Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Mozilla öffnet von alleine neue Tabs

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 29.07.2014, 14:22   #1
Drums93
 
Mozilla öffnet von alleine neue Tabs - Standard

Mozilla öffnet von alleine neue Tabs



Hallo liebes Trojaner Board Team,

seit einiger Zeit öffnet sich bei meinem Firefox von alleine neue Tabs mit allerhand Werbung.
Dazu kommt, dass ich auf den Seiten, auf denen ich mich befinde, immer wieder kleine Fenster mit Werbung von allen möglichen Dingen wie Spiele, Mode usw. habe die ich dann mit einem X wegklicken kann. Diese kommen aber ebenfalls immer wieder.
Ich habe mal einen Scan durchgeführt aber habe auch weiter keine Ahnung davon.
Ich bitte um Hilfe,

liebe Grüße und vielen Dank schonmal



FRST

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-07-2014
Ran by Markus (administrator) on MORGAN on 29-07-2014 15:06:36
Running from C:\Users\Markus\Downloads
Platform: Windows 8 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Cherished Technololgy LIMITED) C:\ProgramData\IePluginServices\PluginService.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(SIEN S.A.) C:\Program Files (x86)\Common Files\IMGUpdater\IMGUpdater.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(Iminent) C:\Program Files (x86)\Common Files\Umbrella\Umbrella210.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Iminent) C:\Program Files (x86)\Common Files\Umbrella\Umbrella210.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
() C:\Program Files (x86)\SupTab\HpUI.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
() C:\Program Files (x86)\SupTab\Loader32.exe
() C:\Program Files (x86)\SupTab\Loader64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Spotify Ltd) C:\Users\Markus\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Smartbar) C:\Users\Markus\AppData\Local\Smartbar\Application\Smartbar.exe
(Dritek System Inc.) C:\Program Files (x86)\RadioController\RfBtnHelper.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
() C:\Users\Markus\AppData\Local\Smartbar\Application\Lrcnta.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.EXE
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2873744 2012-11-20] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM-x32\...\Run: [LManager] => [X]
HKLM-x32\...\Run: [RadioController] => C:\Program Files (x86)\RadioController\RfBtnHelper.exe [111216 2013-07-30] (Dritek System Inc.)
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2994880 2012-08-15] (Symantec Corporation)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1273448 2012-04-03] (CANON INC.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-03] (Apple Inc.)
HKLM-x32\...\Run: [mobilegeni daemon] => C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
HKLM-x32\...\Run: [AnyProtect Scanner] => "C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe"
HKLM-x32\...\Run: [AnyProtect Tray] => "C:\Program Files (x86)\AnyProtectEx\AnyProtectTrayIcon.exe"
HKLM-x32\...\Run: [fst_de_75] => [X]
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-07-08] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3478845354-2299671783-2462539787-1002\...\Run: [Spotify Web Helper] => C:\Users\Markus\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1176632 2014-07-01] (Spotify Ltd)
HKU\S-1-5-21-3478845354-2299671783-2462539787-1002\...\Run: [NextLive] => C:\Windows\SysWOW64\rundll32.exe "C:\Users\Markus\AppData\Roaming\newnext.me\nengine.dll",EntryPoint (the data entry has 6 more characters).
HKU\S-1-5-21-3478845354-2299671783-2462539787-1002\...\Run: [Browser Infrastructure Helper] => C:\Users\Markus\AppData\Local\Smartbar\Application\Smartbar.exe [28952 2014-06-11] (Smartbar)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [245872 2013-02-21] (NVIDIA Corporation)
AppInit_DLLs: C:\PROGRA~3\FASTAN~1\FASTAN~2.DLL => C:\ProgramData\Fast And Safe\FastAndSafe_x64.dll [4302848 2014-07-24] ()
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [201576 2013-02-21] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\progra~3\fastan~1\fastan~1.dll => c:\ProgramData\Fast And Safe\FastAndSafe.dll [4125696 2014-07-24] ()
IFEO\DatamngrCoordinator.exe: [Debugger] tasklist.exe
ShellIconOverlayIdentifiers: SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Markus\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64\SkyDriveShell64.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Markus\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64\SkyDriveShell64.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Markus\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64\SkyDriveShell64.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Markus\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\SkyDriveShell.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Markus\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\SkyDriveShell.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Markus\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\SkyDriveShell.dll (Microsoft Corporation)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StLKYZZHUxozG7WbG8M4ZbpPFmdMdnxsM5TEzN82KrkxsAMQ2M_ucVyCiDfMqKfi8T7o6SfBNWAvVd3w2NVqtHbXB1QakofDqcezBu_mD55W29eHDqrmLA4QENdiskQFZ 9MXzGUVgXaO89kx2x4S_Z5s01KLxwlX2MKGCdRC8T6vB2LLtpkVhp-9MmOw9z9BVWT2uaNGlcpA,,&q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://myhome.vi-view.com/?type=hp&ts=1406294425&from=tugs&uid=TOSHIBAXMQ01ABD075_53L8P7KXTXX53L8P7KXT
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StLKYZZHUxozG7WbG8M4ZbpPFmdMdnxsM5TEzN82KrkxsAMQ2M_ucVyCiDfMqKfi8T7o6SfBNWAvVd3w2NVqtHbXB1QakofDqcezBu_mD55W29eHDqrmLA4QENdiskQFZ 9MXzGUVgXaO89kx2x4S_Z5s01KLxwlX2MKGCdRC8T6vB2LLtpkVhp-9MmOw9z9BVWT2uaNGlcpA,,&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://myhome.vi-view.com/web/?type=ds&ts=1406294425&from=tugs&uid=TOSHIBAXMQ01ABD075_53L8P7KXTXX53L8P7KXT&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://myhome.vi-view.com/?type=hp&ts=1406294425&from=tugs&uid=TOSHIBAXMQ01ABD075_53L8P7KXTXX53L8P7KXT
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://myhome.vi-view.com/?type=hp&ts=1406294425&from=tugs&uid=TOSHIBAXMQ01ABD075_53L8P7KXTXX53L8P7KXT
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://myhome.vi-view.com/web/?type=ds&ts=1406294425&from=tugs&uid=TOSHIBAXMQ01ABD075_53L8P7KXTXX53L8P7KXT&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://myhome.vi-view.com/web/?type=ds&ts=1406294425&from=tugs&uid=TOSHIBAXMQ01ABD075_53L8P7KXTXX53L8P7KXT&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://myhome.vi-view.com/?type=hp&ts=1406294425&from=tugs&uid=TOSHIBAXMQ01ABD075_53L8P7KXTXX53L8P7KXT
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://myhome.vi-view.com/?type=hp&ts=1406294425&from=tugs&uid=TOSHIBAXMQ01ABD075_53L8P7KXTXX53L8P7KXT
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://myhome.vi-view.com/web/?type=ds&ts=1406294425&from=tugs&uid=TOSHIBAXMQ01ABD075_53L8P7KXTXX53L8P7KXT&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.nationzoom.com/?type=sc&ts=1388195262&from=tugs&uid=TOSHIBAXMQ01ABD075_53L8P7KXTXX53L8P7KXT
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM - {A33DB9FD-7A8A-496E-92D3-9CFCF9D9E1C9} URL = hxxp://myhome.vi-view.com/web/?type=ds&ts=1406294425&from=tugs&uid=TOSHIBAXMQ01ABD075_53L8P7KXTXX53L8P7KXT&q={searchTerms}
SearchScopes: HKLM - {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKLM - {D5D69A15-4A00-4858-A6FD-DD708ED1681B} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://myhome.vi-view.com/web/?type=ds&ts=1406294425&from=tugs&uid=TOSHIBAXMQ01ABD075_53L8P7KXTXX53L8P7KXT&q={searchTerms}
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StLKYZZHUxozG7WbG8M4ZbpPFmdMdnxsM5TEzN82KrkxsAMQ2M_ucVyCiDfMqKfi8T7o6SfBNWAvVd3w2NVqtHbXB1QakofDqcezBu_mD55W29eHDqrmLA4QENdiskQFZ 9MXzGUVgXaO89kx2x4S_Z5s01KLxwlX2MKGCdRC8T6vB2LLtpkVhp-9Mly-dU_lgAWBeU3Pfbag,,&q={searchTerms}
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://myhome.vi-view.com/web/?type=ds&ts=1406294425&from=tugs&uid=TOSHIBAXMQ01ABD075_53L8P7KXTXX53L8P7KXT&q={searchTerms}
SearchScopes: HKCU - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://start.iminent.com/?appId=DDDAC049-75D2-4819-AE02-A28036A20839&ref=toolbox&q={searchTerms}
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://start.iminent.com/?appId=DDDAC049-75D2-4819-AE02-A28036A20839&ref=toolbox&q={searchTerms}
SearchScopes: HKCU - {460C3D19-B3D4-4964-A550-77D263B0CCCB} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StLKYZZHUxozG7WbG8M4ZbpPFmdMdnxsM5TEzN82KrkxsAMQ2M_ucVyCiDfMqKfi8T7o6SfBNWAvVd3w2NVqtHbXB1QakofDqcezBu_mD55W29eHDqrmLA4QENdiskQFZ 9MXzGUVgXaO89kx2x4S_Z5s01KLxwlX2MKGCdRC8T6vB2LLtpkVhp-9MmOw9z9BVWT2uaNGlcpA,,&q={searchTerms}
SearchScopes: HKCU - {A33DB9FD-7A8A-496E-92D3-9CFCF9D9E1C9} URL = hxxp://myhome.vi-view.com/web/?type=ds&ts=1406294425&from=tugs&uid=TOSHIBAXMQ01ABD075_53L8P7KXTXX53L8P7KXT&q={searchTerms}
BHO: video MediaPlay-Air -> {11111111-1111-1111-1111-110611171199} -> C:\Program Files (x86)\video MediaPlay-Air\video MediaPlay-Air-bho64.dll (enter)
BHO: Yahoo Community Smartbar (by Linkury)Engine -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: video MediaPlay-Air -> {11111111-1111-1111-1111-110611171199} -> C:\Program Files (x86)\video MediaPlay-Air\video MediaPlay-Air-bho.dll (enter)
BHO-x32: Yahoo Community Smartbar (by Linkury)Engine -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: IETabPage Class -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -> C:\Program Files (x86)\SupTab\SupTab.dll (Thinknice Co. Limited)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: No Name -> {84FF7BD6-B47F-46F8-9130-01B2696B36CB} -> No File
Toolbar: HKLM - Yahoo Community Smartbar (by Linkury) - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKLM-x32 - Yahoo Community Smartbar (by Linkury) - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\ppfgea47.default
FF NewTab: chrome://quick_start/content/index.html
FF DefaultSearchEngine: StartWeb
FF SearchEngineOrder.1: Sichere Suche
FF SelectedSearchEngine: StartWeb
FF Homepage: www.google.de
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin HKCU: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF SearchPlugin: C:\Users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\ppfgea47.default\searchplugins\Web Search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\nationzoom.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\StartWeb.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\vi-view.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: video MediaPlay-Air - C:\Users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\ppfgea47.default\Extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com [2014-07-25]
FF Extension: HQPureQualV1.8 - C:\Users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\ppfgea47.default\Extensions\d55cd0d7-9f24-4660-95b3-188599e8e4f8@6b2faf04-e86f-4bcf-a878-632814acf518.com [2014-07-25]
FF Extension: cosstminn - C:\Users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\ppfgea47.default\Extensions\eeoaaaye@o-qjgl.edu [2014-07-25]
FF Extension: Fast Start - C:\Users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\ppfgea47.default\Extensions\faststartff@gmail.com [2014-07-25]
FF Extension: WOwCiouuppon - C:\Users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\ppfgea47.default\Extensions\rhooy@kafnvxxz.co.uk [2014-07-24]
FF Extension: Iminent - C:\Users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\ppfgea47.default\Extensions\webbooster@iminent.com.xpi [2014-07-03]
FF HKLM-x32\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\ppfgea47.default\extensions\faststartff@gmail.com

Chrome:
=======
CHR HomePage: hxxp://start.iminent.com/?appId=DDDAC049-75D2-4819-AE02-A28036A20839
CHR StartupUrls: "https://www.google.de/?gws_rd=ssl"
CHR DefaultSearchKeyword: start.iminent.com
CHR DefaultNewTabURL:
CHR Extension: (Google Docs) - C:\Users\Markus\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-26]
CHR Extension: (Google Drive) - C:\Users\Markus\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-26]
CHR Extension: (YouTube) - C:\Users\Markus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-26]
CHR Extension: (Google-Suche) - C:\Users\Markus\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-26]
CHR Extension: (cosstminn) - C:\Users\Markus\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf [2014-07-25]
CHR Extension: (Google Wallet) - C:\Users\Markus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-26]
CHR Extension: (Quick start) - C:\Users\Markus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma [2014-07-25]
CHR Extension: (Google Mail) - C:\Users\Markus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-26]
CHR Extension: (cosstminn) - C:\Users\Markus\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0 [2014-07-25]
CHR HKLM-x32\...\Chrome\Extension: [igdhbblpcellaljokkpfhcjlagemhgjl] - "C:\Program Files (x86)\Iminent\Iminent.crx" [2014-07-25]
CHR HKLM-x32\...\Chrome\Extension: [pelmeidfhdlhlbjimpabfcbnnojbboma] - C:\Users\Markus\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv3.crx [2014-07-25]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 64af91bf; c:\ProgramData\Fast And Safe\FastAndSafeSvc.dll [186192 2014-07-24] () [File not signed]
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2615368 2013-02-19] (Acer Incorporated)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2356408 2014-06-19] (Microsoft Corporation)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [662088 2013-03-15] (Acer Incorporated)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [100752 2012-11-20] (ELAN Microelectronics Corp.)
R2 GlobalUpdater; C:\Program Files (x86)\Common Files\IMGUpdater\IMGUpdater.exe [378152 2014-06-18] (SIEN S.A.)
R2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe [702344 2014-07-25] (Cherished Technololgy LIMITED)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [3943104 2012-08-15] (Symantec Corporation)
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [96880 2013-07-30] (Dritek System INC.)
R2 SProtection; C:\Program Files (x86)\Common Files\Umbrella\Umbrella210.exe [3209024 2014-07-18] (Iminent)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
S2 McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [5139968 2012-06-02] (Broadcom Corporation)
R1 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0401000.00E\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2013-07-30] (Dritek System Inc.)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-07-29 15:06 - 2014-07-29 15:07 - 00026731 _____ () C:\Users\Markus\Downloads\FRST.txt
2014-07-29 15:05 - 2014-07-29 15:06 - 00000000 ____D () C:\FRST
2014-07-29 15:05 - 2014-07-29 15:05 - 02093568 _____ (Farbar) C:\Users\Markus\Downloads\FRST64.exe
2014-07-29 14:49 - 2014-07-16 00:51 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
2014-07-29 14:49 - 2014-05-29 06:04 - 00094552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2014-07-29 14:49 - 2014-05-08 03:34 - 00328024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2014-07-28 15:32 - 2014-07-28 15:32 - 00000000 ____D () C:\Program Files (x86)\WowCouponn
2014-07-25 15:29 - 2014-07-25 15:29 - 00003118 _____ () C:\Windows\System32\Tasks\{D0140B21-80DB-4F5B-9F90-290E5EA14860}
2014-07-25 15:26 - 2014-07-25 15:28 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\Probit Software
2014-07-25 15:23 - 2014-07-25 15:23 - 00000000 ____D () C:\Users\Markus\AppData\Local\com
2014-07-25 15:22 - 2014-07-29 14:52 - 00001732 _____ () C:\Windows\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-1.job
2014-07-25 15:22 - 2014-07-29 14:52 - 00001566 _____ () C:\Windows\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-5_user.job
2014-07-25 15:22 - 2014-07-29 14:52 - 00001550 _____ () C:\Windows\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-5.job
2014-07-25 15:22 - 2014-07-29 14:52 - 00001478 _____ () C:\Windows\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-2.job
2014-07-25 15:22 - 2014-07-25 15:22 - 00004736 _____ () C:\Windows\System32\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-1
2014-07-25 15:22 - 2014-07-25 15:22 - 00004554 _____ () C:\Windows\System32\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-5
2014-07-25 15:22 - 2014-07-25 15:22 - 00004482 _____ () C:\Windows\System32\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-2
2014-07-25 15:21 - 2014-07-29 14:52 - 00002366 _____ () C:\Windows\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-4.job
2014-07-25 15:21 - 2014-07-25 15:23 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-07-25 15:21 - 2014-07-25 15:22 - 00005370 _____ () C:\Windows\System32\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-4
2014-07-25 15:21 - 2014-07-25 15:21 - 00000000 ____D () C:\ProgramData\IePluginServices
2014-07-25 15:21 - 2014-07-25 15:21 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-07-25 15:20 - 2014-07-28 15:26 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-07-25 15:20 - 2014-07-25 15:25 - 00000000 ____D () C:\ProgramData\cosstminn
2014-07-25 15:20 - 2014-07-25 15:22 - 00000000 ____D () C:\Program Files (x86)\video MediaPlay-Air
2014-07-25 15:20 - 2014-07-25 15:21 - 00000000 ____D () C:\Program Files (x86)\cosstminn
2014-07-25 15:20 - 2014-07-25 15:20 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-07-25 15:20 - 2014-07-25 15:20 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Chromatic Browser
2014-07-25 15:20 - 2014-07-25 15:20 - 00000000 ____D () C:\Users\Markus\AppData\Local\globalUpdate
2014-07-25 15:20 - 2014-07-25 15:20 - 00000000 ____D () C:\Users\Markus\AppData\Local\Chromatic Browser
2014-07-25 15:20 - 2014-07-25 15:20 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser
2014-07-25 15:20 - 2014-07-25 15:20 - 00000000 ____D () C:\Users\Gast\AppData\Local\Chromatic Browser
2014-07-25 15:20 - 2014-07-25 15:20 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Chromatic Browser
2014-07-25 15:19 - 2014-07-25 15:28 - 00000000 ____D () C:\Program Files (x86)\Probit Software
2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Torch
2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Google
2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Comodo
2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\Markus\AppData\Local\Torch
2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\Markus\AppData\Local\SearchProtect
2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\Markus\AppData\Local\Comodo
2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Torch
2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\Gast\AppData\Local\Torch
2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google
2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\Gast\AppData\Local\Comodo
2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\Gast
2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Torch
2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\Administrator
2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 _____ () C:\END
2014-07-25 15:18 - 2014-07-25 15:18 - 01399360 _____ () C:\Users\Markus\Downloads\Setup.exe
2014-07-24 07:26 - 2014-07-28 15:32 - 00000000 ____D () C:\ProgramData\7a791e75f7c17ac
2014-07-24 07:25 - 2014-07-29 12:26 - 00000000 ____D () C:\ProgramData\WowCouponn
2014-07-24 07:05 - 2014-07-24 07:05 - 00000000 ____D () C:\ProgramData\Fast And Safe
2014-07-11 14:53 - 2014-07-11 14:53 - 00001787 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-07-11 14:53 - 2014-07-11 14:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-07-11 14:53 - 2014-07-11 14:53 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-07-11 14:53 - 2014-07-11 14:53 - 00000000 ____D () C:\Program Files\iTunes
2014-07-11 14:53 - 2014-07-11 14:53 - 00000000 ____D () C:\Program Files\iPod
2014-07-11 14:53 - 2014-07-11 14:53 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-07-11 13:42 - 2014-07-11 13:42 - 00000000 ____D () C:\ProgramData\Microsoft OneDrive
2014-07-11 13:30 - 2014-07-11 13:30 - 00000000 __RHD () C:\MSOCache
2014-07-10 20:35 - 2014-07-10 20:35 - 00421880 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-10 11:37 - 2014-06-26 22:53 - 00703968 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-07-10 11:37 - 2014-06-26 22:53 - 00105440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-10 11:34 - 2014-07-10 11:35 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-09 00:38 - 2014-06-18 01:27 - 01440256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-07-09 00:38 - 2014-06-18 01:24 - 01557504 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-09 00:38 - 2014-06-11 06:18 - 04038144 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-09 00:38 - 2014-06-03 00:33 - 00265216 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2014-07-09 00:38 - 2014-05-30 01:31 - 00452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2014-07-09 00:38 - 2014-05-30 01:03 - 00588288 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2014-07-09 00:38 - 2014-05-30 01:02 - 01281536 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-09 00:38 - 2014-05-30 01:02 - 00439808 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll
2014-07-09 00:38 - 2014-05-03 08:34 - 06974808 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-07-09 00:38 - 2014-05-03 08:33 - 01824808 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-07-09 00:38 - 2014-05-03 06:51 - 01408976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-07-09 00:38 - 2014-05-02 00:37 - 01023488 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-07-09 00:38 - 2014-04-30 00:32 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\Robocopy.exe
2014-07-09 00:38 - 2014-04-30 00:32 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Robocopy.exe
2014-07-09 00:38 - 2014-04-24 01:51 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-07-09 00:38 - 2014-04-24 01:51 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-09 00:38 - 2014-04-24 01:38 - 00693760 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-07-09 00:38 - 2014-04-24 01:38 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-09 00:37 - 2014-07-01 00:42 - 00702464 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-09 00:37 - 2014-07-01 00:42 - 00394240 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-07-09 00:37 - 2014-07-01 00:42 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-07-09 00:37 - 2014-06-28 05:35 - 00556544 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-07-09 00:37 - 2014-06-19 04:12 - 02239488 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-09 00:37 - 2014-06-19 04:12 - 01366528 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-09 00:37 - 2014-06-19 04:12 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-07-09 00:37 - 2014-06-19 04:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-07-09 00:37 - 2014-06-19 04:12 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-09 00:37 - 2014-06-19 04:11 - 19277312 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-09 00:37 - 2014-06-19 04:11 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-09 00:37 - 2014-06-19 04:11 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-09 00:37 - 2014-06-19 04:10 - 15369728 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-09 00:37 - 2014-06-19 04:10 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-09 00:37 - 2014-06-19 04:10 - 02650624 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-09 00:37 - 2014-06-19 04:10 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-07-09 00:37 - 2014-06-19 04:10 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-09 00:37 - 2014-06-19 04:10 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-09 00:37 - 2014-06-19 04:10 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-09 00:37 - 2014-06-19 04:10 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-09 00:37 - 2014-06-19 04:10 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-07-09 00:37 - 2014-06-19 04:10 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-09 00:37 - 2014-06-19 04:10 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-09 00:37 - 2014-06-19 04:10 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-09 00:37 - 2014-06-19 04:09 - 01508864 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-09 00:37 - 2014-06-19 02:53 - 14368768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-09 00:37 - 2014-06-19 02:53 - 01766400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-09 00:37 - 2014-06-19 02:53 - 01141760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-09 00:37 - 2014-06-19 02:53 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-09 00:37 - 2014-06-19 02:53 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-09 00:37 - 2014-06-19 02:53 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-09 00:37 - 2014-06-19 02:53 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-07-09 00:37 - 2014-06-19 02:52 - 13732352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-09 00:37 - 2014-06-19 02:52 - 02863616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-09 00:37 - 2014-06-19 02:52 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-09 00:37 - 2014-06-19 02:52 - 01440768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-09 00:37 - 2014-06-19 02:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-07-09 00:37 - 2014-06-19 02:52 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-09 00:37 - 2014-06-19 02:52 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-09 00:37 - 2014-06-19 02:52 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-09 00:37 - 2014-06-19 02:52 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-07-09 00:37 - 2014-06-19 02:52 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-09 00:37 - 2014-06-19 02:52 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-09 00:37 - 2014-06-19 02:52 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-09 00:37 - 2014-06-19 02:33 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-09 00:37 - 2014-06-19 02:30 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-09 00:37 - 2014-06-19 00:05 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2014-07-09 00:37 - 2014-06-06 16:06 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-09 00:37 - 2014-06-06 12:17 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-07-09 00:37 - 2014-05-30 00:24 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-03 18:50 - 2014-07-03 18:50 - 00001077 _____ () C:\Users\Markus\Desktop\DENON DJ ASIO Driver.lnk
2014-07-03 18:50 - 2014-07-03 18:50 - 00000000 ____D () C:\Program Files (x86)\DENON_DJ
2014-07-03 18:49 - 2014-07-03 18:49 - 00435075 _____ () C:\Users\Markus\Downloads\DDJAsioDrv101.zip
2014-07-03 17:52 - 2014-07-03 17:52 - 00001098 _____ () C:\Users\Public\Desktop\Controller Editor.lnk
2014-07-03 17:52 - 2014-07-03 17:52 - 00000000 __HDC () C:\ProgramData\{FA277A43-401F-4EAE-9068-FCDF88DB3EA9}
2014-07-03 17:45 - 2014-07-03 17:46 - 00000000 ____D () C:\Users\Markus\Documents\Native Instruments
2014-07-03 17:41 - 2014-07-03 17:41 - 00001006 _____ () C:\Users\Public\Desktop\Traktor 2.lnk
2014-07-03 17:41 - 2014-07-03 17:41 - 00000000 __HDC () C:\ProgramData\{05C334F7-C2A4-418A-9BC8-1542AE38D62B}
2014-07-03 17:37 - 2014-07-03 17:37 - 00000000 __HDC () C:\ProgramData\{D2030082-F62A-402A-9456-8009276FD896}
2014-07-03 17:37 - 2014-07-03 17:37 - 00000000 __HDC () C:\ProgramData\{B3478C15-588A-4968-AD66-76AA98803A28}
2014-07-03 17:37 - 2014-07-03 17:37 - 00000000 __HDC () C:\ProgramData\{4682E4CB-7209-4099-8AA1-580ABCCCE731}
2014-07-03 17:37 - 2014-07-03 17:37 - 00000000 __HDC () C:\ProgramData\{033B4844-E9C3-45D2-88D9-34DDF3F91100}
2014-07-03 17:36 - 2014-07-03 17:36 - 00000000 __HDC () C:\ProgramData\{EB21323D-3F46-4EF0-B849-B096B7705C69}
2014-07-03 17:36 - 2014-07-03 17:36 - 00000000 __HDC () C:\ProgramData\{9B09061B-0A4F-42DA-9987-7D3F452DCB09}
2014-07-03 17:36 - 2014-07-03 17:36 - 00000000 __HDC () C:\ProgramData\{9597097D-B8DC-4754-AF2D-CB61CCFC861A}
2014-07-03 17:36 - 2014-07-03 17:36 - 00000000 __HDC () C:\ProgramData\{662EAAEC-9E9A-4C69-A658-884E51E909BB}
2014-07-03 17:36 - 2014-07-03 17:36 - 00000000 __HDC () C:\ProgramData\{5EE4F9B1-7274-48A2-9C25-C287604C3058}
2014-07-03 17:36 - 2014-07-03 17:36 - 00000000 __HDC () C:\ProgramData\{219191E6-6846-4329-889D-7956C487D9A6}
2014-07-03 17:36 - 2014-07-03 17:36 - 00000000 __HDC () C:\ProgramData\{0CC85DFF-E70A-4AB0-968A-F1F98F4D0C67}
2014-07-03 17:36 - 2014-07-03 17:36 - 00000000 __HDC () C:\ProgramData\{018F1C44-00D1-417B-B251-92A5634F74AE}
2014-07-03 17:35 - 2014-07-03 17:35 - 00000000 __HDC () C:\ProgramData\{B7C85E99-2AC6-455D-B4D1-752A56403757}
2014-07-03 17:35 - 2014-07-03 17:35 - 00000000 __HDC () C:\ProgramData\{AF79C86B-2321-4D47-A168-2A24BA2B6A73}
2014-07-03 17:35 - 2014-07-03 17:35 - 00000000 __HDC () C:\ProgramData\{9F570B21-E27A-40BE-A508-292899A7D042}
2014-07-03 17:35 - 2014-07-03 17:35 - 00000000 __HDC () C:\ProgramData\{57B31BE2-3175-4425-9722-D2AC5F68C7BD}
2014-07-03 17:34 - 2014-07-03 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments
2014-07-03 17:34 - 2014-07-03 17:52 - 00000000 ____D () C:\Program Files\Native Instruments
2014-07-03 17:34 - 2014-07-03 17:52 - 00000000 ____D () C:\Program Files\Common Files\Native Instruments
2014-07-03 17:34 - 2014-07-03 17:37 - 00000000 ____D () C:\ProgramData\Native Instruments
2014-07-03 17:34 - 2014-07-03 17:34 - 00001063 _____ () C:\Users\Public\Desktop\Service Center.lnk
2014-07-03 17:34 - 2014-07-03 17:34 - 00000000 __HDC () C:\ProgramData\{C6A355F5-168B-4EEC-AB7C-75594F783EDB}
2014-07-03 17:19 - 2014-07-03 17:26 - 534450853 _____ () C:\Users\Markus\Downloads\Traktor_2_268_PC.zip
2014-07-03 15:36 - 2014-07-11 13:25 - 00000000 ____D () C:\Users\Markus\Desktop\Noten
2014-07-03 15:35 - 2014-07-03 15:54 - 00000000 ____D () C:\Users\Markus\Desktop\Musik Markus
2014-07-03 15:07 - 2014-07-24 07:05 - 00000000 ____D () C:\ProgramData\374311380
2014-07-03 15:05 - 2014-07-03 15:05 - 00000000 ____D () C:\Users\Markus\AppData\Local\Smartbar
2014-07-03 15:05 - 2014-07-03 15:05 - 00000000 ____D () C:\Users\Markus\AppData\Local\LPT
2014-07-03 15:03 - 2014-07-03 15:07 - 00000000 ____D () C:\Program Files (x86)\Optimizer Pro
2014-07-03 15:02 - 2014-07-03 15:02 - 00797384 _____ (Company limited) C:\Users\Markus\Downloads\Virtual DJ v7.0 PRO Crack [ChattChitto RG].exe
2014-07-03 14:54 - 2014-07-03 14:54 - 01250584 _____ () C:\Users\Markus\Downloads\jvlsetup.exe
2014-07-03 13:53 - 2014-07-03 13:53 - 00000000 ____D () C:\Program Files (x86)\predm
2014-07-03 13:41 - 2014-06-18 09:54 - 00000000 ____D () C:\Program Files (x86)\Iminent
2014-07-03 13:40 - 2014-07-03 13:54 - 00000000 ____D () C:\Users\Markus\AppData\Local\Genesis_07031140
2014-07-03 13:40 - 2014-07-03 13:40 - 00000000 ____D () C:\Program Files\003
2014-07-03 13:27 - 2014-07-03 13:47 - 00000378 _____ () C:\Windows\Tasks\APSnotifierPP1.job
2014-07-03 13:27 - 2014-07-03 13:36 - 00000376 _____ () C:\Windows\Tasks\APSnotifierPP3.job
2014-07-03 13:27 - 2014-07-03 13:36 - 00000376 _____ () C:\Windows\Tasks\APSnotifierPP2.job
2014-07-03 13:27 - 2014-07-03 13:28 - 00002808 _____ () C:\Windows\System32\Tasks\APSnotifierPP3
2014-07-03 13:27 - 2014-07-03 13:28 - 00002808 _____ () C:\Windows\System32\Tasks\APSnotifierPP2
2014-07-03 13:27 - 2014-07-03 13:27 - 00002810 _____ () C:\Windows\System32\Tasks\APSnotifierPP1
2014-07-03 13:27 - 2014-07-03 13:27 - 00000318 _____ () C:\Users\Markus\AppData\Roaming\aps.uninstall.scan.results
2014-07-03 13:26 - 2014-07-03 13:41 - 00000000 ____D () C:\Program Files (x86)\PC Speed Up
2014-07-03 13:26 - 2014-07-03 13:26 - 00623696 _____ (Click Me In Limited) C:\Users\Markus\AppData\Local\nsbB897.tmp
2014-07-03 13:26 - 2014-07-03 13:26 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\InetStat
2014-07-03 12:35 - 2014-07-03 12:35 - 00012800 ___SH () C:\Users\Markus\Documents\Thumbs.db
2014-07-02 17:51 - 2014-07-03 12:22 - 00000000 ____D () C:\Users\Markus\AppData\Local\Deployment
2014-07-02 17:51 - 2014-07-02 17:51 - 00000000 ____D () C:\Users\Markus\AppData\Local\Apps\2.0
2014-07-01 15:23 - 2014-07-01 15:23 - 00002128 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2014-07-01 15:23 - 2014-07-01 15:23 - 00002128 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2014-07-01 15:23 - 2014-07-01 15:23 - 00000000 ___RD () C:\Users\Markus\SkyDrive
2014-07-01 15:23 - 2014-07-01 15:23 - 00000000 ____D () C:\ProgramData\Microsoft SkyDrive
2014-07-01 15:23 - 2014-07-01 15:23 - 00000000 ____D () C:\Program Files (x86)\Microsoft SkyDrive
2014-07-01 15:18 - 2014-07-01 15:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-07-01 15:17 - 2014-07-10 12:04 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-07-01 15:17 - 2014-07-01 15:17 - 00989376 _____ (Microsoft Corporation) C:\Users\Markus\Downloads\Setup.X86.de-DE_O365HomePremRetail_87ed99a4-6c59-4399-a86e-769502a1fec2_TX_DB_.exe
2014-07-01 10:46 - 2014-07-01 10:46 - 00000000 ____D () C:\Users\Markus\AppData\Local\Tracker Software

