Schlüssel Gefunden : HKLM\Software\delta-homesSoftware
Schlüssel Gefunden : HKLM\Software\DomaIQ
Schlüssel Gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\hbcennhacfaagdopikcegfcobcadeocj
Schlüssel Gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj
Schlüssel Gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\jbaaieplnliapedmcbfgfijinolepige
Schlüssel Gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\jbaaieplnliapedmcbfgfijinolepige
Schlüssel Gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\jbaaieplnliapedmcbfgfijinolepige
Schlüssel Gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\jbaaieplnliapedmcbfgfijinolepige
Schlüssel Gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\lpoimibckejjdjcfbdnajaicnklhfplh
Schlüssel Gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk
Schlüssel Gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\pfndaklgolladniicklehhancnlgocpp
Schlüssel Gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\pkndmigholgfjlniaohblojbhgjbkakn
Schlüssel Gefunden : HKLM\Software\IePlugin
Schlüssel Gefunden : HKLM\Software\InstallCore
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{219046AE-358F-4CF1-B1FD-2B4DE83642A8}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3A787631-66A2-4634-B928-A37E73B58FB6}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DMUninstaller
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IePlugins
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SupTab
Schlüssel Gefunden : HKLM\Software\mysearchdial
Schlüssel Gefunden : HKLM\Software\ResultsAlpha
Schlüssel Gefunden : HKLM\Software\SupTab
Schlüssel Gefunden : HKLM\Software\supWPM
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{6DDA37BA-0553-499A-AE0D-BEBA67204548}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{0400EBCA-042C-4000-AA89-9713FBEDB671}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{0BD19251-4B4B-4B94-AB16-617106245BB7}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{3281114F-BCAB-45E3-80D9-A6CD64D4E636}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{44533FCB-F9FB-436A-8B6B-CF637B2D465A}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{44B29DDD-CF7A-454A-A275-A322A398D93F}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{A4DE94DB-DF03-45A3-8A5D-D1B7464B242D}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{AA0F50A8-2618-4AE4-A779-9F7378555A8F}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{B2DB115C-8278-4947-9A07-57B53D1C4215}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{B97FC455-DB33-431D-84DB-6F1514110BD5}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{C67281E0-78F5-4E49-9FAE-4B1B2ADAF17B}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{D54C859C-6066-4F31-8FE0-2AAEDCAE67D7}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{E72E9312-0367-4216-BFC7-21485FA8390B}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{F6CCB6C9-127E-44AE-8552-B94356F39FFE}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{FFD25630-2734-4AE9-88E6-21BF6525F3FE}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4BB7A109-FDB5-45E3-9DB9-ECB2EA7B80EE}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ResultsAlpha
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{3004627E-F8E9-4E8B-909D-316753CBA923}]
Wert Gefunden : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [faststartff@gmail.com]
Wert Gefunden : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [lightningnewtab@gmail.com]

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17126

Einstellung Gefunden : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page] - hxxp://search.delta-homes.com/web/?type=ds&ts=1402596804&from=wpm0612&uid=ST31000524AS_6VPJK2M6XXXX6VPJK2M6&q={searchTerms}
Einstellung Gefunden : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.delta-homes.com/?type=hp&ts=1402596804&from=wpm0612&uid=ST31000524AS_6VPJK2M6XXXX6VPJK2M6
Einstellung Gefunden : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.delta-homes.com/?type=hp&ts=1402596804&from=wpm0612&uid=ST31000524AS_6VPJK2M6XXXX6VPJK2M6
Einstellung Gefunden : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://search.delta-homes.com/web/?type=ds&ts=1402596804&from=wpm0612&uid=ST31000524AS_6VPJK2M6XXXX6VPJK2M6&q={searchTerms}
Einstellung Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://www.awesomehp.com/web/?type=ds&ts=1390848851&from=tugs&uid=ST31000524AS_6VPJK2M6XXXX6VPJK2M6&q={searchTerms}
Einstellung Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.delta-homes.com/?type=hp&ts=1402596804&from=wpm0612&uid=ST31000524AS_6VPJK2M6XXXX6VPJK2M6
Einstellung Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.delta-homes.com/?type=hp&ts=1402596804&from=wpm0612&uid=ST31000524AS_6VPJK2M6XXXX6VPJK2M6
Einstellung Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxp://www.awesomehp.com/web/?type=ds&ts=1390848851&from=tugs&uid=ST31000524AS_6VPJK2M6XXXX6VPJK2M6&q={searchTerms}
Einstellung Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs] - hxxp://start.mysearchdial.com/?f=2&a=dnldstr0202ff&cd=2XzuyEtN2Y1L1Qzu0CzzyCtDtDtD0Ezy0BtC0A0CtC0AyCtCtN0D0Tzu0SyBzztCtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=1267440434&ir=
Einstellung Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.delta-homes.com/?type=hp&ts=1402596804&from=wpm0612&uid=ST31000524AS_6VPJK2M6XXXX6VPJK2M6
Einstellung Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.delta-homes.com/?type=hp&ts=1402596804&from=wpm0612&uid=ST31000524AS_6VPJK2M6XXXX6VPJK2M6

-\\ Mozilla Firefox v29.0 (de)

[ Datei : C:\Users\Zxxx\AppData\Roaming\Mozilla\Firefox\Profiles\807ywz5g.default\prefs.js ]

Zeile gefunden : user_pref("CT3317893.1000082.isPlayDisplay", "true");
Zeile gefunden : user_pref("CT3317893.1000082.state", "{\"state\":\"stopped\",\"text\":\"Antenne B...\",\"description\":\"Antenne Bayern Top 40  Munich\",\"url\":\"mms://channels.webradio.antenne.de/top-40\"}");
Zeile gefunden : user_pref("CT3317893.1000234.TWC_TMP_city", "NUREMBERG");
Zeile gefunden : user_pref("CT3317893.1000234.TWC_TMP_country", "DE");
Zeile gefunden : user_pref("CT3317893.1000234.TWC_country", "GERMANY");
Zeile gefunden : user_pref("CT3317893.1000234.TWC_locId", "GMBY0250");
Zeile gefunden : user_pref("CT3317893.1000234.TWC_location", "Nuremberg, MT, Germany");
Zeile gefunden : user_pref("CT3317893.1000234.TWC_region", "DE");
Zeile gefunden : user_pref("CT3317893.1000234.TWC_temp_dis", "c");
Zeile gefunden : user_pref("CT3317893.1000234.TWC_wind_dis", "kmh");
Zeile gefunden : user_pref("CT3317893.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Zeile gefunden : user_pref("CT3317893.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");
Zeile gefunden : user_pref("CT3317893.FirstTime", "true");
Zeile gefunden : user_pref("CT3317893.FirstTimeFF3", "true");
Zeile gefunden : user_pref("CT3317893.RestartDialogFirstTime", "false");
Zeile gefunden : user_pref("CT3317893.RestartDialogShouldDisplay", "false");
Zeile gefunden : user_pref("CT3317893.SearchFromAddressBarUrl", "hxxp://trovi.com/ResultsExt.aspx?ctid=CT3317893&SearchSource=2&CUI=UN15471373639958307&UM=4&q=");
Zeile gefunden : user_pref("CT3317893.UserID", "UN15471373639958307");
Zeile gefunden : user_pref("CT3317893.addressBarTakeOverEnabledInHidden", "true");
Zeile gefunden : user_pref("CT3317893.appOptions", "{}");
Zeile gefunden : user_pref("CT3317893.browser.search.defaultthis.engineName", true);
Zeile gefunden : user_pref("CT3317893.countryCode", "DE");
Zeile gefunden : user_pref("CT3317893.dum", "2");
Zeile gefunden : user_pref("CT3317893.embeddedsData", "[{\"appId\":\"130269805663268820\",\"apiPermissions\":{\"crossDomainAjax\":true,\"getMainFrameTitle\":true,\"getMainFrameUrl\":true,\"getSearchTerm\":true,\"insta[...]
Zeile gefunden : user_pref("CT3317893.firstTimeDialogOpened", "true");
Zeile gefunden : user_pref("CT3317893.fixPageNotFoundErrorByUser", "TRUE");
Zeile gefunden : user_pref("CT3317893.fixPageNotFoundErrorInHidden", "true");
Zeile gefunden : user_pref("CT3317893.fullUserID", "UN15471373639958307.IN.20131225201607");
Zeile gefunden : user_pref("CT3317893.installType", "Unknown");
Zeile gefunden : user_pref("CT3317893.isCheckedStartAsHidden", true);
Zeile gefunden : user_pref("CT3317893.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Zeile gefunden : user_pref("CT3317893.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Zeile gefunden : user_pref("CT3317893.isWelcomPage", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Zeile gefunden : user_pref("CT3317893.keyword", true);
Zeile gefunden : user_pref("CT3317893.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"hxxp://www.trovi.com/?gd=&ctid=CT3317893&octid=CT3317893&ISID=ISID_ID&SearchSource=15&CUI=UN15471373639958307&Lay=1&UM=4\[...]
Zeile gefunden : user_pref("CT3317893.lastVersion", "10.33.0.505");
Zeile gefunden : user_pref("CT3317893.mam_gk_installer_preapproved.enc", "VFJVRQ==");
Zeile gefunden : user_pref("CT3317893.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"i\",\"EB_MAIN_FRAME_URL\":\"hxxp%3A%2F%2Fwww.trovi.com%2F%3Fgd%3D%26ctid%3DCT3317893%26octid%3DCT3317893%26ISID%3DISID_ID%26SearchSo[...]
Zeile gefunden : user_pref("CT3317893.originalHomepage", "chrome://branding/locale/browserconfig.properties");
Zeile gefunden : user_pref("CT3317893.originalSearchAddressUrl", "hxxps://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=402027&p=");
Zeile gefunden : user_pref("CT3317893.originalSearchEngine", "Yahoo!");
Zeile gefunden : user_pref("CT3317893.originalSearchEngineName", "Yahoo!");
Zeile gefunden : user_pref("CT3317893.performedDomainChangesMigration", "true");
Zeile gefunden : user_pref("CT3317893.revertSettingsEnabled", "false");
Zeile gefunden : user_pref("CT3317893.search.searchAppId", "130269805663268820");
Zeile gefunden : user_pref("CT3317893.search.searchCount", "0");
Zeile gefunden : user_pref("CT3317893.searchFromAddressBarEnabledByUser", "true");
Zeile gefunden : user_pref("CT3317893.searchInNewTabEnabledByUser", "true");
Zeile gefunden : user_pref("CT3317893.searchInNewTabEnabledInHidden", "true");
Zeile gefunden : user_pref("CT3317893.searchProtector.notifyChanges", "{\"dataType\":\"string\",\"data\":\"false\"}");
Zeile gefunden : user_pref("CT3317893.searchSuggestEnabledByUser", "TRUE");
Zeile gefunden : user_pref("CT3317893.searchUninstallUserMode", "4");
Zeile gefunden : user_pref("CT3317893.searchUserMode", "4");
Zeile gefunden : user_pref("CT3317893.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Zeile gefunden : user_pref("CT3317893.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Zeile gefunden : user_pref("CT3317893.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}");
Zeile gefunden : user_pref("CT3317893.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT3317893\"}");
Zeile gefunden : user_pref("CT3317893.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://RadioTotal4.OurToolbar.com//xpi\"}");
Zeile gefunden : user_pref("CT3317893.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"RadioTotal4 \"}");
Zeile gefunden : user_pref("CT3317893.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
Zeile gefunden : user_pref("CT3317893.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data\":\"2\"}");
Zeile gefunden : user_pref("CT3317893.serviceLayer_services_Configuration_lastUpdate", "1404380418495");
Zeile gefunden : user_pref("CT3317893.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1403785531943");
Zeile gefunden : user_pref("CT3317893.serviceLayer_services_appsMetadata_lastUpdate", "1404380417610");
Zeile gefunden : user_pref("CT3317893.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1403785531777");
Zeile gefunden : user_pref("CT3317893.serviceLayer_services_login_10.31.2.501_lastUpdate", "1404380412605");
Zeile gefunden : user_pref("CT3317893.serviceLayer_services_login_10.33.0.505_lastUpdate", "1404380830250");
Zeile gefunden : user_pref("CT3317893.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1403785531812");
Zeile gefunden : user_pref("CT3317893.serviceLayer_services_searchAPI_lastUpdate", "1404380417928");
Zeile gefunden : user_pref("CT3317893.serviceLayer_services_serviceMap_lastUpdate", "1404380417534");
Zeile gefunden : user_pref("CT3317893.serviceLayer_services_setupAPI_lastUpdate", "1403785532564");
Zeile gefunden : user_pref("CT3317893.serviceLayer_services_toolbarContextMenu_lastUpdate", "1404380417547");
Zeile gefunden : user_pref("CT3317893.serviceLayer_services_toolbarSettings_lastUpdate", "1404380417685");
Zeile gefunden : user_pref("CT3317893.serviceLayer_services_translation_lastUpdate", "1404380417776");
Zeile gefunden : user_pref("CT3317893.settingsINI", true);
Zeile gefunden : user_pref("CT3317893.showToolbarPermission", "false");
Zeile gefunden : user_pref("CT3317893.smartbar.CTID", "CT3317893");
Zeile gefunden : user_pref("CT3317893.smartbar.Uninstall", "0");
Zeile gefunden : user_pref("CT3317893.smartbar.homepage", true);
Zeile gefunden : user_pref("CT3317893.smartbar.toolbarName", "RadioTotal4 ");
Zeile gefunden : user_pref("CT3317893.toolbarBornServerTime", "26-6-2014");
Zeile gefunden : user_pref("CT3317893.toolbarCurrentServerTime", "3-7-2014");
Zeile gefunden : user_pref("CT3317893.toolbarInstallDate", "26-06-2014 14:25:30");
Zeile gefunden : user_pref("CT3317893.toolbarLoginClientTime", "Thu Jun 26 2014 14:25:30 GMT+0200");
Zeile gefunden : user_pref("CT3317893_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1404381757681,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
Zeile gefunden : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "hxxps://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=402027&p=");
Zeile gefunden : user_pref("Smartbar.TBHomepagesList", "hxxp://trovi.com/?UM=4&ctid=CT3317893&SearchSource=13&CUI=UN15471373639958307");
Zeile gefunden : user_pref("Smartbar.TBSearchEngineList", "RadioTotal4 Customized Web Search");
Zeile gefunden : user_pref("Smartbar.TBSearchUrlList", "hxxp://trovi.com/ResultsExt.aspx?ctid=CT3317893&SearchSource=2&CUI=UN15471373639958307&UM=4&q=");
Zeile gefunden : user_pref("Smartbar.keywordURLSelectedCTID", "CT3317893");
Zeile gefunden : user_pref("smartbar.addressBarOwnerCTID", "CT3317893");
Zeile gefunden : user_pref("smartbar.conduitHomepageList", "hxxp://trovi.com/?UM=4&ctid=CT3317893&SearchSource=13&CUI=UN15471373639958307");
Zeile gefunden : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://trovi.com/ResultsExt.aspx?ctid=CT3317893&SearchSource=2&CUI=UN15471373639958307&UM=4&q=");
Zeile gefunden : user_pref("smartbar.defaultSearchOwnerCTID", "CT3317893");
Zeile gefunden : user_pref("smartbar.homePageOwnerCTID", "CT3317893");
Zeile gefunden : user_pref("smartbar.homepageList", "hxxp://trovi.com/?UM=4&ctid=CT3317893&SearchSource=13&CUI=UN15471373639958307");
Zeile gefunden : user_pref("smartbar.machineId", "5WLSNM73Y3QS9NJX0UIAA75C3+J0FUP5WUZT6L6PFHDB/+U2V8IJKXXBTDXVHSHCGV+/+RQW+VSBSDCYQW/C6G");
Zeile gefunden : user_pref("smartbar.searchAddressUrlList", "hxxp://trovi.com/ResultsExt.aspx?ctid=CT3317893&SearchSource=2&CUI=UN15471373639958307&UM=4&q=");

[ Datei : C:\Users\Zxxx\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_937869\prefs.js ]


-\\ Google Chrome v35.0.1916.114

[ Datei : C:\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gefunden [Search Provider] : hxxp://search.conduit.com/Results.aspx?q={searchTerms}&SearchSource=49&CUI=UN28325174462119833&ctid=CT3317893&UM=2
Gefunden [Search Provider] : hxxp://www.awesomehp.com/web/?type=ds&ts=1390848851&from=tugs&uid=ST31000524AS_6VPJK2M6XXXX6VPJK2M6&q={searchTerms}
Gefunden [Search Provider] : hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dnldstr0202ff&cd=2XzuyEtN2Y1L1Qzu0CzzyCtDtDtD0Ezy0BtC0A0CtC0AyCtCtN0D0Tzu0SyBzztCtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=1267440434&ir=
Gefunden [Search Provider] : hxxp://search.delta-homes.com/web/?type=ds&ts=1402596804&from=wpm0612&uid=ST31000524AS_6VPJK2M6XXXX6VPJK2M6&q={searchTerms}
Gefunden [Startup_urls] : hxxp://www.delta-homes.com/?type=hp&ts=1402596804&from=wpm0612&uid=ST31000524AS_6VPJK2M6XXXX6VPJK2M6
Gefunden [Homepage] : hxxp://www.delta-homes.com/?type=hp&ts=1402596804&from=wpm0612&uid=ST31000524AS_6VPJK2M6XXXX6VPJK2M6
Gefunden [Extension] : ainbkicbloikcngphmjfpjdemblcojdd
Gefunden [Extension] : bopakagnckmlgajfccecajhnimjiiedh
Gefunden [Extension] : gpiifgmgnfdiblgpaepbmfdkcheicgof
Gefunden [Extension] : hbcennhacfaagdopikcegfcobcadeocj
Gefunden [Extension] : icdlfehblmklkikfigmjhbmmpmkmpooj
Gefunden [Extension] : jbaaieplnliapedmcbfgfijinolepige
Gefunden [Extension] : lpoimibckejjdjcfbdnajaicnklhfplh
Gefunden [Extension] : mhkaekfpcppmmioggniknbnbdbcigpkk
Gefunden [Extension] : nlcphjankhppgohedpkjonpadimhaoof
Gefunden [Extension] : ogfjmhfnldnajmfaofeiaepghjenbgjo
Gefunden [Extension] : pelmeidfhdlhlbjimpabfcbnnojbboma
Gefunden [Extension] : pfndaklgolladniicklehhancnlgocpp
Gefunden [Extension] : pkndmigholgfjlniaohblojbhgjbkakn

*************************

AdwCleaner[R0].txt - [37365 octets] - [26/10/2013 20:06:00]
AdwCleaner[R1].txt - [1410 octets] - [26/10/2013 22:28:07]
AdwCleaner[R2].txt - [2816 octets] - [20/12/2013 18:01:19]
AdwCleaner[R3].txt - [35372 octets] - [03/07/2014 13:23:06]
AdwCleaner[S0].txt - [36025 octets] - [26/10/2013 20:08:47]
AdwCleaner[S1].txt - [1471 octets] - [26/10/2013 22:29:06]
AdwCleaner[S2].txt - [2828 octets] - [20/12/2013 18:02:40]

########## EOF - C:\AdwCleaner\AdwCleaner[R3].txt - [35614 octets] ##########
         
Code:
ATTFilter
# AdwCleaner v3.214 - Bericht erstellt am 03/07/2014 um 13:27:47
# Aktualisiert 29/06/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Zxxx - Zxxx-PC
# Gestartet von : C:\Users\Zxxx\Desktop\Wartung\adwcleaner_3.214.exe
# Option : Löschen

***** [ Dienste ] *****

[#] Dienst Gelöscht : Update ResultsAlpha
[#] Dienst Gelöscht : Util ResultsAlpha

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\Conduit
Ordner Gelöscht : C:\ProgramData\IePluginService
[x] Nicht Gelöscht : C:\ProgramData\Kaspersky Lab\SafeBrowser
Ordner Gelöscht : C:\ProgramData\WPM
Ordner Gelöscht : C:\Program Files (x86)\Conduit
Ordner Gelöscht : C:\Program Files (x86)\MyPC Backup
Ordner Gelöscht : C:\Program Files (x86)\PC Speed Maximizer
Ordner Gelöscht : C:\Program Files (x86)\Plus-HD-4.9
[!] Ordner Gelöscht : C:\Program Files (x86)\ResultsAlpha
Ordner Gelöscht : C:\Program Files (x86)\SupTab
Ordner Gelöscht : C:\Program Files (x86)\Uniblue
Ordner Gelöscht : C:\Program Files (x86)\Uninstaller
Ordner Gelöscht : C:\Program Files (x86)\Common Files\Spigot
Ordner Gelöscht : C:\windows\SysWOW64\SearchProtect
Ordner Gelöscht : C:\Users\Zxxx\AppData\Local\Conduit
Ordner Gelöscht : C:\Users\Zxxx\AppData\Local\DownloadGuide
Ordner Gelöscht : C:\Users\Zxxx\AppData\Local\NativeMessaging
Ordner Gelöscht : C:\Users\Zxxx\AppData\Local\Slick Savings
Ordner Gelöscht : C:\Users\Zxxx\AppData\LocalLow\Conduit
Ordner Gelöscht : C:\Users\Zxxx\AppData\LocalLow\Mysearchdial
Ordner Gelöscht : C:\Users\Zxxx\AppData\LocalLow\PriceGong
Ordner Gelöscht : C:\Users\Zxxx\AppData\Roaming\337Games
Ordner Gelöscht : C:\Users\Zxxx\AppData\Roaming\Slick Savings
Ordner Gelöscht : C:\Users\Zxxx\AppData\Roaming\Uniblue
Ordner Gelöscht : C:\Users\Zxxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\337Games
Ordner Gelöscht : C:\Users\Zxxx\Documents\PC Speed Maximizer
Ordner Gelöscht : C:\Users\Zxxx\AppData\Roaming\Mozilla\Firefox\Profiles\807ywz5g.default\Smartbar
Ordner Gelöscht : C:\Users\Zxxx\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_937869\Extensions\staged\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}
Ordner Gelöscht : C:\Users\Zxxx\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_937869\Extensions\staged\ffxtlbr@mysearchdial.com
Ordner Gelöscht : C:\Users\Zxxx\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_937869\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com
Ordner Gelöscht : C:\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd
Ordner Gelöscht : C:\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml
Ordner Gelöscht : C:\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpiifgmgnfdiblgpaepbmfdkcheicgof
Ordner Gelöscht : C:\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbcennhacfaagdopikcegfcobcadeocj
Ordner Gelöscht : C:\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj
Ordner Gelöscht : C:\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpoimibckejjdjcfbdnajaicnklhfplh
Ordner Gelöscht : C:\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk
Ordner Gelöscht : C:\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogfjmhfnldnajmfaofeiaepghjenbgjo
Ordner Gelöscht : C:\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma
Ordner Gelöscht : C:\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp
Ordner Gelöscht : C:\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkndmigholgfjlniaohblojbhgjbkakn
Ordner Gelöscht : C:\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlcphjankhppgohedpkjonpadimhaoof
Ordner Gelöscht : C:\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbaaieplnliapedmcbfgfijinolepige
[!] Ordner Gelöscht : C:\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbaaieplnliapedmcbfgfijinolepige
[!] Ordner Gelöscht : C:\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbaaieplnliapedmcbfgfijinolepige
[!] Ordner Gelöscht : C:\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbaaieplnliapedmcbfgfijinolepige
Datei Gelöscht : C:\END
Datei Gelöscht : C:\Users\Zxxx\Desktop\MySearchDial.url
Datei Gelöscht : C:\Users\Zxxx\AppData\Roaming\Mozilla\Firefox\Profiles\807ywz5g.default\invalidprefs.js
Datei Gelöscht : C:\Users\Zxxx\AppData\Roaming\Mozilla\Firefox\Profiles\807ywz5g.default\searchplugins\bingp.xml
Datei Gelöscht : C:\Users\Zxxx\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_937869\searchplugins\Mysearchdial.xml
Datei Gelöscht : C:\Users\Zxxx\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_937869\user.js
Datei Gelöscht : C:\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv2.crx

***** [ Verknüpfungen ] *****

Verknüpfung Desinfiziert : C:\Users\Public\Desktop\Mozilla Firefox.lnk
Verknüpfung Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
Verknüpfung Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Verknüpfung Desinfiziert : C:\Users\Zxxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Verknüpfung Desinfiziert : C:\Users\Zxxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Verknüpfung Desinfiziert : C:\Users\Zxxx\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
Verknüpfung Desinfiziert : C:\Users\Zxxx\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Verknüpfung Desinfiziert : C:\Users\Zxxx\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk
Verknüpfung Desinfiziert : C:\Users\Zxxx\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk
Verknüpfung Desinfiziert : C:\Users\Zxxx\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Internet Explorer.lnk

***** [ Registrierungsdatenbank ] *****

Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [faststartff@gmail.com]
Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [lightningnewtab@gmail.com]
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\hbcennhacfaagdopikcegfcobcadeocj
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\lpoimibckejjdjcfbdnajaicnklhfplh
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\pfndaklgolladniicklehhancnlgocpp
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\pkndmigholgfjlniaohblojbhgjbkakn
Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\jbaaieplnliapedmcbfgfijinolepige
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\jbaaieplnliapedmcbfgfijinolepige
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AmiBs.Installer
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\escort.escortIEPane
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\esrv.mysearchdialesrvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\esrv.mysearchdialesrvc.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialappCore
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialappCore.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialdskBnd
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialdskBnd.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialHlpr
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialHlpr.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT3317893
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3004627E-F8E9-4E8B-909D-316753CBA923}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4ED063C9-4A0B-4B44-A9DC-23AFF424A0D3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{82E74373-58AB-47EB-B0F0-A1D82BB8EB5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C358B3D0-B911-41E3-A276-E7D43A6BA56D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6DDA37BA-0553-499A-AE0D-BEBA67204548}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0400EBCA-042C-4000-AA89-9713FBEDB671}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0BD19251-4B4B-4B94-AB16-617106245BB7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3281114F-BCAB-45E3-80D9-A6CD64D4E636}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{44533FCB-F9FB-436A-8B6B-CF637B2D465A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{44B29DDD-CF7A-454A-A275-A322A398D93F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A4DE94DB-DF03-45A3-8A5D-D1B7464B242D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{AA0F50A8-2618-4AE4-A779-9F7378555A8F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B2DB115C-8278-4947-9A07-57B53D1C4215}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B97FC455-DB33-431D-84DB-6F1514110BD5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C67281E0-78F5-4E49-9FAE-4B1B2ADAF17B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D54C859C-6066-4F31-8FE0-2AAEDCAE67D7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E72E9312-0367-4216-BFC7-21485FA8390B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F6CCB6C9-127E-44AE-8552-B94356F39FFE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FFD25630-2734-4AE9-88E6-21BF6525F3FE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{FBC322D5-407E-4854-8C0B-555B951FD8E3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{219046AE-358F-4CF1-B1FD-2B4DE83642A8}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{3004627E-F8E9-4E8B-909D-316753CBA923}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{6DDA37BA-0553-499A-AE0D-BEBA67204548}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0400EBCA-042C-4000-AA89-9713FBEDB671}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0BD19251-4B4B-4B94-AB16-617106245BB7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3281114F-BCAB-45E3-80D9-A6CD64D4E636}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{44533FCB-F9FB-436A-8B6B-CF637B2D465A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{44B29DDD-CF7A-454A-A275-A322A398D93F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A4DE94DB-DF03-45A3-8A5D-D1B7464B242D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{AA0F50A8-2618-4AE4-A779-9F7378555A8F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B2DB115C-8278-4947-9A07-57B53D1C4215}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B97FC455-DB33-431D-84DB-6F1514110BD5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C67281E0-78F5-4E49-9FAE-4B1B2ADAF17B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D54C859C-6066-4F31-8FE0-2AAEDCAE67D7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E72E9312-0367-4216-BFC7-21485FA8390B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F6CCB6C9-127E-44AE-8552-B94356F39FFE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FFD25630-2734-4AE9-88E6-21BF6525F3FE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Daten Wiederhergestellt : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Daten Wiederhergestellt : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\InstallCore
Schlüssel Gelöscht : HKCU\Software\mysearchdial
Schlüssel Gelöscht : HKCU\Software\mysearchdial.com
Schlüssel Gelöscht : HKCU\Software\ResultsAlpha
Schlüssel Gelöscht : HKCU\Software\Tbccint_HKLM
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\BackgroundContainer
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\PriceGong
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Re_Markable
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Search Settings
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\SmartBar
Schlüssel Gelöscht : HKLM\Software\awesomehpSoftware
Schlüssel Gelöscht : HKLM\Software\Conduit
Schlüssel Gelöscht : HKLM\Software\delta-homesSoftware
Schlüssel Gelöscht : HKLM\Software\DomaIQ
Schlüssel Gelöscht : HKLM\Software\IePlugin
Schlüssel Gelöscht : HKLM\Software\InstallCore
Schlüssel Gelöscht : HKLM\Software\mysearchdial
Schlüssel Gelöscht : HKLM\Software\ResultsAlpha
Schlüssel Gelöscht : HKLM\Software\SupTab
Schlüssel Gelöscht : HKLM\Software\supWPM
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3A787631-66A2-4634-B928-A37E73B58FB6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DMUninstaller
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IePlugins
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SupTab
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4BB7A109-FDB5-45E3-9DB9-ECB2EA7B80EE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ResultsAlpha

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17126

Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]

-\\ Mozilla Firefox v29.0 (de)

[ Datei : C:\Users\Zxxx\AppData\Roaming\Mozilla\Firefox\Profiles\807ywz5g.default\prefs.js ]

Zeile gelöscht : user_pref("CT3317893.1000082.isPlayDisplay", "true");
Zeile gelöscht : user_pref("CT3317893.1000082.state", "{\"state\":\"stopped\",\"text\":\"Antenne B...\",\"description\":\"Antenne Bayern Top 40  Munich\",\"url\":\"mms://channels.webradio.antenne.de/top-40\"}");
Zeile gelöscht : user_pref("CT3317893.1000234.TWC_TMP_city", "NUREMBERG");
Zeile gelöscht : user_pref("CT3317893.1000234.TWC_TMP_country", "DE");
Zeile gelöscht : user_pref("CT3317893.1000234.TWC_country", "GERMANY");
Zeile gelöscht : user_pref("CT3317893.1000234.TWC_locId", "GMBY0250");
Zeile gelöscht : user_pref("CT3317893.1000234.TWC_location", "Nuremberg, MT, Germany");
Zeile gelöscht : user_pref("CT3317893.1000234.TWC_region", "DE");
Zeile gelöscht : user_pref("CT3317893.1000234.TWC_temp_dis", "c");
Zeile gelöscht : user_pref("CT3317893.1000234.TWC_wind_dis", "kmh");
Zeile gelöscht : user_pref("CT3317893.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Zeile gelöscht : user_pref("CT3317893.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");
Zeile gelöscht : user_pref("CT3317893.FirstTime", "true");
Zeile gelöscht : user_pref("CT3317893.FirstTimeFF3", "true");
Zeile gelöscht : user_pref("CT3317893.RestartDialogFirstTime", "false");
Zeile gelöscht : user_pref("CT3317893.RestartDialogShouldDisplay", "false");
Zeile gelöscht : user_pref("CT3317893.SearchFromAddressBarUrl", "hxxp://trovi.com/ResultsExt.aspx?ctid=CT3317893&SearchSource=2&CUI=UN15471373639958307&UM=4&q=");
Zeile gelöscht : user_pref("CT3317893.UserID", "UN15471373639958307");
Zeile gelöscht : user_pref("CT3317893.addressBarTakeOverEnabledInHidden", "true");
Zeile gelöscht : user_pref("CT3317893.appOptions", "{}");
Zeile gelöscht : user_pref("CT3317893.browser.search.defaultthis.engineName", true);
Zeile gelöscht : user_pref("CT3317893.countryCode", "DE");
Zeile gelöscht : user_pref("CT3317893.dum", "2");
Zeile gelöscht : user_pref("CT3317893.embeddedsData", "[{\"appId\":\"130269805663268820\",\"apiPermissions\":{\"crossDomainAjax\":true,\"getMainFrameTitle\":true,\"getMainFrameUrl\":true,\"getSearchTerm\":true,\"insta[...]
Zeile gelöscht : user_pref("CT3317893.firstTimeDialogOpened", "true");
Zeile gelöscht : user_pref("CT3317893.fixPageNotFoundErrorByUser", "TRUE");
Zeile gelöscht : user_pref("CT3317893.fixPageNotFoundErrorInHidden", "true");
Zeile gelöscht : user_pref("CT3317893.fullUserID", "UN15471373639958307.IN.20131225201607");
Zeile gelöscht : user_pref("CT3317893.installType", "Unknown");
Zeile gelöscht : user_pref("CT3317893.isCheckedStartAsHidden", true);
Zeile gelöscht : user_pref("CT3317893.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Zeile gelöscht : user_pref("CT3317893.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Zeile gelöscht : user_pref("CT3317893.isWelcomPage", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Zeile gelöscht : user_pref("CT3317893.keyword", true);
Zeile gelöscht : user_pref("CT3317893.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"hxxp://www.trovi.com/?gd=&ctid=CT3317893&octid=CT3317893&ISID=ISID_ID&SearchSource=15&CUI=UN15471373639958307&Lay=1&UM=4\[...]
Zeile gelöscht : user_pref("CT3317893.lastVersion", "10.33.0.505");
Zeile gelöscht : user_pref("CT3317893.mam_gk_installer_preapproved.enc", "VFJVRQ==");
Zeile gelöscht : user_pref("CT3317893.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"i\",\"EB_MAIN_FRAME_URL\":\"hxxp%3A%2F%2Fwww.trovi.com%2F%3Fgd%3D%26ctid%3DCT3317893%26octid%3DCT3317893%26ISID%3DISID_ID%26SearchSo[...]
Zeile gelöscht : user_pref("CT3317893.originalHomepage", "chrome://branding/locale/browserconfig.properties");
Zeile gelöscht : user_pref("CT3317893.originalSearchAddressUrl", "hxxps://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=402027&p=");
Zeile gelöscht : user_pref("CT3317893.originalSearchEngine", "Yahoo!");
Zeile gelöscht : user_pref("CT3317893.originalSearchEngineName", "Yahoo!");
Zeile gelöscht : user_pref("CT3317893.performedDomainChangesMigration", "true");
Zeile gelöscht : user_pref("CT3317893.revertSettingsEnabled", "false");
Zeile gelöscht : user_pref("CT3317893.search.searchAppId", "130269805663268820");
Zeile gelöscht : user_pref("CT3317893.search.searchCount", "0");
Zeile gelöscht : user_pref("CT3317893.searchFromAddressBarEnabledByUser", "true");
Zeile gelöscht : user_pref("CT3317893.searchInNewTabEnabledByUser", "true");
Zeile gelöscht : user_pref("CT3317893.searchInNewTabEnabledInHidden", "true");
Zeile gelöscht : user_pref("CT3317893.searchProtector.notifyChanges", "{\"dataType\":\"string\",\"data\":\"false\"}");
Zeile gelöscht : user_pref("CT3317893.searchSuggestEnabledByUser", "TRUE");
Zeile gelöscht : user_pref("CT3317893.searchUninstallUserMode", "4");
Zeile gelöscht : user_pref("CT3317893.searchUserMode", "4");
Zeile gelöscht : user_pref("CT3317893.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Zeile gelöscht : user_pref("CT3317893.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Zeile gelöscht : user_pref("CT3317893.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}");
Zeile gelöscht : user_pref("CT3317893.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT3317893\"}");
Zeile gelöscht : user_pref("CT3317893.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://RadioTotal4.OurToolbar.com//xpi\"}");
Zeile gelöscht : user_pref("CT3317893.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"RadioTotal4 \"}");
Zeile gelöscht : user_pref("CT3317893.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
Zeile gelöscht : user_pref("CT3317893.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data\":\"2\"}");
Zeile gelöscht : user_pref("CT3317893.serviceLayer_services_Configuration_lastUpdate", "1404380418495");
Zeile gelöscht : user_pref("CT3317893.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1403785531943");
Zeile gelöscht : user_pref("CT3317893.serviceLayer_services_appsMetadata_lastUpdate", "1404380417610");
Zeile gelöscht : user_pref("CT3317893.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1403785531777");
Zeile gelöscht : user_pref("CT3317893.serviceLayer_services_login_10.31.2.501_lastUpdate", "1404380412605");
Zeile gelöscht : user_pref("CT3317893.serviceLayer_services_login_10.33.0.505_lastUpdate", "1404380830250");
Zeile gelöscht : user_pref("CT3317893.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1403785531812");
Zeile gelöscht : user_pref("CT3317893.serviceLayer_services_searchAPI_lastUpdate", "1404380417928");
Zeile gelöscht : user_pref("CT3317893.serviceLayer_services_serviceMap_lastUpdate", "1404380417534");
Zeile gelöscht : user_pref("CT3317893.serviceLayer_services_setupAPI_lastUpdate", "1403785532564");
Zeile gelöscht : user_pref("CT3317893.serviceLayer_services_toolbarContextMenu_lastUpdate", "1404380417547");
Zeile gelöscht : user_pref("CT3317893.serviceLayer_services_toolbarSettings_lastUpdate", "1404380417685");
Zeile gelöscht : user_pref("CT3317893.serviceLayer_services_translation_lastUpdate", "1404380417776");
Zeile gelöscht : user_pref("CT3317893.settingsINI", true);
Zeile gelöscht : user_pref("CT3317893.showToolbarPermission", "false");
Zeile gelöscht : user_pref("CT3317893.smartbar.CTID", "CT3317893");
Zeile gelöscht : user_pref("CT3317893.smartbar.Uninstall", "0");
Zeile gelöscht : user_pref("CT3317893.smartbar.homepage", true);
Zeile gelöscht : user_pref("CT3317893.smartbar.toolbarName", "RadioTotal4 ");
Zeile gelöscht : user_pref("CT3317893.toolbarBornServerTime", "26-6-2014");
Zeile gelöscht : user_pref("CT3317893.toolbarCurrentServerTime", "3-7-2014");
Zeile gelöscht : user_pref("CT3317893.toolbarInstallDate", "26-06-2014 14:25:30");
Zeile gelöscht : user_pref("CT3317893.toolbarLoginClientTime", "Thu Jun 26 2014 14:25:30 GMT+0200");
Zeile gelöscht : user_pref("CT3317893_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1404381757681,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
Zeile gelöscht : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "hxxps://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=402027&p=");
Zeile gelöscht : user_pref("Smartbar.TBHomepagesList", "hxxp://trovi.com/?UM=4&ctid=CT3317893&SearchSource=13&CUI=UN15471373639958307");
Zeile gelöscht : user_pref("Smartbar.TBSearchEngineList", "RadioTotal4 Customized Web Search");
Zeile gelöscht : user_pref("Smartbar.TBSearchUrlList", "hxxp://trovi.com/ResultsExt.aspx?ctid=CT3317893&SearchSource=2&CUI=UN15471373639958307&UM=4&q=");
Zeile gelöscht : user_pref("Smartbar.keywordURLSelectedCTID", "CT3317893");
Zeile gelöscht : user_pref("smartbar.addressBarOwnerCTID", "CT3317893");
Zeile gelöscht : user_pref("smartbar.conduitHomepageList", "hxxp://trovi.com/?UM=4&ctid=CT3317893&SearchSource=13&CUI=UN15471373639958307");
Zeile gelöscht : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://trovi.com/ResultsExt.aspx?ctid=CT3317893&SearchSource=2&CUI=UN15471373639958307&UM=4&q=");
Zeile gelöscht : user_pref("smartbar.defaultSearchOwnerCTID", "CT3317893");
Zeile gelöscht : user_pref("smartbar.homePageOwnerCTID", "CT3317893");
Zeile gelöscht : user_pref("smartbar.homepageList", "hxxp://trovi.com/?UM=4&ctid=CT3317893&SearchSource=13&CUI=UN15471373639958307");
Zeile gelöscht : user_pref("smartbar.machineId", "5WLSNM73Y3QS9NJX0UIAA75C3+J0FUP5WUZT6L6PFHDB/+U2V8IJKXXBTDXVHSHCGV+/+RQW+VSBSDCYQW/C6G");
Zeile gelöscht : user_pref("smartbar.searchAddressUrlList", "hxxp://trovi.com/ResultsExt.aspx?ctid=CT3317893&SearchSource=2&CUI=UN15471373639958307&UM=4&q=");

[ Datei : C:\Users\Zxxx\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_937869\prefs.js ]


-\\ Google Chrome v35.0.1916.114

[ Datei : C:\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gelöscht [Search Provider] : hxxp://search.conduit.com/Results.aspx?q={searchTerms}&SearchSource=49&CUI=UN28325174462119833&ctid=CT3317893&UM=2
Gelöscht [Search Provider] : hxxp://www.awesomehp.com/web/?type=ds&ts=1390848851&from=tugs&uid=ST31000524AS_6VPJK2M6XXXX6VPJK2M6&q={searchTerms}
Gelöscht [Search Provider] : hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dnldstr0202ff&cd=2XzuyEtN2Y1L1Qzu0CzzyCtDtDtD0Ezy0BtC0A0CtC0AyCtCtN0D0Tzu0SyBzztCtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=1267440434&ir=
Gelöscht [Search Provider] : hxxp://search.delta-homes.com/web/?type=ds&ts=1402596804&from=wpm0612&uid=ST31000524AS_6VPJK2M6XXXX6VPJK2M6&q={searchTerms}
Gelöscht [Startup_urls] : hxxp://www.delta-homes.com/?type=hp&ts=1402596804&from=wpm0612&uid=ST31000524AS_6VPJK2M6XXXX6VPJK2M6
Gelöscht [Homepage] : hxxp://www.delta-homes.com/?type=hp&ts=1402596804&from=wpm0612&uid=ST31000524AS_6VPJK2M6XXXX6VPJK2M6
Gelöscht [Extension] : ainbkicbloikcngphmjfpjdemblcojdd
Gelöscht [Extension] : bopakagnckmlgajfccecajhnimjiiedh
Gelöscht [Extension] : gpiifgmgnfdiblgpaepbmfdkcheicgof
Gelöscht [Extension] : hbcennhacfaagdopikcegfcobcadeocj
Gelöscht [Extension] : icdlfehblmklkikfigmjhbmmpmkmpooj
Gelöscht [Extension] : jbaaieplnliapedmcbfgfijinolepige
Gelöscht [Extension] : lpoimibckejjdjcfbdnajaicnklhfplh
Gelöscht [Extension] : mhkaekfpcppmmioggniknbnbdbcigpkk
Gelöscht [Extension] : nlcphjankhppgohedpkjonpadimhaoof
Gelöscht [Extension] : ogfjmhfnldnajmfaofeiaepghjenbgjo
Gelöscht [Extension] : pelmeidfhdlhlbjimpabfcbnnojbboma
Gelöscht [Extension] : pfndaklgolladniicklehhancnlgocpp
Gelöscht [Extension] : pkndmigholgfjlniaohblojbhgjbkakn

*************************

AdwCleaner[R0].txt - [37365 octets] - [26/10/2013 20:06:00]
AdwCleaner[R1].txt - [1410 octets] - [26/10/2013 22:28:07]
AdwCleaner[R2].txt - [2816 octets] - [20/12/2013 18:01:19]
AdwCleaner[R3].txt - [35835 octets] - [03/07/2014 13:23:06]
AdwCleaner[S0].txt - [36025 octets] - [26/10/2013 20:08:47]
AdwCleaner[S1].txt - [1471 octets] - [26/10/2013 22:29:06]
AdwCleaner[S2].txt - [2828 octets] - [20/12/2013 18:02:40]
AdwCleaner[S3].txt - [31797 octets] - [03/07/2014 13:27:47]

########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [31858 octets] ##########
         
Code:
ATTFilter
GMER 2.1.19357 - http://www.gmer.net
Rootkit scan 2014-07-03 15:07:08
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 ST31000524AS rev.JC45 931,51GB
Running: Gmer-19357.exe; Driver: C:\Users\Zxxx\AppData\Local\Temp\kfldrpog.sys


---- User code sections - GMER 2.1 ----

.text   C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe[2096] C:\windows\syswow64\PSAPI.DLL!GetModuleInformation + 69   00000000758c1465 2 bytes [8C, 75]
.text   C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe[2096] C:\windows\syswow64\PSAPI.DLL!GetModuleInformation + 155  00000000758c14bb 2 bytes [8C, 75]
.text   ...                                                                                                                                              * 2
.text   C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe[2320] C:\windows\syswow64\psapi.dll!GetModuleInformation + 69                       00000000758c1465 2 bytes [8C, 75]
.text   C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe[2320] C:\windows\syswow64\psapi.dll!GetModuleInformation + 155                      00000000758c14bb 2 bytes [8C, 75]
.text   ...                                                                                                                                              * 2
.text   C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE[2824] C:\windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                    00000000758c1465 2 bytes [8C, 75]
.text   C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE[2824] C:\windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                   00000000758c14bb 2 bytes [8C, 75]
.text   ...                                                                                                                                              * 2
.text   C:\Program Files (x86)\Secunia\PSI\PSIA.exe[2040] C:\windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                        00000000758c1465 2 bytes [8C, 75]
.text   C:\Program Files (x86)\Secunia\PSI\PSIA.exe[2040] C:\windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                       00000000758c14bb 2 bytes [8C, 75]
.text   ...                                                                                                                                              * 2
.text   C:\Program Files (x86)\Secunia\PSI\sua.exe[4212] C:\windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                         00000000758c1465 2 bytes [8C, 75]
.text   C:\Program Files (x86)\Secunia\PSI\sua.exe[4212] C:\windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                        00000000758c14bb 2 bytes [8C, 75]
.text   ...                                                                                                                                              * 2
.text   C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe[4912] C:\windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                       00000000758c1465 2 bytes [8C, 75]
.text   C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe[4912] C:\windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                      00000000758c14bb 2 bytes [8C, 75]
.text   ...                                                                                                                                              * 2
.text   C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe[4920] C:\windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                       00000000758c1465 2 bytes [8C, 75]
.text   C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe[4920] C:\windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                      00000000758c14bb 2 bytes [8C, 75]
.text   ...                                                                                                                                              * 2
.text   C:\Program Files (x86)\Secunia\PSI\psi_tray.exe[4644] C:\windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                    00000000758c1465 2 bytes [8C, 75]
.text   C:\Program Files (x86)\Secunia\PSI\psi_tray.exe[4644] C:\windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                   00000000758c14bb 2 bytes [8C, 75]
.text   ...                                                                                                                                              * 2
.text   C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe[5096] C:\windows\syswow64\PSAPI.DLL!GetModuleInformation + 69    00000000758c1465 2 bytes [8C, 75]
.text   C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe[5096] C:\windows\syswow64\PSAPI.DLL!GetModuleInformation + 155   00000000758c14bb 2 bytes [8C, 75]
.text   ...                                                                                                                                              * 2
.text   C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBAgent.exe[4284] C:\windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                    00000000758c1465 2 bytes [8C, 75]
.text   C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBAgent.exe[4284] C:\windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                   00000000758c14bb 2 bytes [8C, 75]
.text   ...                                                                                                                                              * 2
.text   C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac[4300] C:\windows\syswow64\PSAPI.DLL!GetModuleInformation + 69       00000000758c1465 2 bytes [8C, 75]
.text   C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac[4300] C:\windows\syswow64\PSAPI.DLL!GetModuleInformation + 155      00000000758c14bb 2 bytes [8C, 75]
.text   ...                                                                                                                                              * 2

---- Kernel IAT/EAT - GMER 2.1 ----

IAT     C:\windows\System32\win32k.sys[ntoskrnl.exe!KeUserModeCallback]                                                                                  [fffff8800469bedc] \SystemRoot\system32\DRIVERS\klif.sys [PAGE]

---- Threads - GMER 2.1 ----

Thread  C:\windows\SysWOW64\ntdll.dll [3816:3820]                                                                                                        0000000000405f80
Thread   [4268:4328]                                                                                                                                     000007fefdf1a808
Thread   [4268:4288]                                                                                                                                     00000000776baef0
Thread   [4268:4416]                                                                                                                                     00000000776bfbf0
Thread   [4268:5728]                                                                                                                                     00000000776bfbf0
Thread   [4268:5896]                                                                                                                                     000007feff060168
Thread   [4268:6004]                                                                                                                                     000007fefbcf2bf8
Thread   [4268:5368]                                                                                                                                     000007fef8c05124

---- Registry - GMER 2.1 ----

Reg     HKLM\SYSTEM\CurrentControlSet\services\rdyboost\Parameters@LastBootPlanUserTime                                                                  ?Do?, ?Jul ?03 ?14, 02:22:32????????????'??????????????????????

---- EOF - GMER 2.1 ----
         
***Fortsetzung***

Alt 03.07.2014, 16:02   #2
Riddle
 
Win 7 (64): Browser voller Toolbars, Startseite geändert, alles doppelt unterstrichen; MBAM startet nicht ... - Standard

Win 7 (64): Browser voller Toolbars, Startseite geändert, alles doppelt unterstrichen; MBAM startet nicht ...



***Fortsetzung***


FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-07-2014
Ran by Zxxx (administrator) on Zxxx-PC on 03-07-2014 15:21:02
Running from C:\Users\Zxxx\Desktop\Wartung
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(ABBYY InfoPoisk LLC) C:\Program Files (x86)\ABBYY FineReader 11\NetworkLicenseServer.exe
(AMD) C:\Windows\System32\atieclxx.exe
(ABBYY) C:\Program Files (x86)\ABBYY PDF Transformer 3.0\NetworkLicenseServer.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
(ASUSTeK Computer Inc.) C:\Windows\SysWOW64\AsHookDevice.exe
(mst software GmbH, Germany) C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 10\DfSdkS64.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro PDF\Professional\6.0\NitroPDFDriverServicex64.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
() C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Easy Update\ALU.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Instant On\AsInstantOn.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Dr.Net\AsDrNotify.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(CANON INC.) C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.EXE
(BillP Studios) C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe
(BillP Studios) C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe
() C:\Program Files (x86)\Ditto\Ditto.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Manager\AsShellApplication.exe
(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TimounterMonitor.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
(ABBYY Production LLC) C:\Program Files (x86)\ABBYY FineReader 11\Bonus.ScreenshotReader.exe
(CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
(Nero AG) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBAgent.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\klwtblfs.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Users\Zxxx\AppData\Local\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [403688 2012-06-28] (Acronis)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2779024 2011-03-14] (CANON INC.)
HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [689488 2008-03-11] (CANON INC.)
HKLM\...\Run: [WinPatrol] => C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe [404712 2013-01-04] (BillP Studios)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-01-04] (Intel Corporation)
HKLM-x32\...\Run: [RunAIShell] => C:\Program Files (x86)\ASUS\AI Manager\AsShellApplication.exe [232064 2009-12-23] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2011-12-05] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [5993216 2012-06-28] (Acronis)
HKLM-x32\...\Run: [AcronisTimounterMonitor] => C:\Program Files (x86)\Acronis\TrueImageHome\TimounterMonitor.exe [1173712 2012-06-28] (Acronis)
HKLM-x32\...\Run: [AVP] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356128 2013-10-10] (Kaspersky Lab ZAO)
HKLM-x32\...\Run: [Bonus.SSR.FR11] => C:\Program Files (x86)\ABBYY FineReader 11\Bonus.ScreenshotReader.exe [1364496 2013-06-27] (ABBYY Production LLC)
HKLM-x32\...\Run: [CanonSolutionMenuEx] => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1612920 2011-08-04] (CANON INC.)
HKLM-x32\...\Run: [WinPatrol] => C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe [404712 2013-01-04] (BillP Studios)
HKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKLM-x32\...\Run: [NBAgent] => C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBAgent.exe [2442064 2013-12-04] (Nero AG)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\.DEFAULT\...\RunOnce: [SpUninstallDeleteDir] - rmdir /s /q "\SearchProtect"
HKU\S-1-5-21-630921429-1342516162-3619519076-1001\...\Run: [WinPatrol] => C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe [404712 2013-01-04] (BillP Studios)
HKU\S-1-5-21-630921429-1342516162-3619519076-1001\...\Run: [Ditto] => C:\Program Files (x86)\Ditto\Ditto.exe [1433200 2012-11-08] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
ShellIconOverlayIdentifiers: AsusWSShellExt_B -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.104.216\ASUSWSShellExt64.dll (eCareme Technologies, Inc.)
ShellIconOverlayIdentifiers: AsusWSShellExt_O -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.104.216\ASUSWSShellExt64.dll (eCareme Technologies, Inc.)