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-07-29 15:07 - 2014-07-29 15:06 - 00026731 _____ () C:\Users\Markus\Downloads\FRST.txt
2014-07-29 15:06 - 2014-07-29 15:05 - 00000000 ____D () C:\FRST
2014-07-29 15:05 - 2014-07-29 15:05 - 02093568 _____ (Farbar) C:\Users\Markus\Downloads\FRST64.exe
2014-07-29 15:00 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\sru
2014-07-29 14:58 - 2013-07-31 03:19 - 00753134 _____ () C:\Windows\system32\perfh007.dat
2014-07-29 14:58 - 2013-07-31 03:19 - 00155826 _____ () C:\Windows\system32\perfc007.dat
2014-07-29 14:58 - 2012-07-26 09:28 - 01745416 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-29 14:52 - 2014-07-25 15:22 - 00001732 _____ () C:\Windows\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-1.job
2014-07-29 14:52 - 2014-07-25 15:22 - 00001566 _____ () C:\Windows\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-5_user.job
2014-07-29 14:52 - 2014-07-25 15:22 - 00001550 _____ () C:\Windows\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-5.job
2014-07-29 14:52 - 2014-07-25 15:22 - 00001478 _____ () C:\Windows\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-2.job
2014-07-29 14:52 - 2014-07-25 15:21 - 00002366 _____ () C:\Windows\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-4.job
2014-07-29 14:52 - 2014-03-26 21:09 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-29 14:52 - 2013-12-28 03:48 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\newnext.me
2014-07-29 14:51 - 2012-07-26 09:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-29 14:50 - 2013-10-28 22:33 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-29 14:50 - 2013-07-30 17:35 - 01098036 _____ () C:\Windows\WindowsUpdate.log
2014-07-29 14:50 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-07-29 14:49 - 2012-07-26 09:59 - 00000000 ____D () C:\Windows\CbsTemp
2014-07-29 14:35 - 2014-03-26 21:09 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-29 12:26 - 2014-07-24 07:25 - 00000000 ____D () C:\ProgramData\WowCouponn
2014-07-29 12:26 - 2013-05-23 06:13 - 00042110 _____ () C:\Windows\PFRO.log
2014-07-28 16:01 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-07-28 15:32 - 2014-07-28 15:32 - 00000000 ____D () C:\Program Files (x86)\WowCouponn
2014-07-28 15:32 - 2014-07-24 07:26 - 00000000 ____D () C:\ProgramData\7a791e75f7c17ac
2014-07-28 15:26 - 2014-07-25 15:20 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-07-25 15:29 - 2014-07-25 15:29 - 00003118 _____ () C:\Windows\System32\Tasks\{D0140B21-80DB-4F5B-9F90-290E5EA14860}
2014-07-25 15:28 - 2014-07-25 15:26 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\Probit Software
2014-07-25 15:28 - 2014-07-25 15:19 - 00000000 ____D () C:\Program Files (x86)\Probit Software
2014-07-25 15:26 - 2014-03-26 21:09 - 00002237 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-07-25 15:25 - 2014-07-25 15:20 - 00000000 ____D () C:\ProgramData\cosstminn
2014-07-25 15:23 - 2014-07-25 15:23 - 00000000 ____D () C:\Users\Markus\AppData\Local\com
2014-07-25 15:23 - 2014-07-25 15:21 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-07-25 15:22 - 2014-07-25 15:22 - 00004736 _____ () C:\Windows\System32\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-1
2014-07-25 15:22 - 2014-07-25 15:22 - 00004554 _____ () C:\Windows\System32\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-5
2014-07-25 15:22 - 2014-07-25 15:22 - 00004482 _____ () C:\Windows\System32\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-2
2014-07-25 15:22 - 2014-07-25 15:21 - 00005370 _____ () C:\Windows\System32\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-4
2014-07-25 15:22 - 2014-07-25 15:20 - 00000000 ____D () C:\Program Files (x86)\video MediaPlay-Air
2014-07-25 15:21 - 2014-07-25 15:21 - 00000000 ____D () C:\ProgramData\IePluginServices
2014-07-25 15:21 - 2014-07-25 15:21 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-07-25 15:21 - 2014-07-25 15:20 - 00000000 ____D () C:\Program Files (x86)\cosstminn
2014-07-25 15:21 - 2014-03-26 21:09 - 00000000 ____D () C:\Program Files (x86)\Google
2014-07-25 15:20 - 2014-07-25 15:20 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-07-25 15:20 - 2014-07-25 15:20 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Chromatic Browser
2014-07-25 15:20 - 2014-07-25 15:20 - 00000000 ____D () C:\Users\Markus\AppData\Local\globalUpdate
2014-07-25 15:20 - 2014-07-25 15:20 - 00000000 ____D () C:\Users\Markus\AppData\Local\Chromatic Browser
2014-07-25 15:20 - 2014-07-25 15:20 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser
2014-07-25 15:20 - 2014-07-25 15:20 - 00000000 ____D () C:\Users\Gast\AppData\Local\Chromatic Browser
2014-07-25 15:20 - 2014-07-25 15:20 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Chromatic Browser
2014-07-25 15:20 - 2012-07-26 10:12 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-07-25 15:20 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Torch
2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Google
2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Comodo
2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\Markus\AppData\Local\Torch
2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\Markus\AppData\Local\SearchProtect
2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\Markus\AppData\Local\Comodo
2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Torch
2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\Gast\AppData\Local\Torch
2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google
2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\Gast\AppData\Local\Comodo
2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\Gast
2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Torch
2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\Administrator
2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 _____ () C:\END
2014-07-25 15:19 - 2014-03-26 21:09 - 00000000 ____D () C:\Users\Markus\AppData\Local\Google
2014-07-25 15:18 - 2014-07-25 15:18 - 01399360 _____ () C:\Users\Markus\Downloads\Setup.exe
2014-07-24 07:05 - 2014-07-24 07:05 - 00000000 ____D () C:\ProgramData\Fast And Safe
2014-07-24 07:05 - 2014-07-03 15:07 - 00000000 ____D () C:\ProgramData\374311380
2014-07-20 16:25 - 2012-07-26 09:21 - 00036379 _____ () C:\Windows\setupact.log
2014-07-16 00:51 - 2014-07-29 14:49 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
2014-07-11 17:54 - 2013-10-26 15:38 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3478845354-2299671783-2462539787-1002
2014-07-11 14:53 - 2014-07-11 14:53 - 00001787 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-07-11 14:53 - 2014-07-11 14:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-07-11 14:53 - 2014-07-11 14:53 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-07-11 14:53 - 2014-07-11 14:53 - 00000000 ____D () C:\Program Files\iTunes
2014-07-11 14:53 - 2014-07-11 14:53 - 00000000 ____D () C:\Program Files\iPod
2014-07-11 14:53 - 2014-07-11 14:53 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-07-11 13:42 - 2014-07-11 13:42 - 00000000 ____D () C:\ProgramData\Microsoft OneDrive
2014-07-11 13:30 - 2014-07-11 13:30 - 00000000 __RHD () C:\MSOCache
2014-07-11 13:25 - 2014-07-03 15:36 - 00000000 ____D () C:\Users\Markus\Desktop\Noten
2014-07-11 13:20 - 2014-01-06 00:33 - 00083456 ___SH () C:\Users\Markus\Desktop\Thumbs.db
2014-07-10 20:35 - 2014-07-10 20:35 - 00421880 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-10 13:22 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\rescache
2014-07-10 12:04 - 2014-07-01 15:17 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-07-10 11:35 - 2014-07-10 11:34 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-10 11:35 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-10 11:35 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-10 11:34 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\WinStore
2014-07-10 11:34 - 2012-07-26 09:52 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-09 12:21 - 2013-10-27 04:04 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-09 12:18 - 2013-10-27 04:04 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-07-09 00:50 - 2013-10-28 22:33 - 00003772 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-07-04 16:36 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-07-04 01:19 - 2013-11-18 02:03 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-07-04 01:11 - 2013-12-04 22:06 - 00036352 ___SH () C:\Users\Markus\Downloads\Thumbs.db
2014-07-03 18:50 - 2014-07-03 18:50 - 00001077 _____ () C:\Users\Markus\Desktop\DENON DJ ASIO Driver.lnk
2014-07-03 18:50 - 2014-07-03 18:50 - 00000000 ____D () C:\Program Files (x86)\DENON_DJ
2014-07-03 18:49 - 2014-07-03 18:49 - 00435075 _____ () C:\Users\Markus\Downloads\DDJAsioDrv101.zip
2014-07-03 17:52 - 2014-07-03 17:52 - 00001098 _____ () C:\Users\Public\Desktop\Controller Editor.lnk
2014-07-03 17:52 - 2014-07-03 17:52 - 00000000 __HDC () C:\ProgramData\{FA277A43-401F-4EAE-9068-FCDF88DB3EA9}
2014-07-03 17:52 - 2014-07-03 17:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments
2014-07-03 17:52 - 2014-07-03 17:34 - 00000000 ____D () C:\Program Files\Native Instruments
2014-07-03 17:52 - 2014-07-03 17:34 - 00000000 ____D () C:\Program Files\Common Files\Native Instruments
2014-07-03 17:46 - 2014-07-03 17:45 - 00000000 ____D () C:\Users\Markus\Documents\Native Instruments
2014-07-03 17:41 - 2014-07-03 17:41 - 00001006 _____ () C:\Users\Public\Desktop\Traktor 2.lnk
2014-07-03 17:41 - 2014-07-03 17:41 - 00000000 __HDC () C:\ProgramData\{05C334F7-C2A4-418A-9BC8-1542AE38D62B}
2014-07-03 17:37 - 2014-07-03 17:37 - 00000000 __HDC () C:\ProgramData\{D2030082-F62A-402A-9456-8009276FD896}
2014-07-03 17:37 - 2014-07-03 17:37 - 00000000 __HDC () C:\ProgramData\{B3478C15-588A-4968-AD66-76AA98803A28}
2014-07-03 17:37 - 2014-07-03 17:37 - 00000000 __HDC () C:\ProgramData\{4682E4CB-7209-4099-8AA1-580ABCCCE731}
2014-07-03 17:37 - 2014-07-03 17:37 - 00000000 __HDC () C:\ProgramData\{033B4844-E9C3-45D2-88D9-34DDF3F91100}
2014-07-03 17:37 - 2014-07-03 17:34 - 00000000 ____D () C:\ProgramData\Native Instruments
2014-07-03 17:37 - 2013-07-30 17:48 - 00118426 _____ () C:\Windows\DPINST.LOG
2014-07-03 17:36 - 2014-07-03 17:36 - 00000000 __HDC () C:\ProgramData\{EB21323D-3F46-4EF0-B849-B096B7705C69}
2014-07-03 17:36 - 2014-07-03 17:36 - 00000000 __HDC () C:\ProgramData\{9B09061B-0A4F-42DA-9987-7D3F452DCB09}
2014-07-03 17:36 - 2014-07-03 17:36 - 00000000 __HDC () C:\ProgramData\{9597097D-B8DC-4754-AF2D-CB61CCFC861A}
2014-07-03 17:36 - 2014-07-03 17:36 - 00000000 __HDC () C:\ProgramData\{662EAAEC-9E9A-4C69-A658-884E51E909BB}
2014-07-03 17:36 - 2014-07-03 17:36 - 00000000 __HDC () C:\ProgramData\{5EE4F9B1-7274-48A2-9C25-C287604C3058}
2014-07-03 17:36 - 2014-07-03 17:36 - 00000000 __HDC () C:\ProgramData\{219191E6-6846-4329-889D-7956C487D9A6}
2014-07-03 17:36 - 2014-07-03 17:36 - 00000000 __HDC () C:\ProgramData\{0CC85DFF-E70A-4AB0-968A-F1F98F4D0C67}
2014-07-03 17:36 - 2014-07-03 17:36 - 00000000 __HDC () C:\ProgramData\{018F1C44-00D1-417B-B251-92A5634F74AE}
2014-07-03 17:35 - 2014-07-03 17:35 - 00000000 __HDC () C:\ProgramData\{B7C85E99-2AC6-455D-B4D1-752A56403757}
2014-07-03 17:35 - 2014-07-03 17:35 - 00000000 __HDC () C:\ProgramData\{AF79C86B-2321-4D47-A168-2A24BA2B6A73}
2014-07-03 17:35 - 2014-07-03 17:35 - 00000000 __HDC () C:\ProgramData\{9F570B21-E27A-40BE-A508-292899A7D042}
2014-07-03 17:35 - 2014-07-03 17:35 - 00000000 __HDC () C:\ProgramData\{57B31BE2-3175-4425-9722-D2AC5F68C7BD}
2014-07-03 17:34 - 2014-07-03 17:34 - 00001063 _____ () C:\Users\Public\Desktop\Service Center.lnk
2014-07-03 17:34 - 2014-07-03 17:34 - 00000000 __HDC () C:\ProgramData\{C6A355F5-168B-4EEC-AB7C-75594F783EDB}
2014-07-03 17:26 - 2014-07-03 17:19 - 534450853 _____ () C:\Users\Markus\Downloads\Traktor_2_268_PC.zip
2014-07-03 15:54 - 2014-07-03 15:35 - 00000000 ____D () C:\Users\Markus\Desktop\Musik Markus
2014-07-03 15:07 - 2014-07-03 15:03 - 00000000 ____D () C:\Program Files (x86)\Optimizer Pro
2014-07-03 15:05 - 2014-07-03 15:05 - 00000000 ____D () C:\Users\Markus\AppData\Local\Smartbar
2014-07-03 15:05 - 2014-07-03 15:05 - 00000000 ____D () C:\Users\Markus\AppData\Local\LPT
2014-07-03 15:02 - 2014-07-03 15:02 - 00797384 _____ (Company limited) C:\Users\Markus\Downloads\Virtual DJ v7.0 PRO Crack [ChattChitto RG].exe
2014-07-03 14:54 - 2014-07-03 14:54 - 01250584 _____ () C:\Users\Markus\Downloads\jvlsetup.exe
2014-07-03 13:54 - 2014-07-03 13:40 - 00000000 ____D () C:\Users\Markus\AppData\Local\Genesis_07031140
2014-07-03 13:53 - 2014-07-03 13:53 - 00000000 ____D () C:\Program Files (x86)\predm
2014-07-03 13:47 - 2014-07-03 13:27 - 00000378 _____ () C:\Windows\Tasks\APSnotifierPP1.job
2014-07-03 13:41 - 2014-07-03 13:26 - 00000000 ____D () C:\Program Files (x86)\PC Speed Up
2014-07-03 13:40 - 2014-07-03 13:40 - 00000000 ____D () C:\Program Files\003
2014-07-03 13:37 - 2013-05-23 06:45 - 00000000 ____D () C:\ProgramData\McAfee
2014-07-03 13:36 - 2014-07-03 13:27 - 00000376 _____ () C:\Windows\Tasks\APSnotifierPP3.job
2014-07-03 13:36 - 2014-07-03 13:27 - 00000376 _____ () C:\Windows\Tasks\APSnotifierPP2.job
2014-07-03 13:35 - 2013-10-28 22:24 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-07-03 13:28 - 2014-07-03 13:27 - 00002808 _____ () C:\Windows\System32\Tasks\APSnotifierPP3
2014-07-03 13:28 - 2014-07-03 13:27 - 00002808 _____ () C:\Windows\System32\Tasks\APSnotifierPP2
2014-07-03 13:27 - 2014-07-03 13:27 - 00002810 _____ () C:\Windows\System32\Tasks\APSnotifierPP1
2014-07-03 13:27 - 2014-07-03 13:27 - 00000318 _____ () C:\Users\Markus\AppData\Roaming\aps.uninstall.scan.results
2014-07-03 13:26 - 2014-07-03 13:26 - 00623696 _____ (Click Me In Limited) C:\Users\Markus\AppData\Local\nsbB897.tmp
2014-07-03 13:26 - 2014-07-03 13:26 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\InetStat
2014-07-03 12:35 - 2014-07-03 12:35 - 00012800 ___SH () C:\Users\Markus\Documents\Thumbs.db
2014-07-03 12:22 - 2014-07-02 17:51 - 00000000 ____D () C:\Users\Markus\AppData\Local\Deployment
2014-07-02 17:51 - 2014-07-02 17:51 - 00000000 ____D () C:\Users\Markus\AppData\Local\Apps\2.0
2014-07-01 16:21 - 2013-10-26 15:34 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\Spotify
2014-07-01 15:23 - 2014-07-01 15:23 - 00002128 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2014-07-01 15:23 - 2014-07-01 15:23 - 00002128 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2014-07-01 15:23 - 2014-07-01 15:23 - 00000000 ___RD () C:\Users\Markus\SkyDrive
2014-07-01 15:23 - 2014-07-01 15:23 - 00000000 ____D () C:\ProgramData\Microsoft SkyDrive
2014-07-01 15:23 - 2014-07-01 15:23 - 00000000 ____D () C:\Program Files (x86)\Microsoft SkyDrive
2014-07-01 15:23 - 2013-10-26 15:28 - 00000000 ____D () C:\Users\Markus
2014-07-01 15:20 - 2014-07-01 15:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-07-01 15:18 - 2013-10-26 15:29 - 00000000 ____D () C:\Users\Markus\AppData\Local\VirtualStore
2014-07-01 15:17 - 2014-07-01 15:17 - 00989376 _____ (Microsoft Corporation) C:\Users\Markus\Downloads\Setup.X86.de-DE_O365HomePremRetail_87ed99a4-6c59-4399-a86e-769502a1fec2_TX_DB_.exe
2014-07-01 10:48 - 2013-05-23 06:45 - 00000000 ____D () C:\Program Files\mcafee
2014-07-01 10:46 - 2014-07-01 10:46 - 00000000 ____D () C:\Users\Markus\AppData\Local\Tracker Software
2014-07-01 10:24 - 2013-10-26 15:34 - 00000000 ____D () C:\Users\Markus\AppData\Local\Spotify
2014-07-01 00:42 - 2014-07-09 00:37 - 00702464 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-01 00:42 - 2014-07-09 00:37 - 00394240 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-07-01 00:42 - 2014-07-09 00:37 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll

Some content of TEMP:
====================
C:\Users\Markus\AppData\Local\Temp\BackupSetup.exe
C:\Users\Markus\AppData\Local\Temp\COMAP.EXE
C:\Users\Markus\AppData\Local\Temp\fp_pl_pfs_installer-1.exe
C:\Users\Markus\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\Markus\AppData\Local\Temp\Installer.exe
C:\Users\Markus\AppData\Local\Temp\MSETUP4.EXE
C:\Users\Markus\AppData\Local\Temp\nsb6A5.exe
C:\Users\Markus\AppData\Local\Temp\nsd3F29.exe
C:\Users\Markus\AppData\Local\Temp\nsg467E.exe
C:\Users\Markus\AppData\Local\Temp\nsiCC9.exe
C:\Users\Markus\AppData\Local\Temp\nsk1026.exe
C:\Users\Markus\AppData\Local\Temp\nsm93E.exe
C:\Users\Markus\AppData\Local\Temp\nsz42B4.exe
C:\Users\Markus\AppData\Local\Temp\OptimizerPro.exe
C:\Users\Markus\AppData\Local\Temp\Setup.exe
C:\Users\Markus\AppData\Local\Temp\UNT268F.exe
C:\Users\Markus\AppData\Local\Temp\UNT26B0.exe
C:\Users\Markus\AppData\Local\Temp\VOPackage.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-28 15:29

==================== End Of Log ============================


Addition

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-07-2014
Ran by Markus at 2014-07-29 15:07:38
Running from C:\Users\Markus\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

clear.fi SDK - Video 2 (x32 Version: 2.1.2606 - CyberLink Corp.) Hidden
clear.fi SDK- Movie 2 (x32 Version: 2.1.2606 - CyberLink Corp.) Hidden
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3013 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3016 - Acer Incorporated)
AcerCloud Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.01.2008 - Acer Incorporated)
AcerCloud Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.02.2021 - Acer Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{21ECABC3-40B2-42DF-8E21-ACF3A4D0D95A}) (Version: 3.0.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.3.5.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - ‪Canon Inc.‬)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.0.0 - Canon Inc.)
Canon MG2200 series Benutzerregistrierung (HKLM-x32\...\Canon MG2200 series Benutzerregistrierung) (Version: - Canon Inc.‎)
Canon MG2200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2200_series) (Version: 1.00 - Canon Inc.)
Canon MG2200 series On-screen Manual (HKLM-x32\...\Canon MG2200 series On-screen Manual) (Version: 7.5.0 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 1.0.0 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 1.0.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.0.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.0.0 - Canon Inc.)
clear.fi Media (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.02.2012 - Acer Incorporated)
clear.fi Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.02.2016 - Acer Incorporated)
Delicious: Emily's Childhood Memories Premium Edition (x32 Version: 3.0.2.32 - WildTangent) Hidden
DENON DJ ASIO Driver (HKLM-x32\...\{E2BF2060-D1DB-441A-8739-30E7BAA534BA}) (Version: 1.0.0 - DENON_DJ)
Dritek Radio Controller (HKLM-x32\...\RadioController) (Version: 2.02.2001.0803 - Dritek System Inc.)
ETDWare PS/2-X64 11.6.16.003_WHQL (HKLM\...\Elantech) (Version: 11.6.16.003 - ELAN Microelectronic Corp.)
Fast And Safe (HKLM-x32\...\{5F189DF5-2D05-472B-9091-84D9848AE48B}{64af91bf}) (Version: - GTgroup) <==== ATTENTION
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.125 - Google Inc.)
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3006 - Acer Incorporated)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2867 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.4.1001 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
iTunes (HKLM\...\{33E28B58-7BA0-47B7-AA01-9225ABA2B8A9}) (Version: 11.3.0.54 - Apple Inc.)
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 7.0.10 - Acer Inc.)
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.3010 - Acer Incorporated)
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Microsoft App Update for microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe (x64) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 15.0.4631.1002 - Microsoft Corporation)
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4041.0512 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2005 Tools for Office Runtime (x32 Version: 8.0.60940.0 - Microsoft Corporation) Hidden
Mozilla Firefox 30.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MuseScore 1.3 (HKLM-x32\...\MuseScore) (Version: 1.3.0 - Werner Schweer and Others)
Native Instruments Audio 2 DJ Driver (HKLM-x32\...\Native Instruments Audio 2 DJ Driver) (Version: - Native Instruments)
Native Instruments Audio 2 DJ Driver (Version: 3.1.0.761 - Native Instruments) Hidden
Native Instruments Audio 4 DJ Driver (HKLM-x32\...\Native Instruments Audio 4 DJ Driver) (Version: - Native Instruments)
Native Instruments Audio 4 DJ Driver (Version: 3.1.0.761 - Native Instruments) Hidden
Native Instruments Audio 8 DJ Driver (HKLM-x32\...\Native Instruments Audio 8 DJ Driver) (Version: - Native Instruments)
Native Instruments Audio 8 DJ Driver (Version: 3.1.0.761 - Native Instruments) Hidden
Native Instruments Controller Editor (HKLM-x32\...\Native Instruments Controller Editor) (Version: 1.6.3.46 - Native Instruments)
Native Instruments Controller Editor (Version: 1.6.3.46 - Native Instruments) Hidden
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version: 2.5.2.1549 - Native Instruments)
Native Instruments Service Center (Version: 2.5.2.1549 - Native Instruments) Hidden
Native Instruments Traktor 2 (HKLM-x32\...\Native Instruments Traktor 2) (Version: 2.6.8.382 - Native Instruments)
Native Instruments Traktor 2 (Version: 2.6.8.382 - Native Instruments) Hidden
Native Instruments Traktor Audio 10 Driver (HKLM-x32\...\Native Instruments Traktor Audio 10 Driver) (Version: - Native Instruments)
Native Instruments Traktor Audio 10 Driver (Version: 3.1.0.761 - Native Instruments) Hidden
Native Instruments Traktor Audio 2 Driver (HKLM-x32\...\Native Instruments Traktor Audio 2 Driver) (Version: - Native Instruments)
Native Instruments Traktor Audio 2 Driver (Version: 3.1.0.761 - Native Instruments) Hidden
Native Instruments Traktor Audio 2 MK2 Driver (HKLM-x32\...\Native Instruments Traktor Audio 2 MK2 Driver) (Version: - Native Instruments)
Native Instruments Traktor Audio 2 MK2 Driver (Version: 3.1.3.804 - Native Instruments) Hidden
Native Instruments Traktor Audio 6 Driver (HKLM-x32\...\Native Instruments Traktor Audio 6 Driver) (Version: - Native Instruments)
Native Instruments Traktor Audio 6 Driver (Version: 3.1.0.761 - Native Instruments) Hidden
Native Instruments Traktor Kontrol F1 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol F1 Driver) (Version: - Native Instruments)
Native Instruments Traktor Kontrol F1 Driver (Version: 3.0.2.664 - Native Instruments) Hidden
Native Instruments Traktor Kontrol S2 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol S2 Driver) (Version: - Native Instruments)
Native Instruments Traktor Kontrol S2 Driver (Version: 3.1.0.761 - Native Instruments) Hidden
Native Instruments Traktor Kontrol S2 MK2 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol S2 MK2 Driver) (Version: - Native Instruments)
Native Instruments Traktor Kontrol S2 MK2 Driver (Version: 3.1.2.795 - Native Instruments) Hidden
Native Instruments Traktor Kontrol S4 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol S4 Driver) (Version: - Native Instruments)
Native Instruments Traktor Kontrol S4 Driver (Version: 3.1.0.761 - Native Instruments) Hidden
Native Instruments Traktor Kontrol S4 MK2 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol S4 MK2 Driver) (Version: - Native Instruments)
Native Instruments Traktor Kontrol S4 MK2 Driver (Version: 3.1.2.795 - Native Instruments) Hidden
Native Instruments Traktor Kontrol X1 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol X1 Driver) (Version: - Native Instruments)
Native Instruments Traktor Kontrol X1 Driver (Version: 3.0.1.648 - Native Instruments) Hidden
Native Instruments Traktor Kontrol X1 MK2 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol X1 MK2 Driver) (Version: - Native Instruments)
Native Instruments Traktor Kontrol X1 MK2 Driver (Version: 3.1.1.780 - Native Instruments) Hidden
Native Instruments Traktor Kontrol Z1 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol Z1 Driver) (Version: - Native Instruments)
Native Instruments Traktor Kontrol Z1 Driver (Version: 3.1.1.780 - Native Instruments) Hidden
Native Instruments Traktor Kontrol Z2 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol Z2 Driver) (Version: - Native Instruments)
Native Instruments Traktor Kontrol Z2 Driver (Version: 3.1.0.761 - Native Instruments) Hidden
Nero BackItUp (x32 Version: 12.5.5000 - Nero AG) Hidden
Nero BackItUp 12 Essentials OEM.a01 (HKLM-x32\...\{4CA8F973-6377-4ABF-9ED5-CC2323B3C000}) (Version: 12.5.00500 - Nero AG)
Nero BackItUp Help (CHM) (x32 Version: 12.0.10000 - Nero AG) Hidden
Nero ControlCenter (x32 Version: 11.0.15600 - Nero AG) Hidden
Nero ControlCenter Help (CHM) (x32 Version: 12.0.7000 - Nero AG) Hidden
Nero Core Components (x32 Version: 11.0.20200 - Nero AG) Hidden
Nero Launcher (x32 Version: 12.2.7000 - Nero AG) Hidden
Nero RescueAgent (x32 Version: 12.0.3001 - Nero AG) Hidden
Nero RescueAgent Help (CHM) (x32 Version: 12.0.7000 - Nero AG) Hidden
Nero Update (x32 Version: 11.0.11800.31.0 - Nero AG) Hidden
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.2.3.51r2 - Symantec Corporation)
Norton Online Backup ARA (x32 Version: 4.1.0.14 - Symantec Corporation) Hidden
NVIDIA Grafiktreiber 311.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.30 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.109.706 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.11.3 (Version: 1.11.3 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.12.1031 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Systemsteuerung 311.30 (Version: 311.30 - NVIDIA Corporation) Hidden
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.11.3 - NVIDIA Corporation) Hidden
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4631.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4631.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4631.1002 - Microsoft Corporation) Hidden
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.02.2008 - Acer)
Office Addin 2003 (HKLM-x32\...\{1FCC073B-CC01-4443-AD20-E559F66E6E83}) (Version: 2.02.2008 - Acer)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.213.1 - Tracker Software Products Ltd)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
Qualcomm Atheros WiFi Driver Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 11.39 - Qualcomm Atheros)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6657 - Realtek Semiconductor Corp.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Spotify (HKLM-x32\...\Spotify) (Version: 0.8.4.99.ga249b5f1 - Spotify AB)
Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.10.5 - WildTangent) Hidden
Yahoo Community Smartbar (HKLM-x32\...\{3BC7022B-CDE0-4664-9AB6-E3EC25CE644A}) (Version: 11.63.66.17714 - Linkury Inc.) <==== ATTENTION

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3478845354-2299671783-2462539787-1002_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Markus\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3478845354-2299671783-2462539787-1002_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Markus\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3478845354-2299671783-2462539787-1002_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Markus\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3478845354-2299671783-2462539787-1002_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Markus\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3478845354-2299671783-2462539787-1002_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Markus\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points =========================

08-07-2014 22:50:54 Windows Update
18-07-2014 10:30:50 Geplanter Prüfpunkt
28-07-2014 13:27:40 Geplanter Prüfpunkt

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {05213698-A30E-4087-A857-31B7B60B5F25} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2013-03-13] ()
Task: {12421D3C-85C4-48C8-9352-53C1AC3B0385} - System32\Tasks\APSnotifierPP1 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe
Task: {1A15979C-EE4A-4CF4-8CF5-4D52683E0C06} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {1BA20418-F45D-4183-A8A4-9192CAC32CD6} - System32\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-5_user => C:\Program Files (x86)\video MediaPlay-Air\c421907c-8d5f-4b54-af6e-98e6584c00d7-5.exe [2014-07-25] (enter) <==== ATTENTION
Task: {20850515-6079-456E-AB44-DCEBB8D45EF1} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2013-01-22] ()
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {24E43C6C-F3AC-463B-8C4B-0B2053EDFC8F} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-06-19] (Microsoft Corporation)
Task: {39CE24A0-32CB-4D61-8019-FEF551B287F2} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2013-01-23] (Acer Incorporated)
Task: {4586CBE0-97ED-4137-A2C6-712A2A5C4805} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-07-09] (Microsoft Corporation)
Task: {4C5BD0C1-8937-43CB-B64F-9120AA18F3B8} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2014-04-19] (Microsoft Corporation)
Task: {4FB017EE-E51B-40C1-A86A-5F5DC43A7801} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2013-03-15] (Acer Incorporated)
Task: {545A398B-78E7-464F-A80E-3A033AD37198} - System32\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-1 => C:\Program Files (x86)\video MediaPlay-Air\video MediaPlay-Air-codedownloader.exe [2014-07-25] (enter) <==== ATTENTION
Task: {5FDBD969-AC66-42BA-B22F-58849328109C} - System32\Tasks\APSnotifierPP2 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe
Task: {744490FD-A8F4-4CC0-878F-02D587DA55F1} - System32\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-4 => C:\Program Files (x86)\video MediaPlay-Air\c421907c-8d5f-4b54-af6e-98e6584c00d7-4.exe [2014-07-25] (enter) <==== ATTENTION
Task: {9174E7C1-BD86-402F-A9A3-A50B8AB03EEE} - System32\Tasks\APSnotifierPP3 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe
Task: {A198AA06-64A7-4996-A258-2E17F6098A91} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {E80D32C7-3C42-4C4E-B26A-F5B8567B330D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {E85FF466-D7B9-4206-8906-1898F42B0397} - System32\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-5 => C:\Program Files (x86)\video MediaPlay-Air\c421907c-8d5f-4b54-af6e-98e6584c00d7-5.exe [2014-07-25] (enter) <==== ATTENTION
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {EC07CB73-2C28-41A7-AD5F-140BA260C200} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09] (Adobe Systems Incorporated)
Task: {EC2BCA28-D75E-477D-A070-22C6183A4EE7} - System32\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-2 => C:\Program Files (x86)\video MediaPlay-Air\c421907c-8d5f-4b54-af6e-98e6584c00d7-2.exe [2014-07-25] (enter) <==== ATTENTION
Task: {FDDCCCB6-C4DD-4184-AE57-C7D07889303D} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-06-10] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\APSnotifierPP1.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP2.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP3.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-1.job => C:\Program Files (x86)\video MediaPlay-Air\video MediaPlay-Air-codedownloader.exe
Task: C:\Windows\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-2.job => C:\Program Files (x86)\video MediaPlay-Air\c421907c-8d5f-4b54-af6e-98e6584c00d7-2.exe
Task: C:\Windows\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-4.job => C:\Program Files (x86)\video MediaPlay-Air\c421907c-8d5f-4b54-af6e-98e6584c00d7-4.exe
Task: C:\Windows\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-5.job => C:\Program Files (x86)\video MediaPlay-Air\c421907c-8d5f-4b54-af6e-98e6584c00d7-5.exe
Task: C:\Windows\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-5_user.job => C:\Program Files (x86)\video MediaPlay-Air\c421907c-8d5f-4b54-af6e-98e6584c00d7-5.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-07-02 10:01 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-11-18 02:03 - 2012-03-28 14:49 - 00140456 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2014-07-23 16:32 - 2014-07-25 15:21 - 00106376 _____ () C:\Program Files (x86)\SupTab\WindowsSupportDll64.dll
2014-07-23 16:32 - 2014-07-25 15:21 - 00732040 _____ () C:\Program Files (x86)\SupTab\HpUI.exe
2014-07-16 11:16 - 2014-07-16 11:16 - 00064000 _____ () C:\Program Files (x86)\SupTab\Loader32.exe
2014-07-16 10:55 - 2014-07-16 10:55 - 00073216 _____ () C:\Program Files (x86)\SupTab\Loader64.exe
2013-05-23 07:06 - 2012-10-23 20:37 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-06-11 15:27 - 2014-06-11 15:27 - 00024344 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\Lrcnta.exe
2014-07-24 07:05 - 2014-07-24 07:05 - 00186192 _____ () c:\ProgramData\Fast And Safe\FastAndSafeSvc.dll
2014-07-24 07:05 - 2014-07-24 07:05 - 04125696 _____ () c:\ProgramData\Fast And Safe\FastAndSafe.dll
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-07-23 16:32 - 2014-07-25 15:21 - 00093576 _____ () C:\Program Files (x86)\SupTab\WindowsSupportDll32.dll
2014-06-11 15:28 - 2014-06-11 15:28 - 00045848 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Core.dll
2014-06-11 15:28 - 2014-06-11 15:28 - 00070936 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\srau.dll
2014-06-11 15:28 - 2014-06-11 15:28 - 00166680 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Utilities.dll
2014-06-11 15:28 - 2014-06-11 15:28 - 02337048 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\Smartbar.GUI.MainClient.dll
2014-06-11 15:28 - 2014-06-11 15:28 - 00067864 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\spbl.dll
2014-06-11 15:28 - 2014-06-11 15:28 - 00156952 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\Smartbar.Resources.HistoryAndStatsWrapper.dll
2014-06-11 15:28 - 2014-06-11 15:28 - 00015128 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\siem.dll
2014-06-11 15:28 - 2014-06-11 15:28 - 00066840 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\sppsm.dll
2014-06-11 15:28 - 2014-06-11 15:28 - 00697624 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\Smartbar.GUI.Controls.dll
2014-06-11 15:28 - 2014-06-11 15:28 - 00015640 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.BusinessEntities.dll
2014-06-11 15:28 - 2014-06-11 15:28 - 00079640 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\Smartbar.GUI.Docking.dll
2014-06-11 15:28 - 2014-06-11 15:28 - 00027928 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\Smartbar.Personalization.Common.dll
2014-06-11 15:29 - 2014-06-11 15:29 - 00060184 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\srut.dll
2014-06-11 15:28 - 2014-06-11 15:28 - 00030488 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\srsbs.dll
2014-06-11 15:28 - 2014-06-11 15:28 - 00066328 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.InternetExplorerLocalPlugin.dll
2014-06-11 15:28 - 2014-06-11 15:28 - 00150296 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\smti.dll
2014-06-11 15:28 - 2014-06-11 15:28 - 00032024 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\srom.dll
2014-06-11 15:28 - 2014-06-11 15:28 - 00031512 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\smtu.dll
2014-06-11 15:28 - 2014-06-11 15:28 - 00040216 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\smta.dll
2014-06-11 15:28 - 2014-06-11 15:28 - 00046872 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\srbu.dll
2014-06-11 15:28 - 2014-06-11 15:28 - 00024856 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\sgml.dll
2014-06-11 15:28 - 2014-06-11 15:28 - 00062744 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\Smartbar.Resources.LanguageSettings.dll
2014-06-11 15:28 - 2014-06-11 15:28 - 00025368 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\srpdm.dll
2014-06-11 15:27 - 2014-06-11 15:27 - 00044312 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\MACTrackBarLib.dll
2014-06-11 15:27 - 2014-06-11 15:27 - 00025880 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\de\Smartbar.Resources.LanguageSettings.resources.dll
2014-06-11 15:28 - 2014-06-11 15:28 - 00036120 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.dll
2014-06-11 15:28 - 2014-06-11 15:28 - 00256280 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\srns.dll
2014-06-24 21:41 - 2014-06-24 21:41 - 03852912 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-06-11 15:27 - 2014-06-11 15:27 - 00034072 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\lrcnt.dll
2013-07-30 17:40 - 2012-06-25 19:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


==================== Faulty Device Manager Devices =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/28/2014 03:35:54 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3.
Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird.

Error: (07/28/2014 03:35:54 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3.
Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird.

Error: (07/28/2014 03:35:54 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3.
Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird.

Error: (07/28/2014 03:18:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Umbrella210.exe, Version: 4.29.0.1, Zeitstempel: 0x53c89bf9
Name des fehlerhaften Moduls: Umbrella210.exe, Version: 4.29.0.1, Zeitstempel: 0x53c89bf9
Ausnahmecode: 0x40000015
Fehleroffset: 0x001c05a9
ID des fehlerhaften Prozesses: 0xe2c
Startzeit der fehlerhaften Anwendung: 0xUmbrella210.exe0
Pfad der fehlerhaften Anwendung: Umbrella210.exe1
Pfad des fehlerhaften Moduls: Umbrella210.exe2
Berichtskennung: Umbrella210.exe3
Vollständiger Name des fehlerhaften Pakets: Umbrella210.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Umbrella210.exe5

Error: (07/28/2014 10:10:42 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15594

Error: (07/28/2014 10:10:42 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15594

Error: (07/28/2014 10:10:42 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/26/2014 07:24:33 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 12265

Error: (07/26/2014 07:24:33 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 12265

Error: (07/26/2014 07:24:33 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (07/29/2014 02:53:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (07/29/2014 02:51:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "McAfee SiteAdvisor Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (07/29/2014 00:29:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (07/29/2014 00:26:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "McAfee SiteAdvisor Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (07/28/2014 03:18:23 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "SProtection" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (07/25/2014 03:28:26 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (07/25/2014 03:26:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "McAfee SiteAdvisor Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (07/25/2014 03:26:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Computer Backup (MyPC Backup)" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (07/25/2014 03:26:17 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Computer Backup (MyPC Backup) erreicht.

Error: (07/22/2014 01:40:25 PM) (Source: Tcpip) (EventID: 4199) (User: )
Description: Das System hat einen Adressenkonflikt der IP-Adresse 192.168.2.100 mit dem Computer mit der
Netzwerkhardwareadresse 00-26-AB-68-ED-8E ermittelt. Netzwerkvorgänge könnten daher auf diesem
System unterbrochen werden.


Microsoft Office Sessions:
=========================
Error: (07/28/2014 03:35:54 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\WordAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\WordAddIn2003.dll.Manifest4

Error: (07/28/2014 03:35:54 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\PowerPointAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\PowerPointAddIn2003.dll.Manifest4

Error: (07/28/2014 03:35:54 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\ExcelAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\ExcelAddIn2003.dll.Manifest4

Error: (07/28/2014 03:18:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Umbrella210.exe4.29.0.153c89bf9Umbrella210.exe4.29.0.153c89bf940000015001c05a9e2c01cfa80c05658c6eC:\Program Files (x86)\Common Files\Umbrella\Umbrella210.exeC:\Program Files (x86)\Common Files\Umbrella\Umbrella210.exea45faa4e-1659-11e4-be8c-208984ce3dc2

Error: (07/28/2014 10:10:42 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15594

Error: (07/28/2014 10:10:42 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15594

Error: (07/28/2014 10:10:42 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/26/2014 07:24:33 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 12265

Error: (07/26/2014 07:24:33 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 12265

Error: (07/26/2014 07:24:33 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


==================== Memory info ===========================

Percentage of memory in use: 26%
Total physical RAM: 8007.27 MB
Available physical RAM: 5922.41 MB
Total Pagefile: 11463.27 MB
Available Pagefile: 9320.42 MB
Total Virtual: 8192 MB
Available Virtual: 8191.76 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:682.19 GB) (Free:598.92 GB) NTFS
Drive d: (27 Jun 2014) (CDROM) (Total:0.69 GB) (Free:0.3 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 699 GB) (Disk ID: B716F7A2)

Partition: GPT Partition Type.

==================== End Of Log ============================

Alt 29.07.2014, 14:25   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Mozilla öffnet von alleine neue Tabs - Standard

Mozilla öffnet von alleine neue Tabs



hi,

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.





Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________

__________________

Alt 29.07.2014, 14:32   #3
Drums93
 
Mozilla öffnet von alleine neue Tabs - Standard

Mozilla öffnet von alleine neue Tabs



Entschuldigung, hier noch mal:

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-07-2014
Ran by Markus (administrator) on MORGAN on 29-07-2014 15:06:36
Running from C:\Users\Markus\Downloads
Platform: Windows 8 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Cherished Technololgy LIMITED) C:\ProgramData\IePluginServices\PluginService.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(SIEN S.A.) C:\Program Files (x86)\Common Files\IMGUpdater\IMGUpdater.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(Iminent) C:\Program Files (x86)\Common Files\Umbrella\Umbrella210.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Iminent) C:\Program Files (x86)\Common Files\Umbrella\Umbrella210.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
() C:\Program Files (x86)\SupTab\HpUI.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
() C:\Program Files (x86)\SupTab\Loader32.exe
() C:\Program Files (x86)\SupTab\Loader64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Spotify Ltd) C:\Users\Markus\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Smartbar) C:\Users\Markus\AppData\Local\Smartbar\Application\Smartbar.exe
(Dritek System Inc.) C:\Program Files (x86)\RadioController\RfBtnHelper.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
() C:\Users\Markus\AppData\Local\Smartbar\Application\Lrcnta.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.EXE
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2873744 2012-11-20] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM-x32\...\Run: [LManager] => [X]
HKLM-x32\...\Run: [RadioController] => C:\Program Files (x86)\RadioController\RfBtnHelper.exe [111216 2013-07-30] (Dritek System Inc.)
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2994880 2012-08-15] (Symantec Corporation)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1273448 2012-04-03] (CANON INC.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-03] (Apple Inc.)
HKLM-x32\...\Run: [mobilegeni daemon] => C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
HKLM-x32\...\Run: [AnyProtect Scanner] => "C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe"
HKLM-x32\...\Run: [AnyProtect Tray] => "C:\Program Files (x86)\AnyProtectEx\AnyProtectTrayIcon.exe"
HKLM-x32\...\Run: [fst_de_75] => [X]
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-07-08] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3478845354-2299671783-2462539787-1002\...\Run: [Spotify Web Helper] => C:\Users\Markus\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1176632 2014-07-01] (Spotify Ltd)
HKU\S-1-5-21-3478845354-2299671783-2462539787-1002\...\Run: [NextLive] => C:\Windows\SysWOW64\rundll32.exe "C:\Users\Markus\AppData\Roaming\newnext.me\nengine.dll",EntryPoint (the data entry has 6 more characters).
HKU\S-1-5-21-3478845354-2299671783-2462539787-1002\...\Run: [Browser Infrastructure Helper] => C:\Users\Markus\AppData\Local\Smartbar\Application\Smartbar.exe [28952 2014-06-11] (Smartbar)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [245872 2013-02-21] (NVIDIA Corporation)
AppInit_DLLs:  C:\PROGRA~3\FASTAN~1\FASTAN~2.DLL => C:\ProgramData\Fast And Safe\FastAndSafe_x64.dll [4302848 2014-07-24] ()
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [201576 2013-02-21] (NVIDIA Corporation)
AppInit_DLLs-x32:  c:\progra~3\fastan~1\fastan~1.dll => c:\ProgramData\Fast And Safe\FastAndSafe.dll [4125696 2014-07-24] ()
IFEO\DatamngrCoordinator.exe: [Debugger] tasklist.exe
ShellIconOverlayIdentifiers:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Markus\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64\SkyDriveShell64.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Markus\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64\SkyDriveShell64.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Markus\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64\SkyDriveShell64.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers:  SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers:  SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers:  SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Markus\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\SkyDriveShell.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Markus\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\SkyDriveShell.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Markus\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\SkyDriveShell.dll (Microsoft Corporation)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StLKYZZHUxozG7WbG8M4ZbpPFmdMdnxsM5TEzN82KrkxsAMQ2M_ucVyCiDfMqKfi8T7o6SfBNWAvVd3w2NVqtHbXB1QakofDqcezBu_mD55W29eHDqrmLA4QENdiskQFZ9MXzGUVgXaO89kx2x4S_Z5s01KLxwlX2MKGCdRC8T6vB2LLtpkVhp-9MmOw9z9BVWT2uaNGlcpA,,&q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://myhome.vi-view.com/?type=hp&ts=1406294425&from=tugs&uid=TOSHIBAXMQ01ABD075_53L8P7KXTXX53L8P7KXT
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StLKYZZHUxozG7WbG8M4ZbpPFmdMdnxsM5TEzN82KrkxsAMQ2M_ucVyCiDfMqKfi8T7o6SfBNWAvVd3w2NVqtHbXB1QakofDqcezBu_mD55W29eHDqrmLA4QENdiskQFZ9MXzGUVgXaO89kx2x4S_Z5s01KLxwlX2MKGCdRC8T6vB2LLtpkVhp-9MmOw9z9BVWT2uaNGlcpA,,&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://myhome.vi-view.com/web/?type=ds&ts=1406294425&from=tugs&uid=TOSHIBAXMQ01ABD075_53L8P7KXTXX53L8P7KXT&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://myhome.vi-view.com/?type=hp&ts=1406294425&from=tugs&uid=TOSHIBAXMQ01ABD075_53L8P7KXTXX53L8P7KXT
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://myhome.vi-view.com/?type=hp&ts=1406294425&from=tugs&uid=TOSHIBAXMQ01ABD075_53L8P7KXTXX53L8P7KXT
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://myhome.vi-view.com/web/?type=ds&ts=1406294425&from=tugs&uid=TOSHIBAXMQ01ABD075_53L8P7KXTXX53L8P7KXT&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://myhome.vi-view.com/web/?type=ds&ts=1406294425&from=tugs&uid=TOSHIBAXMQ01ABD075_53L8P7KXTXX53L8P7KXT&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://myhome.vi-view.com/?type=hp&ts=1406294425&from=tugs&uid=TOSHIBAXMQ01ABD075_53L8P7KXTXX53L8P7KXT
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://myhome.vi-view.com/?type=hp&ts=1406294425&from=tugs&uid=TOSHIBAXMQ01ABD075_53L8P7KXTXX53L8P7KXT
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://myhome.vi-view.com/web/?type=ds&ts=1406294425&from=tugs&uid=TOSHIBAXMQ01ABD075_53L8P7KXTXX53L8P7KXT&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.nationzoom.com/?type=sc&ts=1388195262&from=tugs&uid=TOSHIBAXMQ01ABD075_53L8P7KXTXX53L8P7KXT
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKLM - {A33DB9FD-7A8A-496E-92D3-9CFCF9D9E1C9} URL = hxxp://myhome.vi-view.com/web/?type=ds&ts=1406294425&from=tugs&uid=TOSHIBAXMQ01ABD075_53L8P7KXTXX53L8P7KXT&q={searchTerms}
SearchScopes: HKLM - {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKLM - {D5D69A15-4A00-4858-A6FD-DD708ED1681B} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://myhome.vi-view.com/web/?type=ds&ts=1406294425&from=tugs&uid=TOSHIBAXMQ01ABD075_53L8P7KXTXX53L8P7KXT&q={searchTerms}
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StLKYZZHUxozG7WbG8M4ZbpPFmdMdnxsM5TEzN82KrkxsAMQ2M_ucVyCiDfMqKfi8T7o6SfBNWAvVd3w2NVqtHbXB1QakofDqcezBu_mD55W29eHDqrmLA4QENdiskQFZ9MXzGUVgXaO89kx2x4S_Z5s01KLxwlX2MKGCdRC8T6vB2LLtpkVhp-9Mly-dU_lgAWBeU3Pfbag,,&q={searchTerms}
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://myhome.vi-view.com/web/?type=ds&ts=1406294425&from=tugs&uid=TOSHIBAXMQ01ABD075_53L8P7KXTXX53L8P7KXT&q={searchTerms}
SearchScopes: HKCU - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://start.iminent.com/?appId=DDDAC049-75D2-4819-AE02-A28036A20839&ref=toolbox&q={searchTerms}
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://start.iminent.com/?appId=DDDAC049-75D2-4819-AE02-A28036A20839&ref=toolbox&q={searchTerms}
SearchScopes: HKCU - {460C3D19-B3D4-4964-A550-77D263B0CCCB} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StLKYZZHUxozG7WbG8M4ZbpPFmdMdnxsM5TEzN82KrkxsAMQ2M_ucVyCiDfMqKfi8T7o6SfBNWAvVd3w2NVqtHbXB1QakofDqcezBu_mD55W29eHDqrmLA4QENdiskQFZ9MXzGUVgXaO89kx2x4S_Z5s01KLxwlX2MKGCdRC8T6vB2LLtpkVhp-9MmOw9z9BVWT2uaNGlcpA,,&q={searchTerms}
SearchScopes: HKCU - {A33DB9FD-7A8A-496E-92D3-9CFCF9D9E1C9} URL = hxxp://myhome.vi-view.com/web/?type=ds&ts=1406294425&from=tugs&uid=TOSHIBAXMQ01ABD075_53L8P7KXTXX53L8P7KXT&q={searchTerms}
BHO: video MediaPlay-Air -> {11111111-1111-1111-1111-110611171199} -> C:\Program Files (x86)\video MediaPlay-Air\video MediaPlay-Air-bho64.dll (enter)
BHO: Yahoo Community Smartbar (by Linkury)Engine -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: video MediaPlay-Air -> {11111111-1111-1111-1111-110611171199} -> C:\Program Files (x86)\video MediaPlay-Air\video MediaPlay-Air-bho.dll (enter)
BHO-x32: Yahoo Community Smartbar (by Linkury)Engine -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: IETabPage Class -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -> C:\Program Files (x86)\SupTab\SupTab.dll (Thinknice Co. Limited)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: No Name -> {84FF7BD6-B47F-46F8-9130-01B2696B36CB} ->  No File
Toolbar: HKLM - Yahoo Community Smartbar (by Linkury) - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKLM-x32 - Yahoo Community Smartbar (by Linkury) - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\ppfgea47.default
FF NewTab: chrome://quick_start/content/index.html
FF DefaultSearchEngine: StartWeb
FF SearchEngineOrder.1: Sichere Suche
FF SelectedSearchEngine: StartWeb
FF Homepage: www.google.de
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin HKCU: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF SearchPlugin: C:\Users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\ppfgea47.default\searchplugins\Web Search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\nationzoom.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\StartWeb.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\vi-view.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: video MediaPlay-Air - C:\Users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\ppfgea47.default\Extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com [2014-07-25]
FF Extension: HQPureQualV1.8 - C:\Users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\ppfgea47.default\Extensions\d55cd0d7-9f24-4660-95b3-188599e8e4f8@6b2faf04-e86f-4bcf-a878-632814acf518.com [2014-07-25]
FF Extension: cosstminn - C:\Users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\ppfgea47.default\Extensions\eeoaaaye@o-qjgl.edu [2014-07-25]
FF Extension: Fast Start - C:\Users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\ppfgea47.default\Extensions\faststartff@gmail.com [2014-07-25]
FF Extension: WOwCiouuppon - C:\Users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\ppfgea47.default\Extensions\rhooy@kafnvxxz.co.uk [2014-07-24]
FF Extension: Iminent - C:\Users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\ppfgea47.default\Extensions\webbooster@iminent.com.xpi [2014-07-03]
FF HKLM-x32\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\ppfgea47.default\extensions\faststartff@gmail.com

Chrome: 
=======
CHR HomePage: hxxp://start.iminent.com/?appId=DDDAC049-75D2-4819-AE02-A28036A20839
CHR StartupUrls: "https://www.google.de/?gws_rd=ssl"
CHR DefaultSearchKeyword: start.iminent.com
CHR DefaultNewTabURL: 
CHR Extension: (Google Docs) - C:\Users\Markus\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-26]
CHR Extension: (Google Drive) - C:\Users\Markus\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-26]
CHR Extension: (YouTube) - C:\Users\Markus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-26]
CHR Extension: (Google-Suche) - C:\Users\Markus\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-26]
CHR Extension: (cosstminn) - C:\Users\Markus\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf [2014-07-25]
CHR Extension: (Google Wallet) - C:\Users\Markus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-26]
CHR Extension: (Quick start) - C:\Users\Markus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma [2014-07-25]
CHR Extension: (Google Mail) - C:\Users\Markus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-26]
CHR Extension: (cosstminn) - C:\Users\Markus\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0 [2014-07-25]
CHR HKLM-x32\...\Chrome\Extension: [igdhbblpcellaljokkpfhcjlagemhgjl] - "C:\Program Files (x86)\Iminent\Iminent.crx" [2014-07-25]
CHR HKLM-x32\...\Chrome\Extension: [pelmeidfhdlhlbjimpabfcbnnojbboma] - C:\Users\Markus\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv3.crx [2014-07-25]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 64af91bf; c:\ProgramData\Fast And Safe\FastAndSafeSvc.dll [186192 2014-07-24] () [File not signed]
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2615368 2013-02-19] (Acer Incorporated)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2356408 2014-06-19] (Microsoft Corporation)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [662088 2013-03-15] (Acer Incorporated)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [100752 2012-11-20] (ELAN Microelectronics Corp.)
R2 GlobalUpdater; C:\Program Files (x86)\Common Files\IMGUpdater\IMGUpdater.exe [378152 2014-06-18] (SIEN S.A.)
R2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe [702344 2014-07-25] (Cherished Technololgy LIMITED)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [3943104 2012-08-15] (Symantec Corporation)
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [96880 2013-07-30] (Dritek System INC.)
R2 SProtection; C:\Program Files (x86)\Common Files\Umbrella\Umbrella210.exe [3209024 2014-07-18] (Iminent)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
S2 McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [5139968 2012-06-02] (Broadcom Corporation)
R1 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0401000.00E\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2013-07-30] (Dritek System Inc.)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-07-29 15:06 - 2014-07-29 15:07 - 00026731 _____ () C:\Users\Markus\Downloads\FRST.txt
2014-07-29 15:05 - 2014-07-29 15:06 - 00000000 ____D () C:\FRST
2014-07-29 15:05 - 2014-07-29 15:05 - 02093568 _____ (Farbar) C:\Users\Markus\Downloads\FRST64.exe
2014-07-29 14:49 - 2014-07-16 00:51 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
2014-07-29 14:49 - 2014-05-29 06:04 - 00094552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2014-07-29 14:49 - 2014-05-08 03:34 - 00328024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2014-07-28 15:32 - 2014-07-28 15:32 - 00000000 ____D () C:\Program Files (x86)\WowCouponn
2014-07-25 15:29 - 2014-07-25 15:29 - 00003118 _____ () C:\Windows\System32\Tasks\{D0140B21-80DB-4F5B-9F90-290E5EA14860}
2014-07-25 15:26 - 2014-07-25 15:28 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\Probit Software
2014-07-25 15:23 - 2014-07-25 15:23 - 00000000 ____D () C:\Users\Markus\AppData\Local\com
2014-07-25 15:22 - 2014-07-29 14:52 - 00001732 _____ () C:\Windows\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-1.job
2014-07-25 15:22 - 2014-07-29 14:52 - 00001566 _____ () C:\Windows\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-5_user.job
2014-07-25 15:22 - 2014-07-29 14:52 - 00001550 _____ () C:\Windows\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-5.job
2014-07-25 15:22 - 2014-07-29 14:52 - 00001478 _____ () C:\Windows\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-2.job
2014-07-25 15:22 - 2014-07-25 15:22 - 00004736 _____ () C:\Windows\System32\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-1
2014-07-25 15:22 - 2014-07-25 15:22 - 00004554 _____ () C:\Windows\System32\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-5
2014-07-25 15:22 - 2014-07-25 15:22 - 00004482 _____ () C:\Windows\System32\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-2
2014-07-25 15:21 - 2014-07-29 14:52 - 00002366 _____ () C:\Windows\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-4.job
2014-07-25 15:21 - 2014-07-25 15:23 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-07-25 15:21 - 2014-07-25 15:22 - 00005370 _____ () C:\Windows\System32\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-4
2014-07-25 15:21 - 2014-07-25 15:21 - 00000000 ____D () C:\ProgramData\IePluginServices
2014-07-25 15:21 - 2014-07-25 15:21 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-07-25 15:20 - 2014-07-28 15:26 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-07-25 15:20 - 2014-07-25 15:25 - 00000000 ____D () C:\ProgramData\cosstminn
2014-07-25 15:20 - 2014-07-25 15:22 - 00000000 ____D () C:\Program Files (x86)\video MediaPlay-Air
2014-07-25 15:20 - 2014-07-25 15:21 - 00000000 ____D () C:\Program Files (x86)\cosstminn
2014-07-25 15:20 - 2014-07-25 15:20 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-07-25 15:20 - 2014-07-25 15:20 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Chromatic Browser
2014-07-25 15:20 - 2014-07-25 15:20 - 00000000 ____D () C:\Users\Markus\AppData\Local\globalUpdate
2014-07-25 15:20 - 2014-07-25 15:20 - 00000000 ____D () C:\Users\Markus\AppData\Local\Chromatic Browser
2014-07-25 15:20 - 2014-07-25 15:20 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser
2014-07-25 15:20 - 2014-07-25 15:20 - 00000000 ____D () C:\Users\Gast\AppData\Local\Chromatic Browser
2014-07-25 15:20 - 2014-07-25 15:20 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Chromatic Browser
2014-07-25 15:19 - 2014-07-25 15:28 - 00000000 ____D () C:\Program Files (x86)\Probit Software
2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Torch
2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Google
2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Comodo
2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\Markus\AppData\Local\Torch
2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\Markus\AppData\Local\SearchProtect
2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\Markus\AppData\Local\Comodo
2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Torch
2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\Gast\AppData\Local\Torch
2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google
2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\Gast\AppData\Local\Comodo
2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\Gast
2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Torch
2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\Administrator
2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 _____ () C:\END
2014-07-25 15:18 - 2014-07-25 15:18 - 01399360 _____ () C:\Users\Markus\Downloads\Setup.exe
2014-07-24 07:26 - 2014-07-28 15:32 - 00000000 ____D () C:\ProgramData\7a791e75f7c17ac
2014-07-24 07:25 - 2014-07-29 12:26 - 00000000 ____D () C:\ProgramData\WowCouponn
2014-07-24 07:05 - 2014-07-24 07:05 - 00000000 ____D () C:\ProgramData\Fast And Safe
2014-07-11 14:53 - 2014-07-11 14:53 - 00001787 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-07-11 14:53 - 2014-07-11 14:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-07-11 14:53 - 2014-07-11 14:53 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-07-11 14:53 - 2014-07-11 14:53 - 00000000 ____D () C:\Program Files\iTunes
2014-07-11 14:53 - 2014-07-11 14:53 - 00000000 ____D () C:\Program Files\iPod
2014-07-11 14:53 - 2014-07-11 14:53 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-07-11 13:42 - 2014-07-11 13:42 - 00000000 ____D () C:\ProgramData\Microsoft OneDrive
2014-07-11 13:30 - 2014-07-11 13:30 - 00000000 __RHD () C:\MSOCache
2014-07-10 20:35 - 2014-07-10 20:35 - 00421880 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-10 11:37 - 2014-06-26 22:53 - 00703968 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-07-10 11:37 - 2014-06-26 22:53 - 00105440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-10 11:34 - 2014-07-10 11:35 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-09 00:38 - 2014-06-18 01:27 - 01440256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-07-09 00:38 - 2014-06-18 01:24 - 01557504 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-09 00:38 - 2014-06-11 06:18 - 04038144 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-09 00:38 - 2014-06-03 00:33 - 00265216 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2014-07-09 00:38 - 2014-05-30 01:31 - 00452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2014-07-09 00:38 - 2014-05-30 01:03 - 00588288 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2014-07-09 00:38 - 2014-05-30 01:02 - 01281536 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-09 00:38 - 2014-05-30 01:02 - 00439808 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll
2014-07-09 00:38 - 2014-05-03 08:34 - 06974808 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-07-09 00:38 - 2014-05-03 08:33 - 01824808 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-07-09 00:38 - 2014-05-03 06:51 - 01408976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-07-09 00:38 - 2014-05-02 00:37 - 01023488 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-07-09 00:38 - 2014-04-30 00:32 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\Robocopy.exe
2014-07-09 00:38 - 2014-04-30 00:32 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Robocopy.exe
2014-07-09 00:38 - 2014-04-24 01:51 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-07-09 00:38 - 2014-04-24 01:51 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-09 00:38 - 2014-04-24 01:38 - 00693760 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-07-09 00:38 - 2014-04-24 01:38 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-09 00:37 - 2014-07-01 00:42 - 00702464 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-09 00:37 - 2014-07-01 00:42 - 00394240 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-07-09 00:37 - 2014-07-01 00:42 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-07-09 00:37 - 2014-06-28 05:35 - 00556544 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-07-09 00:37 - 2014-06-19 04:12 - 02239488 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-09 00:37 - 2014-06-19 04:12 - 01366528 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-09 00:37 - 2014-06-19 04:12 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-07-09 00:37 - 2014-06-19 04:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-07-09 00:37 - 2014-06-19 04:12 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-09 00:37 - 2014-06-19 04:11 - 19277312 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-09 00:37 - 2014-06-19 04:11 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-09 00:37 - 2014-06-19 04:11 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-09 00:37 - 2014-06-19 04:10 - 15369728 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-09 00:37 - 2014-06-19 04:10 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-09 00:37 - 2014-06-19 04:10 - 02650624 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-09 00:37 - 2014-06-19 04:10 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-07-09 00:37 - 2014-06-19 04:10 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-09 00:37 - 2014-06-19 04:10 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-09 00:37 - 2014-06-19 04:10 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-09 00:37 - 2014-06-19 04:10 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-09 00:37 - 2014-06-19 04:10 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-07-09 00:37 - 2014-06-19 04:10 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-09 00:37 - 2014-06-19 04:10 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-09 00:37 - 2014-06-19 04:10 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-09 00:37 - 2014-06-19 04:09 - 01508864 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-09 00:37 - 2014-06-19 02:53 - 14368768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-09 00:37 - 2014-06-19 02:53 - 01766400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-09 00:37 - 2014-06-19 02:53 - 01141760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-09 00:37 - 2014-06-19 02:53 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-09 00:37 - 2014-06-19 02:53 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-09 00:37 - 2014-06-19 02:53 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-09 00:37 - 2014-06-19 02:53 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-07-09 00:37 - 2014-06-19 02:52 - 13732352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-09 00:37 - 2014-06-19 02:52 - 02863616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-09 00:37 - 2014-06-19 02:52 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-09 00:37 - 2014-06-19 02:52 - 01440768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-09 00:37 - 2014-06-19 02:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-07-09 00:37 - 2014-06-19 02:52 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-09 00:37 - 2014-06-19 02:52 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-09 00:37 - 2014-06-19 02:52 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-09 00:37 - 2014-06-19 02:52 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-07-09 00:37 - 2014-06-19 02:52 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-09 00:37 - 2014-06-19 02:52 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-09 00:37 - 2014-06-19 02:52 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-09 00:37 - 2014-06-19 02:33 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-09 00:37 - 2014-06-19 02:30 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-09 00:37 - 2014-06-19 00:05 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2014-07-09 00:37 - 2014-06-06 16:06 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-09 00:37 - 2014-06-06 12:17 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-07-09 00:37 - 2014-05-30 00:24 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-03 18:50 - 2014-07-03 18:50 - 00001077 _____ () C:\Users\Markus\Desktop\DENON DJ ASIO Driver.lnk
2014-07-03 18:50 - 2014-07-03 18:50 - 00000000 ____D () C:\Program Files (x86)\DENON_DJ
2014-07-03 18:49 - 2014-07-03 18:49 - 00435075 _____ () C:\Users\Markus\Downloads\DDJAsioDrv101.zip
2014-07-03 17:52 - 2014-07-03 17:52 - 00001098 _____ () C:\Users\Public\Desktop\Controller Editor.lnk
2014-07-03 17:52 - 2014-07-03 17:52 - 00000000 __HDC () C:\ProgramData\{FA277A43-401F-4EAE-9068-FCDF88DB3EA9}
2014-07-03 17:45 - 2014-07-03 17:46 - 00000000 ____D () C:\Users\Markus\Documents\Native Instruments
2014-07-03 17:41 - 2014-07-03 17:41 - 00001006 _____ () C:\Users\Public\Desktop\Traktor 2.lnk
2014-07-03 17:41 - 2014-07-03 17:41 - 00000000 __HDC () C:\ProgramData\{05C334F7-C2A4-418A-9BC8-1542AE38D62B}
2014-07-03 17:37 - 2014-07-03 17:37 - 00000000 __HDC () C:\ProgramData\{D2030082-F62A-402A-9456-8009276FD896}
2014-07-03 17:37 - 2014-07-03 17:37 - 00000000 __HDC () C:\ProgramData\{B3478C15-588A-4968-AD66-76AA98803A28}
2014-07-03 17:37 - 2014-07-03 17:37 - 00000000 __HDC () C:\ProgramData\{4682E4CB-7209-4099-8AA1-580ABCCCE731}
2014-07-03 17:37 - 2014-07-03 17:37 - 00000000 __HDC () C:\ProgramData\{033B4844-E9C3-45D2-88D9-34DDF3F91100}
2014-07-03 17:36 - 2014-07-03 17:36 - 00000000 __HDC () C:\ProgramData\{EB21323D-3F46-4EF0-B849-B096B7705C69}
2014-07-03 17:36 - 2014-07-03 17:36 - 00000000 __HDC () C:\ProgramData\{9B09061B-0A4F-42DA-9987-7D3F452DCB09}
2014-07-03 17:36 - 2014-07-03 17:36 - 00000000 __HDC () C:\ProgramData\{9597097D-B8DC-4754-AF2D-CB61CCFC861A}
2014-07-03 17:36 - 2014-07-03 17:36 - 00000000 __HDC () C:\ProgramData\{662EAAEC-9E9A-4C69-A658-884E51E909BB}
2014-07-03 17:36 - 2014-07-03 17:36 - 00000000 __HDC () C:\ProgramData\{5EE4F9B1-7274-48A2-9C25-C287604C3058}
2014-07-03 17:36 - 2014-07-03 17:36 - 00000000 __HDC () C:\ProgramData\{219191E6-6846-4329-889D-7956C487D9A6}
2014-07-03 17:36 - 2014-07-03 17:36 - 00000000 __HDC () C:\ProgramData\{0CC85DFF-E70A-4AB0-968A-F1F98F4D0C67}
2014-07-03 17:36 - 2014-07-03 17:36 - 00000000 __HDC () C:\ProgramData\{018F1C44-00D1-417B-B251-92A5634F74AE}
2014-07-03 17:35 - 2014-07-03 17:35 - 00000000 __HDC () C:\ProgramData\{B7C85E99-2AC6-455D-B4D1-752A56403757}
2014-07-03 17:35 - 2014-07-03 17:35 - 00000000 __HDC () C:\ProgramData\{AF79C86B-2321-4D47-A168-2A24BA2B6A73}
2014-07-03 17:35 - 2014-07-03 17:35 - 00000000 __HDC () C:\ProgramData\{9F570B21-E27A-40BE-A508-292899A7D042}
2014-07-03 17:35 - 2014-07-03 17:35 - 00000000 __HDC () C:\ProgramData\{57B31BE2-3175-4425-9722-D2AC5F68C7BD}
2014-07-03 17:34 - 2014-07-03 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments
2014-07-03 17:34 - 2014-07-03 17:52 - 00000000 ____D () C:\Program Files\Native Instruments
2014-07-03 17:34 - 2014-07-03 17:52 - 00000000 ____D () C:\Program Files\Common Files\Native Instruments
2014-07-03 17:34 - 2014-07-03 17:37 - 00000000 ____D () C:\ProgramData\Native Instruments
2014-07-03 17:34 - 2014-07-03 17:34 - 00001063 _____ () C:\Users\Public\Desktop\Service Center.lnk
2014-07-03 17:34 - 2014-07-03 17:34 - 00000000 __HDC () C:\ProgramData\{C6A355F5-168B-4EEC-AB7C-75594F783EDB}
2014-07-03 17:19 - 2014-07-03 17:26 - 534450853 _____ () C:\Users\Markus\Downloads\Traktor_2_268_PC.zip
2014-07-03 15:36 - 2014-07-11 13:25 - 00000000 ____D () C:\Users\Markus\Desktop\Noten
2014-07-03 15:35 - 2014-07-03 15:54 - 00000000 ____D () C:\Users\Markus\Desktop\Musik Markus
2014-07-03 15:07 - 2014-07-24 07:05 - 00000000 ____D () C:\ProgramData\374311380
2014-07-03 15:05 - 2014-07-03 15:05 - 00000000 ____D () C:\Users\Markus\AppData\Local\Smartbar
2014-07-03 15:05 - 2014-07-03 15:05 - 00000000 ____D () C:\Users\Markus\AppData\Local\LPT
2014-07-03 15:03 - 2014-07-03 15:07 - 00000000 ____D () C:\Program Files (x86)\Optimizer Pro
2014-07-03 15:02 - 2014-07-03 15:02 - 00797384 _____ (Company limited) C:\Users\Markus\Downloads\Virtual DJ v7.0 PRO   Crack [ChattChitto RG].exe
2014-07-03 14:54 - 2014-07-03 14:54 - 01250584 _____ () C:\Users\Markus\Downloads\jvlsetup.exe
2014-07-03 13:53 - 2014-07-03 13:53 - 00000000 ____D () C:\Program Files (x86)\predm
2014-07-03 13:41 - 2014-06-18 09:54 - 00000000 ____D () C:\Program Files (x86)\Iminent
2014-07-03 13:40 - 2014-07-03 13:54 - 00000000 ____D () C:\Users\Markus\AppData\Local\Genesis_07031140
2014-07-03 13:40 - 2014-07-03 13:40 - 00000000 ____D () C:\Program Files\003
2014-07-03 13:27 - 2014-07-03 13:47 - 00000378 _____ () C:\Windows\Tasks\APSnotifierPP1.job
2014-07-03 13:27 - 2014-07-03 13:36 - 00000376 _____ () C:\Windows\Tasks\APSnotifierPP3.job
2014-07-03 13:27 - 2014-07-03 13:36 - 00000376 _____ () C:\Windows\Tasks\APSnotifierPP2.job
2014-07-03 13:27 - 2014-07-03 13:28 - 00002808 _____ () C:\Windows\System32\Tasks\APSnotifierPP3
2014-07-03 13:27 - 2014-07-03 13:28 - 00002808 _____ () C:\Windows\System32\Tasks\APSnotifierPP2
2014-07-03 13:27 - 2014-07-03 13:27 - 00002810 _____ () C:\Windows\System32\Tasks\APSnotifierPP1
2014-07-03 13:27 - 2014-07-03 13:27 - 00000318 _____ () C:\Users\Markus\AppData\Roaming\aps.uninstall.scan.results
2014-07-03 13:26 - 2014-07-03 13:41 - 00000000 ____D () C:\Program Files (x86)\PC Speed Up
2014-07-03 13:26 - 2014-07-03 13:26 - 00623696 _____ (Click Me In Limited) C:\Users\Markus\AppData\Local\nsbB897.tmp
2014-07-03 13:26 - 2014-07-03 13:26 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\InetStat
2014-07-03 12:35 - 2014-07-03 12:35 - 00012800 ___SH () C:\Users\Markus\Documents\Thumbs.db
2014-07-02 17:51 - 2014-07-03 12:22 - 00000000 ____D () C:\Users\Markus\AppData\Local\Deployment
2014-07-02 17:51 - 2014-07-02 17:51 - 00000000 ____D () C:\Users\Markus\AppData\Local\Apps\2.0
2014-07-01 15:23 - 2014-07-01 15:23 - 00002128 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2014-07-01 15:23 - 2014-07-01 15:23 - 00002128 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2014-07-01 15:23 - 2014-07-01 15:23 - 00000000 ___RD () C:\Users\Markus\SkyDrive
2014-07-01 15:23 - 2014-07-01 15:23 - 00000000 ____D () C:\ProgramData\Microsoft SkyDrive
2014-07-01 15:23 - 2014-07-01 15:23 - 00000000 ____D () C:\Program Files (x86)\Microsoft SkyDrive
2014-07-01 15:18 - 2014-07-01 15:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-07-01 15:17 - 2014-07-10 12:04 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-07-01 15:17 - 2014-07-01 15:17 - 00989376 _____ (Microsoft Corporation) C:\Users\Markus\Downloads\Setup.X86.de-DE_O365HomePremRetail_87ed99a4-6c59-4399-a86e-769502a1fec2_TX_DB_.exe
2014-07-01 10:46 - 2014-07-01 10:46 - 00000000 ____D () C:\Users\Markus\AppData\Local\Tracker Software