==================== Internet (Whitelisted) ====================

StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKLM-x32 - URL http://search.certified-toolbar.com?si=66920&st=bs&tid=6787&ver=4.4&ts=1381010400000.000008&tguid=66920-6787-1381069221592-271746E61142FEA1972C5C8461C1103F&q={searchTerms}
SearchScopes: HKLM-x32 - SuggestionsURL_JSON http://api.widdit.com/suggestions/?format=ffplugin&ua=ie&src=addon&si=66920&gid=66920-6787-1381069221592-271746E61142FEA1972C5C8461C1103F&dbCode=1&command={searchTerms}
SearchScopes: HKLM-x32 - TopResultURLFallback http://search.certified-toolbar.com?si=66920&st=bs&tid=6787&ver=4.4&ts=1381010400000.000008&tguid=66920-6787-1381069221592-271746E61142FEA1972C5C8461C1103F&q={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {1594BEF9-D723-4D01-99A9-A812F0582B90} URL = https://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=402027&p={searchTerms}
SearchScopes: HKCU - {6D732119-3B3E-457E-AB05-499F5C469882} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3317893&CUI=UN17987444748720370&UM=2&SSPV=S41BIE
SearchScopes: HKCU - {E8C44CF9-A628-4CF9-8991-449272648297} URL = http://rts.dsrlte.com/?q={searchTerms}&r=684
BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Zxxx\AppData\Roaming\Mozilla\Firefox\Profiles\807ywz5g.default
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.de/
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_14_0_0_125.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nullsoft.com/winampDetector;version=1 - C:\Program Files (x86)\Winamp Detect\npwachk.dll (Nullsoft, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Zxxx\AppData\Roaming\Mozilla\Firefox\Profiles\807ywz5g.default\searchplugins\keepmysearch.xml
FF SearchPlugin: C:\Users\Zxxx\AppData\Roaming\Mozilla\Firefox\Profiles\807ywz5g.default\searchplugins\yahoo_ff.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: FoxyDeal - C:\Users\Zxxx\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{F58A62EB-38DC-43C4-A539-DC52E135208D} [2013-07-19]
FF HKLM-x32\...\Firefox\Extensions: [url_advisor@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com [2013-06-29]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com [2013-06-29]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com [2013-06-29]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com [2013-06-29]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com [2013-06-29]
FF HKLM-x32\...\Firefox\Extensions: [shortcutff@gmail.com] - C:\Users\Zxxx\AppData\Roaming\Mozilla\Firefox\Profiles\807ywz5g.default\extensions\shortcutff@gmail.com
FF HKCU\...\Firefox\Extensions: [{ba5b6935-63e1-431c-8fc6-7504512d2b94}] - C:\Program Files (x86)\LyricsContainer\130.xpi

Chrome: 
=======
CHR HomePage: hxxp://www.google.com/
CHR NewTab: "chrome-extension://pelmeidfhdlhlbjimpabfcbnnojbboma/index.html", "chrome-extension://gpiifgmgnfdiblgpaepbmfdkcheicgof/redirect.html"
CHR DefaultSearchKeyword: yahoo.com search
CHR DefaultSearchProvider: Yahoo
CHR DefaultSearchURL: https://de.search.yahoo.com/search?fr=chr-greentree_gc&ei=utf-8&ilc=12&type=402027&p={searchTerms}
CHR DefaultNewTabURL: 
CHR Extension: (No Name) - C:\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd [2014-06-12]
CHR Extension: (Docs) - C:\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-07-19]
CHR Extension: (Google Drive) - C:\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-07-19]
CHR Extension: (HomeTab) - C:\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\bddpogknpjlgfpbboediomaiiaecfajn [2013-10-10]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-06-26]
CHR Extension: (YouTube) - C:\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-07-19]
CHR Extension: (No Name) - C:\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml [2014-01-27]
CHR Extension: (Google Search) - C:\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-07-19]
CHR Extension: (Kaspersky URL Advisor) - C:\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2013-07-19]
CHR Extension: (No Name) - C:\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpiifgmgnfdiblgpaepbmfdkcheicgof [2014-06-26]
CHR Extension: (Safe Money) - C:\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh [2013-07-19]
CHR Extension: (No Name) - C:\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbcennhacfaagdopikcegfcobcadeocj [2014-02-20]
CHR Extension: (No Name) - C:\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj [2014-02-20]
CHR Extension: (Virtual Keyboard) - C:\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh [2013-07-19]
CHR Extension: (No Name) - C:\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpoimibckejjdjcfbdnajaicnklhfplh [2014-06-09]
CHR Extension: (No Name) - C:\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk [2014-02-20]
CHR Extension: (Advanced SystemCare Surfing Protection) - C:\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd [2014-02-18]
CHR Extension: (No Name) - C:\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlcphjankhppgohedpkjonpadimhaoof [2014-06-26]
CHR Extension: (Google Wallet) - C:\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-20]
CHR Extension: (No Name) - C:\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogfjmhfnldnajmfaofeiaepghjenbgjo [2014-06-12]
CHR Extension: (No Name) - C:\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma [2014-06-12]
CHR Extension: (No Name) - C:\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp [2014-02-20]
CHR Extension: (Gmail) - C:\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-07-19]
CHR Extension: (Anti-Banner) - C:\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman [2013-07-19]
CHR Extension: (No Name) - C:\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkndmigholgfjlniaohblojbhgjbkakn [2014-02-20]
CHR HKLM-x32\...\Chrome\Extension: [aaokmnpaoippoclepikifeegeknpopea] - C:\Program Files (x86)\ResultsAlpha\aaokmnpaoippoclepikifeegeknpopea.crx [2014-02-20]
CHR HKLM-x32\...\Chrome\Extension: [bddpogknpjlgfpbboediomaiiaecfajn] - C:\Program Files (x86)\HomeTab\chrome\HomeTab.crx [2014-02-20]
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\urladvisor.crx [2012-08-18]
CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\online_banking_chrome.crx [2012-08-18]
CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\content_blocker_chrome.crx [2012-08-18]
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\virtkbd.crx [2012-08-18]
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\ab.crx [2012-08-18]

==================== Services (Whitelisted) =================

R2 ABBYY.Licensing.FineReader.Professional.11.0; C:\Program Files (x86)\ABBYY FineReader 11\NetworkLicenseServer.exe [821048 2013-06-17] (ABBYY InfoPoisk LLC)
R2 ABBYY.Licensing.PDFTransformer.Classic.3.0; C:\Program Files (x86)\ABBYY PDF Transformer 3.0\NetworkLicenseServer.exe [759048 2010-02-01] (ABBYY)
R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [68096 2013-06-28] () [File not signed]
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2012-06-01] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2012-06-01] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2012-02-17] (ASUSTeK Computer Inc.)
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356128 2013-10-10] (Kaspersky Lab ZAO)
R2 DfSdkS; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 10\DfsdkS64.exe [544768 2009-08-24] (mst software GmbH, Germany) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [138192 2011-02-07] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-08] (Intel Corporation)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2151200 2013-12-03] (IObit)
S3 NBService; C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe [268112 2013-12-04] (Nero AG)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2009-05-15] (Hewlett-Packard) [File not signed]
R2 NitroDriverReadSpool; C:\Program Files\Common Files\Nitro PDF\Professional\6.0\NitroPDFDriverServicex64.exe [341312 2011-09-24] (Nitro PDF Software)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2009-05-15] (Hewlett-Packard) [File not signed]
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1229528 2013-12-06] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [662232 2013-12-06] (Secunia)
R2 WSWNA1100; C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvc.exe [266240 2010-08-04] () [File not signed]

==================== Drivers (Whitelisted) ====================

R3 AiCharger; C:\Windows\SysWow64\drivers\AiCharger.sys [14592 2010-10-21] (ASUSTek Computer Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
S4 avgtp; C:\windows\system32\drivers\avgtpx64.sys [45856 2013-09-25] (AVG Technologies)
S3 igfx; C:\Windows\System32\DRIVERS\igdkmd64.sys [14646560 2011-12-15] (Intel Corporation) [File not signed]
S3 IntcDAud; C:\Windows\System32\DRIVERS\IntcDAud.sys [331264 2011-12-05] (Intel(R) Corporation) [File not signed]
S4 Jswtcilem; C:\Windows\SysWOW64\drivers\AsIO.sys [15232 2012-08-22] ()
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2013-12-12] (Kaspersky Lab ZAO)
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [91008 2014-06-09] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [628320 2014-06-09] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2013-12-12] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2013-10-10] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-10-10] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [54368 2013-06-29] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178448 2013-06-29] (Kaspersky Lab ZAO)
S3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-07-03] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99800 2014-02-18] (Intel Corporation)
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-12-06] (Secunia)
S1 StarOpen; C:\Windows\SysWow64\Drivers\StarOpen.sys [5632 2006-07-24] () [File not signed]
S1 UimBus; C:\Windows\System32\DRIVERS\uimx64.sys [90960 2012-12-13] (Windows (R) 2000 DDK provider)
S1 Uim_IM; C:\Windows\System32\Drivers\Uim_IMx64.sys [633680 2012-12-13] (Paragon)
S1 Uim_VIM; C:\Windows\System32\Drivers\uim_vimx64.sys [390352 2012-12-13] (Paragon)
R1 {f727685b-ed90-4adc-8eec-8234574a91e6}w64; C:\Windows\System32\drivers\{f727685b-ed90-4adc-8eec-8234574a91e6}w64.sys [61120 2014-06-05] (StdLib)
U3 kfldrpog; \??\C:\Users\ZELLER~1\AppData\Local\Temp\kfldrpog.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-03 14:12 - 2014-07-03 14:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-07-03 14:12 - 2014-07-03 14:12 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-07-03 14:12 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-07-03 14:12 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2014-07-03 14:12 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2014-07-03 14:10 - 2014-07-03 14:12 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Zxxx\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-03 13:23 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\windows\SysWOW64\sqlite3.dll
2014-07-03 13:20 - 2014-07-03 15:21 - 00000000 ____D () C:\Users\Zxxx\Desktop\Wartung
2014-07-03 13:02 - 2014-07-03 13:29 - 00007140 _____ () C:\windows\PFRO.log
2014-07-03 13:00 - 2014-07-03 14:12 - 00122584 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-03 12:57 - 2014-07-03 12:59 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\Zxxx\Downloads\mbam-setup-2.0.0.1000.exe
2014-07-03 12:36 - 2014-07-03 12:36 - 00000000 ____D () C:\windows\Tasks\ImCleanDisabled
2014-07-03 12:20 - 2010-11-21 05:23 - 00345088 _____ (Microsoft Corporation) C:\windows\system32\sethc.exe
2014-07-03 12:19 - 2010-11-21 05:23 - 00345088 _____ (Microsoft Corporation) C:\windows\system32\utilman.exe
2014-07-03 11:50 - 2014-07-03 11:51 - 00000000 ____D () C:\Wartung
2014-07-03 11:41 - 2014-07-03 11:42 - 04812672 _____ (Piriform Ltd) C:\Users\Zxxx\Downloads\ccsetup415.exe
2014-07-02 15:47 - 2014-07-03 13:05 - 00000000 ____D () C:\windows\SysWOW64\%Report%
2014-06-25 21:05 - 2014-06-25 21:05 - 00000000 ____D () C:\Users\Zxxx\BRIEFKöpfe WZ
2014-06-25 19:24 - 2014-06-25 19:24 - 00000000 ____D () C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
2014-06-22 17:34 - 2014-06-22 17:34 - 00000997 _____ () C:\Users\Zxxx\Desktop\Monosnap.lnk
2014-06-22 17:34 - 2014-06-22 17:34 - 00000000 ____D () C:\Users\Zxxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Monosnap
2014-06-22 17:34 - 2014-06-22 17:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xiph.Org
2014-06-22 17:34 - 2014-06-22 17:34 - 00000000 ____D () C:\Program Files (x86)\Monosnap
2014-06-22 17:33 - 2013-09-24 15:53 - 07254016 _____ () C:\Users\Zxxx\Desktop\Monosnap_2.3.4.msi
2014-06-22 17:11 - 2014-06-22 17:15 - 00000000 ____D () C:\Users\Zxxx\Desktop\Kopieren
2014-06-21 19:09 - 2014-07-03 14:18 - 00327707 _____ () C:\windows\WindowsUpdate.log
2014-06-20 16:45 - 2014-07-03 14:13 - 00001546 _____ () C:\windows\setupact.log
2014-06-20 16:45 - 2014-06-20 16:45 - 00000000 _____ () C:\windows\setuperr.log
2014-06-16 14:38 - 2014-06-16 15:04 - 1387069440 _____ () C:\Users\Zxxx\Downloads\linuxmint-17-xfce-dvd-64bit-rc.iso
2014-06-12 20:14 - 2014-06-12 20:14 - 00000977 _____ () C:\Users\Zxxx\Desktop\337 GAMES.lnk
2014-06-10 22:36 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-06-10 22:36 - 2014-05-30 12:02 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-06-10 22:36 - 2014-05-30 12:02 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-06-10 22:36 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-06-10 22:36 - 2014-05-30 11:39 - 00548352 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-06-10 22:36 - 2014-05-30 11:39 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-06-10 22:36 - 2014-05-30 11:38 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-06-10 22:36 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-06-10 22:36 - 2014-05-30 11:27 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-06-10 22:36 - 2014-05-30 11:24 - 00574976 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-06-10 22:36 - 2014-05-30 11:21 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-06-10 22:36 - 2014-05-30 11:21 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-06-10 22:36 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-06-10 22:36 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-06-10 22:36 - 2014-05-30 11:11 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-06-10 22:36 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-06-10 22:36 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-06-10 22:36 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-06-10 22:36 - 2014-05-30 10:55 - 00038400 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-06-10 22:36 - 2014-05-30 10:49 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-06-10 22:36 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-06-10 22:36 - 2014-05-30 10:44 - 00455168 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-06-10 22:36 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-06-10 22:36 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-06-10 22:36 - 2014-05-30 10:42 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-06-10 22:36 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-06-10 22:36 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-06-10 22:36 - 2014-05-30 10:34 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-06-10 22:36 - 2014-05-30 10:33 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-06-10 22:36 - 2014-05-30 10:30 - 00440832 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-06-10 22:36 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-06-10 22:36 - 2014-05-30 10:28 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-06-10 22:36 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-06-10 22:36 - 2014-05-30 10:24 - 01249280 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2014-06-10 22:36 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-06-10 22:36 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-06-10 22:36 - 2014-05-30 10:10 - 00032256 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-10 22:36 - 2014-05-30 10:06 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-06-10 22:36 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-06-10 22:36 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-06-10 22:36 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-06-10 22:36 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-06-10 22:36 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-06-10 22:36 - 2014-05-30 09:50 - 01068032 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2014-06-10 22:36 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-06-10 22:36 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-06-10 22:36 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-06-10 22:36 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-06-10 22:36 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-06-10 22:36 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-06-10 22:36 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-06-10 22:36 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-06-10 22:36 - 2014-05-08 11:32 - 03178496 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll
2014-06-10 22:36 - 2014-05-08 11:32 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\RdpGroupPolicyExtension.dll
2014-06-10 22:36 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\usp10.dll
2014-06-10 22:36 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\windows\SysWOW64\usp10.dll
2014-06-10 22:36 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2014-06-10 22:36 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\windows\system32\Drivers\FWPKCLNT.SYS
2014-06-10 22:36 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\windows\system32\msxml6.dll
2014-06-10 22:36 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2014-06-10 22:36 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml6r.dll
2014-06-10 22:36 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2014-06-10 22:36 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6.dll
2014-06-10 22:36 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2014-06-10 22:36 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6r.dll
2014-06-10 22:36 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3r.dll
2014-06-10 22:35 - 2014-06-08 11:13 - 00506368 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-06-10 22:35 - 2014-06-08 11:08 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-06-10 12:13 - 2014-06-10 12:13 - 00000000 __SHD () C:\Users\Zxxx\AppData\Local\EmieUserList
2014-06-10 12:13 - 2014-06-10 12:13 - 00000000 __SHD () C:\Users\Zxxx\AppData\Local\EmieSiteList
2014-06-09 21:13 - 2014-06-05 14:39 - 00061120 _____ (StdLib) C:\windows\system32\Drivers\{f727685b-ed90-4adc-8eec-8234574a91e6}w64.sys
2014-06-09 21:09 - 2014-06-10 23:28 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-06-09 19:40 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2014-06-09 19:40 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2014-06-09 19:40 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2014-06-09 19:40 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2014-06-09 19:40 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2014-06-09 19:40 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2014-06-09 19:40 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2014-06-09 19:40 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2014-06-09 19:40 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2014-06-09 19:40 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\windows\system32\objsel.dll
2014-06-09 19:40 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2014-06-09 19:40 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2014-06-09 19:40 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2014-06-09 19:40 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2014-06-09 19:40 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2014-06-09 19:40 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\wincredprovider.dll
2014-06-09 19:40 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\windows\system32\winlogon.exe
2014-06-09 19:40 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\windows\system32\cngprovider.dll
2014-06-09 19:40 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\windows\system32\adprovider.dll
2014-06-09 19:40 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\capiprovider.dll
2014-06-09 19:40 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\windows\system32\dpapiprovider.dll
2014-06-09 19:40 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\windows\system32\dimsroam.dll
2014-06-09 19:40 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2014-06-09 19:40 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2014-06-09 19:40 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2014-06-09 19:40 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\windows\SysWOW64\objsel.dll
2014-06-09 19:40 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2014-06-09 19:40 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2014-06-09 19:40 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2014-06-09 19:40 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2014-06-09 19:40 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\cngprovider.dll
2014-06-09 19:40 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\windows\SysWOW64\adprovider.dll
2014-06-09 19:40 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\windows\SysWOW64\capiprovider.dll
2014-06-09 19:40 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\dpapiprovider.dll
2014-06-09 19:40 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\windows\SysWOW64\dimsroam.dll
2014-06-09 19:40 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2014-06-09 19:40 - 2014-02-07 03:23 - 03156480 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-06-09 19:40 - 2014-02-04 04:32 - 01424384 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2014-06-09 19:40 - 2014-02-04 04:04 - 01230336 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2014-06-09 19:40 - 2014-01-29 04:32 - 00484864 _____ (Microsoft Corporation) C:\windows\system32\wer.dll
2014-06-09 19:40 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\windows\SysWOW64\wer.dll
2014-06-09 19:40 - 2014-01-28 04:32 - 00228864 _____ (Microsoft Corporation) C:\windows\system32\wwansvc.dll
2014-06-09 19:39 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2014-06-09 19:39 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2014-06-09 19:39 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2014-06-09 19:39 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2014-06-09 19:39 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2014-06-09 19:39 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\windows\SysWOW64\wincredprovider.dll
2014-06-09 19:39 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2014-06-09 19:38 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2014-06-09 19:38 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2014-06-09 19:38 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2014-06-09 19:38 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2014-06-09 19:38 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2014-06-09 19:38 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2014-06-09 19:38 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2014-06-09 19:38 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2014-06-09 19:38 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2014-06-09 19:38 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2014-06-09 19:38 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2014-06-09 19:38 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msiscsi.sys
2014-06-09 19:38 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\windows\system32\Drivers\storport.sys
2014-06-09 19:38 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Diskdump.sys
2014-06-09 19:38 - 2014-02-04 04:32 - 00624128 _____ (Microsoft Corporation) C:\windows\system32\qedit.dll
2014-06-09 19:38 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\iologmsg.dll
2014-06-09 19:38 - 2014-02-04 04:04 - 00509440 _____ (Microsoft Corporation) C:\windows\SysWOW64\qedit.dll
2014-06-09 19:38 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\iologmsg.dll
2014-06-09 19:38 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ntfs.sys
2014-06-09 19:35 - 2014-06-09 19:35 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-09 19:33 - 2014-06-09 19:33 - 00264616 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe
2014-06-09 19:33 - 2014-06-09 19:33 - 00175528 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe
2014-06-09 19:33 - 2014-06-09 19:33 - 00175016 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe
2014-06-09 19:33 - 2014-06-09 19:33 - 00096168 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2014-06-09 19:33 - 2014-06-09 19:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-06-09 19:33 - 2014-06-09 19:33 - 00000000 ____D () C:\Program Files (x86)\Java