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-07-29 15:07 - 2014-07-29 15:06 - 00026731 _____ () C:\Users\Markus\Downloads\FRST.txt
2014-07-29 15:06 - 2014-07-29 15:05 - 00000000 ____D () C:\FRST
2014-07-29 15:05 - 2014-07-29 15:05 - 02093568 _____ (Farbar) C:\Users\Markus\Downloads\FRST64.exe
2014-07-29 15:00 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\sru
2014-07-29 14:58 - 2013-07-31 03:19 - 00753134 _____ () C:\Windows\system32\perfh007.dat
2014-07-29 14:58 - 2013-07-31 03:19 - 00155826 _____ () C:\Windows\system32\perfc007.dat
2014-07-29 14:58 - 2012-07-26 09:28 - 01745416 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-29 14:52 - 2014-07-25 15:22 - 00001732 _____ () C:\Windows\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-1.job
2014-07-29 14:52 - 2014-07-25 15:22 - 00001566 _____ () C:\Windows\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-5_user.job
2014-07-29 14:52 - 2014-07-25 15:22 - 00001550 _____ () C:\Windows\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-5.job
2014-07-29 14:52 - 2014-07-25 15:22 - 00001478 _____ () C:\Windows\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-2.job
2014-07-29 14:52 - 2014-07-25 15:21 - 00002366 _____ () C:\Windows\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-4.job
2014-07-29 14:52 - 2014-03-26 21:09 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-29 14:52 - 2013-12-28 03:48 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\newnext.me
2014-07-29 14:51 - 2012-07-26 09:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-29 14:50 - 2013-10-28 22:33 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-29 14:50 - 2013-07-30 17:35 - 01098036 _____ () C:\Windows\WindowsUpdate.log
2014-07-29 14:50 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-07-29 14:49 - 2012-07-26 09:59 - 00000000 ____D () C:\Windows\CbsTemp
2014-07-29 14:35 - 2014-03-26 21:09 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-29 12:26 - 2014-07-24 07:25 - 00000000 ____D () C:\ProgramData\WowCouponn
2014-07-29 12:26 - 2013-05-23 06:13 - 00042110 _____ () C:\Windows\PFRO.log
2014-07-28 16:01 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-07-28 15:32 - 2014-07-28 15:32 - 00000000 ____D () C:\Program Files (x86)\WowCouponn
2014-07-28 15:32 - 2014-07-24 07:26 - 00000000 ____D () C:\ProgramData\7a791e75f7c17ac
2014-07-28 15:26 - 2014-07-25 15:20 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-07-25 15:29 - 2014-07-25 15:29 - 00003118 _____ () C:\Windows\System32\Tasks\{D0140B21-80DB-4F5B-9F90-290E5EA14860}
2014-07-25 15:28 - 2014-07-25 15:26 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\Probit Software
2014-07-25 15:28 - 2014-07-25 15:19 - 00000000 ____D () C:\Program Files (x86)\Probit Software
2014-07-25 15:26 - 2014-03-26 21:09 - 00002237 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-07-25 15:25 - 2014-07-25 15:20 - 00000000 ____D () C:\ProgramData\cosstminn
2014-07-25 15:23 - 2014-07-25 15:23 - 00000000 ____D () C:\Users\Markus\AppData\Local\com
2014-07-25 15:23 - 2014-07-25 15:21 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-07-25 15:22 - 2014-07-25 15:22 - 00004736 _____ () C:\Windows\System32\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-1
2014-07-25 15:22 - 2014-07-25 15:22 - 00004554 _____ () C:\Windows\System32\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-5
2014-07-25 15:22 - 2014-07-25 15:22 - 00004482 _____ () C:\Windows\System32\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-2
2014-07-25 15:22 - 2014-07-25 15:21 - 00005370 _____ () C:\Windows\System32\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-4
2014-07-25 15:22 - 2014-07-25 15:20 - 00000000 ____D () C:\Program Files (x86)\video MediaPlay-Air
2014-07-25 15:21 - 2014-07-25 15:21 - 00000000 ____D () C:\ProgramData\IePluginServices
2014-07-25 15:21 - 2014-07-25 15:21 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-07-25 15:21 - 2014-07-25 15:20 - 00000000 ____D () C:\Program Files (x86)\cosstminn
2014-07-25 15:21 - 2014-03-26 21:09 - 00000000 ____D () C:\Program Files (x86)\Google
2014-07-25 15:20 - 2014-07-25 15:20 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-07-25 15:20 - 2014-07-25 15:20 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Chromatic Browser
2014-07-25 15:20 - 2014-07-25 15:20 - 00000000 ____D () C:\Users\Markus\AppData\Local\globalUpdate
2014-07-25 15:20 - 2014-07-25 15:20 - 00000000 ____D () C:\Users\Markus\AppData\Local\Chromatic Browser
2014-07-25 15:20 - 2014-07-25 15:20 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser
2014-07-25 15:20 - 2014-07-25 15:20 - 00000000 ____D () C:\Users\Gast\AppData\Local\Chromatic Browser
2014-07-25 15:20 - 2014-07-25 15:20 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Chromatic Browser
2014-07-25 15:20 - 2012-07-26 10:12 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-07-25 15:20 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Torch
2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Google
2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Comodo
2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\Markus\AppData\Local\Torch
2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\Markus\AppData\Local\SearchProtect
2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\Markus\AppData\Local\Comodo
2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Torch
2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\Gast\AppData\Local\Torch
2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google
2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\Gast\AppData\Local\Comodo
2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\Gast
2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Torch
2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\Administrator
2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 _____ () C:\END
2014-07-25 15:19 - 2014-03-26 21:09 - 00000000 ____D () C:\Users\Markus\AppData\Local\Google
2014-07-25 15:18 - 2014-07-25 15:18 - 01399360 _____ () C:\Users\Markus\Downloads\Setup.exe
2014-07-24 07:05 - 2014-07-24 07:05 - 00000000 ____D () C:\ProgramData\Fast And Safe
2014-07-24 07:05 - 2014-07-03 15:07 - 00000000 ____D () C:\ProgramData\374311380
2014-07-20 16:25 - 2012-07-26 09:21 - 00036379 _____ () C:\Windows\setupact.log
2014-07-16 00:51 - 2014-07-29 14:49 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
2014-07-11 17:54 - 2013-10-26 15:38 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3478845354-2299671783-2462539787-1002
2014-07-11 14:53 - 2014-07-11 14:53 - 00001787 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-07-11 14:53 - 2014-07-11 14:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-07-11 14:53 - 2014-07-11 14:53 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-07-11 14:53 - 2014-07-11 14:53 - 00000000 ____D () C:\Program Files\iTunes
2014-07-11 14:53 - 2014-07-11 14:53 - 00000000 ____D () C:\Program Files\iPod
2014-07-11 14:53 - 2014-07-11 14:53 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-07-11 13:42 - 2014-07-11 13:42 - 00000000 ____D () C:\ProgramData\Microsoft OneDrive
2014-07-11 13:30 - 2014-07-11 13:30 - 00000000 __RHD () C:\MSOCache
2014-07-11 13:25 - 2014-07-03 15:36 - 00000000 ____D () C:\Users\Markus\Desktop\Noten
2014-07-11 13:20 - 2014-01-06 00:33 - 00083456 ___SH () C:\Users\Markus\Desktop\Thumbs.db
2014-07-10 20:35 - 2014-07-10 20:35 - 00421880 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-10 13:22 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\rescache
2014-07-10 12:04 - 2014-07-01 15:17 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-07-10 11:35 - 2014-07-10 11:34 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-10 11:35 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-10 11:35 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-10 11:34 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\WinStore
2014-07-10 11:34 - 2012-07-26 09:52 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-09 12:21 - 2013-10-27 04:04 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-09 12:18 - 2013-10-27 04:04 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-07-09 00:50 - 2013-10-28 22:33 - 00003772 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-07-04 16:36 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-07-04 01:19 - 2013-11-18 02:03 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-07-04 01:11 - 2013-12-04 22:06 - 00036352 ___SH () C:\Users\Markus\Downloads\Thumbs.db
2014-07-03 18:50 - 2014-07-03 18:50 - 00001077 _____ () C:\Users\Markus\Desktop\DENON DJ ASIO Driver.lnk
2014-07-03 18:50 - 2014-07-03 18:50 - 00000000 ____D () C:\Program Files (x86)\DENON_DJ
2014-07-03 18:49 - 2014-07-03 18:49 - 00435075 _____ () C:\Users\Markus\Downloads\DDJAsioDrv101.zip
2014-07-03 17:52 - 2014-07-03 17:52 - 00001098 _____ () C:\Users\Public\Desktop\Controller Editor.lnk
2014-07-03 17:52 - 2014-07-03 17:52 - 00000000 __HDC () C:\ProgramData\{FA277A43-401F-4EAE-9068-FCDF88DB3EA9}
2014-07-03 17:52 - 2014-07-03 17:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments
2014-07-03 17:52 - 2014-07-03 17:34 - 00000000 ____D () C:\Program Files\Native Instruments
2014-07-03 17:52 - 2014-07-03 17:34 - 00000000 ____D () C:\Program Files\Common Files\Native Instruments
2014-07-03 17:46 - 2014-07-03 17:45 - 00000000 ____D () C:\Users\Markus\Documents\Native Instruments
2014-07-03 17:41 - 2014-07-03 17:41 - 00001006 _____ () C:\Users\Public\Desktop\Traktor 2.lnk
2014-07-03 17:41 - 2014-07-03 17:41 - 00000000 __HDC () C:\ProgramData\{05C334F7-C2A4-418A-9BC8-1542AE38D62B}
2014-07-03 17:37 - 2014-07-03 17:37 - 00000000 __HDC () C:\ProgramData\{D2030082-F62A-402A-9456-8009276FD896}
2014-07-03 17:37 - 2014-07-03 17:37 - 00000000 __HDC () C:\ProgramData\{B3478C15-588A-4968-AD66-76AA98803A28}
2014-07-03 17:37 - 2014-07-03 17:37 - 00000000 __HDC () C:\ProgramData\{4682E4CB-7209-4099-8AA1-580ABCCCE731}
2014-07-03 17:37 - 2014-07-03 17:37 - 00000000 __HDC () C:\ProgramData\{033B4844-E9C3-45D2-88D9-34DDF3F91100}
2014-07-03 17:37 - 2014-07-03 17:34 - 00000000 ____D () C:\ProgramData\Native Instruments
2014-07-03 17:37 - 2013-07-30 17:48 - 00118426 _____ () C:\Windows\DPINST.LOG
2014-07-03 17:36 - 2014-07-03 17:36 - 00000000 __HDC () C:\ProgramData\{EB21323D-3F46-4EF0-B849-B096B7705C69}
2014-07-03 17:36 - 2014-07-03 17:36 - 00000000 __HDC () C:\ProgramData\{9B09061B-0A4F-42DA-9987-7D3F452DCB09}
2014-07-03 17:36 - 2014-07-03 17:36 - 00000000 __HDC () C:\ProgramData\{9597097D-B8DC-4754-AF2D-CB61CCFC861A}
2014-07-03 17:36 - 2014-07-03 17:36 - 00000000 __HDC () C:\ProgramData\{662EAAEC-9E9A-4C69-A658-884E51E909BB}
2014-07-03 17:36 - 2014-07-03 17:36 - 00000000 __HDC () C:\ProgramData\{5EE4F9B1-7274-48A2-9C25-C287604C3058}
2014-07-03 17:36 - 2014-07-03 17:36 - 00000000 __HDC () C:\ProgramData\{219191E6-6846-4329-889D-7956C487D9A6}
2014-07-03 17:36 - 2014-07-03 17:36 - 00000000 __HDC () C:\ProgramData\{0CC85DFF-E70A-4AB0-968A-F1F98F4D0C67}
2014-07-03 17:36 - 2014-07-03 17:36 - 00000000 __HDC () C:\ProgramData\{018F1C44-00D1-417B-B251-92A5634F74AE}
2014-07-03 17:35 - 2014-07-03 17:35 - 00000000 __HDC () C:\ProgramData\{B7C85E99-2AC6-455D-B4D1-752A56403757}
2014-07-03 17:35 - 2014-07-03 17:35 - 00000000 __HDC () C:\ProgramData\{AF79C86B-2321-4D47-A168-2A24BA2B6A73}
2014-07-03 17:35 - 2014-07-03 17:35 - 00000000 __HDC () C:\ProgramData\{9F570B21-E27A-40BE-A508-292899A7D042}
2014-07-03 17:35 - 2014-07-03 17:35 - 00000000 __HDC () C:\ProgramData\{57B31BE2-3175-4425-9722-D2AC5F68C7BD}
2014-07-03 17:34 - 2014-07-03 17:34 - 00001063 _____ () C:\Users\Public\Desktop\Service Center.lnk
2014-07-03 17:34 - 2014-07-03 17:34 - 00000000 __HDC () C:\ProgramData\{C6A355F5-168B-4EEC-AB7C-75594F783EDB}
2014-07-03 17:26 - 2014-07-03 17:19 - 534450853 _____ () C:\Users\Markus\Downloads\Traktor_2_268_PC.zip
2014-07-03 15:54 - 2014-07-03 15:35 - 00000000 ____D () C:\Users\Markus\Desktop\Musik Markus
2014-07-03 15:07 - 2014-07-03 15:03 - 00000000 ____D () C:\Program Files (x86)\Optimizer Pro
2014-07-03 15:05 - 2014-07-03 15:05 - 00000000 ____D () C:\Users\Markus\AppData\Local\Smartbar
2014-07-03 15:05 - 2014-07-03 15:05 - 00000000 ____D () C:\Users\Markus\AppData\Local\LPT
2014-07-03 15:02 - 2014-07-03 15:02 - 00797384 _____ (Company limited) C:\Users\Markus\Downloads\Virtual DJ v7.0 PRO   Crack [ChattChitto RG].exe
2014-07-03 14:54 - 2014-07-03 14:54 - 01250584 _____ () C:\Users\Markus\Downloads\jvlsetup.exe
2014-07-03 13:54 - 2014-07-03 13:40 - 00000000 ____D () C:\Users\Markus\AppData\Local\Genesis_07031140
2014-07-03 13:53 - 2014-07-03 13:53 - 00000000 ____D () C:\Program Files (x86)\predm
2014-07-03 13:47 - 2014-07-03 13:27 - 00000378 _____ () C:\Windows\Tasks\APSnotifierPP1.job
2014-07-03 13:41 - 2014-07-03 13:26 - 00000000 ____D () C:\Program Files (x86)\PC Speed Up
2014-07-03 13:40 - 2014-07-03 13:40 - 00000000 ____D () C:\Program Files\003
2014-07-03 13:37 - 2013-05-23 06:45 - 00000000 ____D () C:\ProgramData\McAfee
2014-07-03 13:36 - 2014-07-03 13:27 - 00000376 _____ () C:\Windows\Tasks\APSnotifierPP3.job
2014-07-03 13:36 - 2014-07-03 13:27 - 00000376 _____ () C:\Windows\Tasks\APSnotifierPP2.job
2014-07-03 13:35 - 2013-10-28 22:24 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-07-03 13:28 - 2014-07-03 13:27 - 00002808 _____ () C:\Windows\System32\Tasks\APSnotifierPP3
2014-07-03 13:28 - 2014-07-03 13:27 - 00002808 _____ () C:\Windows\System32\Tasks\APSnotifierPP2
2014-07-03 13:27 - 2014-07-03 13:27 - 00002810 _____ () C:\Windows\System32\Tasks\APSnotifierPP1
2014-07-03 13:27 - 2014-07-03 13:27 - 00000318 _____ () C:\Users\Markus\AppData\Roaming\aps.uninstall.scan.results
2014-07-03 13:26 - 2014-07-03 13:26 - 00623696 _____ (Click Me In Limited) C:\Users\Markus\AppData\Local\nsbB897.tmp
2014-07-03 13:26 - 2014-07-03 13:26 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\InetStat
2014-07-03 12:35 - 2014-07-03 12:35 - 00012800 ___SH () C:\Users\Markus\Documents\Thumbs.db
2014-07-03 12:22 - 2014-07-02 17:51 - 00000000 ____D () C:\Users\Markus\AppData\Local\Deployment
2014-07-02 17:51 - 2014-07-02 17:51 - 00000000 ____D () C:\Users\Markus\AppData\Local\Apps\2.0
2014-07-01 16:21 - 2013-10-26 15:34 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\Spotify
2014-07-01 15:23 - 2014-07-01 15:23 - 00002128 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2014-07-01 15:23 - 2014-07-01 15:23 - 00002128 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2014-07-01 15:23 - 2014-07-01 15:23 - 00000000 ___RD () C:\Users\Markus\SkyDrive
2014-07-01 15:23 - 2014-07-01 15:23 - 00000000 ____D () C:\ProgramData\Microsoft SkyDrive
2014-07-01 15:23 - 2014-07-01 15:23 - 00000000 ____D () C:\Program Files (x86)\Microsoft SkyDrive
2014-07-01 15:23 - 2013-10-26 15:28 - 00000000 ____D () C:\Users\Markus
2014-07-01 15:20 - 2014-07-01 15:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-07-01 15:18 - 2013-10-26 15:29 - 00000000 ____D () C:\Users\Markus\AppData\Local\VirtualStore
2014-07-01 15:17 - 2014-07-01 15:17 - 00989376 _____ (Microsoft Corporation) C:\Users\Markus\Downloads\Setup.X86.de-DE_O365HomePremRetail_87ed99a4-6c59-4399-a86e-769502a1fec2_TX_DB_.exe
2014-07-01 10:48 - 2013-05-23 06:45 - 00000000 ____D () C:\Program Files\mcafee
2014-07-01 10:46 - 2014-07-01 10:46 - 00000000 ____D () C:\Users\Markus\AppData\Local\Tracker Software
2014-07-01 10:24 - 2013-10-26 15:34 - 00000000 ____D () C:\Users\Markus\AppData\Local\Spotify
2014-07-01 00:42 - 2014-07-09 00:37 - 00702464 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-01 00:42 - 2014-07-09 00:37 - 00394240 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-07-01 00:42 - 2014-07-09 00:37 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll

Some content of TEMP:
====================
C:\Users\Markus\AppData\Local\Temp\BackupSetup.exe
C:\Users\Markus\AppData\Local\Temp\COMAP.EXE
C:\Users\Markus\AppData\Local\Temp\fp_pl_pfs_installer-1.exe
C:\Users\Markus\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\Markus\AppData\Local\Temp\Installer.exe
C:\Users\Markus\AppData\Local\Temp\MSETUP4.EXE
C:\Users\Markus\AppData\Local\Temp\nsb6A5.exe
C:\Users\Markus\AppData\Local\Temp\nsd3F29.exe
C:\Users\Markus\AppData\Local\Temp\nsg467E.exe
C:\Users\Markus\AppData\Local\Temp\nsiCC9.exe
C:\Users\Markus\AppData\Local\Temp\nsk1026.exe
C:\Users\Markus\AppData\Local\Temp\nsm93E.exe
C:\Users\Markus\AppData\Local\Temp\nsz42B4.exe
C:\Users\Markus\AppData\Local\Temp\OptimizerPro.exe
C:\Users\Markus\AppData\Local\Temp\Setup.exe
C:\Users\Markus\AppData\Local\Temp\UNT268F.exe
C:\Users\Markus\AppData\Local\Temp\UNT26B0.exe
C:\Users\Markus\AppData\Local\Temp\VOPackage.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-28 15:29

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---


Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-07-2014
Ran by Markus at 2014-07-29 15:07:38
Running from C:\Users\Markus\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 clear.fi SDK - Video 2 (x32 Version: 2.1.2606 - CyberLink Corp.) Hidden
 clear.fi SDK- Movie 2 (x32 Version: 2.1.2606 - CyberLink Corp.) Hidden
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3013 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3016 - Acer Incorporated)
AcerCloud Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.01.2008 - Acer Incorporated)
AcerCloud Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.02.2021 - Acer Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{21ECABC3-40B2-42DF-8E21-ACF3A4D0D95A}) (Version: 3.0.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.3.5.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version:  - ‪Canon Inc.‬)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.0.0 - Canon Inc.)
Canon MG2200 series Benutzerregistrierung (HKLM-x32\...\Canon MG2200 series Benutzerregistrierung) (Version:  - Canon Inc.‎)
Canon MG2200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2200_series) (Version: 1.00 - Canon Inc.)
Canon MG2200 series On-screen Manual (HKLM-x32\...\Canon MG2200 series On-screen Manual) (Version: 7.5.0 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 1.0.0 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 1.0.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.0.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.0.0 - Canon Inc.)
clear.fi Media (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.02.2012 - Acer Incorporated)
clear.fi Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.02.2016 - Acer Incorporated)
Delicious: Emily's Childhood Memories Premium Edition (x32 Version: 3.0.2.32 - WildTangent) Hidden
DENON DJ ASIO Driver (HKLM-x32\...\{E2BF2060-D1DB-441A-8739-30E7BAA534BA}) (Version: 1.0.0 - DENON_DJ)
Dritek Radio Controller (HKLM-x32\...\RadioController) (Version: 2.02.2001.0803 - Dritek System Inc.)
ETDWare PS/2-X64 11.6.16.003_WHQL (HKLM\...\Elantech) (Version: 11.6.16.003 - ELAN Microelectronic Corp.)
Fast And Safe (HKLM-x32\...\{5F189DF5-2D05-472B-9091-84D9848AE48B}{64af91bf}) (Version:  - GTgroup) <==== ATTENTION
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.125 - Google Inc.)
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3006 - Acer Incorporated)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2867 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.4.1001 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
iTunes (HKLM\...\{33E28B58-7BA0-47B7-AA01-9225ABA2B8A9}) (Version: 11.3.0.54 - Apple Inc.)
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 7.0.10 - Acer Inc.)
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.3010 - Acer Incorporated)
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Microsoft App Update for microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe (x64) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 15.0.4631.1002 - Microsoft Corporation)
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4041.0512 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2005 Tools for Office Runtime (x32 Version: 8.0.60940.0 - Microsoft Corporation) Hidden
Mozilla Firefox 30.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MuseScore 1.3 (HKLM-x32\...\MuseScore) (Version: 1.3.0 - Werner Schweer and Others)
Native Instruments Audio 2 DJ Driver (HKLM-x32\...\Native Instruments Audio 2 DJ Driver) (Version:  - Native Instruments)
Native Instruments Audio 2 DJ Driver (Version: 3.1.0.761 - Native Instruments) Hidden
Native Instruments Audio 4 DJ Driver (HKLM-x32\...\Native Instruments Audio 4 DJ Driver) (Version:  - Native Instruments)
Native Instruments Audio 4 DJ Driver (Version: 3.1.0.761 - Native Instruments) Hidden
Native Instruments Audio 8 DJ Driver (HKLM-x32\...\Native Instruments Audio 8 DJ Driver) (Version:  - Native Instruments)
Native Instruments Audio 8 DJ Driver (Version: 3.1.0.761 - Native Instruments) Hidden
Native Instruments Controller Editor (HKLM-x32\...\Native Instruments Controller Editor) (Version: 1.6.3.46 - Native Instruments)
Native Instruments Controller Editor (Version: 1.6.3.46 - Native Instruments) Hidden
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version: 2.5.2.1549 - Native Instruments)
Native Instruments Service Center (Version: 2.5.2.1549 - Native Instruments) Hidden
Native Instruments Traktor 2 (HKLM-x32\...\Native Instruments Traktor 2) (Version: 2.6.8.382 - Native Instruments)
Native Instruments Traktor 2 (Version: 2.6.8.382 - Native Instruments) Hidden
Native Instruments Traktor Audio 10 Driver (HKLM-x32\...\Native Instruments Traktor Audio 10 Driver) (Version:  - Native Instruments)
Native Instruments Traktor Audio 10 Driver (Version: 3.1.0.761 - Native Instruments) Hidden
Native Instruments Traktor Audio 2 Driver (HKLM-x32\...\Native Instruments Traktor Audio 2 Driver) (Version:  - Native Instruments)
Native Instruments Traktor Audio 2 Driver (Version: 3.1.0.761 - Native Instruments) Hidden
Native Instruments Traktor Audio 2 MK2 Driver (HKLM-x32\...\Native Instruments Traktor Audio 2 MK2 Driver) (Version:  - Native Instruments)
Native Instruments Traktor Audio 2 MK2 Driver (Version: 3.1.3.804 - Native Instruments) Hidden
Native Instruments Traktor Audio 6 Driver (HKLM-x32\...\Native Instruments Traktor Audio 6 Driver) (Version:  - Native Instruments)
Native Instruments Traktor Audio 6 Driver (Version: 3.1.0.761 - Native Instruments) Hidden
Native Instruments Traktor Kontrol F1 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol F1 Driver) (Version:  - Native Instruments)
Native Instruments Traktor Kontrol F1 Driver (Version: 3.0.2.664 - Native Instruments) Hidden
Native Instruments Traktor Kontrol S2 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol S2 Driver) (Version:  - Native Instruments)
Native Instruments Traktor Kontrol S2 Driver (Version: 3.1.0.761 - Native Instruments) Hidden
Native Instruments Traktor Kontrol S2 MK2 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol S2 MK2 Driver) (Version:  - Native Instruments)
Native Instruments Traktor Kontrol S2 MK2 Driver (Version: 3.1.2.795 - Native Instruments) Hidden
Native Instruments Traktor Kontrol S4 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol S4 Driver) (Version:  - Native Instruments)
Native Instruments Traktor Kontrol S4 Driver (Version: 3.1.0.761 - Native Instruments) Hidden
Native Instruments Traktor Kontrol S4 MK2 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol S4 MK2 Driver) (Version:  - Native Instruments)
Native Instruments Traktor Kontrol S4 MK2 Driver (Version: 3.1.2.795 - Native Instruments) Hidden
Native Instruments Traktor Kontrol X1 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol X1 Driver) (Version:  - Native Instruments)
Native Instruments Traktor Kontrol X1 Driver (Version: 3.0.1.648 - Native Instruments) Hidden
Native Instruments Traktor Kontrol X1 MK2 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol X1 MK2 Driver) (Version:  - Native Instruments)
Native Instruments Traktor Kontrol X1 MK2 Driver (Version: 3.1.1.780 - Native Instruments) Hidden
Native Instruments Traktor Kontrol Z1 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol Z1 Driver) (Version:  - Native Instruments)
Native Instruments Traktor Kontrol Z1 Driver (Version: 3.1.1.780 - Native Instruments) Hidden
Native Instruments Traktor Kontrol Z2 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol Z2 Driver) (Version:  - Native Instruments)
Native Instruments Traktor Kontrol Z2 Driver (Version: 3.1.0.761 - Native Instruments) Hidden
Nero BackItUp (x32 Version: 12.5.5000 - Nero AG) Hidden
Nero BackItUp 12 Essentials OEM.a01 (HKLM-x32\...\{4CA8F973-6377-4ABF-9ED5-CC2323B3C000}) (Version: 12.5.00500 - Nero AG)
Nero BackItUp Help (CHM) (x32 Version: 12.0.10000 - Nero AG) Hidden
Nero ControlCenter (x32 Version: 11.0.15600 - Nero AG) Hidden
Nero ControlCenter Help (CHM) (x32 Version: 12.0.7000 - Nero AG) Hidden
Nero Core Components (x32 Version: 11.0.20200 - Nero AG) Hidden
Nero Launcher (x32 Version: 12.2.7000 - Nero AG) Hidden
Nero RescueAgent (x32 Version: 12.0.3001 - Nero AG) Hidden
Nero RescueAgent Help (CHM) (x32 Version: 12.0.7000 - Nero AG) Hidden
Nero Update (x32 Version: 11.0.11800.31.0 - Nero AG) Hidden
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.2.3.51r2 - Symantec Corporation)
Norton Online Backup ARA (x32 Version: 4.1.0.14 - Symantec Corporation) Hidden
NVIDIA Grafiktreiber 311.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.30 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.109.706 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.11.3 (Version: 1.11.3 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.12.1031 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Systemsteuerung 311.30 (Version: 311.30 - NVIDIA Corporation) Hidden
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.11.3 - NVIDIA Corporation) Hidden
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4631.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4631.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4631.1002 - Microsoft Corporation) Hidden
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.02.2008 - Acer)
Office Addin 2003 (HKLM-x32\...\{1FCC073B-CC01-4443-AD20-E559F66E6E83}) (Version: 2.02.2008 - Acer)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.213.1 - Tracker Software Products Ltd)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
Qualcomm Atheros WiFi Driver Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 11.39 - Qualcomm Atheros)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6657 - Realtek Semiconductor Corp.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Spotify (HKLM-x32\...\Spotify) (Version: 0.8.4.99.ga249b5f1 - Spotify AB)
Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.10.5 - WildTangent) Hidden
Yahoo Community Smartbar (HKLM-x32\...\{3BC7022B-CDE0-4664-9AB6-E3EC25CE644A}) (Version: 11.63.66.17714 - Linkury Inc.) <==== ATTENTION

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3478845354-2299671783-2462539787-1002_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Markus\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3478845354-2299671783-2462539787-1002_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Markus\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3478845354-2299671783-2462539787-1002_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Markus\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3478845354-2299671783-2462539787-1002_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Markus\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3478845354-2299671783-2462539787-1002_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Markus\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points  =========================

08-07-2014 22:50:54 Windows Update
18-07-2014 10:30:50 Geplanter Prüfpunkt
28-07-2014 13:27:40 Geplanter Prüfpunkt

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {05213698-A30E-4087-A857-31B7B60B5F25} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2013-03-13] ()
Task: {12421D3C-85C4-48C8-9352-53C1AC3B0385} - System32\Tasks\APSnotifierPP1 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe
Task: {1A15979C-EE4A-4CF4-8CF5-4D52683E0C06} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {1BA20418-F45D-4183-A8A4-9192CAC32CD6} - System32\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-5_user => C:\Program Files (x86)\video MediaPlay-Air\c421907c-8d5f-4b54-af6e-98e6584c00d7-5.exe [2014-07-25] (enter) <==== ATTENTION
Task: {20850515-6079-456E-AB44-DCEBB8D45EF1} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2013-01-22] ()
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {24E43C6C-F3AC-463B-8C4B-0B2053EDFC8F} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-06-19] (Microsoft Corporation)
Task: {39CE24A0-32CB-4D61-8019-FEF551B287F2} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2013-01-23] (Acer Incorporated)
Task: {4586CBE0-97ED-4137-A2C6-712A2A5C4805} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-07-09] (Microsoft Corporation)
Task: {4C5BD0C1-8937-43CB-B64F-9120AA18F3B8} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2014-04-19] (Microsoft Corporation)
Task: {4FB017EE-E51B-40C1-A86A-5F5DC43A7801} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2013-03-15] (Acer Incorporated)
Task: {545A398B-78E7-464F-A80E-3A033AD37198} - System32\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-1 => C:\Program Files (x86)\video MediaPlay-Air\video MediaPlay-Air-codedownloader.exe [2014-07-25] (enter) <==== ATTENTION
Task: {5FDBD969-AC66-42BA-B22F-58849328109C} - System32\Tasks\APSnotifierPP2 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe
Task: {744490FD-A8F4-4CC0-878F-02D587DA55F1} - System32\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-4 => C:\Program Files (x86)\video MediaPlay-Air\c421907c-8d5f-4b54-af6e-98e6584c00d7-4.exe [2014-07-25] (enter) <==== ATTENTION
Task: {9174E7C1-BD86-402F-A9A3-A50B8AB03EEE} - System32\Tasks\APSnotifierPP3 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe
Task: {A198AA06-64A7-4996-A258-2E17F6098A91} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {E80D32C7-3C42-4C4E-B26A-F5B8567B330D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {E85FF466-D7B9-4206-8906-1898F42B0397} - System32\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-5 => C:\Program Files (x86)\video MediaPlay-Air\c421907c-8d5f-4b54-af6e-98e6584c00d7-5.exe [2014-07-25] (enter) <==== ATTENTION
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {EC07CB73-2C28-41A7-AD5F-140BA260C200} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09] (Adobe Systems Incorporated)
Task: {EC2BCA28-D75E-477D-A070-22C6183A4EE7} - System32\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-2 => C:\Program Files (x86)\video MediaPlay-Air\c421907c-8d5f-4b54-af6e-98e6584c00d7-2.exe [2014-07-25] (enter) <==== ATTENTION
Task: {FDDCCCB6-C4DD-4184-AE57-C7D07889303D} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-06-10] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\APSnotifierPP1.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP2.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP3.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-1.job => C:\Program Files (x86)\video MediaPlay-Air\video MediaPlay-Air-codedownloader.exe
Task: C:\Windows\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-2.job => C:\Program Files (x86)\video MediaPlay-Air\c421907c-8d5f-4b54-af6e-98e6584c00d7-2.exe
Task: C:\Windows\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-4.job => C:\Program Files (x86)\video MediaPlay-Air\c421907c-8d5f-4b54-af6e-98e6584c00d7-4.exe
Task: C:\Windows\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-5.job => C:\Program Files (x86)\video MediaPlay-Air\c421907c-8d5f-4b54-af6e-98e6584c00d7-5.exe
Task: C:\Windows\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-5_user.job => C:\Program Files (x86)\video MediaPlay-Air\c421907c-8d5f-4b54-af6e-98e6584c00d7-5.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-07-02 10:01 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-11-18 02:03 - 2012-03-28 14:49 - 00140456 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2014-07-23 16:32 - 2014-07-25 15:21 - 00106376 _____ () C:\Program Files (x86)\SupTab\WindowsSupportDll64.dll
2014-07-23 16:32 - 2014-07-25 15:21 - 00732040 _____ () C:\Program Files (x86)\SupTab\HpUI.exe
2014-07-16 11:16 - 2014-07-16 11:16 - 00064000 _____ () C:\Program Files (x86)\SupTab\Loader32.exe
2014-07-16 10:55 - 2014-07-16 10:55 - 00073216 _____ () C:\Program Files (x86)\SupTab\Loader64.exe
2013-05-23 07:06 - 2012-10-23 20:37 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-06-11 15:27 - 2014-06-11 15:27 - 00024344 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\Lrcnta.exe
2014-07-24 07:05 - 2014-07-24 07:05 - 00186192 _____ () c:\ProgramData\Fast And Safe\FastAndSafeSvc.dll
2014-07-24 07:05 - 2014-07-24 07:05 - 04125696 _____ () c:\ProgramData\Fast And Safe\FastAndSafe.dll
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-07-23 16:32 - 2014-07-25 15:21 - 00093576 _____ () C:\Program Files (x86)\SupTab\WindowsSupportDll32.dll
2014-06-11 15:28 - 2014-06-11 15:28 - 00045848 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Core.dll
2014-06-11 15:28 - 2014-06-11 15:28 - 00070936 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\srau.dll
2014-06-11 15:28 - 2014-06-11 15:28 - 00166680 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Utilities.dll
2014-06-11 15:28 - 2014-06-11 15:28 - 02337048 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\Smartbar.GUI.MainClient.dll
2014-06-11 15:28 - 2014-06-11 15:28 - 00067864 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\spbl.dll
2014-06-11 15:28 - 2014-06-11 15:28 - 00156952 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\Smartbar.Resources.HistoryAndStatsWrapper.dll
2014-06-11 15:28 - 2014-06-11 15:28 - 00015128 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\siem.dll
2014-06-11 15:28 - 2014-06-11 15:28 - 00066840 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\sppsm.dll
2014-06-11 15:28 - 2014-06-11 15:28 - 00697624 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\Smartbar.GUI.Controls.dll
2014-06-11 15:28 - 2014-06-11 15:28 - 00015640 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.BusinessEntities.dll
2014-06-11 15:28 - 2014-06-11 15:28 - 00079640 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\Smartbar.GUI.Docking.dll
2014-06-11 15:28 - 2014-06-11 15:28 - 00027928 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\Smartbar.Personalization.Common.dll
2014-06-11 15:29 - 2014-06-11 15:29 - 00060184 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\srut.dll
2014-06-11 15:28 - 2014-06-11 15:28 - 00030488 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\srsbs.dll
2014-06-11 15:28 - 2014-06-11 15:28 - 00066328 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.InternetExplorerLocalPlugin.dll
2014-06-11 15:28 - 2014-06-11 15:28 - 00150296 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\smti.dll
2014-06-11 15:28 - 2014-06-11 15:28 - 00032024 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\srom.dll
2014-06-11 15:28 - 2014-06-11 15:28 - 00031512 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\smtu.dll
2014-06-11 15:28 - 2014-06-11 15:28 - 00040216 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\smta.dll
2014-06-11 15:28 - 2014-06-11 15:28 - 00046872 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\srbu.dll
2014-06-11 15:28 - 2014-06-11 15:28 - 00024856 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\sgml.dll
2014-06-11 15:28 - 2014-06-11 15:28 - 00062744 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\Smartbar.Resources.LanguageSettings.dll
2014-06-11 15:28 - 2014-06-11 15:28 - 00025368 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\srpdm.dll
2014-06-11 15:27 - 2014-06-11 15:27 - 00044312 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\MACTrackBarLib.dll
2014-06-11 15:27 - 2014-06-11 15:27 - 00025880 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\de\Smartbar.Resources.LanguageSettings.resources.dll
2014-06-11 15:28 - 2014-06-11 15:28 - 00036120 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.dll
2014-06-11 15:28 - 2014-06-11 15:28 - 00256280 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\srns.dll
2014-06-24 21:41 - 2014-06-24 21:41 - 03852912 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-06-11 15:27 - 2014-06-11 15:27 - 00034072 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\lrcnt.dll
2013-07-30 17:40 - 2012-06-25 19:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


==================== Faulty Device Manager Devices =============

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/28/2014 03:35:54 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3.
Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird.

Error: (07/28/2014 03:35:54 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3.
Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird.

Error: (07/28/2014 03:35:54 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3.
Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird.

Error: (07/28/2014 03:18:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Umbrella210.exe, Version: 4.29.0.1, Zeitstempel: 0x53c89bf9
Name des fehlerhaften Moduls: Umbrella210.exe, Version: 4.29.0.1, Zeitstempel: 0x53c89bf9
Ausnahmecode: 0x40000015
Fehleroffset: 0x001c05a9
ID des fehlerhaften Prozesses: 0xe2c
Startzeit der fehlerhaften Anwendung: 0xUmbrella210.exe0
Pfad der fehlerhaften Anwendung: Umbrella210.exe1
Pfad des fehlerhaften Moduls: Umbrella210.exe2
Berichtskennung: Umbrella210.exe3
Vollständiger Name des fehlerhaften Pakets: Umbrella210.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Umbrella210.exe5

Error: (07/28/2014 10:10:42 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15594

Error: (07/28/2014 10:10:42 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15594

Error: (07/28/2014 10:10:42 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/26/2014 07:24:33 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 12265

Error: (07/26/2014 07:24:33 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 12265

Error: (07/26/2014 07:24:33 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (07/29/2014 02:53:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (07/29/2014 02:51:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "McAfee SiteAdvisor Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (07/29/2014 00:29:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (07/29/2014 00:26:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "McAfee SiteAdvisor Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (07/28/2014 03:18:23 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "SProtection" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (07/25/2014 03:28:26 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (07/25/2014 03:26:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "McAfee SiteAdvisor Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (07/25/2014 03:26:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Computer Backup (MyPC Backup)" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (07/25/2014 03:26:17 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Computer Backup (MyPC Backup) erreicht.

Error: (07/22/2014 01:40:25 PM) (Source: Tcpip) (EventID: 4199) (User: )
Description: Das System hat einen Adressenkonflikt der IP-Adresse 192.168.2.100 mit dem Computer mit der
Netzwerkhardwareadresse 00-26-AB-68-ED-8E ermittelt. Netzwerkvorgänge könnten daher auf diesem
System unterbrochen werden.


Microsoft Office Sessions:
=========================
Error: (07/28/2014 03:35:54 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\WordAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\WordAddIn2003.dll.Manifest4

Error: (07/28/2014 03:35:54 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\PowerPointAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\PowerPointAddIn2003.dll.Manifest4

Error: (07/28/2014 03:35:54 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\ExcelAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\ExcelAddIn2003.dll.Manifest4

Error: (07/28/2014 03:18:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Umbrella210.exe4.29.0.153c89bf9Umbrella210.exe4.29.0.153c89bf940000015001c05a9e2c01cfa80c05658c6eC:\Program Files (x86)\Common Files\Umbrella\Umbrella210.exeC:\Program Files (x86)\Common Files\Umbrella\Umbrella210.exea45faa4e-1659-11e4-be8c-208984ce3dc2

Error: (07/28/2014 10:10:42 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15594

Error: (07/28/2014 10:10:42 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15594

Error: (07/28/2014 10:10:42 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/26/2014 07:24:33 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 12265

Error: (07/26/2014 07:24:33 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 12265

Error: (07/26/2014 07:24:33 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


==================== Memory info =========================== 

Percentage of memory in use: 26%
Total physical RAM: 8007.27 MB
Available physical RAM: 5922.41 MB
Total Pagefile: 11463.27 MB
Available Pagefile: 9320.42 MB
Total Virtual: 8192 MB
Available Virtual: 8191.76 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:682.19 GB) (Free:598.92 GB) NTFS
Drive d: (27 Jun 2014) (CDROM) (Total:0.69 GB) (Free:0.3 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 699 GB) (Disk ID: B716F7A2)

Partition: GPT Partition Type.