==================== One Month Modified Files and Folders =======

2014-07-03 15:21 - 2014-07-03 13:20 - 00000000 ____D () C:\Users\Zxxx\Desktop\Wartung
2014-07-03 15:21 - 2013-12-19 15:18 - 00000000 ____D () C:\FRST
2014-07-03 15:06 - 2013-10-15 17:52 - 00000000 ____D () C:\Users\Zxxx\AppData\Roaming\Ditto
2014-07-03 14:36 - 2013-08-30 19:51 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-07-03 14:28 - 2013-09-25 15:03 - 00001118 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-03 14:25 - 2012-02-22 04:38 - 00000000 ____D () C:\windows\pss
2014-07-03 14:22 - 2009-07-14 06:45 - 00016752 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-03 14:22 - 2009-07-14 06:45 - 00016752 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-03 14:18 - 2014-06-21 19:09 - 00327707 _____ () C:\windows\WindowsUpdate.log
2014-07-03 14:16 - 2013-06-29 10:42 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-07-03 14:14 - 2013-09-25 15:03 - 00001114 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-03 14:13 - 2014-06-20 16:45 - 00001546 _____ () C:\windows\setupact.log
2014-07-03 14:13 - 2009-07-14 07:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-07-03 14:12 - 2014-07-03 14:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-07-03 14:12 - 2014-07-03 14:12 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-07-03 14:12 - 2014-07-03 14:10 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Zxxx\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-03 14:12 - 2014-07-03 13:00 - 00122584 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-03 13:29 - 2014-07-03 13:02 - 00007140 _____ () C:\windows\PFRO.log
2014-07-03 13:28 - 2014-02-19 21:44 - 00001071 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-07-03 13:28 - 2014-02-19 21:44 - 00001059 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-07-03 13:28 - 2013-10-26 20:05 - 00000000 ___HD () C:\AdwCleaner
2014-07-03 13:28 - 2013-09-25 15:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-07-03 13:28 - 2013-06-27 17:12 - 00001009 _____ () C:\Users\Zxxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-07-03 13:28 - 2009-07-14 04:34 - 00000489 _____ () C:\windows\win.ini
2014-07-03 13:27 - 2013-12-25 21:18 - 00000000 ____D () C:\Program Files (x86)\ResultsAlpha
2014-07-03 13:09 - 2013-10-26 23:27 - 00000000 ____D () C:\Users\Zxxx\Documents\CC
2014-07-03 13:05 - 2014-07-02 15:47 - 00000000 ____D () C:\windows\SysWOW64\%Report%
2014-07-03 13:01 - 2013-07-04 19:49 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-07-03 13:00 - 2013-08-31 14:56 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-03 12:59 - 2014-07-03 12:57 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\Zxxx\Downloads\mbam-setup-2.0.0.1000.exe
2014-07-03 12:40 - 2013-08-31 14:56 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-07-03 12:37 - 2014-02-18 20:01 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-07-03 12:36 - 2014-07-03 12:36 - 00000000 ____D () C:\windows\Tasks\ImCleanDisabled
2014-07-03 12:17 - 2014-02-19 21:44 - 00000000 ____D () C:\Users\Zxxx\AppData\Local\Mozilla Firefox
2014-07-03 11:51 - 2014-07-03 11:50 - 00000000 ____D () C:\Wartung
2014-07-03 11:42 - 2014-07-03 11:41 - 04812672 _____ (Piriform Ltd) C:\Users\Zxxx\Downloads\ccsetup415.exe
2014-07-03 11:42 - 2013-10-26 23:23 - 00000826 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-07-03 11:42 - 2013-08-31 22:34 - 00000000 ____D () C:\Users\Zxxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-07-03 11:42 - 2013-07-19 20:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-07-03 11:42 - 2013-07-19 20:33 - 00000000 ____D () C:\Program Files\CCleaner
2014-07-02 15:46 - 2014-02-18 20:07 - 00000000 ____D () C:\ProgramData\ProductData
2014-06-26 16:07 - 2012-02-22 04:38 - 00002591 _____ () C:\windows\system32\AutoRunFilter.ini
2014-06-26 14:53 - 2013-07-05 21:04 - 00000000 ____D () C:\Users\Zxxx\Documents\E-Mail
2014-06-25 21:05 - 2014-06-25 21:05 - 00000000 ____D () C:\Users\Zxxx\BRIEFKöpfe WZ
2014-06-25 21:05 - 2013-06-27 17:12 - 00000000 ____D () C:\Users\Zxxx
2014-06-25 20:06 - 2011-12-28 03:08 - 00714354 _____ () C:\windows\system32\perfh007.dat
2014-06-25 20:06 - 2011-12-28 03:08 - 00154334 _____ () C:\windows\system32\perfc007.dat
2014-06-25 20:06 - 2009-07-14 07:13 - 01660044 _____ () C:\windows\system32\PerfStringBackup.INI
2014-06-25 19:54 - 2013-09-16 12:38 - 00000000 ____D () C:\Users\Zxxx\Documents\GESUNDHEIT
2014-06-25 19:24 - 2014-06-25 19:24 - 00000000 ____D () C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
2014-06-24 20:05 - 2013-06-27 19:27 - 00000000 ____D () C:\ProgramData\Adobe
2014-06-24 20:04 - 2013-06-27 19:26 - 00000000 ____D () C:\Users\Zxxx\AppData\Roaming\Adobe
2014-06-22 17:34 - 2014-06-22 17:34 - 00000997 _____ () C:\Users\Zxxx\Desktop\Monosnap.lnk
2014-06-22 17:34 - 2014-06-22 17:34 - 00000000 ____D () C:\Users\Zxxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Monosnap
2014-06-22 17:34 - 2014-06-22 17:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xiph.Org
2014-06-22 17:34 - 2014-06-22 17:34 - 00000000 ____D () C:\Program Files (x86)\Monosnap
2014-06-22 17:15 - 2014-06-22 17:11 - 00000000 ____D () C:\Users\Zxxx\Desktop\Kopieren
2014-06-21 14:47 - 2013-06-28 20:14 - 00000000 ____D () C:\Users\Zxxx\LIINK DATEIEN
2014-06-20 16:45 - 2014-06-20 16:45 - 00000000 _____ () C:\windows\setuperr.log
2014-06-20 16:03 - 2014-02-01 19:18 - 00000420 _____ () C:\windows\Tasks\One-Click Optimizer.job
2014-06-16 15:04 - 2014-06-16 14:38 - 1387069440 _____ () C:\Users\Zxxx\Downloads\linuxmint-17-xfce-dvd-64bit-rc.iso
2014-06-12 20:14 - 2014-06-12 20:14 - 00000977 _____ () C:\Users\Zxxx\Desktop\337 GAMES.lnk
2014-06-12 13:31 - 2013-11-30 15:41 - 00000000 ____D () C:\Users\Zxxx\COMP-Club
2014-06-12 13:29 - 2013-06-27 17:12 - 00000000 ____D () C:\Users\Zxxx\AppData\Local\VirtualStore
2014-06-12 13:26 - 2013-08-30 19:51 - 00003822 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2014-06-12 13:26 - 2013-06-27 19:25 - 00699056 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-06-12 13:26 - 2012-02-22 04:27 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-06-12 13:17 - 2013-08-21 14:44 - 00000000 _____ () C:\ProgramData\LauncherAccess.dt
2014-06-10 23:31 - 2013-07-21 08:17 - 00000000 ____D () C:\windows\system32\MRT
2014-06-10 23:31 - 2013-06-27 19:48 - 95414520 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-06-10 23:29 - 2013-06-28 17:28 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-10 23:28 - 2014-06-09 21:09 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-06-10 19:03 - 2013-06-27 19:28 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-06-10 12:13 - 2014-06-10 12:13 - 00000000 __SHD () C:\Users\Zxxx\AppData\Local\EmieUserList
2014-06-10 12:13 - 2014-06-10 12:13 - 00000000 __SHD () C:\Users\Zxxx\AppData\Local\EmieSiteList
2014-06-10 12:08 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\PolicyDefinitions
2014-06-09 21:11 - 2009-07-14 06:45 - 00439488 _____ () C:\windows\system32\FNTCACHE.DAT
2014-06-09 21:07 - 2013-06-28 22:54 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-06-09 21:07 - 2013-06-28 22:54 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-06-09 20:57 - 2013-06-28 22:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-06-09 20:00 - 2013-10-10 12:56 - 00000000 ___RD () C:\Users\Zxxx\Documents\00-HERRATH ORDNER
2014-06-09 20:00 - 2013-09-03 20:00 - 00000000 ___RD () C:\Users\Zxxx\WEITERE DATEIEN
2014-06-09 20:00 - 2013-08-13 17:05 - 00000000 ___RD () C:\Users\Zxxx\Desktop\Eigene DATEIEN
2014-06-09 20:00 - 2011-12-28 02:49 - 00000000 ____D () C:\windows\Panther
2014-06-09 19:39 - 2013-06-29 10:42 - 00628320 _____ (Kaspersky Lab ZAO) C:\windows\system32\Drivers\klif.sys
2014-06-09 19:39 - 2013-06-29 10:42 - 00091008 _____ (Kaspersky Lab ZAO) C:\windows\system32\Drivers\klflt.sys
2014-06-09 19:35 - 2014-06-09 19:35 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-09 19:35 - 2014-02-14 20:25 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-09 19:34 - 2013-10-27 13:51 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2014-06-09 19:33 - 2014-06-09 19:33 - 00264616 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe
2014-06-09 19:33 - 2014-06-09 19:33 - 00175528 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe
2014-06-09 19:33 - 2014-06-09 19:33 - 00175016 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe
2014-06-09 19:33 - 2014-06-09 19:33 - 00096168 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2014-06-09 19:33 - 2014-06-09 19:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-06-09 19:33 - 2014-06-09 19:33 - 00000000 ____D () C:\Program Files (x86)\Java
2014-06-09 19:23 - 2013-09-25 15:03 - 00004114 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-09 19:23 - 2013-09-25 15:03 - 00003862 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-08 11:13 - 2014-06-10 22:35 - 00506368 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-06-08 11:08 - 2014-06-10 22:35 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-06-05 14:39 - 2014-06-09 21:13 - 00061120 _____ (StdLib) C:\windows\system32\Drivers\{f727685b-ed90-4adc-8eec-8234574a91e6}w64.sys

Files to move or delete:
====================
C:\Users\Zxxx\cnmss Canon MG5300 series Printer (Local).dll


Some content of TEMP:
====================
C:\Users\Zxxx\AppData\Local\Temp\dsrlte.exe
C:\Users\Zxxx\AppData\Local\Temp\exthelper.exe
C:\Users\Zxxx\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-01-09 16:11

==================== End Of Log ============================
         
--- --- ---

--- --- ---
__________________


Alt 03.07.2014, 16:21   #3
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Win 7 (64): Browser voller Toolbars, Startseite geändert, alles doppelt unterstrichen; MBAM startet nicht ... - Standard

Win 7 (64): Browser voller Toolbars, Startseite geändert, alles doppelt unterstrichen; MBAM startet nicht ...



Hi,

Zitat:
FRST hat keine Addition.txt erstellt. ???

Running from C:\Users\Zxxx\Desktop\Wartung
Du hast FRST auch nicht aufm Desktop liegen. Einfach mal genau das machen was in der Anleitung steht
__________________
__________________

Alt 03.07.2014, 16:32   #4
Riddle
 
Win 7 (64): Browser voller Toolbars, Startseite geändert, alles doppelt unterstrichen; MBAM startet nicht ... - Standard

Win 7 (64): Browser voller Toolbars, Startseite geändert, alles doppelt unterstrichen; MBAM startet nicht ...



Hier die fehlende Datei:

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-07-2014
Ran by Zxxx at 2014-07-03 16:24:57
Running from C:\Users\Zxxx\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Kaspersky Internet Security (Enabled - Up to date) {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
AS: Kaspersky Internet Security (Enabled - Up to date) {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E}

==================== Installed Programs ======================

337 GAMES (HKCU\...\337Games) (Version: 1.1.1.0 - )
64 Bit HP CIO Components Installer (Version: 1.2.0 - Hewlett-Packard) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
ABBYY FineReader 11 (HKLM-x32\...\{F11000FE-0010-0000-0000-074957833700}) (Version: 11.11.194 - ABBYY Production LLC)
ABBYY PDF Transformer 3.0 (HKLM-x32\...\ABBYY PDF Transformer 3.0) (Version: 3.00.317.68010 - ABBYY)
ABBYY PDF Transformer 3.0 (Version: 3.00.317.68010 - ABBYY) Hidden
Acronis*True*Image*Home 2012 (HKLM-x32\...\{054A5F46-6DCE-4D09-8BC0-170428A4ED56}Visible) (Version: 15.0.7133 - Acronis)
Acronis*True*Image*Home 2012 (x32 Version: 15.0.7133 - Acronis) Hidden
Adobe Digital Editions 2.0 (HKLM-x32\...\Adobe Digital Editions 2.0) (Version: 2.0 - Adobe Systems Incorporated)
Adobe Flash Player 14 ActiveX (HKLM-x32\...\{1F5E5F2E-5E61-431D-B796-58CCC6B68E28}) (Version: 14.0.0.125 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\{C4B32291-F7B2-4BEC-BA4D-4195676A08CC}) (Version: 14.0.0.125 - Adobe Systems Incorporated)
Adobe Photoshop CS (HKLM-x32\...\{EFB21DE7-8C19-4A88-BB28-A766E16493BC}) (Version: CS - Adobe Systems, Inc.)
Adobe Reader XI (11.0.07) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
AI Manager (HKLM-x32\...\{4AF95DE2-B54D-4C3F-9494-FD3B558E2C2D}) (Version: 1.09.07 - ASUSTeK Computer Inc.)
AI Suite II (HKLM-x32\...\{34D3688E-A737-44C5-9E2A-FF73618728E1}) (Version: 2.01.02 - ASUSTeK Computer Inc.)
AMD APP SDK Runtime (Version: 10.0.851.4 - Advanced Micro Devices Inc.) Hidden
AMD AVIVO64 Codecs (Version: 12.1.0.11205 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{C437A4E8-9B05-9551-4250-396BF4E663D8}) (Version: 3.0.859.0 - Advanced Micro Devices, Inc.)
AntiBrowserSpy (HKLM-x32\...\{F78B5B4F-075A-4C81-AA27-E707861EB5B7}_is1) (Version: 141 - Abelssoft)
ArcSoft PhotoStudio 6 (HKLM-x32\...\{ED8EF3C2-FA5B-4A1E-950D-5A0227161F97}) (Version: 6.0.1.148 - ArcSoft)
Ashampoo Burning Studio 2014 v.12.0.5 (HKLM-x32\...\{91B33C97-280F-B76D-E27B-E712D7041B76}_is1) (Version: 12.0.5 - Ashampoo GmbH & Co. KG)
Ashampoo Music Studio 2013 v.4.1.2 (HKLM-x32\...\{91B33C97-0D61-2DA9-07F6-0EF54C520FE3}_is1) (Version: 4.1.2 - Ashampoo GmbH & Co. KG)
Ashampoo WinOptimizer 10 v.10.3.0 (HKLM-x32\...\{4209F371-88D4-AB00-ED2B-D6520C84D9D5}_is1) (Version: 10.03.00 - Ashampoo GmbH & Co. KG)
ASUS Ai Charger (HKLM-x32\...\{7FB64E72-9B0E-4460-A821-040C341E414A}) (Version: 1.01.00 - ASUSTeK Computer Inc.)
ASUS Backup Wizard (HKLM-x32\...\{124C9BD0-8C52-40AB-8238-0605703B1C28}) (Version: 1.01.00 - ASUSTeK Computer Inc.)
ASUS Easy Update 2 (HKLM-x32\...\{E7AA854E-6756-424E-84C2-4E47D5729AFF}) (Version: 3.00.08 - ASUSTeK Computer Inc.)
ASUS Instant On (HKLM-x32\...\{CCC4652E-F5E0-498A-84F3-5DDBEF84642B}) (Version: 1.01.08 - ASUSTeK Computer Inc.)
ASUS WebStorage (HKLM-x32\...\ASUS WebStorage) (Version: 3.0.104.216 - eCareme Technologies, Inc.)
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.4.628 - ASUSTEK)
Audacity 1.2.6 (HKLM-x32\...\Audacity_is1) (Version:  - )
Auslogics DiskDefrag (HKLM-x32\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: 4.3.1.0 - Auslogics Labs Pty Ltd)
Buzzdock (HKLM\...\{ac225167-00fc-452d-94c5-bb93600e7d9a}) (Version:  - Alactro LLC)
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version:  - )
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version:  - )
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version:  - )
Canon MG5300 series Benutzerregistrierung (HKLM-x32\...\Canon MG5300 series Benutzerregistrierung) (Version:  - )
Canon MG5300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5300_series) (Version:  - Canon Inc.)
Canon MG5300 series On-screen Manual (HKLM-x32\...\Canon MG5300 series On-screen Manual) (Version:  - )
Canon MP Navigator EX 2.0 (HKLM-x32\...\MP Navigator EX 2.0) (Version:  - )
Canon MP Navigator EX 5.0 (HKLM-x32\...\MP Navigator EX 5.0) (Version:  - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version:  - )
Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version:  - )
Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version:  - )
CanoScan 5600F Scanner Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4808) (Version:  - )
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center (x32 Version: 2011.1205.2215.39827 - Ihr Firmenname) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2011.1205.2215.39827 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2011.1205.2215.39827 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Profiles Desktop (x32 Version: 2011.1205.2215.39827 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2011.1205.2214.39827 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2011.1205.2214.39827 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2011.1205.2214.39827 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2011.1205.2214.39827 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2011.1205.2214.39827 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2011.1205.2214.39827 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2011.1205.2214.39827 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2011.1205.2214.39827 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2011.1205.2214.39827 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2011.1205.2214.39827 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2011.1205.2214.39827 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2011.1205.2214.39827 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2011.1205.2214.39827 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2011.1205.2214.39827 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2011.1205.2214.39827 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2011.1205.2214.39827 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2011.1205.2214.39827 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2011.1205.2214.39827 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2011.1205.2214.39827 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2011.1205.2214.39827 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2011.1205.2214.39827 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2011.1205.2214.39827 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2011.1205.2215.39827 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.15 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.2.4291 - CDBurnerXP)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{CA75CBF9-B078-47CB-ABA3-74EFD4FC9A43}) (Version:  - Microsoft)
Ditto (HKLM-x32\...\Ditto_is1) (Version:  - Scott Brogden)
Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 2.0.0 - ASUS)
FBackup 4 (HKLM-x32\...\FBackup 4_is1) (Version:  -  Softland)
Formatwandler 5 (HKLM-x32\...\{CC5A25E6-7564-48FF-0001-D4DD055B2886}) (Version: 5.0.13.429 - S.A.D.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.114 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
HydraVision (x32 Version: 4.2.220.0 - Advanced Micro Devices, Inc.) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.2.1410 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.1.209 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217055FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Karsten Bilderschau 3.5.4 (HKLM-x32\...\Karsten Bilderschau_is1) (Version: 3.5.4 - Karsten SlideShow Project)
Kaspersky Internet Security 2013 (HKLM-x32\...\InstallWIX_{560985FB-4B76-4121-9189-7A2CDC7886D6}) (Version: 13.0.1.4190 - Kaspersky Lab)
Kaspersky Internet Security 2013 (x32 Version: 13.0.1.4190 - Kaspersky Lab) Hidden
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Monosnap (HKLM-x32\...\{FA16A0B8-2ACF-46BB-824A-3F6856FBE068}) (Version: 2.3.4.0 - Monosnap)
Mozilla Firefox 29.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 29.0 (x86 de)) (Version: 29.0 - Mozilla)
Mozilla Firefox 30.0 (x86 de) (HKCU\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)
Mozilla Firefox 8.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 8.0 (x86 de)) (Version: 8.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
Nero BackItUp 2014 (HKLM-x32\...\{0A466249-72F9-40DF-BC33-8CB7E632F0F0}) (Version: 15.0.02100 - Nero AG)
Nero BackItUp Help (CHM) (x32 Version: 15.0.00020 - Nero AG) Hidden
Nero ControlCenter (x32 Version: 11.0.16700 - Nero AG) Hidden
Nero ControlCenter Help (CHM) (x32 Version: 15.0.00015 - Nero AG) Hidden
Nero Core Components (x32 Version: 11.0.23200 - Nero AG) Hidden
Nero Info (HKLM-x32\...\{B791E0AB-87A9-41A4-8D98-D13C2E37D928}) (Version: 15.1.0030 - Nero AG)
Nero Update (x32 Version: 11.0.13300.42.0 - Nero AG) Hidden
nero.backitup.msi (x32 Version: 15.0.17000 - Nero AG) Hidden
NETGEAR WNA1100 N150 Wireless USB Adapter (HKLM-x32\...\{A2AE9709-283B-4B48-AA34-729C070A62FB}) (Version: 1.0.0.133 - NETGEAR)
Nitro PDF Professional (HKLM\...\{80B84D51-5202-4C8D-A017-8D7C90E9EF9C}) (Version: 6.2.3.6 - Nitro PDF Software)
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Prerequisite installer (x32 Version: 15.0.0005 - Nero AG) Hidden
Readiris Pro 12 (HKLM-x32\...\{B6214EA9-7BE8-4A91-B8B3-45F42F90188F}) (Version: 12.00.6209 - I.R.I.S.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.49.927.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7111 - Realtek Semiconductor Corp.)
SAMSUNG Mobile Composite Device Software (HKLM\...\SAMSUNG Mobile Composite Device) (Version:  - )
SAMSUNG Mobile Modem Driver Set (HKLM\...\SAMSUNG Mobile Modem) (Version:  - )
Samsung Mobile phone USB driver Drive Software (HKLM\...\Samsung Mobile phone USB driver Drive) (Version:  - )
Samsung Mobile phone USB driver Software (HKLM\...\Samsung Mobile phone USB driver) (Version:  - )
SAMSUNG Mobile USB Modem 1.0 Software (HKLM\...\SAMSUNG Mobile USB Modem 1.0) (Version:  - )
SAMSUNG Mobile USB Modem Software (HKLM\...\SAMSUNG Mobile USB Modem) (Version:  - )
Samsung PC Studio 3 (HKLM-x32\...\{C4A4722E-79F9-417C-BD72-8D359A090C97}) (Version: 3.2.2.80601 - Samsung Electronics Co., Ltd.)
Samsung PC Studio 3 (x32 Version: 3.0.0.80601 - Samsung Electronics Co., Ltd.) Hidden
Samsung Samples Installer (HKLM-x32\...\{7AC15160-A49B-4A89-B181-D4619C025FFF}) (Version: 1.00.0000 - Samsung Electronics Co., Ltd.)
Secunia PSI (3.0.0.9016) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.9016 - Secunia)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.0 - IObit)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{C70D2038-A2C4-4A99-87DE-5272BB44F0CE}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{40EC8FB1-5202-469D-9232-C28FB1C6FC64}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version:  - Microsoft)
Winamp (HKLM-x32\...\Winamp) (Version: 5.65  - Nullsoft, Inc)
Winamp Detector Plug-in (HKCU\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinPatrol (HKLM\...\{6E575124-6D34-4E65-9375-7D69468A6089}) (Version: 26.1.2013.0 - BillP Studios)
WinRAR 5.00 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
Xiph.Org Open Codecs 0.85.17777 (HKLM-x32\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org)

==================== Restore Points  =========================

10-06-2014 17:23:26 Windows Update
10-06-2014 21:26:38 Windows Update
14-06-2014 19:35:56 Windows Update
21-06-2014 17:42:18 Windows Update
22-06-2014 15:34:03 Installed Monosnap
25-06-2014 16:49:45 Windows Update
02-07-2014 16:59:37 Windows Update
03-07-2014 10:34:18 Removed IObit Apps Toolbar v9.4.

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {01215EC6-F91B-442A-97E9-BF3F0AB4371C} - System32\Tasks\ASUS\ASUS Easy Update 2 => C:\Program Files (x86)\ASUS\ASUS Easy Update\ALU.exe [2013-07-04] (ASUSTeK Computer Inc.)
Task: {01F67D46-7B23-4814-B9E9-96B0086D0B05} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-06-12] (Adobe Systems Incorporated)
Task: {26FBC791-0978-47D1-8678-94CBC4FD6AA2} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe [2012-03-13] (ASUSTeK Computer Inc.)
Task: {2BB705B4-7D90-41F7-88D9-A6E517942E55} - \Browser Updater\Browser Updater No Task File <==== ATTENTION
Task: {3D423D99-58A5-4EED-969A-35D915C6AAC6} - System32\Tasks\ASUS\AsBackupWizard_Run => C:\Program Files (x86)\ASUS\\AsBackupWizard\\AsRunBkWizardHelper.exe [2010-04-24] (ASUSTeK Computer Inc.)
Task: {4BE641C6-5077-4A27-B0D2-E3487ED2871C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {705D2C7E-0507-4C47-B5BA-CF8A261BC399} - System32\Tasks\Zxxx NBAgent 15 0 => C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBAgent.exe [2013-12-04] (Nero AG)
Task: {71B3FA66-CE0D-4544-8DB1-B56A42717F83} - System32\Tasks\Zxxxs Dateisicherung 15 0 => C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBCore.exe [2013-12-04] (Nero AG)
Task: {742795C9-E2E6-4EE9-922E-050DE9B4F7AE} - System32\Tasks\ASUS\Asus HybridSleep Helper => C:\Program Files (x86)\ASUS\ASUS Instant On\AsInstantOn.exe [2011-12-29] (ASUSTeK Computer Inc.)
Task: {B2F31866-51E5-4AA0-9DEA-B42647A63665} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-06-24] (Piriform Ltd)
Task: {BB45EBC8-541E-4EDA-A83E-558E05A9B10E} - System32\Tasks\ASUS\ASUS Dr.Net Execute => C:\Program Files (x86)\ASUS\AI Suite II\Dr.Net\AsDrNotify.exe [2012-07-06] (ASUSTeK Computer Inc.)
Task: {C51D313D-EEA0-47A7-955D-B778128CB11A} - System32\Tasks\One-Click Optimizer => C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 10\WO10.exe [2013-11-19] (Ashampoo Development GmbH & Co. KG)
Task: {CCAE805E-7135-4529-89B2-558D8D679BBA} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2013-10-16] (Nero AG)
Task: {D0742BFC-D05B-4A24-8FDC-DDD360C0B15B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {F7C53F11-E165-4E6C-9B37-4049178CCDAC} - \ProtectedSearch\Protected Search No Task File <==== ATTENTION
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\One-Click Optimizer.job => C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 10\WO10.exe

==================== Loaded Modules (whitelisted) =============

2013-06-27 19:07 - 2012-06-01 17:42 - 00920736 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
2013-07-04 19:51 - 2011-02-07 09:56 - 00138192 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2013-06-28 09:57 - 2010-08-04 14:44 - 00266240 _____ () C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvc.exe
2011-09-24 15:52 - 2011-09-24 15:52 - 00123712 _____ () C:\Program Files\Common Files\Nitro PDF\Professional\6.0\NPShellExtension64.dll
2013-10-15 17:52 - 2012-11-08 20:17 - 01433200 _____ () C:\Program Files (x86)\Ditto\Ditto.exe
2011-11-02 14:03 - 2011-11-02 14:03 - 00430080 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2011-11-02 14:03 - 2011-11-02 14:03 - 00032768 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\BrandingResources.dll
2011-12-05 22:10 - 2011-12-05 22:10 - 00369152 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2013-06-27 19:07 - 2014-07-03 14:14 - 00025600 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\PEbiosinterface32.dll
2013-06-27 19:07 - 2010-06-29 10:58 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\ATKEX.dll
2012-08-17 21:39 - 2013-06-29 10:53 - 01310136 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\kpcengine.2.2.dll
2012-06-28 16:58 - 2012-06-28 16:58 - 00435584 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\Common\ulxmlrpcpp.dll
2013-06-28 09:57 - 2010-03-10 14:50 - 00360448 _____ () C:\Program Files (x86)\NETGEAR\WNA1100\WifiLib.dll
2013-10-27 13:27 - 2012-11-22 17:14 - 00050688 _____ () C:\Program Files (x86)\ASUS\ASUS Easy Update\AsMultiLang.dll
2012-02-22 04:39 - 2010-04-23 13:23 - 00011264 _____ () C:\Program Files (x86)\ASUS\ASUS Instant On\Images\AsMultiLang.dll
2012-02-22 04:39 - 2011-06-13 19:53 - 00061440 _____ () C:\Program Files (x86)\ASUS\ASUS Instant On\MSPowerLib.dll
2013-08-31 23:10 - 2013-07-15 19:29 - 00620718 ____N () C:\Program Files (x86)\BillP Studios\WinPatrol\sqlite3.dll
2012-06-28 20:46 - 2012-06-28 20:46 - 13005184 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\Common\ti_managers.dll
2012-08-17 21:38 - 2012-08-17 21:38 - 00479160 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\dblite.dll
2012-02-22 04:33 - 2012-02-08 03:39 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2014-02-19 21:44 - 2014-07-03 12:17 - 03852912 _____ () C:\Users\Zxxx\AppData\Local\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TEMP:0CFF5F08
AlternateDataStreams: C:\Users\Zxxx\Downloads\Jetzt_Neu_Die_kostenlose_W_rterbuch_Bibliothek_von_PONS.eml:OECustomProperty

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMSwissArmy => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMSwissArmy => ""="Driver"

==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AsusVibeLauncher.lnk => C:\Windows\pss\AsusVibeLauncher.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Zxxx^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Canon IJ Status Monitor Canon MG5300 series Printer.lnk => C:\windows\pss\Canon IJ Status Monitor Canon MG5300 series Printer.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: ASUS Ai Charger => C:\Program Files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe
MSCONFIG\startupreg: ASUSWebStorage => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.104.216\AsusWSPanel.exe /S
MSCONFIG\startupreg: RTHDVCPL => "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/03/2014 02:15:44 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/03/2014 02:12:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mbam.exe, Version: 1.0.0.532, Zeitstempel: 0x53518532
Name des fehlerhaften Moduls: MSVCR100.dll, Version: 10.0.40219.325, Zeitstempel: 0x4df2be1e
Ausnahmecode: 0x40000015
Fehleroffset: 0x0008d6fd
ID des fehlerhaften Prozesses: 0x70c
Startzeit der fehlerhaften Anwendung: 0xmbam.exe0
Pfad der fehlerhaften Anwendung: mbam.exe1
Pfad des fehlerhaften Moduls: mbam.exe2
Berichtskennung: mbam.exe3

Error: (07/03/2014 02:10:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mbam.exe, Version: 1.0.0.495, Zeitstempel: 0x53165beb
Name des fehlerhaften Moduls: MSVCR100.dll, Version: 10.0.40219.325, Zeitstempel: 0x4df2be1e
Ausnahmecode: 0x40000015
Fehleroffset: 0x0008d6fd
ID des fehlerhaften Prozesses: 0x4b0
Startzeit der fehlerhaften Anwendung: 0xmbam.exe0
Pfad der fehlerhaften Anwendung: mbam.exe1
Pfad des fehlerhaften Moduls: mbam.exe2
Berichtskennung: mbam.exe3

Error: (07/03/2014 02:09:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mbam.exe, Version: 1.0.0.495, Zeitstempel: 0x53165beb
Name des fehlerhaften Moduls: MSVCR100.dll, Version: 10.0.40219.325, Zeitstempel: 0x4df2be1e
Ausnahmecode: 0x40000015
Fehleroffset: 0x0008d6fd
ID des fehlerhaften Prozesses: 0xa90
Startzeit der fehlerhaften Anwendung: 0xmbam.exe0
Pfad der fehlerhaften Anwendung: mbam.exe1
Pfad des fehlerhaften Moduls: mbam.exe2
Berichtskennung: mbam.exe3

Error: (07/03/2014 02:09:17 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/03/2014 02:08:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mbam.exe, Version: 1.0.0.495, Zeitstempel: 0x53165beb
Name des fehlerhaften Moduls: MSVCR100.dll, Version: 10.0.40219.325, Zeitstempel: 0x4df2be1e
Ausnahmecode: 0x40000015
Fehleroffset: 0x0008d6fd
ID des fehlerhaften Prozesses: 0x408
Startzeit der fehlerhaften Anwendung: 0xmbam.exe0
Pfad der fehlerhaften Anwendung: mbam.exe1
Pfad des fehlerhaften Moduls: mbam.exe2
Berichtskennung: mbam.exe3

Error: (07/03/2014 01:57:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mbam.exe, Version: 1.0.0.495, Zeitstempel: 0x53165beb
Name des fehlerhaften Moduls: MSVCR100.dll, Version: 10.0.40219.325, Zeitstempel: 0x4df2be1e
Ausnahmecode: 0x40000015
Fehleroffset: 0x0008d6fd
ID des fehlerhaften Prozesses: 0xac0
Startzeit der fehlerhaften Anwendung: 0xmbam.exe0
Pfad der fehlerhaften Anwendung: mbam.exe1
Pfad des fehlerhaften Moduls: mbam.exe2
Berichtskennung: mbam.exe3

Error: (07/03/2014 01:55:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mbam.exe, Version: 1.0.0.495, Zeitstempel: 0x53165beb
Name des fehlerhaften Moduls: MSVCR100.dll, Version: 10.0.40219.325, Zeitstempel: 0x4df2be1e
Ausnahmecode: 0x40000015
Fehleroffset: 0x0008d6fd
ID des fehlerhaften Prozesses: 0x1270
Startzeit der fehlerhaften Anwendung: 0xmbam.exe0
Pfad der fehlerhaften Anwendung: mbam.exe1
Pfad des fehlerhaften Moduls: mbam.exe2
Berichtskennung: mbam.exe3

Error: (07/03/2014 01:52:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mbam.exe, Version: 1.0.0.495, Zeitstempel: 0x53165beb
Name des fehlerhaften Moduls: MSVCR100.dll, Version: 10.0.40219.325, Zeitstempel: 0x4df2be1e
Ausnahmecode: 0x40000015
Fehleroffset: 0x0008d6fd
ID des fehlerhaften Prozesses: 0x8f0
Startzeit der fehlerhaften Anwendung: 0xmbam.exe0
Pfad der fehlerhaften Anwendung: mbam.exe1
Pfad des fehlerhaften Moduls: mbam.exe2
Berichtskennung: mbam.exe3

Error: (07/03/2014 01:45:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mbam.exe, Version: 1.0.0.495, Zeitstempel: 0x53165beb
Name des fehlerhaften Moduls: MSVCR100.dll, Version: 10.0.40219.325, Zeitstempel: 0x4df2be1e
Ausnahmecode: 0x40000015
Fehleroffset: 0x0008d6fd
ID des fehlerhaften Prozesses: 0x1900
Startzeit der fehlerhaften Anwendung: 0xmbam.exe0
Pfad der fehlerhaften Anwendung: mbam.exe1
Pfad des fehlerhaften Moduls: mbam.exe2
Berichtskennung: mbam.exe3


System errors:
=============
Error: (07/03/2014 02:15:14 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "LiveUpdate" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (07/03/2014 02:14:12 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
StarOpen
UimBus
Uim_IM
Uim_VIM

Error: (07/03/2014 02:13:58 PM) (Source: Microsoft-Windows-BitLocker-Driver) (EventID: 24620) (User: NT-AUTORITÄT)
Description: Überprüfung des verschlüsselten Volumes: Die Volumeinformationen auf "\\?\Volume{537f06e5-df8e-11e2-bb7c-806e6f6e6963}" können nicht gelesen werden.

Error: (07/03/2014 02:13:48 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\StarOpen.SYS nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (07/03/2014 02:08:04 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (07/03/2014 02:08:04 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (07/03/2014 02:08:04 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (07/03/2014 02:08:05 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (07/03/2014 02:08:05 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (07/03/2014 02:08:02 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068


Microsoft Office Sessions:
=========================
Error: (07/03/2014 02:15:44 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/03/2014 02:12:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbam.exe1.0.0.53253518532MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd70c01cf96b8102ce20dC:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exeC:\Program Files (x86)\ Malwarebytes Anti-Malware \MSVCR100.dll57dd16f5-02ab-11e4-9165-c86000e9b1ac

Error: (07/03/2014 02:10:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbam.exe1.0.0.49553165bebMSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd4b001cf96b7affe20eaC:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exeC:\Program Files (x86)\ Malwarebytes Anti-Malware \MSVCR100.dllfa3cf03d-02aa-11e4-9165-c86000e9b1ac

Error: (07/03/2014 02:09:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbam.exe1.0.0.49553165bebMSVCR100.dll10.0.40219.3254df2be1e400000150008d6fda9001cf96b79033a022C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exeC:\Program Files (x86)\ Malwarebytes Anti-Malware \MSVCR100.dlle292e224-02aa-11e4-9165-c86000e9b1ac

Error: (07/03/2014 02:09:17 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/03/2014 02:08:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbam.exe1.0.0.49553165bebMSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd40801cf96b771630fd6C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exeC:\Program Files (x86)\ Malwarebytes Anti-Malware \MSVCR100.dllc7604922-02aa-11e4-9165-c86000e9b1ac

Error: (07/03/2014 01:57:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbam.exe1.0.0.49553165bebMSVCR100.dll10.0.40219.3254df2be1e400000150008d6fdac001cf96b5e690841bC:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exeC:\Program Files (x86)\ Malwarebytes Anti-Malware \MSVCR100.dll27e72190-02a9-11e4-819e-c86000e9b1ac

Error: (07/03/2014 01:55:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbam.exe1.0.0.49553165bebMSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd127001cf96b56ae599cbC:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exeC:\Program Files (x86)\ Malwarebytes Anti-Malware \MSVCR100.dlldb9ff3c3-02a8-11e4-819e-c86000e9b1ac

Error: (07/03/2014 01:52:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbam.exe1.0.0.49553165bebMSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd8f001cf96b52e3dfaafC:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exeC:\Program Files (x86)\ Malwarebytes Anti-Malware \MSVCR100.dll73ef9e27-02a8-11e4-819e-c86000e9b1ac

Error: (07/03/2014 01:45:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbam.exe1.0.0.49553165bebMSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd190001cf96b4555c0136C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exeC:\Program Files (x86)\ Malwarebytes Anti-Malware \MSVCR100.dll9764da47-02a7-11e4-819e-c86000e9b1ac


CodeIntegrity Errors:
===================================
  Date: 2014-06-14 21:38:27.755
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-06-14 21:38:27.753
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-06-14 21:38:27.738
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-06-14 21:38:27.736
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-06-14 21:35:24.926
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-06-14 21:35:24.916
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-02-19 10:30:46.009
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-02-19 10:30:46.007
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-02-19 10:30:46.005
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-02-19 10:30:46.003
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 38%
Total physical RAM: 8147.61 MB
Available physical RAM: 5037.92 MB
Total Pagefile: 16293.39 MB
Available Pagefile: 12985.24 MB
Total Virtual: 8192 MB
Available Virtual: 8191.86 MB

==================== Drives ================================

Drive c: (WIN7) (Fixed) (Total:931.41 GB) (Free:561.14 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 56920702)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         

Alt 04.07.2014, 10:35   #5
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Win 7 (64): Browser voller Toolbars, Startseite geändert, alles doppelt unterstrichen; MBAM startet nicht ... - Standard

Win 7 (64): Browser voller Toolbars, Startseite geändert, alles doppelt unterstrichen; MBAM startet nicht ...



Adware/Junkware/Toolbars entfernen

alle Tools bitte neu runterladen!

1. Schritt: adwCleaner

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).




2. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.




3. Schritt: Frisches Log mit FRST

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 04.07.2014, 11:34   #6
Riddle
 
Win 7 (64): Browser voller Toolbars, Startseite geändert, alles doppelt unterstrichen; MBAM startet nicht ... - Standard

Win 7 (64): Browser voller Toolbars, Startseite geändert, alles doppelt unterstrichen; MBAM startet nicht ...



Hi,

hier die Logs ...

Code:
ATTFilter
# AdwCleaner v3.214 - Bericht erstellt am 04/07/2014 um 11:03:33
# Aktualisiert 29/06/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Zxxx - Zxxx-PC
# Gestartet von : C:\Users\Zxxx\Desktop\adwcleaner_3.214.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\Kaspersky Lab\SafeBrowser
Ordner Gelöscht : C:\Program Files (x86)\ResultsAlpha
Ordner Gelöscht : C:\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd
Ordner Gelöscht : C:\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml
Ordner Gelöscht : C:\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpiifgmgnfdiblgpaepbmfdkcheicgof
Ordner Gelöscht : C:\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbcennhacfaagdopikcegfcobcadeocj
Ordner Gelöscht : C:\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj
Ordner Gelöscht : C:\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpoimibckejjdjcfbdnajaicnklhfplh
Ordner Gelöscht : C:\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk
Ordner Gelöscht : C:\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogfjmhfnldnajmfaofeiaepghjenbgjo
Ordner Gelöscht : C:\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma
Ordner Gelöscht : C:\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp
Ordner Gelöscht : C:\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkndmigholgfjlniaohblojbhgjbkakn

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\Software\ResultsAlpha

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17126


-\\ Mozilla Firefox v29.0 (de)

[ Datei : C:\Users\Zxxx\AppData\Roaming\Mozilla\Firefox\Profiles\807ywz5g.default\prefs.js ]


[ Datei : C:\Users\Zxxx\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_937869\prefs.js ]


-\\ Google Chrome v35.0.1916.153

[ Datei : C:\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [37365 octets] - [26/10/2013 20:06:00]
AdwCleaner[R1].txt - [1410 octets] - [26/10/2013 22:28:07]
AdwCleaner[R2].txt - [2816 octets] - [20/12/2013 18:01:19]
AdwCleaner[R3].txt - [35523 octets] - [03/07/2014 13:23:06]
AdwCleaner[R4].txt - [3128 octets] - [04/07/2014 11:02:14]
AdwCleaner[S0].txt - [36025 octets] - [26/10/2013 20:08:47]
AdwCleaner[S1].txt - [1471 octets] - [26/10/2013 22:29:06]
AdwCleaner[S2].txt - [2828 octets] - [20/12/2013 18:02:40]
AdwCleaner[S3].txt - [31737 octets] - [03/07/2014 13:27:47]
AdwCleaner[S4].txt - [3049 octets] - [04/07/2014 11:03:33]

########## EOF - C:\AdwCleaner\AdwCleaner[S4].txt - [3109 octets] ##########
         
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by Zellerhoff on 04.07.2014 at 11:10:17,55
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\plus-hd-3.8



~~~ Files