==================== End Of Log ============================
         
__________________

Alt 29.07.2014, 14:53   #4
Drums93
 
Mozilla öffnet von alleine neue Tabs - Standard

Mozilla öffnet von alleine neue Tabs



Code:
ATTFilter
Combofix Logfile:
Code:
ATTFilter
ComboFix 14-07-29.01 - Markus 29.07.2014  15:45:19.2.4 - x64
Microsoft Windows 8  6.2.9200.0.1252.49.1031.18.8007.6162 [GMT 2:00]
ausgeführt von:: c:\users\Markus\Downloads\ComboFix.exe
AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\374311380
c:\programdata\Fast And Safe
c:\programdata\Fast And Safe\FastAndSafe.dll
c:\programdata\Fast And Safe\FastAndSafe_x64.dll
c:\programdata\Fast And Safe\FastAndSafeSvc.dll
c:\users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf
c:\users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\background.html
c:\users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\content.js
c:\users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\lsdb.js
c:\users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\manifest.json
c:\users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\Q2mGGUdhl6.js
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\background.html
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\content.js
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\lsdb.js
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\manifest.json
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\Q2mGGUdhl6.js
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\background.html
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\content.js
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\lsdb.js
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\manifest.json
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\Q2mGGUdhl6.js
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\background.html
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\content.js
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\lsdb.js
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\manifest.json
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\Q2mGGUdhl6.js
c:\users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf
c:\users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\background.html
c:\users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\content.js
c:\users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\lsdb.js
c:\users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\manifest.json
c:\users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\Q2mGGUdhl6.js
c:\users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf
c:\users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\background.html
c:\users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\content.js
c:\users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\lsdb.js
c:\users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\manifest.json
c:\users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\Q2mGGUdhl6.js
c:\users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf
c:\users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\background.html
c:\users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\content.js
c:\users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\lsdb.js
c:\users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\manifest.json
c:\users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\Q2mGGUdhl6.js
c:\users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf
c:\users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\background.html
c:\users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\content.js
c:\users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\lsdb.js
c:\users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\manifest.json
c:\users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\Q2mGGUdhl6.js
c:\users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf
c:\users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\background.html
c:\users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\content.js
c:\users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\lsdb.js
c:\users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\manifest.json
c:\users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\Q2mGGUdhl6.js
c:\users\Gast\AppData\Local\Torch\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf
c:\users\Gast\AppData\Local\Torch\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\background.html
c:\users\Gast\AppData\Local\Torch\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\content.js
c:\users\Gast\AppData\Local\Torch\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\lsdb.js
c:\users\Gast\AppData\Local\Torch\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\manifest.json
c:\users\Gast\AppData\Local\Torch\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\Q2mGGUdhl6.js
c:\users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf
c:\users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\background.html
c:\users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\content.js
c:\users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\lsdb.js
c:\users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\manifest.json
c:\users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\Q2mGGUdhl6.js
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\background.html
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\content.js
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\lsdb.js
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\manifest.json
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\Q2mGGUdhl6.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\background.html
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\content.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\lsdb.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\manifest.json
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\Q2mGGUdhl6.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\background.html
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\content.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\lsdb.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\manifest.json
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\Q2mGGUdhl6.js
c:\users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf
c:\users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\background.html
c:\users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\content.js
c:\users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\lsdb.js
c:\users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\manifest.json
c:\users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\Q2mGGUdhl6.js
c:\users\Markus\AppData\Local\assembly\tmp
c:\users\Markus\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf
c:\users\Markus\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\background.html
c:\users\Markus\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\content.js
c:\users\Markus\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\lsdb.js
c:\users\Markus\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\manifest.json
c:\users\Markus\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\Q2mGGUdhl6.js
c:\users\Markus\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf
c:\users\Markus\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\background.html
c:\users\Markus\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\content.js
c:\users\Markus\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\lsdb.js
c:\users\Markus\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\manifest.json
c:\users\Markus\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\Q2mGGUdhl6.js
c:\users\Markus\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf
c:\users\Markus\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\background.html
c:\users\Markus\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\content.js
c:\users\Markus\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\lsdb.js
c:\users\Markus\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\manifest.json
c:\users\Markus\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\Q2mGGUdhl6.js
c:\users\Markus\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf
c:\users\Markus\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\background.html
c:\users\Markus\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\content.js
c:\users\Markus\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\lsdb.js
c:\users\Markus\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\manifest.json
c:\users\Markus\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\Q2mGGUdhl6.js
c:\users\Markus\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ghcdgpmhjhikmldekhhgpaplffndalcf_0.localstorage-journal
c:\users\Markus\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ghcdgpmhjhikmldekhhgpaplffndalcf_0.localstorage
c:\users\Markus\AppData\Local\Google\Chrome\User Data\Default\Preferences
c:\users\Markus\AppData\Local\nsbB897.tmp
c:\users\Markus\AppData\Local\Torch\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf
c:\users\Markus\AppData\Local\Torch\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\background.html
c:\users\Markus\AppData\Local\Torch\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\content.js
c:\users\Markus\AppData\Local\Torch\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\lsdb.js
c:\users\Markus\AppData\Local\Torch\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\manifest.json
c:\users\Markus\AppData\Local\Torch\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\Q2mGGUdhl6.js
c:\users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\ppfgea47.default\extensions\eeoaaaye@o-qjgl.edu
c:\users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\ppfgea47.default\extensions\eeoaaaye@o-qjgl.edu\bootstrap.js
c:\users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\ppfgea47.default\extensions\eeoaaaye@o-qjgl.edu\chrome.manifest
c:\users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\ppfgea47.default\extensions\eeoaaaye@o-qjgl.edu\content\bg.js
c:\users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\ppfgea47.default\extensions\eeoaaaye@o-qjgl.edu\install.rdf
c:\users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\ppfgea47.default\extensions\rhooy@kafnvxxz.co.uk
c:\users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\ppfgea47.default\extensions\rhooy@kafnvxxz.co.uk\bootstrap.js
c:\users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\ppfgea47.default\extensions\rhooy@kafnvxxz.co.uk\chrome.manifest
c:\users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\ppfgea47.default\extensions\rhooy@kafnvxxz.co.uk\content\bg.js
c:\users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\ppfgea47.default\extensions\rhooy@kafnvxxz.co.uk\install.rdf
c:\users\UpdatusUser\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf
c:\users\UpdatusUser\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\background.html
c:\users\UpdatusUser\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\content.js
c:\users\UpdatusUser\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\lsdb.js
c:\users\UpdatusUser\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\manifest.json
c:\users\UpdatusUser\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\Q2mGGUdhl6.js
c:\users\UpdatusUser\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf
c:\users\UpdatusUser\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\background.html
c:\users\UpdatusUser\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\content.js
c:\users\UpdatusUser\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\lsdb.js
c:\users\UpdatusUser\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\manifest.json
c:\users\UpdatusUser\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\Q2mGGUdhl6.js
c:\users\UpdatusUser\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf
c:\users\UpdatusUser\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\background.html
c:\users\UpdatusUser\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\content.js
c:\users\UpdatusUser\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\lsdb.js
c:\users\UpdatusUser\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\manifest.json
c:\users\UpdatusUser\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\Q2mGGUdhl6.js
c:\users\UpdatusUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf
c:\users\UpdatusUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\background.html
c:\users\UpdatusUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\content.js
c:\users\UpdatusUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\lsdb.js
c:\users\UpdatusUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\manifest.json
c:\users\UpdatusUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\Q2mGGUdhl6.js
c:\users\UpdatusUser\AppData\Local\Torch\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf
c:\users\UpdatusUser\AppData\Local\Torch\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\background.html
c:\users\UpdatusUser\AppData\Local\Torch\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\content.js
c:\users\UpdatusUser\AppData\Local\Torch\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\lsdb.js
c:\users\UpdatusUser\AppData\Local\Torch\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\manifest.json
c:\users\UpdatusUser\AppData\Local\Torch\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\Q2mGGUdhl6.js
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-06-28 bis 2014-07-29  ))))))))))))))))))))))))))))))
.
.
2014-07-29 13:49 . 2014-07-29 13:49	--------	d-----w-	c:\users\Markus\AppData\Local\temp
2014-07-29 13:49 . 2014-07-29 13:49	--------	d-----w-	c:\users\Default\AppData\Local\temp
2014-07-29 13:49 . 2014-07-29 13:49	--------	d-----w-	c:\users\UpdatusUser\AppData\Local\temp
2014-07-29 13:05 . 2014-07-29 13:08	--------	d-----w-	C:\FRST
2014-07-29 12:53 . 2014-07-29 12:53	75888	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{EDDB9506-4EFE-45F8-BFBE-0323AB4ED65C}\offreg.dll
2014-07-29 12:49 . 2014-07-15 22:51	71168	----a-w-	c:\windows\system32\drivers\hdaudbus.sys
2014-07-29 12:49 . 2014-05-29 04:04	94552	----a-w-	c:\windows\system32\drivers\mountmgr.sys
2014-07-29 12:49 . 2014-05-08 01:34	328024	----a-w-	c:\windows\system32\drivers\Classpnp.sys
2014-07-29 10:27 . 2014-07-29 10:27	--------	d-----w-	c:\windows\ServiceProfiles\LocalService\winhttp
2014-07-29 10:05 . 2014-07-02 03:09	10924376	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{EDDB9506-4EFE-45F8-BFBE-0323AB4ED65C}\mpengine.dll
2014-07-28 13:32 . 2014-07-28 13:32	--------	d-----w-	c:\program files (x86)\WowCouponn
2014-07-25 13:26 . 2014-07-25 13:28	--------	d-----w-	c:\users\Markus\AppData\Roaming\Probit Software
2014-07-25 13:23 . 2014-07-25 13:23	--------	d-----w-	c:\users\Markus\AppData\Local\com
2014-07-25 13:21 . 2014-07-25 13:21	--------	d-----w-	c:\programdata\IePluginServices
2014-07-25 13:21 . 2014-07-25 13:21	--------	d-----w-	c:\program files (x86)\SupTab
2014-07-25 13:21 . 2014-07-25 13:23	--------	d-----w-	c:\programdata\WindowsMangerProtect
2014-07-25 13:20 . 2014-07-28 13:26	--------	d-----w-	c:\program files (x86)\globalUpdate
2014-07-25 13:20 . 2014-07-25 13:20	--------	d-----w-	c:\users\Markus\AppData\Local\globalUpdate
2014-07-25 13:20 . 2014-07-25 13:22	--------	d-----w-	c:\program files (x86)\video MediaPlay-Air
2014-07-25 13:20 . 2014-07-25 13:25	--------	d-----w-	c:\programdata\cosstminn
2014-07-25 13:20 . 2014-07-25 13:21	--------	d-----w-	c:\program files (x86)\cosstminn
2014-07-25 13:20 . 2014-07-25 13:20	--------	d-----w-	c:\users\UpdatusUser\AppData\Local\Chromatic Browser
2014-07-25 13:20 . 2014-07-25 13:20	--------	d-----w-	c:\users\Markus\AppData\Local\Chromatic Browser
2014-07-25 13:19 . 2014-07-25 13:19	--------	d-----w-	c:\users\UpdatusUser\AppData\Local\Torch
2014-07-25 13:19 . 2014-07-25 13:19	--------	d-----w-	c:\users\Markus\AppData\Local\Torch
2014-07-25 13:19 . 2014-07-25 13:19	--------	d-----w-	c:\users\UpdatusUser\AppData\Local\Google
2014-07-25 13:19 . 2014-07-25 13:19	--------	d-----w-	c:\users\UpdatusUser\AppData\Local\Comodo
2014-07-25 13:19 . 2014-07-25 13:19	--------	d-----w-	c:\users\Markus\AppData\Local\Comodo
2014-07-25 13:19 . 2014-07-25 13:19	--------	d-----w-	c:\users\HomeGroupUser$
2014-07-25 13:19 . 2014-07-25 13:19	--------	d-----w-	c:\users\Gast
2014-07-25 13:19 . 2014-07-25 13:19	--------	d-----w-	c:\users\Administrator
2014-07-25 13:19 . 2014-07-25 13:28	--------	d-----w-	c:\program files (x86)\Probit Software
2014-07-25 13:19 . 2014-07-25 13:19	--------	d-----w-	c:\users\Markus\AppData\Local\SearchProtect
2014-07-24 05:26 . 2014-07-28 13:32	--------	d-----w-	c:\programdata\7a791e75f7c17ac
2014-07-24 05:25 . 2014-07-29 10:26	--------	d-----w-	c:\programdata\WowCouponn
2014-07-11 12:53 . 2014-07-11 12:53	--------	d-----w-	c:\program files\iPod
2014-07-11 12:53 . 2014-07-11 12:53	--------	d-----w-	c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-07-11 12:53 . 2014-07-11 12:53	--------	d-----w-	c:\program files\iTunes
2014-07-11 12:53 . 2014-07-11 12:53	--------	d-----w-	c:\program files (x86)\iTunes
2014-07-11 11:42 . 2014-07-11 11:42	--------	d-----w-	c:\programdata\Microsoft OneDrive
2014-07-11 11:30 . 2014-07-11 11:30	--------	d-----r-	C:\MSOCache
2014-07-10 09:37 . 2014-06-26 20:53	703968	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2014-07-10 09:37 . 2014-06-26 20:53	105440	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-07-10 09:34 . 2014-07-10 09:35	--------	d-s---w-	c:\windows\system32\CompatTel
2014-07-08 22:37 . 2014-06-30 22:42	394240	----a-w-	c:\windows\system32\devinv.dll
2014-07-05 09:46 . 2014-07-05 09:46	257704	----a-w-	c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10243.bin
2014-07-03 16:50 . 2014-07-03 16:50	--------	d-----w-	c:\program files (x86)\DENON_DJ
2014-07-03 15:52 . 2014-07-03 15:52	--------	dc-h--w-	c:\programdata\{FA277A43-401F-4EAE-9068-FCDF88DB3EA9}
2014-07-03 15:41 . 2014-07-03 15:41	--------	dc-h--w-	c:\programdata\{05C334F7-C2A4-418A-9BC8-1542AE38D62B}
2014-07-03 15:37 . 2014-07-03 15:37	--------	d-----w-	c:\program files (x86)\Common Files\Native Instruments
2014-07-03 15:37 . 2014-07-03 15:37	--------	dc-h--w-	c:\programdata\{033B4844-E9C3-45D2-88D9-34DDF3F91100}
2014-07-03 15:37 . 2014-07-03 15:37	--------	dc-h--w-	c:\programdata\{4682E4CB-7209-4099-8AA1-580ABCCCE731}
2014-07-03 15:37 . 2014-07-03 15:37	--------	dc-h--w-	c:\programdata\{D2030082-F62A-402A-9456-8009276FD896}
2014-07-03 15:37 . 2014-07-03 15:37	--------	dc-h--w-	c:\programdata\{B3478C15-588A-4968-AD66-76AA98803A28}
2014-07-03 15:36 . 2014-07-03 15:36	--------	dc-h--w-	c:\programdata\{0CC85DFF-E70A-4AB0-968A-F1F98F4D0C67}
2014-07-03 15:36 . 2014-07-03 15:36	--------	dc-h--w-	c:\programdata\{662EAAEC-9E9A-4C69-A658-884E51E909BB}
2014-07-03 15:36 . 2014-07-03 15:36	--------	dc-h--w-	c:\programdata\{5EE4F9B1-7274-48A2-9C25-C287604C3058}
2014-07-03 15:36 . 2014-07-03 15:36	--------	dc-h--w-	c:\programdata\{219191E6-6846-4329-889D-7956C487D9A6}
2014-07-03 15:36 . 2014-07-03 15:36	--------	dc-h--w-	c:\programdata\{018F1C44-00D1-417B-B251-92A5634F74AE}
2014-07-03 15:36 . 2014-07-03 15:36	--------	dc-h--w-	c:\programdata\{9B09061B-0A4F-42DA-9987-7D3F452DCB09}
2014-07-03 15:36 . 2014-07-03 15:36	--------	dc-h--w-	c:\programdata\{9597097D-B8DC-4754-AF2D-CB61CCFC861A}
2014-07-03 15:36 . 2014-07-03 15:36	--------	dc-h--w-	c:\programdata\{EB21323D-3F46-4EF0-B849-B096B7705C69}
2014-07-03 15:35 . 2014-07-03 15:35	--------	dc-h--w-	c:\programdata\{9F570B21-E27A-40BE-A508-292899A7D042}
2014-07-03 15:35 . 2014-07-03 15:35	--------	dc-h--w-	c:\programdata\{AF79C86B-2321-4D47-A168-2A24BA2B6A73}
2014-07-03 15:35 . 2014-07-03 15:35	--------	dc-h--w-	c:\programdata\{B7C85E99-2AC6-455D-B4D1-752A56403757}
2014-07-03 15:35 . 2014-07-03 15:35	--------	dc-h--w-	c:\programdata\{57B31BE2-3175-4425-9722-D2AC5F68C7BD}
2014-07-03 15:34 . 2014-07-03 15:34	--------	dc-h--w-	c:\programdata\{C6A355F5-168B-4EEC-AB7C-75594F783EDB}
2014-07-03 15:34 . 2014-07-03 15:52	--------	d-----w-	c:\program files\Native Instruments
2014-07-03 15:34 . 2014-07-03 15:52	--------	d-----w-	c:\program files\Common Files\Native Instruments
2014-07-03 15:34 . 2014-07-03 15:37	--------	d-----w-	c:\programdata\Native Instruments
2014-07-03 13:05 . 2014-07-03 13:05	--------	d-----w-	c:\users\Markus\AppData\Local\LPT
2014-07-03 13:05 . 2014-07-03 13:05	--------	d-----w-	c:\users\Markus\AppData\Local\Smartbar
2014-07-03 13:03 . 2014-07-03 13:07	--------	d-----w-	c:\program files (x86)\Optimizer Pro
2014-07-03 11:53 . 2014-07-03 11:53	--------	d-----w-	c:\program files (x86)\predm
2014-07-03 11:41 . 2014-07-25 13:25	--------	d-----w-	c:\program files (x86)\Common Files\Umbrella
2014-07-03 11:41 . 2014-07-03 11:41	--------	d-----w-	c:\program files (x86)\Common Files\IMGUpdater
2014-07-03 11:41 . 2014-06-18 07:54	--------	d---a-w-	c:\program files (x86)\Iminent
2014-07-03 11:40 . 2014-07-03 11:54	--------	d-----w-	c:\users\Markus\AppData\Local\Genesis_07031140
2014-07-03 11:40 . 2014-07-03 11:40	--------	d-----w-	c:\program files\003
2014-07-03 11:26 . 2014-07-03 11:41	--------	d-----w-	c:\program files (x86)\PC Speed Up
2014-07-03 11:26 . 2014-07-03 11:26	--------	d-----w-	c:\users\Markus\AppData\Roaming\InetStat
2014-07-02 15:51 . 2014-07-29 13:49	--------	d-----w-	c:\users\Markus\AppData\Local\assembly
2014-07-02 15:51 . 2014-07-03 10:22	--------	d-----w-	c:\users\Markus\AppData\Local\Deployment
2014-07-02 15:51 . 2014-07-02 15:51	--------	d-----w-	c:\users\Markus\AppData\Local\Apps
2014-07-01 13:23 . 2014-07-01 13:23	--------	d-----w-	c:\program files (x86)\Microsoft SkyDrive
2014-07-01 13:23 . 2014-07-01 13:23	--------	d-----r-	c:\users\Markus\SkyDrive
2014-07-01 13:23 . 2014-07-01 13:23	--------	d-----w-	c:\programdata\Microsoft SkyDrive
2014-07-01 13:20 . 2014-06-03 08:41	589008	----a-w-	c:\programdata\Microsoft\ClickToRun\{9AC08E99-230B-47e8-9721-4577B7F124EA}\integrator.exe
2014-07-01 13:17 . 2014-07-10 10:04	--------	d-----w-	c:\program files\Microsoft Office 15
2014-07-01 08:46 . 2014-07-01 08:46	--------	d-----w-	c:\users\Markus\AppData\Local\Tracker Software
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-07-09 10:18 . 2013-10-27 02:04	96441528	----a-w-	c:\windows\system32\MRT.exe
2014-05-03 05:47 . 2014-06-12 00:23	3246592	----a-w-	c:\windows\system32\rdpcorets.dll
2014-05-03 03:34 . 2014-06-12 00:23	235520	----a-w-	c:\windows\system32\rdpudd.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{11111111-1111-1111-1111-110611171199}]
2014-07-25 13:22	579432	----a-w-	c:\program files (x86)\video MediaPlay-Air\video MediaPlay-Air-bho.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{31ad400d-1b06-4e33-a59a-90c2c140cba0}]
2012-06-02 20:25	298568	----a-w-	c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}]
2014-07-25 13:21	515464	----a-w-	c:\program files (x86)\SupTab\SupTab.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2014-07-11 11:43	223432	----a-w-	c:\users\Markus\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2014-07-11 11:43	223432	----a-w-	c:\users\Markus\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2014-07-11 11:43	223432	----a-w-	c:\users\Markus\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\SkyDriveShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Spotify Web Helper"="c:\users\Markus\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2014-07-01 1176632]
"NextLive"="c:\users\Markus\AppData\Roaming\newnext.me\nengine.dll" [2013-11-14 1283584]
"Browser Infrastructure Helper"="c:\users\Markus\AppData\Local\Smartbar\Application\Smartbar.exe" [2014-06-11 28952]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"RadioController"="c:\program files (x86)\RadioController\RfBtnHelper.exe" [2013-07-30 111216]
"Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2012-08-15 2994880]
"CanonQuickMenu"="c:\program files (x86)\Canon\Quick Menu\CNQMMAIN.EXE" [2012-04-03 1273448]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2014-07-03 43816]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2014-07-08 152392]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]
@=""
.
R2 64af91bf;Fast And Safe;c:\windows\system32\rundll32.exe;c:\windows\SYSNATIVE\rundll32.exe [x]
R2 IePluginServices;IePlugin Services;c:\programdata\IePluginServices\PluginService.exe;c:\programdata\IePluginServices\PluginService.exe [x]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~2\mcafee\SITEAD~1\mcsacore.exe;c:\progra~2\mcafee\SITEAD~1\mcsacore.exe [x]
R3 b57xdbd;Broadcom xD Picture Bus Driver Service;c:\windows\System32\drivers\b57xdbd.sys;c:\windows\SYSNATIVE\drivers\b57xdbd.sys [x]
R3 b57xdmp;Broadcom xD Picture vstorp client drv;c:\windows\System32\drivers\b57xdmp.sys;c:\windows\SYSNATIVE\drivers\b57xdmp.sys [x]
R3 bScsiMSa;bScsiMSa;c:\windows\System32\drivers\bScsiMSa.sys;c:\windows\SYSNATIVE\drivers\bScsiMSa.sys [x]
R3 bScsiSDa;bScsiSDa;c:\windows\System32\drivers\bScsiSDa.sys;c:\windows\SYSNATIVE\drivers\bScsiSDa.sys [x]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\System32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WUDFWpdMtp;WUDFWpdMtp;c:\windows\system32\DRIVERS\WUDFRd.sys;c:\windows\SYSNATIVE\DRIVERS\WUDFRd.sys [x]
S0 iaStorA;iaStorA;c:\windows\System32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 ccSet_NARA;NARA Settings Manager;c:\windows\system32\drivers\NARAx64\0401000.00E\ccSetx64.sys;c:\windows\SYSNATIVE\drivers\NARAx64\0401000.00E\ccSetx64.sys [x]
S2 CCDMonitorService;CCDMonitorService;c:\program files (x86)\Acer\Acer Cloud\CCDMonitorService.exe;c:\program files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [x]
S2 ClickToRunSvc;Microsoft Office-Klick-und-Los-Dienst;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [x]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe;c:\program files (x86)\Launch Manager\dsiwmis.exe [x]
S2 ETDService;Elan Service;c:\program files\Elantech\ETDService.exe;c:\program files\Elantech\ETDService.exe [x]
S2 GlobalUpdater;GlobalUpdater;c:\program files (x86)\Common Files\IMGUpdater\IMGUpdater.exe;c:\program files (x86)\Common Files\IMGUpdater\IMGUpdater.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]
S2 NIHardwareService;NIHardwareService;c:\program files\Common Files\Native Instruments\Hardware\NIHardwareService.exe;c:\program files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [x]
S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
S2 RfButtonDriverService;Dritek RF Button Command Service;c:\windows\RfBtnSvc64.exe;c:\windows\RfBtnSvc64.exe [x]
S2 SProtection;SProtection;c:\program files (x86)\Common Files\Umbrella\Umbrella210.exe;c:\program files (x86)\Common Files\Umbrella\Umbrella210.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 ePowerSvc;ePower Service;c:\program files\Acer\Acer Power Management\ePowerSvc.exe;c:\program files\Acer\Acer Power Management\ePowerSvc.exe [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 k57nd60a;Broadcom NetLink (TM)-Gigabit-Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]
S3 Ps2Kb2Hid;PS/2 Keyboard to HID Driver;c:\windows\System32\drivers\aPs2Kb2Hid.sys;c:\windows\SYSNATIVE\drivers\aPs2Kb2Hid.sys [x]
S3 WSDScan;WSD-Scanunterstützung;c:\windows\System32\drivers\WSDScan.sys;c:\windows\SYSNATIVE\drivers\WSDScan.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-07-18 16:35	1104200	----a-w-	c:\program files (x86)\Google\Chrome\Application\36.0.1985.125\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2014-07-29 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-28 22:50]
.
2014-07-29 c:\windows\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-1.job
- c:\program files (x86)\video MediaPlay-Air\video MediaPlay-Air-codedownloader.exe [2014-07-25 13:22]
.
2014-07-29 c:\windows\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-2.job
- c:\program files (x86)\video MediaPlay-Air\c421907c-8d5f-4b54-af6e-98e6584c00d7-2.exe [2014-07-25 13:22]
.
2014-07-29 c:\windows\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-4.job
- c:\program files (x86)\video MediaPlay-Air\c421907c-8d5f-4b54-af6e-98e6584c00d7-4.exe [2014-07-25 13:22]
.
2014-07-29 c:\windows\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-5.job
- c:\program files (x86)\video MediaPlay-Air\c421907c-8d5f-4b54-af6e-98e6584c00d7-5.exe [2014-07-25 13:22]
.
2014-07-29 c:\windows\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-5_user.job
- c:\program files (x86)\video MediaPlay-Air\c421907c-8d5f-4b54-af6e-98e6584c00d7-5.exe [2014-07-25 13:22]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{11111111-1111-1111-1111-110611171199}]
2014-07-25 13:22	786792	----a-w-	c:\program files (x86)\video MediaPlay-Air\video MediaPlay-Air-bho64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2014-07-11 11:43	262344	----a-w-	c:\users\Markus\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2014-07-11 11:43	262344	----a-w-	c:\users\Markus\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2014-07-11 11:43	262344	----a-w-	c:\users\Markus\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2014-06-10 10:07	2335960	----a-w-	c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2014-06-10 10:07	2335960	----a-w-	c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2014-06-10 10:07	2335960	----a-w-	c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-10-23 171040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-10-23 399392]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-10-23 441888]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-06-11 12503184]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.de/
mDefault_Search_URL = hxxp://myhome.vi-view.com/web/?type=ds&ts=1406294425&from=tugs&uid=TOSHIBAXMQ01ABD075_53L8P7KXTXX53L8P7KXT&q={searchTerms}
mDefault_Page_URL = hxxp://myhome.vi-view.com/?type=hp&ts=1406294425&from=tugs&uid=TOSHIBAXMQ01ABD075_53L8P7KXTXX53L8P7KXT
mStart Page = hxxp://myhome.vi-view.com/?type=hp&ts=1406294425&from=tugs&uid=TOSHIBAXMQ01ABD075_53L8P7KXTXX53L8P7KXT
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://myhome.vi-view.com/web/?type=ds&ts=1406294425&from=tugs&uid=TOSHIBAXMQ01ABD075_53L8P7KXTXX53L8P7KXT&q={searchTerms}
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StLKYZZHUxozG7WbG8M4ZbpPFmdMdnxsM5TEzN82KrkxsAMQ2M_ucVyCiDfMqKfi8T7o6SfBNWAvVd3w2NVqtHbXB1QakofDqcezBu_mD55W29eHDqrmLA4QENdiskQFZ9MXzGUVgXaO89kx2x4S_Z5s01KLxwlX2MKGCdRC8T6vB2LLtpkVhp-9MmOw9z9BVWT2uaNGlcpA,,&q={searchTerms}
IE: E&xport to Microsoft Excel - c:\program files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\program files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\ppfgea47.default\
FF - prefs.js: browser.search.selectedEngine - StartWeb
FF - prefs.js: browser.startup.homepage - www.google.de
FF - ExtSQL: 2014-07-03 13:41; webbooster@iminent.com; c:\users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\ppfgea47.default\extensions\webbooster@iminent.com.xpi
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
BHO-{84FF7BD6-B47F-46F8-9130-01B2696B36CB} - (no file)
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-LManager - (no file)
Wow6432Node-HKLM-Run-mobilegeni daemon - c:\program files (x86)\Mobogenie\DaemonProcess.exe
Wow6432Node-HKLM-Run-AnyProtect Scanner - c:\program files (x86)\AnyProtectEx\AnyProtect.exe
Wow6432Node-HKLM-Run-AnyProtect Tray - c:\program files (x86)\AnyProtectEx\AnyProtectTrayIcon.exe
Wow6432Node-HKLM-Run-fst_de_75 - (no file)
Toolbar-Locked - (no file)
HKLM-Run-ETDCtrl - c:\program files (x86)\Elantech\ETDCtrl.exe
AddRemove-{5F189DF5-2D05-472B-9091-84D9848AE48B}{64af91bf} - c:\progra~3\FASTAN~1\FASTAN~1.DLL
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B9A09F18-45AB-4F09-A117-A4ADDA8FA8C8}]
@Denied: (A) (Everyone)
"Solution"="{36eb6792-3a29-43b3-8cd0-f67d266fb426}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane\0]
"Key"="ActionsPane"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\8.0\\ActionsPane.xsd"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
@SACL=(02 0000)
.
Zeit der Fertigstellung: 2014-07-29  15:51:22
ComboFix-quarantined-files.txt  2014-07-29 13:51
.
Vor Suchlauf: 8 Verzeichnis(se), 643.223.506.944 Bytes frei
Nach Suchlauf: 14 Verzeichnis(se), 643.253.645.312 Bytes frei
.
- - End Of File - - 7BBD587CCCCC07271DE81959EB1708D9
         
--- --- ---

Alt 30.07.2014, 11:44   #5
schrauber
/// the machine
/// TB-Ausbilder
 

Mozilla öffnet von alleine neue Tabs - Standard

Mozilla öffnet von alleine neue Tabs



Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 30.07.2014, 13:02   #6
Drums93
 
Mozilla öffnet von alleine neue Tabs - Standard

Mozilla öffnet von alleine neue Tabs



So, alles erledigt. Ich hoffe, dass das so richtig war.