~~~ Folders



~~~ FireFox

Successfully deleted the following from C:\Users\Zellerhoff\AppData\Roaming\mozilla\firefox\profiles\807ywz5g.default\prefs.js

user_pref("extensions.wot.cqd8dV9VUQ", "55277874-a672-4611-9d30-b5355ef4b87c");
Emptied folder: C:\Users\Zellerhoff\AppData\Roaming\mozilla\firefox\profiles\807ywz5g.default\minidumps [31 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 04.07.2014 at 11:15:04,38
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-07-2014
Ran by Zxxx (administrator) on Zxxx-PC on 04-07-2014 11:18:54
Running from C:\Users\Zxxx\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(ABBYY InfoPoisk LLC) C:\Program Files (x86)\ABBYY FineReader 11\NetworkLicenseServer.exe
(AMD) C:\Windows\System32\atieclxx.exe
(ABBYY) C:\Program Files (x86)\ABBYY PDF Transformer 3.0\NetworkLicenseServer.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
(ASUSTeK Computer Inc.) C:\Windows\SysWOW64\AsHookDevice.exe
(mst software GmbH, Germany) C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 10\DfSdkS64.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro PDF\Professional\6.0\NitroPDFDriverServicex64.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
() C:\Users\Zxxx\AppData\LocalLow\WOT\IE\WOTUpdater.exe
() C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Instant On\AsInstantOn.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Easy Update\ALU.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Dr.Net\AsDrNotify.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(CANON INC.) C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.EXE
(BillP Studios) C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe
(BillP Studios) C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe
() C:\Program Files (x86)\Ditto\Ditto.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Manager\AsShellApplication.exe
(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TimounterMonitor.exe
(ABBYY Production LLC) C:\Program Files (x86)\ABBYY FineReader 11\Bonus.ScreenshotReader.exe
(CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
(Nero AG) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBAgent.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\klwtblfs.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [403688 2012-06-28] (Acronis)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2779024 2011-03-14] (CANON INC.)
HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [689488 2008-03-11] (CANON INC.)
HKLM\...\Run: [WinPatrol] => C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe [404712 2013-01-04] (BillP Studios)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-01-04] (Intel Corporation)
HKLM-x32\...\Run: [RunAIShell] => C:\Program Files (x86)\ASUS\AI Manager\AsShellApplication.exe [232064 2009-12-23] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2011-12-05] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [5993216 2012-06-28] (Acronis)
HKLM-x32\...\Run: [AcronisTimounterMonitor] => C:\Program Files (x86)\Acronis\TrueImageHome\TimounterMonitor.exe [1173712 2012-06-28] (Acronis)
HKLM-x32\...\Run: [AVP] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356128 2013-10-10] (Kaspersky Lab ZAO)
HKLM-x32\...\Run: [Bonus.SSR.FR11] => C:\Program Files (x86)\ABBYY FineReader 11\Bonus.ScreenshotReader.exe [1364496 2013-06-27] (ABBYY Production LLC)
HKLM-x32\...\Run: [CanonSolutionMenuEx] => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1612920 2011-08-04] (CANON INC.)
HKLM-x32\...\Run: [WinPatrol] => C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe [404712 2013-01-04] (BillP Studios)
HKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKLM-x32\...\Run: [NBAgent] => C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBAgent.exe [2442064 2013-12-04] (Nero AG)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\.DEFAULT\...\RunOnce: [SpUninstallDeleteDir] - rmdir /s /q "\SearchProtect"
HKU\S-1-5-21-630921429-1342516162-3619519076-1001\...\Run: [WinPatrol] => C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe [404712 2013-01-04] (BillP Studios)
HKU\S-1-5-21-630921429-1342516162-3619519076-1001\...\Run: [Ditto] => C:\Program Files (x86)\Ditto\Ditto.exe [1433200 2012-11-08] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
ShellIconOverlayIdentifiers: AsusWSShellExt_B -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.104.216\ASUSWSShellExt64.dll (eCareme Technologies, Inc.)
ShellIconOverlayIdentifiers: AsusWSShellExt_O -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.104.216\ASUSWSShellExt64.dll (eCareme Technologies, Inc.)

==================== Internet (Whitelisted) ====================

StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKLM-x32 - URL http://search.certified-toolbar.com?si=66920&st=bs&tid=6787&ver=4.4&ts=1381010400000.000008&tguid=66920-6787-1381069221592-271746E61142FEA1972C5C8461C1103F&q={searchTerms}
SearchScopes: HKLM-x32 - SuggestionsURL_JSON http://api.widdit.com/suggestions/?format=ffplugin&ua=ie&src=addon&si=66920&gid=66920-6787-1381069221592-271746E61142FEA1972C5C8461C1103F&dbCode=1&command={searchTerms}
SearchScopes: HKLM-x32 - TopResultURLFallback http://search.certified-toolbar.com?si=66920&st=bs&tid=6787&ver=4.4&ts=1381010400000.000008&tguid=66920-6787-1381069221592-271746E61142FEA1972C5C8461C1103F&q={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {1594BEF9-D723-4D01-99A9-A812F0582B90} URL = https://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=402027&p={searchTerms}
BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Zxxx\AppData\Roaming\Mozilla\Firefox\Profiles\807ywz5g.default
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.de/
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_14_0_0_125.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nullsoft.com/winampDetector;version=1 - C:\Program Files (x86)\Winamp Detect\npwachk.dll (Nullsoft, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Zxxx\AppData\Roaming\Mozilla\Firefox\Profiles\807ywz5g.default\searchplugins\keepmysearch.xml
FF SearchPlugin: C:\Users\Zxxx\AppData\Roaming\Mozilla\Firefox\Profiles\807ywz5g.default\searchplugins\yahoo_ff.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: FoxyDeal - C:\Users\Zxxx\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{F58A62EB-38DC-43C4-A539-DC52E135208D} [2013-07-19]
FF Extension: WOT - C:\Users\Zxxx\AppData\Roaming\Mozilla\Firefox\Profiles\807ywz5g.default\Extensions\wotstats@mywot.com [2014-07-03]
FF HKLM-x32\...\Firefox\Extensions: [url_advisor@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com [2013-06-29]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com [2013-06-29]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com [2013-06-29]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com [2013-06-29]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com [2013-06-29]
FF HKLM-x32\...\Firefox\Extensions: [shortcutff@gmail.com] - C:\Users\Zxxx\AppData\Roaming\Mozilla\Firefox\Profiles\807ywz5g.default\extensions\shortcutff@gmail.com
FF HKCU\...\Firefox\Extensions: [{ba5b6935-63e1-431c-8fc6-7504512d2b94}] - C:\Program Files (x86)\LyricsContainer\130.xpi

Chrome: 
=======
CHR HomePage: hxxp://www.google.com/
CHR StartupUrls: "hxxp://t-online.de/"
CHR Extension: (Docs) - C:\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-07-19]
CHR Extension: (Google Drive) - C:\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-07-19]
CHR Extension: (HomeTab) - C:\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\bddpogknpjlgfpbboediomaiiaecfajn [2013-10-10]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-06-26]
CHR Extension: (YouTube) - C:\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-07-19]
CHR Extension: (Google Search) - C:\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-07-19]
CHR Extension: (Modul zur Link-Untersuchung) - C:\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2013-07-19]
CHR Extension: (Sicherer Zahlungsverkehr) - C:\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh [2013-07-19]
CHR Extension: (Virtuelle Tastatur) - C:\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh [2013-07-19]
CHR Extension: (Advanced SystemCare Surfing Protection) - C:\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd [2014-02-18]
CHR Extension: (No Name) - C:\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlcphjankhppgohedpkjonpadimhaoof [2014-06-26]
CHR Extension: (Google Wallet) - C:\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-20]
CHR Extension: (WOT) - C:\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\nphjeokkkbngjpiofnfpnafjeofjomfb [2014-07-03]
CHR Extension: (Gmail) - C:\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-07-19]
CHR Extension: (Anti-Banner) - C:\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman [2013-07-19]
CHR HKLM-x32\...\Chrome\Extension: [aaokmnpaoippoclepikifeegeknpopea] - C:\Program Files (x86)\ResultsAlpha\aaokmnpaoippoclepikifeegeknpopea.crx [2013-07-19]
CHR HKLM-x32\...\Chrome\Extension: [bddpogknpjlgfpbboediomaiiaecfajn] - C:\Program Files (x86)\HomeTab\chrome\HomeTab.crx [2013-07-19]
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\urladvisor.crx [2012-08-18]
CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\online_banking_chrome.crx [2012-08-18]
CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\content_blocker_chrome.crx [2012-08-18]
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\virtkbd.crx [2012-08-18]
CHR HKLM-x32\...\Chrome\Extension: [nphjeokkkbngjpiofnfpnafjeofjomfb] - C:\Users\Zxxx\AppData\LocalLow\WOT\CHROME\WOT.crx [2012-01-12]
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\ab.crx [2012-08-18]

==================== Services (Whitelisted) =================

R2 ABBYY.Licensing.FineReader.Professional.11.0; C:\Program Files (x86)\ABBYY FineReader 11\NetworkLicenseServer.exe [821048 2013-06-17] (ABBYY InfoPoisk LLC)
R2 ABBYY.Licensing.PDFTransformer.Classic.3.0; C:\Program Files (x86)\ABBYY PDF Transformer 3.0\NetworkLicenseServer.exe [759048 2010-02-01] (ABBYY)
R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [68096 2013-06-28] () [File not signed]
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2012-06-01] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2012-06-01] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2012-02-17] (ASUSTeK Computer Inc.)
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356128 2013-10-10] (Kaspersky Lab ZAO)
R2 DfSdkS; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 10\DfsdkS64.exe [544768 2009-08-24] (mst software GmbH, Germany) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [138192 2011-02-07] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-08] (Intel Corporation)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2151200 2013-12-03] (IObit)
S3 NBService; C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe [268112 2013-12-04] (Nero AG)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2009-05-15] (Hewlett-Packard) [File not signed]
R2 NitroDriverReadSpool; C:\Program Files\Common Files\Nitro PDF\Professional\6.0\NitroPDFDriverServicex64.exe [341312 2011-09-24] (Nitro PDF Software)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2009-05-15] (Hewlett-Packard) [File not signed]
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1229528 2013-12-06] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [662232 2013-12-06] (Secunia)
R2 WOTUpdater; C:\Users\Zxxx\AppData\LocalLow\WOT\IE\WOTUpdater.exe [18432 2012-01-12] () [File not signed]
R2 WSWNA1100; C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvc.exe [266240 2010-08-04] () [File not signed]

==================== Drivers (Whitelisted) ====================

R3 AiCharger; C:\Windows\SysWow64\drivers\AiCharger.sys [14592 2010-10-21] (ASUSTek Computer Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
S4 avgtp; C:\windows\system32\drivers\avgtpx64.sys [45856 2013-09-25] (AVG Technologies)
S3 igfx; C:\Windows\System32\DRIVERS\igdkmd64.sys [14646560 2011-12-15] (Intel Corporation) [File not signed]
S3 IntcDAud; C:\Windows\System32\DRIVERS\IntcDAud.sys [331264 2011-12-05] (Intel(R) Corporation) [File not signed]
S4 Jswtcilem; C:\Windows\SysWOW64\drivers\AsIO.sys [15232 2012-08-22] ()
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2013-12-12] (Kaspersky Lab ZAO)
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [91008 2014-06-09] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [628320 2014-06-09] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2013-12-12] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2013-10-10] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-10-10] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [54368 2013-06-29] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178448 2013-06-29] (Kaspersky Lab ZAO)
S3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-07-03] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99800 2014-02-18] (Intel Corporation)
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-12-06] (Secunia)
S1 StarOpen; C:\Windows\SysWow64\Drivers\StarOpen.sys [5632 2006-07-24] () [File not signed]
S1 UimBus; C:\Windows\System32\DRIVERS\uimx64.sys [90960 2012-12-13] (Windows (R) 2000 DDK provider)
S1 Uim_IM; C:\Windows\System32\Drivers\Uim_IMx64.sys [633680 2012-12-13] (Paragon)
S1 Uim_VIM; C:\Windows\System32\Drivers\uim_vimx64.sys [390352 2012-12-13] (Paragon)
R1 {f727685b-ed90-4adc-8eec-8234574a91e6}w64; C:\Windows\System32\drivers\{f727685b-ed90-4adc-8eec-8234574a91e6}w64.sys [61120 2014-06-05] (StdLib)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-04 11:18 - 2014-07-04 11:18 - 02083840 _____ (Farbar) C:\Users\Zxxx\Desktop\FRST64.exe
2014-07-04 11:18 - 2014-07-04 11:18 - 00026846 _____ () C:\Users\Zxxx\Desktop\FRST.txt
2014-07-04 11:15 - 2014-07-04 11:15 - 00001077 _____ () C:\Users\Zxxx\Desktop\JRT.txt
2014-07-04 11:08 - 2014-07-04 11:08 - 01016261 _____ (Thisisu) C:\Users\Zxxx\Desktop\JRT.exe
2014-07-04 10:59 - 2014-07-04 11:00 - 01346519 _____ () C:\Users\Zxxx\Desktop\adwcleaner_3.214.exe
2014-07-03 20:45 - 2014-07-03 21:46 - 00000000 ____D () C:\Users\Zxxx\AppData\Roaming\DesktopOK
2014-07-03 20:43 - 2014-07-03 20:45 - 00000000 ____D () C:\Program Files\DesktopOK
2014-07-03 20:42 - 2014-07-03 20:42 - 00212470 _____ () C:\Users\Zxxx\Downloads\DesktopOK397_x64.zip
2014-07-03 20:13 - 2014-07-03 20:21 - 00000000 ____D () C:\Program Files\WinRAR
2014-07-03 20:13 - 2014-07-03 20:13 - 02029048 _____ () C:\Users\Zxxx\Downloads\winrar-x64-510d.exe
2014-07-03 19:41 - 2014-07-03 19:41 - 00895120 _____ (Google Inc.) C:\Users\Zxxx\Downloads\ChromeSetup.exe
2014-07-03 18:56 - 2014-07-03 18:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2014-07-03 18:56 - 2014-07-03 18:56 - 00000000 ____D () C:\Program Files\7-Zip
2014-07-03 18:53 - 2014-07-03 18:53 - 01444352 _____ () C:\Users\Zxxx\Downloads\7z922-x64.msi
2014-07-03 18:25 - 2014-07-03 18:25 - 00000000 ____D () C:\Users\Zxxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PantsOff
2014-07-03 18:25 - 2014-07-03 18:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PantsOff
2014-07-03 18:25 - 2014-07-03 18:25 - 00000000 ____D () C:\Program Files (x86)\PantsOff
2014-07-03 18:10 - 2014-07-03 18:11 - 01049728 _____ () C:\Users\Zxxx\Downloads\pantsoff.exe
2014-07-03 16:17 - 2014-07-03 16:21 - 00000000 ____D () C:\Users\Zxxx\AppData\Local\Microsoft Games
2014-07-03 14:12 - 2014-07-03 14:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-07-03 14:12 - 2014-07-03 14:12 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-07-03 14:12 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-07-03 14:12 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2014-07-03 14:12 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2014-07-03 14:10 - 2014-07-03 14:12 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Zxxx\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-03 13:23 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\windows\SysWOW64\sqlite3.dll
2014-07-03 13:20 - 2014-07-03 17:57 - 00000000 ____D () C:\Users\Zxxx\Desktop\Wartung
2014-07-03 13:02 - 2014-07-04 11:04 - 00007864 _____ () C:\windows\PFRO.log
2014-07-03 13:00 - 2014-07-03 18:59 - 00122584 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-03 12:57 - 2014-07-03 12:59 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\Zxxx\Downloads\mbam-setup-2.0.0.1000.exe
2014-07-03 12:36 - 2014-07-03 12:36 - 00000000 ____D () C:\windows\Tasks\ImCleanDisabled
2014-07-03 12:20 - 2010-11-21 05:23 - 00345088 _____ (Microsoft Corporation) C:\windows\system32\sethc.exe
2014-07-03 12:19 - 2010-11-21 05:23 - 00345088 _____ (Microsoft Corporation) C:\windows\system32\utilman.exe
2014-07-03 11:41 - 2014-07-03 11:42 - 04812672 _____ (Piriform Ltd) C:\Users\Zxxx\Downloads\ccsetup415.exe
2014-07-02 15:47 - 2014-07-03 13:05 - 00000000 ____D () C:\windows\SysWOW64\%Report%
2014-06-25 21:05 - 2014-06-25 21:05 - 00000000 ____D () C:\Users\Zxxx\BRIEFKöpfe WZ
2014-06-25 19:24 - 2014-06-25 19:24 - 00000000 ____D () C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
2014-06-22 17:34 - 2014-06-22 17:34 - 00000997 _____ () C:\Users\Zxxx\Desktop\Monosnap.lnk
2014-06-22 17:34 - 2014-06-22 17:34 - 00000000 ____D () C:\Users\Zxxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Monosnap
2014-06-22 17:34 - 2014-06-22 17:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xiph.Org
2014-06-22 17:34 - 2014-06-22 17:34 - 00000000 ____D () C:\Program Files (x86)\Monosnap
2014-06-22 17:33 - 2013-09-24 15:53 - 07254016 _____ () C:\Users\Zxxx\Downloads\Monosnap_2.3.4.msi
2014-06-22 17:11 - 2014-06-22 17:15 - 00000000 ____D () C:\Users\Zxxx\Desktop\Kopieren
2014-06-21 19:09 - 2014-07-04 11:03 - 00372120 _____ () C:\windows\WindowsUpdate.log
2014-06-20 16:45 - 2014-07-04 11:04 - 00001658 _____ () C:\windows\setupact.log
2014-06-20 16:45 - 2014-06-20 16:45 - 00000000 _____ () C:\windows\setuperr.log
2014-06-16 14:38 - 2014-06-16 15:04 - 1387069440 _____ () C:\Users\Zxxx\Downloads\linuxmint-17-xfce-dvd-64bit-rc.iso
2014-06-10 22:36 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-06-10 22:36 - 2014-05-30 12:02 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-06-10 22:36 - 2014-05-30 12:02 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-06-10 22:36 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-06-10 22:36 - 2014-05-30 11:39 - 00548352 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-06-10 22:36 - 2014-05-30 11:39 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-06-10 22:36 - 2014-05-30 11:38 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-06-10 22:36 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-06-10 22:36 - 2014-05-30 11:27 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-06-10 22:36 - 2014-05-30 11:24 - 00574976 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-06-10 22:36 - 2014-05-30 11:21 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-06-10 22:36 - 2014-05-30 11:21 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-06-10 22:36 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-06-10 22:36 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-06-10 22:36 - 2014-05-30 11:11 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-06-10 22:36 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-06-10 22:36 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-06-10 22:36 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-06-10 22:36 - 2014-05-30 10:55 - 00038400 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-06-10 22:36 - 2014-05-30 10:49 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-06-10 22:36 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-06-10 22:36 - 2014-05-30 10:44 - 00455168 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-06-10 22:36 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-06-10 22:36 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-06-10 22:36 - 2014-05-30 10:42 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-06-10 22:36 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-06-10 22:36 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-06-10 22:36 - 2014-05-30 10:34 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-06-10 22:36 - 2014-05-30 10:33 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-06-10 22:36 - 2014-05-30 10:30 - 00440832 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-06-10 22:36 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-06-10 22:36 - 2014-05-30 10:28 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-06-10 22:36 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-06-10 22:36 - 2014-05-30 10:24 - 01249280 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2014-06-10 22:36 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-06-10 22:36 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-06-10 22:36 - 2014-05-30 10:10 - 00032256 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-10 22:36 - 2014-05-30 10:06 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-06-10 22:36 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-06-10 22:36 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-06-10 22:36 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-06-10 22:36 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-06-10 22:36 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-06-10 22:36 - 2014-05-30 09:50 - 01068032 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2014-06-10 22:36 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-06-10 22:36 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-06-10 22:36 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-06-10 22:36 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-06-10 22:36 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-06-10 22:36 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-06-10 22:36 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-06-10 22:36 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-06-10 22:36 - 2014-05-08 11:32 - 03178496 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll
2014-06-10 22:36 - 2014-05-08 11:32 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\RdpGroupPolicyExtension.dll
2014-06-10 22:36 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\usp10.dll
2014-06-10 22:36 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\windows\SysWOW64\usp10.dll
2014-06-10 22:36 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2014-06-10 22:36 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\windows\system32\Drivers\FWPKCLNT.SYS
2014-06-10 22:36 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\windows\system32\msxml6.dll
2014-06-10 22:36 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2014-06-10 22:36 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml6r.dll
2014-06-10 22:36 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2014-06-10 22:36 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6.dll
2014-06-10 22:36 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2014-06-10 22:36 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6r.dll
2014-06-10 22:36 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3r.dll
2014-06-10 22:35 - 2014-06-08 11:13 - 00506368 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-06-10 22:35 - 2014-06-08 11:08 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-06-10 12:13 - 2014-06-10 12:13 - 00000000 __SHD () C:\Users\Zxxx\AppData\Local\EmieUserList
2014-06-10 12:13 - 2014-06-10 12:13 - 00000000 __SHD () C:\Users\Zxxx\AppData\Local\EmieSiteList
2014-06-09 21:13 - 2014-06-05 14:39 - 00061120 _____ (StdLib) C:\windows\system32\Drivers\{f727685b-ed90-4adc-8eec-8234574a91e6}w64.sys
2014-06-09 21:09 - 2014-06-10 23:28 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-06-09 19:40 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2014-06-09 19:40 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2014-06-09 19:40 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2014-06-09 19:40 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2014-06-09 19:40 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2014-06-09 19:40 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2014-06-09 19:40 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2014-06-09 19:40 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2014-06-09 19:40 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2014-06-09 19:40 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\windows\system32\objsel.dll
2014-06-09 19:40 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2014-06-09 19:40 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2014-06-09 19:40 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2014-06-09 19:40 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2014-06-09 19:40 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2014-06-09 19:40 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\wincredprovider.dll
2014-06-09 19:40 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\windows\system32\winlogon.exe
2014-06-09 19:40 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\windows\system32\cngprovider.dll
2014-06-09 19:40 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\windows\system32\adprovider.dll
2014-06-09 19:40 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\capiprovider.dll
2014-06-09 19:40 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\windows\system32\dpapiprovider.dll
2014-06-09 19:40 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\windows\system32\dimsroam.dll
2014-06-09 19:40 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2014-06-09 19:40 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2014-06-09 19:40 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2014-06-09 19:40 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\windows\SysWOW64\objsel.dll
2014-06-09 19:40 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2014-06-09 19:40 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2014-06-09 19:40 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2014-06-09 19:40 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2014-06-09 19:40 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\cngprovider.dll
2014-06-09 19:40 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\windows\SysWOW64\adprovider.dll
2014-06-09 19:40 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\windows\SysWOW64\capiprovider.dll
2014-06-09 19:40 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\dpapiprovider.dll
2014-06-09 19:40 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\windows\SysWOW64\dimsroam.dll
2014-06-09 19:40 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2014-06-09 19:40 - 2014-02-07 03:23 - 03156480 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-06-09 19:40 - 2014-02-04 04:32 - 01424384 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2014-06-09 19:40 - 2014-02-04 04:04 - 01230336 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2014-06-09 19:40 - 2014-01-29 04:32 - 00484864 _____ (Microsoft Corporation) C:\windows\system32\wer.dll
2014-06-09 19:40 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\windows\SysWOW64\wer.dll
2014-06-09 19:40 - 2014-01-28 04:32 - 00228864 _____ (Microsoft Corporation) C:\windows\system32\wwansvc.dll
2014-06-09 19:39 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2014-06-09 19:39 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2014-06-09 19:39 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2014-06-09 19:39 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2014-06-09 19:39 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2014-06-09 19:39 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\windows\SysWOW64\wincredprovider.dll
2014-06-09 19:39 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2014-06-09 19:38 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2014-06-09 19:38 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2014-06-09 19:38 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2014-06-09 19:38 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2014-06-09 19:38 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2014-06-09 19:38 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2014-06-09 19:38 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2014-06-09 19:38 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2014-06-09 19:38 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2014-06-09 19:38 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2014-06-09 19:38 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2014-06-09 19:38 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msiscsi.sys
2014-06-09 19:38 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\windows\system32\Drivers\storport.sys
2014-06-09 19:38 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Diskdump.sys
2014-06-09 19:38 - 2014-02-04 04:32 - 00624128 _____ (Microsoft Corporation) C:\windows\system32\qedit.dll
2014-06-09 19:38 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\iologmsg.dll
2014-06-09 19:38 - 2014-02-04 04:04 - 00509440 _____ (Microsoft Corporation) C:\windows\SysWOW64\qedit.dll
2014-06-09 19:38 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\iologmsg.dll
2014-06-09 19:38 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ntfs.sys
2014-06-09 19:35 - 2014-06-09 19:35 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-09 19:33 - 2014-06-09 19:33 - 00264616 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe
2014-06-09 19:33 - 2014-06-09 19:33 - 00175528 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe
2014-06-09 19:33 - 2014-06-09 19:33 - 00175016 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe
2014-06-09 19:33 - 2014-06-09 19:33 - 00096168 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2014-06-09 19:33 - 2014-06-09 19:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-06-09 19:33 - 2014-06-09 19:33 - 00000000 ____D () C:\Program Files (x86)\Java

==================== One Month Modified Files and Folders =======

2014-07-04 11:19 - 2014-07-04 11:18 - 00026846 _____ () C:\Users\Zxxx\Desktop\FRST.txt
2014-07-04 11:18 - 2014-07-04 11:18 - 02083840 _____ (Farbar) C:\Users\Zxxx\Desktop\FRST64.exe
2014-07-04 11:18 - 2013-12-19 15:18 - 00000000 ____D () C:\FRST
2014-07-04 11:17 - 2014-06-21 19:09 - 00372120 _____ () C:\windows\WindowsUpdate.log
2014-07-04 11:16 - 2013-06-29 10:42 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-07-04 11:15 - 2014-07-04 11:15 - 00001077 _____ () C:\Users\Zxxx\Desktop\JRT.txt
2014-07-04 11:13 - 2009-07-14 06:45 - 00016752 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-04 11:13 - 2009-07-14 06:45 - 00016752 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-04 11:08 - 2014-07-04 11:08 - 01016261 _____ (Thisisu) C:\Users\Zxxx\Desktop\JRT.exe
2014-07-04 11:05 - 2013-10-15 17:52 - 00000000 ____D () C:\Users\Zxxx\AppData\Roaming\Ditto
2014-07-04 11:04 - 2014-07-03 13:02 - 00007864 _____ () C:\windows\PFRO.log
2014-07-04 11:04 - 2014-06-20 16:45 - 00001658 _____ () C:\windows\setupact.log
2014-07-04 11:04 - 2013-09-25 15:03 - 00001114 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-04 11:04 - 2009-07-14 07:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-07-04 11:03 - 2013-10-26 20:05 - 00000000 ___HD () C:\AdwCleaner
2014-07-04 11:00 - 2014-07-04 10:59 - 01346519 _____ () C:\Users\Zxxx\Desktop\adwcleaner_3.214.exe
2014-07-04 10:53 - 2012-02-22 04:38 - 00001997 _____ () C:\windows\system32\ServiceFilter.ini
2014-07-03 22:47 - 2013-09-25 15:03 - 00001118 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-03 22:36 - 2013-08-30 19:51 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-07-03 22:17 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\rescache
2014-07-03 21:46 - 2014-07-03 20:45 - 00000000 ____D () C:\Users\Zxxx\AppData\Roaming\DesktopOK
2014-07-03 20:45 - 2014-07-03 20:43 - 00000000 ____D () C:\Program Files\DesktopOK
2014-07-03 20:42 - 2014-07-03 20:42 - 00212470 _____ () C:\Users\Zxxx\Downloads\DesktopOK397_x64.zip
2014-07-03 20:21 - 2014-07-03 20:13 - 00000000 ____D () C:\Program Files\WinRAR
2014-07-03 20:21 - 2014-01-27 20:54 - 00000000 ____D () C:\Users\Zxxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-07-03 20:21 - 2014-01-27 20:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-07-03 20:13 - 2014-07-03 20:13 - 02029048 _____ () C:\Users\Zxxx\Downloads\winrar-x64-510d.exe
2014-07-03 19:42 - 2013-09-25 15:03 - 00004114 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-07-03 19:42 - 2013-09-25 15:03 - 00003862 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-07-03 19:41 - 2014-07-03 19:41 - 00895120 _____ (Google Inc.) C:\Users\Zxxx\Downloads\ChromeSetup.exe
2014-07-03 18:59 - 2014-07-03 13:00 - 00122584 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-03 18:56 - 2014-07-03 18:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2014-07-03 18:56 - 2014-07-03 18:56 - 00000000 ____D () C:\Program Files\7-Zip
2014-07-03 18:53 - 2014-07-03 18:53 - 01444352 _____ () C:\Users\Zxxx\Downloads\7z922-x64.msi
2014-07-03 18:25 - 2014-07-03 18:25 - 00000000 ____D () C:\Users\Zxxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PantsOff
2014-07-03 18:25 - 2014-07-03 18:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PantsOff
2014-07-03 18:25 - 2014-07-03 18:25 - 00000000 ____D () C:\Program Files (x86)\PantsOff
2014-07-03 18:11 - 2014-07-03 18:10 - 01049728 _____ () C:\Users\Zxxx\Downloads\pantsoff.exe
2014-07-03 17:57 - 2014-07-03 13:20 - 00000000 ____D () C:\Users\Zxxx\Desktop\Wartung
2014-07-03 16:21 - 2014-07-03 16:17 - 00000000 ____D () C:\Users\Zxxx\AppData\Local\Microsoft Games
2014-07-03 14:25 - 2012-02-22 04:38 - 00000000 ____D () C:\windows\pss
2014-07-03 14:12 - 2014-07-03 14:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-07-03 14:12 - 2014-07-03 14:12 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-07-03 14:12 - 2014-07-03 14:10 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Zxxx\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-03 13:28 - 2014-02-19 21:44 - 00001071 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-07-03 13:28 - 2013-09-25 15:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-07-03 13:28 - 2013-06-27 17:12 - 00001009 _____ () C:\Users\Zxxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-07-03 13:28 - 2009-07-14 04:34 - 00000489 _____ () C:\windows\win.ini
2014-07-03 13:09 - 2013-10-26 23:27 - 00000000 ____D () C:\Users\Zxxx\Documents\CC
2014-07-03 13:05 - 2014-07-02 15:47 - 00000000 ____D () C:\windows\SysWOW64\%Report%
2014-07-03 13:01 - 2013-07-04 19:49 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-07-03 13:00 - 2013-08-31 14:56 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-03 12:59 - 2014-07-03 12:57 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\Zxxx\Downloads\mbam-setup-2.0.0.1000.exe
2014-07-03 12:40 - 2013-08-31 14:56 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-07-03 12:37 - 2014-02-18 20:01 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-07-03 12:36 - 2014-07-03 12:36 - 00000000 ____D () C:\windows\Tasks\ImCleanDisabled
2014-07-03 12:17 - 2014-02-19 21:44 - 00000000 ____D () C:\Users\Zxxx\AppData\Local\Mozilla Firefox
2014-07-03 11:42 - 2014-07-03 11:41 - 04812672 _____ (Piriform Ltd) C:\Users\Zxxx\Downloads\ccsetup415.exe
2014-07-03 11:42 - 2013-08-31 22:34 - 00000000 ____D () C:\Users\Zxxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-07-03 11:42 - 2013-07-19 20:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-07-03 11:42 - 2013-07-19 20:33 - 00000000 ____D () C:\Program Files\CCleaner
2014-07-02 15:46 - 2014-02-18 20:07 - 00000000 ____D () C:\ProgramData\ProductData
2014-06-26 16:07 - 2012-02-22 04:38 - 00002591 _____ () C:\windows\system32\AutoRunFilter.ini
2014-06-26 14:53 - 2013-07-05 21:04 - 00000000 ____D () C:\Users\Zxxx\Documents\E-Mail
2014-06-25 21:05 - 2014-06-25 21:05 - 00000000 ____D () C:\Users\Zxxx\BRIEFKöpfe WZ
2014-06-25 21:05 - 2013-06-27 17:12 - 00000000 ____D () C:\Users\Zxxx
2014-06-25 20:06 - 2011-12-28 03:08 - 00714354 _____ () C:\windows\system32\perfh007.dat
2014-06-25 20:06 - 2011-12-28 03:08 - 00154334 _____ () C:\windows\system32\perfc007.dat
2014-06-25 20:06 - 2009-07-14 07:13 - 01660044 _____ () C:\windows\system32\PerfStringBackup.INI
2014-06-25 19:54 - 2013-09-16 12:38 - 00000000 ____D () C:\Users\Zxxx\Documents\GESUNDHEIT
2014-06-25 19:24 - 2014-06-25 19:24 - 00000000 ____D () C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
2014-06-24 20:05 - 2013-06-27 19:27 - 00000000 ____D () C:\ProgramData\Adobe
2014-06-24 20:04 - 2013-06-27 19:26 - 00000000 ____D () C:\Users\Zxxx\AppData\Roaming\Adobe
2014-06-22 17:34 - 2014-06-22 17:34 - 00000997 _____ () C:\Users\Zxxx\Desktop\Monosnap.lnk
2014-06-22 17:34 - 2014-06-22 17:34 - 00000000 ____D () C:\Users\Zxxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Monosnap
2014-06-22 17:34 - 2014-06-22 17:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xiph.Org
2014-06-22 17:34 - 2014-06-22 17:34 - 00000000 ____D () C:\Program Files (x86)\Monosnap
2014-06-22 17:15 - 2014-06-22 17:11 - 00000000 ____D () C:\Users\Zxxx\Desktop\Kopieren
2014-06-21 14:47 - 2013-06-28 20:14 - 00000000 ____D () C:\Users\Zxxx\LIINK DATEIEN
2014-06-20 16:45 - 2014-06-20 16:45 - 00000000 _____ () C:\windows\setuperr.log
2014-06-20 16:03 - 2014-02-01 19:18 - 00000420 _____ () C:\windows\Tasks\One-Click Optimizer.job
2014-06-16 15:04 - 2014-06-16 14:38 - 1387069440 _____ () C:\Users\Zxxx\Downloads\linuxmint-17-xfce-dvd-64bit-rc.iso
2014-06-12 13:31 - 2013-11-30 15:41 - 00000000 ____D () C:\Users\Zxxx\COMP-Club
2014-06-12 13:29 - 2013-06-27 17:12 - 00000000 ____D () C:\Users\Zxxx\AppData\Local\VirtualStore
2014-06-12 13:26 - 2013-08-30 19:51 - 00003822 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2014-06-12 13:26 - 2013-06-27 19:25 - 00699056 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-06-12 13:26 - 2012-02-22 04:27 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-06-12 13:17 - 2013-08-21 14:44 - 00000000 _____ () C:\ProgramData\LauncherAccess.dt
2014-06-10 23:31 - 2013-07-21 08:17 - 00000000 ____D () C:\windows\system32\MRT
2014-06-10 23:31 - 2013-06-27 19:48 - 95414520 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-06-10 23:29 - 2013-06-28 17:28 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-10 23:28 - 2014-06-09 21:09 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-06-10 19:03 - 2013-06-27 19:28 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-06-10 12:13 - 2014-06-10 12:13 - 00000000 __SHD () C:\Users\Zxxx\AppData\Local\EmieUserList
2014-06-10 12:13 - 2014-06-10 12:13 - 00000000 __SHD () C:\Users\Zxxx\AppData\Local\EmieSiteList
2014-06-10 12:08 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\PolicyDefinitions
2014-06-09 21:11 - 2009-07-14 06:45 - 00439488 _____ () C:\windows\system32\FNTCACHE.DAT
2014-06-09 21:07 - 2013-06-28 22:54 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-06-09 21:07 - 2013-06-28 22:54 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-06-09 20:57 - 2013-06-28 22:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-06-09 20:00 - 2013-10-10 12:56 - 00000000 ___RD () C:\Users\Zxxx\Documents\00-HERRATH ORDNER
2014-06-09 20:00 - 2013-09-03 20:00 - 00000000 ___RD () C:\Users\Zxxx\WEITERE DATEIEN
2014-06-09 20:00 - 2013-08-13 17:05 - 00000000 ___RD () C:\Users\Zxxx\Desktop\Eigene DATEIEN
2014-06-09 20:00 - 2011-12-28 02:49 - 00000000 ____D () C:\windows\Panther
2014-06-09 19:39 - 2013-06-29 10:42 - 00628320 _____ (Kaspersky Lab ZAO) C:\windows\system32\Drivers\klif.sys
2014-06-09 19:39 - 2013-06-29 10:42 - 00091008 _____ (Kaspersky Lab ZAO) C:\windows\system32\Drivers\klflt.sys
2014-06-09 19:35 - 2014-06-09 19:35 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-09 19:35 - 2014-02-14 20:25 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-09 19:34 - 2013-10-27 13:51 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2014-06-09 19:33 - 2014-06-09 19:33 - 00264616 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe
2014-06-09 19:33 - 2014-06-09 19:33 - 00175528 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe
2014-06-09 19:33 - 2014-06-09 19:33 - 00175016 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe
2014-06-09 19:33 - 2014-06-09 19:33 - 00096168 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2014-06-09 19:33 - 2014-06-09 19:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-06-09 19:33 - 2014-06-09 19:33 - 00000000 ____D () C:\Program Files (x86)\Java
2014-06-08 11:13 - 2014-06-10 22:35 - 00506368 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-06-08 11:08 - 2014-06-10 22:35 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-06-05 14:39 - 2014-06-09 21:13 - 00061120 _____ (StdLib) C:\windows\system32\Drivers\{f727685b-ed90-4adc-8eec-8234574a91e6}w64.sys

Files to move or delete:
====================
C:\Users\Zxxx\cnmss Canon MG5300 series Printer (Local).dll


Some content of TEMP:
====================
C:\Users\Zxxx\AppData\Local\Temp\dsrlte.exe
C:\Users\Zxxx\AppData\Local\Temp\exthelper.exe
C:\Users\Zxxx\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-03 22:10

==================== End Of Log ============================
         
--- --- ---

Alt 04.07.2014, 11:43   #7
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Win 7 (64): Browser voller Toolbars, Startseite geändert, alles doppelt unterstrichen; MBAM startet nicht ... - Standard

Win 7 (64): Browser voller Toolbars, Startseite geändert, alles doppelt unterstrichen; MBAM startet nicht ...



Bitte auch ne neue Addition.txt erstellen, dazu FRST starten und einen Haken setzen bei Addition.txt, dann auf Scan klicken.

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 04.07.2014, 12:30   #8
Riddle
 
Win 7 (64): Browser voller Toolbars, Startseite geändert, alles doppelt unterstrichen; MBAM startet nicht ... - Standard

Win 7 (64): Browser voller Toolbars, Startseite geändert, alles doppelt unterstrichen; MBAM startet nicht ...



Sorry, hatte den Text ... und nach dem ersten Scan ... missverstanden.

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-07-2014
Ran by Zxxx at 2014-07-04 12:17:10
Running from C:\Users\Zxxx\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Kaspersky Internet Security (Enabled - Up to date) {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
AS: Kaspersky Internet Security (Enabled - Up to date) {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E}

==================== Installed Programs ======================

64 Bit HP CIO Components Installer (Version: 1.2.0 - Hewlett-Packard) Hidden
7-Zip 9.22 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0922-000001000000}) (Version: 9.22.00.0 - Igor Pavlov)
ABBYY FineReader 11 (HKLM-x32\...\{F11000FE-0010-0000-0000-074957833700}) (Version: 11.11.194 - ABBYY Production LLC)
ABBYY PDF Transformer 3.0 (HKLM-x32\...\ABBYY PDF Transformer 3.0) (Version: 3.00.317.68010 - ABBYY)
ABBYY PDF Transformer 3.0 (Version: 3.00.317.68010 - ABBYY) Hidden
Acronis*True*Image*Home 2012 (HKLM-x32\...\{054A5F46-6DCE-4D09-8BC0-170428A4ED56}Visible) (Version: 15.0.7133 - Acronis)
Acronis*True*Image*Home 2012 (x32 Version: 15.0.7133 - Acronis) Hidden
Adobe Digital Editions 2.0 (HKLM-x32\...\Adobe Digital Editions 2.0) (Version: 2.0 - Adobe Systems Incorporated)
Adobe Flash Player 14 ActiveX (HKLM-x32\...\{1F5E5F2E-5E61-431D-B796-58CCC6B68E28}) (Version: 14.0.0.125 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\{C4B32291-F7B2-4BEC-BA4D-4195676A08CC}) (Version: 14.0.0.125 - Adobe Systems Incorporated)
Adobe Photoshop CS (HKLM-x32\...\{EFB21DE7-8C19-4A88-BB28-A766E16493BC}) (Version: CS - Adobe Systems, Inc.)
Adobe Reader XI (11.0.07) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
AI Manager (HKLM-x32\...\{4AF95DE2-B54D-4C3F-9494-FD3B558E2C2D}) (Version: 1.09.07 - ASUSTeK Computer Inc.)
AI Suite II (HKLM-x32\...\{34D3688E-A737-44C5-9E2A-FF73618728E1}) (Version: 2.01.02 - ASUSTeK Computer Inc.)
AMD APP SDK Runtime (Version: 10.0.851.4 - Advanced Micro Devices Inc.) Hidden
AMD AVIVO64 Codecs (Version: 12.1.0.11205 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{C437A4E8-9B05-9551-4250-396BF4E663D8}) (Version: 3.0.859.0 - Advanced Micro Devices, Inc.)
AntiBrowserSpy (HKLM-x32\...\{F78B5B4F-075A-4C81-AA27-E707861EB5B7}_is1) (Version: 141 - Abelssoft)
ArcSoft PhotoStudio 6 (HKLM-x32\...\{ED8EF3C2-FA5B-4A1E-950D-5A0227161F97}) (Version: 6.0.1.148 - ArcSoft)
Ashampoo Burning Studio 2014 v.12.0.5 (HKLM-x32\...\{91B33C97-280F-B76D-E27B-E712D7041B76}_is1) (Version: 12.0.5 - Ashampoo GmbH & Co. KG)
Ashampoo Music Studio 2013 v.4.1.2 (HKLM-x32\...\{91B33C97-0D61-2DA9-07F6-0EF54C520FE3}_is1) (Version: 4.1.2 - Ashampoo GmbH & Co. KG)
Ashampoo WinOptimizer 10 v.10.3.0 (HKLM-x32\...\{4209F371-88D4-AB00-ED2B-D6520C84D9D5}_is1) (Version: 10.03.00 - Ashampoo GmbH & Co. KG)
ASUS Ai Charger (HKLM-x32\...\{7FB64E72-9B0E-4460-A821-040C341E414A}) (Version: 1.01.00 - ASUSTeK Computer Inc.)
ASUS Backup Wizard (HKLM-x32\...\{124C9BD0-8C52-40AB-8238-0605703B1C28}) (Version: 1.01.00 - ASUSTeK Computer Inc.)
ASUS Easy Update 2 (HKLM-x32\...\{E7AA854E-6756-424E-84C2-4E47D5729AFF}) (Version: 3.00.08 - ASUSTeK Computer Inc.)
ASUS Instant On (HKLM-x32\...\{CCC4652E-F5E0-498A-84F3-5DDBEF84642B}) (Version: 1.01.08 - ASUSTeK Computer Inc.)
ASUS WebStorage (HKLM-x32\...\ASUS WebStorage) (Version: 3.0.104.216 - eCareme Technologies, Inc.)
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.4.628 - ASUSTEK)
Audacity 1.2.6 (HKLM-x32\...\Audacity_is1) (Version:  - )
Auslogics DiskDefrag (HKLM-x32\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: 4.3.1.0 - Auslogics Labs Pty Ltd)
Buzzdock (HKLM\...\{ac225167-00fc-452d-94c5-bb93600e7d9a}) (Version:  - Alactro LLC)
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version:  - )
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version:  - )
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version:  - )
Canon MG5300 series Benutzerregistrierung (HKLM-x32\...\Canon MG5300 series Benutzerregistrierung) (Version:  - )
Canon MG5300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5300_series) (Version:  - Canon Inc.)
Canon MG5300 series On-screen Manual (HKLM-x32\...\Canon MG5300 series On-screen Manual) (Version:  - )
Canon MP Navigator EX 2.0 (HKLM-x32\...\MP Navigator EX 2.0) (Version:  - )
Canon MP Navigator EX 5.0 (HKLM-x32\...\MP Navigator EX 5.0) (Version:  - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version:  - )
Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version:  - )
Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version:  - )
CanoScan 5600F Scanner Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4808) (Version:  - )
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center (x32 Version: 2011.1205.2215.39827 - Ihr Firmenname) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2011.1205.2215.39827 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2011.1205.2215.39827 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Profiles Desktop (x32 Version: 2011.1205.2215.39827 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2011.1205.2214.39827 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2011.1205.2214.39827 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2011.1205.2214.39827 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2011.1205.2214.39827 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2011.1205.2214.39827 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2011.1205.2214.39827 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2011.1205.2214.39827 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2011.1205.2214.39827 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2011.1205.2214.39827 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2011.1205.2214.39827 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2011.1205.2214.39827 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2011.1205.2214.39827 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2011.1205.2214.39827 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2011.1205.2214.39827 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2011.1205.2214.39827 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2011.1205.2214.39827 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2011.1205.2214.39827 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2011.1205.2214.39827 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2011.1205.2214.39827 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2011.1205.2214.39827 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2011.1205.2214.39827 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2011.1205.2214.39827 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2011.1205.2215.39827 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.15 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.2.4291 - CDBurnerXP)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{CA75CBF9-B078-47CB-ABA3-74EFD4FC9A43}) (Version:  - Microsoft)
Ditto (HKLM-x32\...\Ditto_is1) (Version:  - Scott Brogden)
Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 2.0.0 - ASUS)
FBackup 4 (HKLM-x32\...\FBackup 4_is1) (Version:  -  Softland)
Formatwandler 5 (HKLM-x32\...\{CC5A25E6-7564-48FF-0001-D4DD055B2886}) (Version: 5.0.13.429 - S.A.D.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
HydraVision (x32 Version: 4.2.220.0 - Advanced Micro Devices, Inc.) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.2.1410 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.1.209 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217055FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Karsten Bilderschau 3.5.4 (HKLM-x32\...\Karsten Bilderschau_is1) (Version: 3.5.4 - Karsten SlideShow Project)
Kaspersky Internet Security 2013 (HKLM-x32\...\InstallWIX_{560985FB-4B76-4121-9189-7A2CDC7886D6}) (Version: 13.0.1.4190 - Kaspersky Lab)
Kaspersky Internet Security 2013 (x32 Version: 13.0.1.4190 - Kaspersky Lab) Hidden
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Monosnap (HKLM-x32\...\{FA16A0B8-2ACF-46BB-824A-3F6856FBE068}) (Version: 2.3.4.0 - Monosnap)
Mozilla Firefox 29.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 29.0 (x86 de)) (Version: 29.0 - Mozilla)
Mozilla Firefox 30.0 (x86 de) (HKCU\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)
Mozilla Firefox 8.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 8.0 (x86 de)) (Version: 8.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
Nero BackItUp 2014 (HKLM-x32\...\{0A466249-72F9-40DF-BC33-8CB7E632F0F0}) (Version: 15.0.02100 - Nero AG)
Nero BackItUp Help (CHM) (x32 Version: 15.0.00020 - Nero AG) Hidden
Nero ControlCenter (x32 Version: 11.0.16700 - Nero AG) Hidden
Nero ControlCenter Help (CHM) (x32 Version: 15.0.00015 - Nero AG) Hidden
Nero Core Components (x32 Version: 11.0.23200 - Nero AG) Hidden
Nero Info (HKLM-x32\...\{B791E0AB-87A9-41A4-8D98-D13C2E37D928}) (Version: 15.1.0030 - Nero AG)
Nero Update (x32 Version: 11.0.13300.42.0 - Nero AG) Hidden
nero.backitup.msi (x32 Version: 15.0.17000 - Nero AG) Hidden
NETGEAR WNA1100 N150 Wireless USB Adapter (HKLM-x32\...\{A2AE9709-283B-4B48-AA34-729C070A62FB}) (Version: 1.0.0.133 - NETGEAR)
Nitro PDF Professional (HKLM\...\{80B84D51-5202-4C8D-A017-8D7C90E9EF9C}) (Version: 6.2.3.6 - Nitro PDF Software)
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
PantsOff 2.0 (HKLM-x32\...\{EC1F15E1-F3CC-46EE-B7A5-849A08ED60DC}}_is1) (Version: 2.0 - Christoph Bünger Software)
Prerequisite installer (x32 Version: 15.0.0005 - Nero AG) Hidden
Readiris Pro 12 (HKLM-x32\...\{B6214EA9-7BE8-4A91-B8B3-45F42F90188F}) (Version: 12.00.6209 - I.R.I.S.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.49.927.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7111 - Realtek Semiconductor Corp.)
SAMSUNG Mobile Composite Device Software (HKLM\...\SAMSUNG Mobile Composite Device) (Version:  - )
SAMSUNG Mobile Modem Driver Set (HKLM\...\SAMSUNG Mobile Modem) (Version:  - )
Samsung Mobile phone USB driver Drive Software (HKLM\...\Samsung Mobile phone USB driver Drive) (Version:  - )
Samsung Mobile phone USB driver Software (HKLM\...\Samsung Mobile phone USB driver) (Version:  - )
SAMSUNG Mobile USB Modem 1.0 Software (HKLM\...\SAMSUNG Mobile USB Modem 1.0) (Version:  - )
SAMSUNG Mobile USB Modem Software (HKLM\...\SAMSUNG Mobile USB Modem) (Version:  - )
Samsung PC Studio 3 (HKLM-x32\...\{C4A4722E-79F9-417C-BD72-8D359A090C97}) (Version: 3.2.2.80601 - Samsung Electronics Co., Ltd.)
Samsung PC Studio 3 (x32 Version: 3.0.0.80601 - Samsung Electronics Co., Ltd.) Hidden
Samsung Samples Installer (HKLM-x32\...\{7AC15160-A49B-4A89-B181-D4619C025FFF}) (Version: 1.00.0000 - Samsung Electronics Co., Ltd.)
Secunia PSI (3.0.0.9016) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.9016 - Secunia)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{C70D2038-A2C4-4A99-87DE-5272BB44F0CE}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{40EC8FB1-5202-469D-9232-C28FB1C6FC64}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version:  - Microsoft)
Winamp (HKLM-x32\...\Winamp) (Version: 5.65  - Nullsoft, Inc)
Winamp Detector Plug-in (HKCU\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinPatrol (HKLM\...\{6E575124-6D34-4E65-9375-7D69468A6089}) (Version: 26.1.2013.0 - BillP Studios)
WinRAR 5.00 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
WinRAR 5.10 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
Xiph.Org Open Codecs 0.85.17777 (HKLM-x32\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org)

==================== Restore Points  =========================

14-06-2014 19:35:56 Windows Update
21-06-2014 17:42:18 Windows Update
22-06-2014 15:34:03 Installed Monosnap
25-06-2014 16:49:45 Windows Update
02-07-2014 16:59:37 Windows Update
03-07-2014 10:34:18 Removed IObit Apps Toolbar v9.4.
03-07-2014 16:53:59 Installed 7-Zip 9.22 (x64 edition)
03-07-2014 16:55:26 Removed 7-Zip 9.20 (x64 edition)
03-07-2014 16:56:13 Installed 7-Zip 9.22 (x64 edition)

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {01215EC6-F91B-442A-97E9-BF3F0AB4371C} - System32\Tasks\ASUS\ASUS Easy Update 2 => C:\Program Files (x86)\ASUS\ASUS Easy Update\ALU.exe [2013-07-04] (ASUSTeK Computer Inc.)
Task: {01F67D46-7B23-4814-B9E9-96B0086D0B05} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-06-12] (Adobe Systems Incorporated)
Task: {26FBC791-0978-47D1-8678-94CBC4FD6AA2} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe [2012-03-13] (ASUSTeK Computer Inc.)
Task: {2BB705B4-7D90-41F7-88D9-A6E517942E55} - \Browser Updater\Browser Updater No Task File <==== ATTENTION
Task: {3D423D99-58A5-4EED-969A-35D915C6AAC6} - System32\Tasks\ASUS\AsBackupWizard_Run => C:\Program Files (x86)\ASUS\\AsBackupWizard\\AsRunBkWizardHelper.exe [2010-04-24] (ASUSTeK Computer Inc.)
Task: {4BE641C6-5077-4A27-B0D2-E3487ED2871C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-03] (Google Inc.)
Task: {705D2C7E-0507-4C47-B5BA-CF8A261BC399} - System32\Tasks\Zxxx NBAgent 15 0 => C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBAgent.exe [2013-12-04] (Nero AG)
Task: {71B3FA66-CE0D-4544-8DB1-B56A42717F83} - System32\Tasks\Zxxxs Dateisicherung 15 0 => C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBCore.exe [2013-12-04] (Nero AG)
Task: {742795C9-E2E6-4EE9-922E-050DE9B4F7AE} - System32\Tasks\ASUS\Asus HybridSleep Helper => C:\Program Files (x86)\ASUS\ASUS Instant On\AsInstantOn.exe [2011-12-29] (ASUSTeK Computer Inc.)
Task: {B2F31866-51E5-4AA0-9DEA-B42647A63665} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-06-24] (Piriform Ltd)
Task: {BB45EBC8-541E-4EDA-A83E-558E05A9B10E} - System32\Tasks\ASUS\ASUS Dr.Net Execute => C:\Program Files (x86)\ASUS\AI Suite II\Dr.Net\AsDrNotify.exe [2012-07-06] (ASUSTeK Computer Inc.)
Task: {C51D313D-EEA0-47A7-955D-B778128CB11A} - System32\Tasks\One-Click Optimizer => C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 10\WO10.exe [2013-11-19] (Ashampoo Development GmbH & Co. KG)
Task: {CCAE805E-7135-4529-89B2-558D8D679BBA} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2013-10-16] (Nero AG)
Task: {D0742BFC-D05B-4A24-8FDC-DDD360C0B15B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-03] (Google Inc.)
Task: {F7C53F11-E165-4E6C-9B37-4049178CCDAC} - \ProtectedSearch\Protected Search No Task File <==== ATTENTION
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\One-Click Optimizer.job => C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 10\WO10.exe

==================== Loaded Modules (whitelisted) =============

2013-06-27 19:07 - 2012-06-01 17:42 - 00920736 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
2013-07-04 19:51 - 2011-02-07 09:56 - 00138192 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2012-01-12 12:23 - 2012-01-12 12:23 - 00018432 _____ () C:\Users\Zxxx\AppData\LocalLow\WOT\IE\WOTUpdater.exe
2013-06-28 09:57 - 2010-08-04 14:44 - 00266240 _____ () C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvc.exe
2013-10-15 17:52 - 2012-11-08 20:17 - 01433200 _____ () C:\Program Files (x86)\Ditto\Ditto.exe
2011-11-02 14:03 - 2011-11-02 14:03 - 00430080 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2011-11-02 14:03 - 2011-11-02 14:03 - 00032768 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\BrandingResources.dll
2011-12-05 22:10 - 2011-12-05 22:10 - 00369152 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2011-09-24 15:52 - 2011-09-24 15:52 - 00123712 _____ () C:\Program Files\Common Files\Nitro PDF\Professional\6.0\NPShellExtension64.dll
2013-06-27 19:07 - 2014-07-04 11:04 - 00025600 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\PEbiosinterface32.dll
2013-06-27 19:07 - 2010-06-29 10:58 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\ATKEX.dll
2012-06-28 16:58 - 2012-06-28 16:58 - 00435584 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\Common\ulxmlrpcpp.dll
2013-06-28 09:57 - 2010-03-10 14:50 - 00360448 _____ () C:\Program Files (x86)\NETGEAR\WNA1100\WifiLib.dll
2012-02-22 04:39 - 2010-04-23 13:23 - 00011264 _____ () C:\Program Files (x86)\ASUS\ASUS Instant On\Images\AsMultiLang.dll
2012-02-22 04:39 - 2011-06-13 19:53 - 00061440 _____ () C:\Program Files (x86)\ASUS\ASUS Instant On\MSPowerLib.dll
2013-10-27 13:27 - 2012-11-22 17:14 - 00050688 _____ () C:\Program Files (x86)\ASUS\ASUS Easy Update\AsMultiLang.dll
2013-08-31 23:10 - 2013-07-15 19:29 - 00620718 ____N () C:\Program Files (x86)\BillP Studios\WinPatrol\sqlite3.dll
2012-06-28 20:46 - 2012-06-28 20:46 - 13005184 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\Common\ti_managers.dll
2012-02-22 04:33 - 2012-02-08 03:39 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2012-08-17 21:38 - 2012-08-17 21:38 - 00479160 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\dblite.dll
2012-08-17 21:39 - 2013-06-29 10:53 - 01310136 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\kpcengine.2.2.dll
2014-02-19 21:44 - 2014-07-03 12:17 - 03852912 _____ () C:\Users\Zxxx\AppData\Local\Mozilla Firefox\mozjs.dll
2012-06-28 17:34 - 2012-06-28 17:34 - 00018816 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\ti_managers_proxy_stub.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TEMP:0CFF5F08
AlternateDataStreams: C:\Users\Zxxx\Downloads\Jetzt_Neu_Die_kostenlose_W_rterbuch_Bibliothek_von_PONS.eml:OECustomProperty

==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AsusVibeLauncher.lnk => C:\Windows\pss\AsusVibeLauncher.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Zxxx^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Canon IJ Status Monitor Canon MG5300 series Printer.lnk => C:\windows\pss\Canon IJ Status Monitor Canon MG5300 series Printer.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: ASUS Ai Charger => C:\Program Files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe
MSCONFIG\startupreg: ASUSWebStorage => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.104.216\AsusWSPanel.exe /S
MSCONFIG\startupreg: RTHDVCPL => "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============

Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2014-07-03 22:12:30.946
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-07-03 22:12:30.945
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-07-03 22:12:30.942
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-07-03 22:12:30.927
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-07-03 22:12:30.925
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-07-03 22:12:30.922
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-06-14 21:38:27.755
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-06-14 21:38:27.753
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-06-14 21:38:27.738
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-06-14 21:38:27.736
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 30%
Total physical RAM: 8147.61 MB
Available physical RAM: 5661.71 MB
Total Pagefile: 16293.39 MB
Available Pagefile: 13614.89 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: (WIN7) (Fixed) (Total:931.41 GB) (Free:563.22 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 56920702)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         

Alt 04.07.2014, 12:37   #9
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Win 7 (64): Browser voller Toolbars, Startseite geändert, alles doppelt unterstrichen; MBAM startet nicht ... - Standard

Win 7 (64): Browser voller Toolbars, Startseite geändert, alles doppelt unterstrichen; MBAM startet nicht ...



Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
HKU\.DEFAULT\...\RunOnce: [SpUninstallDeleteDir] - rmdir /s /q "\SearchProtect"
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKLM-x32 - URL http://search.certified-toolbar.com?si=66920&st=bs&tid=6787&ver=4.4&ts=1381010400000.000008&tguid=66920-6787-1381069221592-271746E61142FEA1972C5C8461C1103F&q={searchTerms}
SearchScopes: HKLM-x32 - TopResultURLFallback http://search.certified-toolbar.com?si=66920&st=bs&tid=6787&ver=4.4&ts=1381010400000.000008&tguid=66920-6787-1381069221592-271746E61142FEA1972C5C8461C1103F&q={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
R1 {f727685b-ed90-4adc-8eec-8234574a91e6}w64; C:\Windows\System32\drivers\{f727685b-ed90-4adc-8eec-8234574a91e6}w64.sys [61120 2014-06-05] (StdLib)
C:\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd
C:\Windows\System32\drivers\{f727685b-ed90-4adc-8eec-8234574a91e6}w64.sys
Task: {2BB705B4-7D90-41F7-88D9-A6E517942E55} - \Browser Updater\Browser Updater No Task File <==== ATTENTION
Task: {F7C53F11-E165-4E6C-9B37-4049178CCDAC} - \ProtectedSearch\Protected Search No Task File <==== ATTENTION
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 04.07.2014, 13:13   #10
Riddle
 
Win 7 (64): Browser voller Toolbars, Startseite geändert, alles doppelt unterstrichen; MBAM startet nicht ... - Standard

Win 7 (64): Browser voller Toolbars, Startseite geändert, alles doppelt unterstrichen; MBAM startet nicht ...



Code:
ATTFilter
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 03-07-2014
Ran by Zxxx at 2014-07-04 13:10:59 Run:1
Running from C:\Users\Zxxx\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
HKU\.DEFAULT\...\RunOnce: [SpUninstallDeleteDir] - rmdir /s /q "\SearchProtect"
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKLM-x32 - URL http://search.certified-toolbar.com?si=66920&st=bs&tid=6787&ver=4.4&ts=1381010400000.000008&tguid=66920-6787-1381069221592-271746E61142FEA1972C5C8461C1103F&q={searchTerms}
SearchScopes: HKLM-x32 - TopResultURLFallback http://search.certified-toolbar.com?si=66920&st=bs&tid=6787&ver=4.4&ts=1381010400000.000008&tguid=66920-6787-1381069221592-271746E61142FEA1972C5C8461C1103F&q={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
R1 {f727685b-ed90-4adc-8eec-8234574a91e6}w64; C:\Windows\System32\drivers\{f727685b-ed90-4adc-8eec-8234574a91e6}w64.sys [61120 2014-06-05] (StdLib)
C:\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd
C:\Windows\System32\drivers\{f727685b-ed90-4adc-8eec-8234574a91e6}w64.sys
Task: {2BB705B4-7D90-41F7-88D9-A6E517942E55} - \Browser Updater\Browser Updater No Task File <==== ATTENTION
Task: {F7C53F11-E165-4E6C-9B37-4049178CCDAC} - \ProtectedSearch\Protected Search No Task File <==== ATTENTION
*****************

HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpUninstallDeleteDir => value deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\URL => value deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\TopResultURLFallback => value deleted successfully.
'HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}' => Key deleted successfully.
'HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}'=> Key not found.
{f727685b-ed90-4adc-8eec-8234574a91e6}w64 => Service stopped successfully.
{f727685b-ed90-4adc-8eec-8234574a91e6}w64 => Service deleted successfully.
"C:\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd" => File/Directory not found.
C:\Windows\System32\drivers\{f727685b-ed90-4adc-8eec-8234574a91e6}w64.sys => Moved successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{2BB705B4-7D90-41F7-88D9-A6E517942E55}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2BB705B4-7D90-41F7-88D9-A6E517942E55}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Browser Updater\Browser Updater' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F7C53F11-E165-4E6C-9B37-4049178CCDAC}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F7C53F11-E165-4E6C-9B37-4049178CCDAC}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ProtectedSearch\Protected Search' => Key deleted successfully.

==== End of Fixlog ====
         

Alt 04.07.2014, 13:54   #11
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Win 7 (64): Browser voller Toolbars, Startseite geändert, alles doppelt unterstrichen; MBAM startet nicht ... - Standard

Win 7 (64): Browser voller Toolbars, Startseite geändert, alles doppelt unterstrichen; MBAM startet nicht ...



Okay, dann Kontrollscans mit MBAM und ESET bitte:

Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 04.07.2014, 14:25   #12
Riddle
 
Win 7 (64): Browser voller Toolbars, Startseite geändert, alles doppelt unterstrichen; MBAM startet nicht ... - Standard

Win 7 (64): Browser voller Toolbars, Startseite geändert, alles doppelt unterstrichen; MBAM startet nicht ...



Selbes Verhalten wie eingangs beschrieben: MBAM stürzt immer noch kurz nach dem Öffnen ab. (Hatte sicherheitshalber vor der Neuinstallation die Version von gestern mit Revo deinstalliert.)

Soll ich mit ESET weitermachen?

Alt 04.07.2014, 14:26   #13
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Win 7 (64): Browser voller Toolbars, Startseite geändert, alles doppelt unterstrichen; MBAM startet nicht ... - Standard

Win 7 (64): Browser voller Toolbars, Startseite geändert, alles doppelt unterstrichen; MBAM startet nicht ...



In MBAM scheint gerade kräftig was rumzuspinnen...bist jetzt schon der 2. oder so, der mir meldet, dass MBAM immer abkachelt. Mach einfach mal mit ESET weiter.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 04.07.2014, 21:00   #14
Riddle
 
Win 7 (64): Browser voller Toolbars, Startseite geändert, alles doppelt unterstrichen; MBAM startet nicht ... - Standard

Win 7 (64): Browser voller Toolbars, Startseite geändert, alles doppelt unterstrichen; MBAM startet nicht ...



So, Deutschland ist inzwischen im Halbfinale und der Scan nach 6 Std. fertig ...
Etliche Funde sind im Quarantäne-Ordner von ADW; aber einiges auch noch in anderen Ordnern .

Wie geht's jetzt weiter?

Code:
ATTFilter
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Conduit\Community Alerts\Alert.dll.vir	Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Program Files (x86)\ResultsAlpha\ResultsAlphaUn.exe.vir	möglicherweise Variante von MSIL/BrowseFox.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Program Files (x86)\ResultsAlpha\updateResultsAlpha.exe.vir	Variante von Win32/BrowseFox.H evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Program Files (x86)\ResultsAlpha\bin\ResultsAlpha.BrowserAdapter.exe.vir	Variante von Win32/BrowseFox.I evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Program Files (x86)\ResultsAlpha\bin\ResultsAlpha.PurBrowse64.exe.vir	Variante von Win64/BrowseFox.A evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Program Files (x86)\ResultsAlpha\bin\ResultsAlphaBAApp.dll.vir	Variante von Win32/BrowseFox.I evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Program Files (x86)\ResultsAlpha\bin\ResultsAlphaBrowserFilter.exe.vir	Variante von MSIL/BrowseFox.B evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Program Files (x86)\ResultsAlpha\bin\utilResultsAlpha.exe.vir	Variante von Win32/BrowseFox.H evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Program Files (x86)\ResultsAlpha\bin\{f727685b-ed90-4adc-8eec-8234574a91e6}.dll.vir	Variante von Win32/BrowseFox.K evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Program Files (x86)\ResultsAlpha\bin\plugins\ResultsAlpha.Bromon.dll.vir	Variante von MSIL/BrowseFox.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Program Files (x86)\ResultsAlpha\bin\plugins\ResultsAlpha.BroStats.dll.vir	Variante von MSIL/BrowseFox.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Program Files (x86)\ResultsAlpha\bin\plugins\ResultsAlpha.BrowserAdapterS.dll.vir	möglicherweise Variante von MSIL/BrowseFox.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Program Files (x86)\ResultsAlpha\bin\plugins\ResultsAlpha.BrowserFilter.dll.vir	Variante von MSIL/BrowseFox.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Program Files (x86)\ResultsAlpha\bin\plugins\ResultsAlpha.CompatibilityChecker.dll.vir	Variante von MSIL/BrowseFox.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Program Files (x86)\ResultsAlpha\bin\plugins\ResultsAlpha.FFUpdate.dll.vir	möglicherweise Variante von MSIL/BrowseFox.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Program Files (x86)\ResultsAlpha\bin\plugins\ResultsAlpha.GCUpdate.dll.vir	Variante von MSIL/BrowseFox.E evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Program Files (x86)\ResultsAlpha\bin\plugins\ResultsAlpha.IEUpdate.dll.vir	möglicherweise Variante von MSIL/BrowseFox.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Program Files (x86)\ResultsAlpha\bin\plugins\ResultsAlpha.OfSvc.dll.vir	Variante von MSIL/BrowseFox.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Program Files (x86)\ResultsAlpha\bin\plugins\ResultsAlpha.PurBrowse.dll.vir	Variante von MSIL/BrowseFox.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Program Files (x86)\ResultsAlpha\bin\plugins\ResultsAlpha.Repmon.dll.vir	Variante von MSIL/BrowseFox.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SupIePluginServiceUpdate.exe.vir	Variante von Win32/ELEX.AD evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SupTab.dll.vir	Variante von Win32/Thinknice.B evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Uninstaller\Uninstall.exe.vir	Variante von MSIL/DomaIQ.A evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Zxxx\AppData\Local\Conduit\Chrome\CT3317893\CHUninstaller.exe.vir	Variante von Win32/Conduit.SearchProtect.N evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Zxxx\AppData\Local\Conduit\Community Alerts\Aler0.dll.vir	Variante von Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Zxxx\AppData\Local\Conduit\Community Alerts\Alert.dll.vir	Variante von Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Zxxx\AppData\Local\DownloadGuide\Offers\mconduitinstaller.exe.vir	Win32/Toolbar.Conduit.S evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbaaieplnliapedmcbfgfijinolepige\10.23.0.722_0\nativeMessaging\TBMessagingHost.exe.vir	Variante von Win32/Toolbar.Conduit.AH evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbaaieplnliapedmcbfgfijinolepige\10.23.0.722_0\TBHostSupport\TBHostSupport.dll.vir	Variante von Win32/Toolbar.Conduit.AA evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbaaieplnliapedmcbfgfijinolepige\10.23.0.722_1\nativeMessaging\TBMessagingHost.exe.vir	Variante von Win32/Toolbar.Conduit.AH evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbaaieplnliapedmcbfgfijinolepige\10.23.0.722_1\TBHostSupport\TBHostSupport.dll.vir	Variante von Win32/Toolbar.Conduit.AA evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbaaieplnliapedmcbfgfijinolepige\10.26.7.519_0\APISupport\APISupport.dll.vir	Variante von Win32/Conduit.SearchProtect.P evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbaaieplnliapedmcbfgfijinolepige\10.26.7.519_0\nativeMessaging\TBMessagingHost.exe.vir	Variante von Win32/Toolbar.Conduit.AH evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbaaieplnliapedmcbfgfijinolepige\10.31.4.510_0\APISupport\APISupport.dll.vir	Variante von Win32/Conduit.SearchProtect.P evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbaaieplnliapedmcbfgfijinolepige\10.31.4.510_0\nativeMessaging\TBMessagingHost.exe.vir	Variante von Win32/Toolbar.Conduit.AH evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbaaieplnliapedmcbfgfijinolepige\10.31.4.510_0\plugins\ChromeApiPlugin.dll.vir	Variante von Win32/Conduit.SearchProtect.N evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\plugins\101_cortica_m.js.vir	JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\plugins\102_dealply_m.js.vir	JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\plugins\103_intext_5_m.js.vir	JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\plugins\104_jollywallet_m.js.vir	JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\plugins\105_corticas_m.js.vir	JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\plugins\107_coupish_m.js.vir	JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\plugins\108_icm_m.js.vir	JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\plugins\116_ads_only_5_m.js.vir	JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\plugins\117_coupons_intext_ads_5_m.js.vir	JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\plugins\119_similar_web_m.js.vir	JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\plugins\120_luck_m.js.vir	JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\plugins\123_intext_adv_m.js.vir	JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\plugins\124_superfish_no_search_no_coupons_m.js.vir	JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\plugins\125_arcadi2_m.js.vir	JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\plugins\126_revizer_ws_m.js.vir	JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\plugins\127_revizer_p_m.js.vir	JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\plugins\128_superfish_pricora_m.js.vir	JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\plugins\129_widdit_m.js.vir	JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\plugins\135_arcadi3_m.js.vir	JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\plugins\138_getdeal_m.js.vir	JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\plugins\141_corticas_ru_m.js.js.vir	JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\plugins\142_intext_fa_m.js.vir	JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\plugins\155_ibario_pops_m.js.vir	JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\plugins\91_monetizationLoader.js.js.vir	JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\plugins\92_superfish_m.js.vir	JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\plugins\93_superfish_no_coupons_m.js.vir	JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.25.39_0\extensionData\plugins\101_cortica_m.js.vir	JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.25.39_0\extensionData\plugins\102_dealply_m.js.vir	JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.25.39_0\extensionData\plugins\103_intext_5_m.js.vir	JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.25.39_0\extensionData\plugins\104_jollywallet_m.js.vir	JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.25.39_0\extensionData\plugins\105_corticas_m.js.vir	JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.25.39_0\extensionData\plugins\107_coupish_m.js.vir	JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.25.39_0\extensionData\plugins\108_icm_m.js.vir	JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.25.39_0\extensionData\plugins\116_ads_only_5_m.js.vir	JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.25.39_0\extensionData\plugins\117_coupons_intext_ads_5_m.js.vir	JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.25.39_0\extensionData\plugins\119_similar_web_m.js.vir	JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.25.39_0\extensionData\plugins\120_luck_m.js.vir	JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.25.39_0\extensionData\plugins\123_intext_adv_m.js.vir	JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.25.39_0\extensionData\plugins\124_superfish_no_search_no_coupons_m.js.vir	JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.25.39_0\extensionData\plugins\125_arcadi2_m.js.vir	JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.25.39_0\extensionData\plugins\126_revizer_ws_m.js.vir	JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.25.39_0\extensionData\plugins\127_revizer_p_m.js.vir	JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.25.39_0\extensionData\plugins\128_superfish_pricora_m.js.vir	JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.25.39_0\extensionData\plugins\129_widdit_m.js.vir	JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.25.39_0\extensionData\plugins\135_arcadi3_m.js.vir	JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.25.39_0\extensionData\plugins\138_getdeal_m.js.vir	JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.25.39_0\extensionData\plugins\141_corticas_ru_m.js.js.vir	JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.25.39_0\extensionData\plugins\142_intext_fa_m.js.vir	JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.25.39_0\extensionData\plugins\155_ibario_pops_m.js.vir	JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.25.39_0\extensionData\plugins\158_50onred_ads_only_no_fb_m.js.vir	JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.25.39_0\extensionData\plugins\159_cortica_rollover_m.js.vir	JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.25.39_0\extensionData\plugins\170_icm1_5_m.js.vir	JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.25.39_0\extensionData\plugins\171_arcadi2_sourceID_m.js.vir	JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.25.39_0\extensionData\plugins\174_arcadi_serp_dynamic_id_m.js.vir	JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.25.39_0\extensionData\plugins\91_monetizationLoader.js.js.vir	JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.25.39_0\extensionData\plugins\92_superfish_m.js.vir	JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Zxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.25.39_0\extensionData\plugins\93_superfish_no_coupons_m.js.vir	JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Zxxx\AppData\Local\NativeMessaging\CT3317893\1_0_0_6\TBMessagingHost.exe.vir	Variante von Win32/Toolbar.Conduit.AH evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Zxxx\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_937869\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\101_cortica_m.js.vir	JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Zxxx\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_937869\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\102_dealply_m.js.vir	JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Zxxx\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_937869\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\103_intext_5_m.js.vir	JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Zxxx\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_937869\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\104_jollywallet_m.js.vir	JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Zxxx\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_937869\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\105_corticas_m.js.vir	JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Zxxx\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_937869\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\107_coupish_m.js.vir	JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Zxxx\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_937869\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\108_icm_m.js.vir	JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Zxxx\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_937869\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\116_ads_only_5_m.js.vir	JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Zxxx\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_937869\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\117_coupons_intext_ads_5_m.js.vir	JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Zxxx\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_937869\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\119_similar_web_m.js.vir	JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Zxxx\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_937869\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\120_luck_m.js.vir	JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Zxxx\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_937869\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\123_intext_adv_m.js.vir	JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Zxxx\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_937869\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\124_superfish_no_search_no_coupons_m.js.vir	JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Zxxx\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_937869\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\125_arcadi2_m.js.vir	JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Zxxx\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_937869\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\126_revizer_ws_m.js.vir	JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Zxxx\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_937869\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\127_revizer_p_m.js.vir	JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Zxxx\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_937869\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\128_superfish_pricora_m.js.vir	JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Zxxx\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_937869\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\129_widdit_m.js.vir	JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Zxxx\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_937869\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\135_arcadi3_m.js.vir	JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Zxxx\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_937869\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\138_getdeal_m.js.vir	JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Zxxx\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_937869\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\141_corticas_ru_m.js.js.vir	JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Zxxx\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_937869\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\142_intext_fa_m.js.vir	JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Zxxx\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_937869\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\155_ibario_pops_m.js.vir	JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Zxxx\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_937869\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\158_50onred_ads_only_no_fb_m.js.vir	JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Zxxx\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_937869\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\159_cortica_rollover_m.js.vir	JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Zxxx\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_937869\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\170_icm1_5_m.js.vir	JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Zxxx\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_937869\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\171_arcadi2_sourceID_m.js.vir	JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Zxxx\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_937869\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\174_arcadi_serp_dynamic_id_m.js.vir	JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Zxxx\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_937869\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\175_coolmirage_m.js.vir	JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Zxxx\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_937869\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\91_monetizationLoader.js.js.vir	JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Zxxx\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_937869\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\92_superfish_m.js.vir	JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Zxxx\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_937869\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\93_superfish_no_coupons_m.js.vir	JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Zxxx\AppData\Roaming\Slick Savings\Coupons.dll.vir	Win32/Toolbar.Widgi.F evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Zxxx\AppData\Roaming\Slick Savings\Coupons64.dll.vir	Win64/Toolbar.Widgi.C evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Zxxx\AppData\Roaming\Slick Savings\CouponsHelper.exe.vir	Variante von Win32/Toolbar.Widgi.F evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Zxxx\AppData\Roaming\Slick Savings\Uninstall.exe.vir	Win32/Toolbar.Widgi.F evtl. unerwünschte Anwendung
C:\ProgramData\IObit\ASCDownloader\Advanced SystemCare.exe	Variante von Win32/Toolbar.Widgi.B evtl. unerwünschte Anwendung
C:\Users\All Users\IObit\ASCDownloader\Advanced SystemCare.exe	Variante von Win32/Toolbar.Widgi.B evtl. unerwünschte Anwendung
C:\Users\Zxxx\AppData\Local\CRE\jbaaieplnliapedmcbfgfijinolepige.crx	Variante von Win32/Toolbar.Conduit.AA evtl. unerwünschte Anwendung
C:\Users\Zxxx\AppData\Local\Temp\dsrlte.exe	Variante von Win32/Toolbar.Montiera.K evtl. unerwünschte Anwendung
C:\Users\Zxxx\AppData\Local\Temp\RadioTotal4\nsd57C4.tbRad2.dll	Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung
C:\Users\Zxxx\AppData\Local\Temp\RadioTotal4\tbRad2.dll	Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung
C:\Users\Zxxx\Desktop\Kopieren\Multimedia\Modern View\ModernView Installer.exe	Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung
C:\Users\Zxxx\Desktop\LW_F\PCWELT\PCWELT Programme\003-PCWELT\PCW HEFTE 2003-2012\WEITERE-PDF-PCWelthefte\Ultimate Programme\PCW-Programme 20008\Isobuster 2.4\isobuster_all_lang.exe	Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung
C:\Users\Zxxx\Desktop\LW_F\PCWELT\PCWELT Programme\003-PCWELT\PCWelt-Programme\AskTBar\bar\1.bin\A5POPSWT.DLL	Win32/Toolbar.AskSBar evtl. unerwünschte Anwendung
C:\Users\Zxxx\Desktop\LW_F\PCWELT\PCWELT Programme\003-PCWELT\PCWelt-Programme\AskTBar\bar\1.bin\ASKTBAR.DLL	Win32/Toolbar.AskSBar evtl. unerwünschte Anwendung
C:\Users\Zxxx\Desktop\LW_F\PCWELT\PCWELT Programme\003-PCWELT\PCWelt-Programme\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL	Win32/Toolbar.MyWebSearch evtl. unerwünschte Anwendung
C:\Users\Zxxx\Desktop\LW_F\PCWELT\PCWELT Programme\003-PCWELT\PCWelt-Programme\TV-Browser 2.7.5\registrybooster(1).exe	Win32/RegistryBooster evtl. unerwünschte Anwendung
C:\Users\Zxxx\Desktop\LW_F\PCWELT\PCWELT Programme\003-PCWELT\WINBOARD\registrybooster(2).exe	Win32/RegistryBooster evtl. unerwünschte Anwendung
C:\Users\Zxxx\Desktop\LW_F\PCWELT\PCWelt-Programme\AskTBar\bar\1.bin\A5POPSWT.DLL	Win32/Toolbar.AskSBar evtl. unerwünschte Anwendung
C:\Users\Zxxx\Desktop\LW_F\PCWELT\PCWelt-Programme\AskTBar\bar\1.bin\ASKTBAR.DLL	Win32/Toolbar.AskSBar evtl. unerwünschte Anwendung
C:\Users\Zxxx\Desktop\LW_F\PCWELT\PCWelt-Programme\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL	Win32/Toolbar.MyWebSearch evtl. unerwünschte Anwendung
C:\Users\Zxxx\Desktop\LW_F\PCWELT\PCWelt-Programme\Hausplaner\mein-hpl-2012-frei-50-Downloader.exe	Variante von MSIL/DownloadGuide.A evtl. unerwünschte Anwendung
C:\Users\Zxxx\Desktop\LW_F\PCWELT\PCWelt-Programme\Mailware\mbam-setup-1.75.0.1300-Downloader.exe	Variante von MSIL/DownloadGuide.A evtl. unerwünschte Anwendung
C:\Users\Zxxx\Desktop\LW_F\PCWELT\PCWelt-Programme\TV-Browser 2.7.5\registrybooster(1).exe	Win32/RegistryBooster evtl. unerwünschte Anwendung
C:\Users\Zxxx\Documents\Mailware\mbam-setup-1.75.0.1300-Downloader.exe	Variante von MSIL/DownloadGuide.A evtl. unerwünschte Anwendung
C:\Users\Zxxx\Downloads\Firefox_Setup.exe	Variante von Win32/InstallCore.IL evtl. unerwünschte Anwendung
C:\Users\Zxxx\Downloads\Firefox\Firefox_Setup.exe	Variante von Win32/InstallCore.IL evtl. unerwünschte Anwendung
C:\Users\Zxxx\EIGENE DOKOMENTE\EIGENE-DATEIEN\Downloads\Firefox 10 Installer.exe	Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung
C:\Users\Zxxx\EIGENE DOKOMENTE\EIGENE-DATEIEN\Media Playere\vlc-2.0.2-win64.exe	Win32/StartPage.OPH Trojaner
C:\Users\Zxxx\EIGENE DOKOMENTE\EIGENE-DATEIEN\Media Playere\Neuer Ordner\vlc-2.0.2-win64.exe	Win32/StartPage.OPH Trojaner
C:\Users\Zxxx\EIGENE PCWELT\PCW HEFTE\WEITERE-PDF-PCWelthefte\Ultimate Programme\PCW-Programme 20008\Isobuster 2.4\isobuster_all_lang.exe	Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung
C:\Users\Zxxx\EIGENE PCWELT\PCWelt-Programme\7-ZIP\7-Zip.exe	MSIL/Solimba evtl. unerwünschte Anwendung
C:\Users\Zxxx\EIGENE PCWELT\PCWelt-Programme\AskTBar\bar\1.bin\A5POPSWT.DLL	Win32/Toolbar.AskSBar evtl. unerwünschte Anwendung
C:\Users\Zxxx\EIGENE PCWELT\PCWelt-Programme\AskTBar\bar\1.bin\ASKTBAR.DLL	Win32/Toolbar.AskSBar evtl. unerwünschte Anwendung
C:\Users\Zxxx\EIGENE PCWELT\PCWelt-Programme\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL	Win32/Toolbar.MyWebSearch evtl. unerwünschte Anwendung
C:\Users\Zxxx\EIGENE PCWELT\PCWelt-Programme\Bakup Programme\SoftonicDownloader_fuer_cobian-backup.exe	Win32/SoftonicDownloader.C evtl. unerwünschte Anwendung
C:\Users\Zxxx\EIGENE PCWELT\PCWelt-Programme\Ccleaner\CCleaner 3.27.1900.exe	Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung
C:\Users\Zxxx\EIGENE PCWELT\PCWelt-Programme\CD Schutz\FreeEasyCDDVDBurnerSetup-r101-w.exe	Win32/Toolbar.SearchSuite evtl. unerwünschte Anwendung
C:\Users\Zxxx\EIGENE PCWELT\PCWelt-Programme\Diashow\SoftonicDownloader_fuer_photoscape-portable\SoftonicDownloader_fuer_photoscape-portable.exe	Win32/SoftonicDownloader.E evtl. unerwünschte Anwendung
C:\Users\Zxxx\EIGENE PCWELT\PCWelt-Programme\Samsung Pcstudio\SoftonicDownloader_fuer_samsung-pc-studio - Kopie.exe	Win32/SoftonicDownloader.E evtl. unerwünschte Anwendung
C:\Users\Zxxx\EIGENE PCWELT\PCWelt-Programme\Samsung Pcstudio\SoftonicDownloader_fuer_samsung-pc-studio.exe	Win32/SoftonicDownloader.E evtl. unerwünschte Anwendung
C:\Users\Zxxx\EIGENE PCWELT\PCWelt-Programme\TV-Browser 2.7.5\registrybooster(1).exe	Win32/RegistryBooster evtl. unerwünschte Anwendung
C:\Users\Zxxx\EIGENE PCWELT\PCWelt-Programme\Win Rar\Apache-OpenOffice_Setup_Download.exe	Variante von MSIL/DownloadGuide.D evtl. unerwünschte Anwendung
C:\Users\Zxxx\EIGENE PCWELT\PCWelt-Programme\Winamp\Winamp 5.64\rcpsetup_softonic_new_de_ros_new.exe	MSIL/AdvancedSystemProtector.D evtl. unerwünschte Anwendung
C:\Users\Zxxx\EIGENE PCWELT\WINBOARD\registrybooster(2).exe	Win32/RegistryBooster evtl. unerwünschte Anwendung
         

Alt 05.07.2014, 23:03   #15
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Win 7 (64): Browser voller Toolbars, Startseite geändert, alles doppelt unterstrichen; MBAM startet nicht ... - Standard

Win 7 (64): Browser voller Toolbars, Startseite geändert, alles doppelt unterstrichen; MBAM startet nicht ...



Hauptsächlich Junkware. Einfach mal in Zukunft solche Downloadportale vermeiden. Lade immer direkt vom Hersteller oder filepony.

Geht Malwarebytes jetzt?
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Antwort

Themen zu Win 7 (64): Browser voller Toolbars, Startseite geändert, alles doppelt unterstrichen; MBAM startet nicht ...
doppelt unterstrichene links, js/toolbar.crossrider.a, js/toolbar.crossrider.b, launch, lightning, malwarebytes stürzt ab, msil/browsefox.b, msil/browsefox.e, msil/browsefox.g, msil/domaiq.a, preferences, registrierungsdatenbank, startseite, toolbars, win32/browsefox.h, win32/browsefox.i, win32/browsefox.k, win32/conduit.searchprotect.n, win32/conduit.searchprotect.p, win32/elex.ad, win32/thinknice.b, win32/toolbar.conduit.aa, win32/toolbar.conduit.ah, win32/toolbar.conduit.s, win32/toolbar.conduit.y, win32/toolbar.widgi.b, win32/toolbar.widgi.f, win64/browsefox.a, win64/toolbar.widgi.c



Ähnliche Themen: Win 7 (64): Browser voller Toolbars, Startseite geändert, alles doppelt unterstrichen; MBAM startet nicht ...


  1. Laptop startet 5 Min.+, Audio startet nicht automatisch, ESET kann nicht alles in Quarantäne schieben, AdwareBytes findet Bedrohungen
    Log-Analyse und Auswertung - 05.07.2015 (12)
  2. Alles ist Doppelt unterstrichen (chrome)
    Log-Analyse und Auswertung - 16.05.2015 (1)
  3. wörter grün und blau doppelt unterstrichen
    Log-Analyse und Auswertung - 19.11.2014 (8)
  4. Wörter blau und doppelt unterstrichen + Werbung + Java Update und der Browser ka..t total ab
    Log-Analyse und Auswertung - 14.11.2014 (15)
  5. Werbung im Browser, Wörter doppelt blau unterstrichen
    Plagegeister aller Art und deren Bekämpfung - 23.09.2014 (5)
  6. Win 7, Wörter blau und doppelt unterstrichen + Werbung
    Log-Analyse und Auswertung - 30.08.2014 (9)
  7. Wörter blau und doppelt unterstrichen + Werbung
    Log-Analyse und Auswertung - 03.08.2014 (4)
  8. Windows 7: Leerlauf Scan im BitDefender wird immer wieder ausgeschaltet und Browser Startseite "google" wird geändert
    Log-Analyse und Auswertung - 20.05.2014 (13)
  9. mediaplayertotal doppelt-grün unterstrichen
    Log-Analyse und Auswertung - 06.01.2014 (23)
  10. Windows 7, 64-bit, Browser-Startseite auf "wisersearch" geändert
    Plagegeister aller Art und deren Bekämpfung - 03.01.2014 (14)
  11. Wörter erscheinen im Browser Grün und doppelt unterstrichen
    Log-Analyse und Auswertung - 30.12.2013 (9)
  12. startseite d. webbrowsers geändert, klick startet verbindung mit 'rvzr-a.akamaihd.net'
    Log-Analyse und Auswertung - 25.12.2013 (9)
  13. Grüne Wörter doppelt unterstrichen auf Internetseiten
    Plagegeister aller Art und deren Bekämpfung - 26.11.2013 (17)
  14. Win 7 / Mozilla - Wörter doppelt unterstrichen und viele Pop ups
    Plagegeister aller Art und deren Bekämpfung - 15.10.2013 (9)
  15. Browser spinnen (IE startet Startseite unaudhaltsam neu und FF und Google leiten Anfragen woanders hin...
    Plagegeister aller Art und deren Bekämpfung - 02.10.2012 (1)
  16. Browser startet selbsstätig und springt auf Startseite
    Plagegeister aller Art und deren Bekämpfung - 11.04.2012 (13)
  17. Internet Explorer Startseite kann nicht mehr geändert werden
    Log-Analyse und Auswertung - 04.01.2007 (4)

Zum Thema Win 7 (64): Browser voller Toolbars, Startseite geändert, alles doppelt unterstrichen; MBAM startet nicht ... - Hallo zusammen, auf ein Neues ... der Rechner eines Bekannten ... Bin mir noch nicht sicher, wo es überall "hakt". ADWCleaner ist schon gelaufen; außerdem habe ich schon alle möglichen - Win 7 (64): Browser voller Toolbars, Startseite geändert, alles doppelt unterstrichen; MBAM startet nicht ......
Archiv
Du betrachtest: Win 7 (64): Browser voller Toolbars, Startseite geändert, alles doppelt unterstrichen; MBAM startet nicht ... auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.