Malwarebytes

Code:
ATTFilter
   *{font-family: Verdana, Arial;} .BlackNormal{font-size:12px; color:#000000;} 
.BlackNormalBold{font-size:11px; color:#000000; font-weight:bold;} 
.BlackNormal1{font-size:13px; color:#000000;} .BlackNormal1Bold{font-size:13px; 
color:#000000; font-weight:bold;} .BlackMedium{font-size:15px; color:#000000;} 
.BlackMediumBold{font-size:15px; color:#000000; font-weight:bold;}   

            Nico Mak Computing
            WinZip Malware Protector

      Datum der ÜberprüfungMittwoch, 30. Juli 2014
      Datenbankversion1899
      Gefundene Elemente insgesamt187
      Überprüfte Objekte:282705
      Abgelaufene Zeit:00:15:41
      NameGefundene Elemente

            Name der Infektiontrojan-backdoor.bifrose
            KategorieBackdoor
            BedrohungsstufeSevere
            Durchgeführte AktionNoActionTaken
            Elemente gefunden1

            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_current_user
                  software\wget




            Name der Infektionroguesecurityprogram.winantivirus-pro-2006
            KategorieRogue Antispyware Program
            BedrohungsstufeSevere
            Durchgeführte AktionNoActionTaken
            Elemente gefunden6

            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_classes_root
                  *\shellex\contextmenuhandlers\shellextension



            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_classes_root
                  directory\shellex\contextmenuhandlers\shellextension



            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_classes_root
                  drive\shellex\contextmenuhandlers\shellextension



            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_local_machine
                  software\classes\*\shellex\contextmenuhandlers\shellextension



            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_local_machine
                  software\classes\directory\shellex\contextmenuhandlers\shellextension



            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_local_machine
                  software\classes\drive\shellex\contextmenuhandlers\shellextension




            Name der Infektionroguesecurityprogram.pro-antispyware-2009
            KategorieRogue Antispyware Program
            BedrohungsstufeSevere
            Durchgeführte AktionNoActionTaken
            Elemente gefunden2

            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_current_user
                  software\microsoft\windows\currentversion\drivers\video



            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_current_user
                  software\microsoft\windows\currentversion\drivers\video\options




            Name der Infektionroguesecurityprogram.ms-antispyware-2009
            KategorieRogue Antispyware Program
            BedrohungsstufeSevere
            Durchgeführte AktionNoActionTaken
            Elemente gefunden1

            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_current_user
                  software\microsoft\windows\currentversion\drivers




            Name der Infektiontrojan-spy.banker
            KategorieTrojan Spy
            BedrohungsstufeElevated
            Durchgeführte AktionNoActionTaken
            Elemente gefunden6

            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_local_machine
                  system\currentcontrolset\services\catchme



            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_local_machine
                  system\currentcontrolset\services\catchme
                  type


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_local_machine
                  system\currentcontrolset\services\catchme
                  errorcontrol


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_local_machine
                  system\currentcontrolset\services\catchme
                  start


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_local_machine
                  system\currentcontrolset\services\catchme
                  imagepath


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_local_machine
                  system\currentcontrolset\services\catchme
                  group



            Name der Infektionpup.optional-nz
            KategoriePotentially Unwanted Application
            BedrohungsstufeHigh
            Durchgeführte AktionNoActionTaken
            Elemente gefunden12

            Gefundener BereichFileSystem
            Details
                  Dateinamec:\program files (x86)\mozilla 
                  firefox\browser\searchplugins\nationzoom.xml
                  MD50
                  Signatur0
                  Md5hash: 119eeba271e1e58102ae975f412e32cd


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_current_user
                  software\microsoft\internet 
                  explorer\searchscopes\{33bb0a4e-99af-4226-bdf6-49120163de86}



            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_current_user
                  software\microsoft\internet 
                  explorer\searchscopes\{33bb0a4e-99af-4226-bdf6-49120163de86}
                  url


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_current_user
                  software\microsoft\internet 
                  explorer\searchscopes\{33bb0a4e-99af-4226-bdf6-49120163de86}
                  displayname


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_current_user
                  software\microsoft\internet 
                  explorer\searchscopes\{33bb0a4e-99af-4226-bdf6-49120163de86}
                  faviconpath


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_local_machine
                  software\microsoft\internet 
                  explorer\searchscopes\{33bb0a4e-99af-4226-bdf6-49120163de86}



            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_local_machine
                  software\microsoft\internet 
                  explorer\searchscopes\{33bb0a4e-99af-4226-bdf6-49120163de86}
                  displayname


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_local_machine
                  software\microsoft\internet 
                  explorer\searchscopes\{33bb0a4e-99af-4226-bdf6-49120163de86}
                  url


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_local_machine
                  software\nationzoomsoftware



            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_local_machine
                  software\nationzoomsoftware\nationzoomhp



            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_local_machine
                  software\nationzoomsoftware\nationzoomhp
                  time


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_local_machine
                  software\nationzoomsoftware\nationzoomhp
                  oem



            Name der Infektionpup.optional
            KategoriePotentially Unwanted Application
            BedrohungsstufeHigh
            Durchgeführte AktionNoActionTaken
            Elemente gefunden8

            Gefundener BereichFileSystem
            Details
                  Dateinamec:\users\markus\appdata\local\genienext\nengine.dll
                  MD50
                  Signatur15833803041516330828
                  Md5hash: 366bfbc6a6a9de3204b410b696e03b11


            Gefundener BereichFileSystem
            Details
                  Dateinamec:\users\markus\appdata\roaming\newnext.me\nengine.dll
                  MD50
                  Signatur15833803041516330828
                  Md5hash: 366bfbc6a6a9de3204b410b696e03b11


            Gefundener BereichFileSystem
            Details
                  Dateinamec:\users\markus\downloads\setup_v2.1.exe
                  MD50
                  Signatur13111136400101991285
                  Md5hash: 290860bff0321b068cbffbe858c37476


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_local_machine
                  software\{6791a2f3-fc80-475c-a002-c014af797e9c}



            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_local_machine
                  software\{6791a2f3-fc80-475c-a002-c014af797e9c}
                  n


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_local_machine
                  software\classes\clsid\{1aa60054-57d9-4f99-9a55-d0fbfbe7ecd3}



            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_local_machine
                  software\classes\clsid\{e5a7a645-8318-4895-b85c-edc606b80db6}



            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_local_machine
                  software\classes\clsid\{e5a7a645-8318-4895-b85c-edc606b80db6}
                  id



            Name der Infektionmalware.agent
            KategorieGeneric Malware 
            BedrohungsstufeHigh
            Durchgeführte AktionNoActionTaken
            Elemente gefunden1

            Gefundener BereichFileSystem
            Details
                  Dateinamec:\users\markus\downloads\frst64.exe
                  MD50
                  Signatur6259540866098186490
                  Md5hash: ad1a336beee75032a9e07dbbe6f30372



            Name der Infektiontrojan.agent
            KategorieTrojan
            BedrohungsstufeHigh
            Durchgeführte AktionNoActionTaken
            Elemente gefunden1

            Gefundener BereichFileSystem
            Details
                  Dateinamec:\users\markus\downloads\jvlsetup.exe
                  MD50
                  Signatur1756531133504620710
                  Md5hash: 472c38a08a15e764d7f3b3f50472237e



            Name der Infektionmonitoring.employees-pc-monitor
            KategorieMonitoring Tool
            BedrohungsstufeHigh
            Durchgeführte AktionNoActionTaken
            Elemente gefunden1

            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_users
                  s-1-5-18\software\microsoft\windows\currentversion\policies\system




            Name der Infektionpup.optional-jw
            KategoriePotentially Unwanted Application
            BedrohungsstufeHigh
            Durchgeführte AktionNoActionTaken
            Elemente gefunden7

            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_current_user
                  software\installedbrowserextensions



            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_current_user
                  software\installedbrowserextensions\21636



            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_current_user
                  software\installedbrowserextensions\21636
                  61799


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_current_user
                  software\installedbrowserextensions\21636\status



            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_current_user
                  software\installedbrowserextensions\21636\status
                  installed


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_current_user
                  software\installedbrowserextensions\enter



            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_current_user
                  software\installedbrowserextensions\enter
                  61799



            Name der Infektionpup.optional-snk
            KategoriePotentially Unwanted Application
            BedrohungsstufeHigh
            Durchgeführte AktionNoActionTaken
            Elemente gefunden137

            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_current_user
                  software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}



            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_current_user
                  software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf



            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_current_user
                  software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf
                  date


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_current_user
                  software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf
                  data.0


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_current_user
                  software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf
                  data.1


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_current_user
                  software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf
                  usr.0


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_current_user
                  software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf
                  usr.1


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_current_user
                  software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf
                  uuid


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_current_user
                  software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf
                  lrts


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_current_user
                  software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf
                  mode


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_current_user
                  software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf
                  iiid


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_current_user
                  software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\00000000



            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_current_user
                  software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\00000000
                  370856c7


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_current_user
                  software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\00000000
                  493c7345


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_current_user
                  software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\00000000
                  3efeb33e


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_current_user
                  software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\00000000
                  a47da861


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_current_user
                  software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\00000000
                  4a40bed9


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_current_user
                  software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d



            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_current_user
                  software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
                  51d2f2ea


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_current_user
                  software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
                  a2e3b941


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_current_user
                  software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
                  bbf88800


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_current_user
                  software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
                  a1dcff5b


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_current_user
                  software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
                  340d3099


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_current_user
                  software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
                  0e93c3f3


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_current_user
                  software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
                  0c230bcb


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_current_user
                  software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
                  27ddcf6f


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_current_user
                  software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
                  414bc593


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_current_user
                  software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
                  f0bf0bde


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_current_user
                  software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
                  c99a5f5c


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_current_user
                  software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
                  72758a5d


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_current_user
                  software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
                  e46c271e


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_current_user
                  software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
                  7f69fa1f


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_current_user
                  software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
                  3c09c42b


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_current_user
                  software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
                  7367429f


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_current_user
                  software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
                  0dc3ee96


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_current_user
                  software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
                  d1abcdb6


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_current_user
                  software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
                  38583bc3


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_current_user
                  software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
                  c24899a6


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_current_user
                  software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
                  65114b36


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_current_user
                  software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
                  f1f24e29


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_current_user
                  software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
                  6185d035


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_current_user
                  software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
                  c5705860


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_current_user
                  software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
                  a0743acc


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_current_user
                  software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
                  c6c5dd44


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_current_user
                  software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
                  1520c6f1


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_current_user
                  software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
                  2d71d5ab


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_current_user
                  software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
                  8b9e4cbc


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_current_user
                  software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
                  fe94ce1e


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_current_user
                  software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
                  587b5709


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_current_user
                  software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
                  2e22d94e


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_current_user
                  software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
                  48bd1aff


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_current_user
                  software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
                  f6ad6fa6


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_current_user
                  software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
                  d94388d2


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_current_user
                  software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
                  37b7a6d8


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_current_user
                  software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
                  060df2cd


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_current_user
                  software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
                  e8f9dcc7


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_current_user
                  software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
                  1c311243


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_current_user
                  software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
                  f2c53c49


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_current_user
                  software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
                  c59938ae


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_current_user
                  software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\evq



            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_current_user
                  software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\ext



            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_current_user
                  software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\ini



            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_current_user
                  software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\ini
                  187326178244532


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_current_user
                  software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\ini
                  287326178244532


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_current_user
                  software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\ini
                  72368436527346


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_local_machine
                  software\{3a7d3e19-1b79-4e4e-bd96-5467da2c4ef0}



            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_local_machine
                  software\{3a7d3e19-1b79-4e4e-bd96-5467da2c4ef0}
                  n


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_local_machine
                  software\{5f189df5-2d05-472b-9091-84d9848ae48b}



            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_local_machine
                  software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf



            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_local_machine
                  software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf
                  date


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_local_machine
                  software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf
                  data.0


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_local_machine
                  software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf
                  data.1


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_local_machine
                  software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf
                  usr.0


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_local_machine
                  software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf
                  usr.1


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_local_machine
                  software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf
                  version


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_local_machine
                  software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf
                  uuid


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_local_machine
                  software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf
                  state


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_local_machine
                  software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf
                  lrts


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_local_machine
                  software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf
                  mode


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_local_machine
                  software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf
                  svn


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_local_machine
                  software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf
                  svx


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_local_machine
                  software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf
                  svi


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_local_machine
                  software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf
                  svt


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_local_machine
                  software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf
                  iiid


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_local_machine
                  software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf
                  dlpath


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_local_machine
                  software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf
                  svpath


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_local_machine
                  software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf
                  install_dir


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_local_machine
                  software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\00000000



            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_local_machine
                  software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\00000000
                  370856c7


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_local_machine
                  software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\00000000
                  493c7345


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_local_machine
                  software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\00000000
                  3efeb33e


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_local_machine
                  software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\00000000
                  a47da861


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_local_machine
                  software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\00000000
                  4a40bed9


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_local_machine
                  software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d



            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_local_machine
                  software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
                  51d2f2ea


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_local_machine
                  software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
                  a2e3b941


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_local_machine
                  software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
                  bbf88800


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_local_machine
                  software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
                  a1dcff5b


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_local_machine
                  software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
                  340d3099


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_local_machine
                  software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
                  0e93c3f3


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_local_machine
                  software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
                  0c230bcb


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_local_machine
                  software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
                  27ddcf6f


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_local_machine
                  software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
                  414bc593


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_local_machine
                  software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
                  f0bf0bde


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_local_machine
                  software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
                  c99a5f5c


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_local_machine
                  software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
                  72758a5d


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_local_machine
                  software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
                  e46c271e


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_local_machine
                  software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
                  7f69fa1f


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_local_machine
                  software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
                  3c09c42b


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_local_machine
                  software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
                  7367429f


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_local_machine
                  software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
                  0dc3ee96


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_local_machine
                  software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
                  d1abcdb6


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_local_machine
                  software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
                  38583bc3


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_local_machine
                  software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
                  c24899a6


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_local_machine
                  software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
                  65114b36


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_local_machine
                  software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
                  f1f24e29


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_local_machine
                  software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
                  6185d035


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_local_machine
                  software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
                  c5705860


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_local_machine
                  software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
                  a0743acc


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_local_machine
                  software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
                  c6c5dd44


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_local_machine
                  software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
                  1520c6f1


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_local_machine
                  software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
                  2d71d5ab


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_local_machine
                  software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
                  8b9e4cbc


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_local_machine
                  software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
                  fe94ce1e


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_local_machine
                  software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
                  587b5709


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_local_machine
                  software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
                  2e22d94e


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_local_machine
                  software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
                  48bd1aff


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_local_machine
                  software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
                  f6ad6fa6


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_local_machine
                  software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
                  d94388d2


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_local_machine
                  software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
                  37b7a6d8


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_local_machine
                  software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
                  060df2cd


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_local_machine
                  software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
                  e8f9dcc7


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_local_machine
                  software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
                  1c311243


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_local_machine
                  software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
                  f2c53c49


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_local_machine
                  software\{77d46e27-0e41-4478-87a6-aabe6fbcf252}



            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_local_machine
                  software\{77d46e27-0e41-4478-87a6-aabe6fbcf252}
                  64af91bf


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_local_machine
                  software\{77d46e27-0e41-4478-87a6-aabe6fbcf252}
                  n



            Name der Infektionpup.optional-sd
            KategoriePotentially Unwanted Application
            BedrohungsstufeHigh
            Durchgeführte AktionNoActionTaken
            Elemente gefunden4

            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_classes_root
                  clsid\{e5a7a645-8318-4895-b85c-edc606b80db6}



            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_classes_root
                  clsid\{e5a7a645-8318-4895-b85c-edc606b80db6}
                  id


            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_current_user
                  software\appdatalow\software\dynconie



            Gefundener BereichRegistry
            Details
                  Registrierungsschlüsselhkey_current_user
                  software\appdatalow\software\dynconie
                  id


      © 2013 WinZip International LLC. All rights reserved.
         

AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v3.301 - Bericht erstellt am 30/07/2014 um 13:34:49
# Aktualisiert 28/07/2014 von Xplode
# Betriebssystem : Windows 8  (64 bits)
# Benutzername : Markus - MORGAN
# Gestartet von : C:\Users\Markus\Downloads\adwcleaner_3.301.exe
# Option : Löschen

***** [ Dienste ] *****

[#] Dienst Gelöscht : 64af91bf
Dienst Gelöscht : GlobalUpdater
Dienst Gelöscht : IePluginServices
Dienst Gelöscht : SProtection

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\IePluginServices
Ordner Gelöscht : C:\ProgramData\WindowsMangerProtect
Ordner Gelöscht : C:\ProgramData\WPM
Ordner Gelöscht : C:\ProgramData\cosstminn
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip Malware Protector
Ordner Gelöscht : C:\Program Files (x86)\globalUpdate
Ordner Gelöscht : C:\Program Files (x86)\Iminent
Ordner Gelöscht : C:\Program Files (x86)\Optimizer Pro
Ordner Gelöscht : C:\Program Files (x86)\pc speed up
Ordner Gelöscht : C:\Program Files (x86)\predm
Ordner Gelöscht : C:\Program Files (x86)\SupTab
Ordner Gelöscht : C:\Program Files (x86)\WinZip Malware Protector
Ordner Gelöscht : C:\Program Files (x86)\cosstminn
Ordner Gelöscht : C:\Program Files (x86)\Common Files\IMGUpdater
Ordner Gelöscht : C:\Program Files (x86)\Common Files\Umbrella
Ordner Gelöscht : C:\Program Files\003
Ordner Gelöscht : C:\Users\Administrator\AppData\Local\Chromatic Browser
Ordner Gelöscht : C:\Users\Administrator\AppData\Local\torch
Ordner Gelöscht : C:\Users\Gast\AppData\Local\Chromatic Browser
Ordner Gelöscht : C:\Users\Gast\AppData\Local\torch
Ordner Gelöscht : C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser
Ordner Gelöscht : C:\Users\HomeGroupUser$\AppData\Local\torch
Ordner Gelöscht : C:\Users\Markus\AppData\Local\Chromatic Browser
Ordner Gelöscht : C:\Users\Markus\AppData\Local\genienext
Ordner Gelöscht : C:\Users\Markus\AppData\Local\globalUpdate
Ordner Gelöscht : C:\Users\Markus\AppData\Local\LPT
Ordner Gelöscht : C:\Users\Markus\AppData\Local\Mobogenie
Ordner Gelöscht : C:\Users\Markus\AppData\Local\SearchProtect
Ordner Gelöscht : C:\Users\Markus\AppData\Local\Smartbar
Ordner Gelöscht : C:\Users\Markus\AppData\Local\torch
Ordner Gelöscht : C:\Users\Markus\AppData\Roaming\InetStat
Ordner Gelöscht : C:\Users\Markus\AppData\Roaming\newnext.me
Ordner Gelöscht : C:\Users\Markus\Documents\Mobogenie
Ordner Gelöscht : C:\Users\UpdatusUser\AppData\Local\Chromatic Browser
Ordner Gelöscht : C:\Users\UpdatusUser\AppData\Local\torch
Ordner Gelöscht : C:\Users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\ppfgea47.default\Extensions\faststartff@gmail.com
Ordner Gelöscht : C:\Users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\ppfgea47.default\Extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com
Ordner Gelöscht : C:\Users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\ppfgea47.default\Extensions\d55cd0d7-9f24-4660-95b3-188599e8e4f8@6b2faf04-e86f-4bcf-a878-632814acf518.com
Ordner Gelöscht : C:\Users\Markus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma
Datei Gelöscht : C:\Users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\ppfgea47.default\Extensions\webbooster@iminent.com.xpi
Datei Gelöscht : C:\END
Datei Gelöscht : C:\Users\Markus\daemonprocess.txt
Datei Gelöscht : C:\Users\Markus\AppData\Roaming\aps.uninstall.scan.results
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\defaults\pref\all-iminent.js
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\nationzoom.xml
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\StartWeb.xml
Datei Gelöscht : C:\Users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\ppfgea47.default\searchplugins\Web Search.xml
Datei Gelöscht : C:\Users\Markus\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv3.crx
Datei Gelöscht : C:\Users\Markus\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage
Datei Gelöscht : C:\Users\Markus\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
Datei Gelöscht : C:\Users\Markus\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal

***** [ Tasks ] *****

Task Gelöscht : c421907c-8d5f-4b54-af6e-98e6584c00d7-1
Task Gelöscht : c421907c-8d5f-4b54-af6e-98e6584c00d7-2
Task Gelöscht : c421907c-8d5f-4b54-af6e-98e6584c00d7-4
Task Gelöscht : c421907c-8d5f-4b54-af6e-98e6584c00d7-5
Task Gelöscht : c421907c-8d5f-4b54-af6e-98e6584c00d7-5_user

***** [ Verknüpfungen ] *****

Verknüpfung Desinfiziert : C:\Users\Public\Desktop\Mozilla Firefox.lnk
Verknüpfung Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
Verknüpfung Desinfiziert : C:\Users\Markus\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Verknüpfung Desinfiziert : C:\Users\Markus\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk

***** [ Registrierungsdatenbank ] *****

Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [faststartff@gmail.com]
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Browser Infrastructure Helper]
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [NextLive]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.bandobjectattribute
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.bho
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.dockingpanel
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbarbandobject
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.smartbardisplaystate
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.smartbarmenuform
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\speedupmypc
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\NewPlayer_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\NewPlayer_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\smartbar_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\smartbar_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Schlüssel Gelöscht : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5F189DF5-2D05-472B-9091-84D9848AE48B}{64af91bf}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0061799.BHO
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0061799.BHO.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0061799.Sandbox
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0061799.Sandbox.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611171199}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622172299}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655175599}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666176699}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611171199}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110611171199}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110611171199}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{460C3D19-B3D4-4964-A550-77D263B0CCCB}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{A33DB9FD-7A8A-496E-92D3-9CFCF9D9E1C9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611171199}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622172299}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655175599}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666176699}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611171199}
Wert Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A33DB9FD-7A8A-496E-92D3-9CFCF9D9E1C9}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}
Schlüssel Gelöscht : HKCU\Software\AnyProtect
Schlüssel Gelöscht : HKCU\Software\APN PIP
Schlüssel Gelöscht : HKCU\Software\genesis
Schlüssel Gelöscht : HKCU\Software\GlobalUpdate
Schlüssel Gelöscht : HKCU\Software\Iminent
Schlüssel Gelöscht : HKCU\Software\InstalledBrowserExtensions
Schlüssel Gelöscht : HKCU\Software\Optimizer Pro
Schlüssel Gelöscht : HKCU\Software\SmartBar
Schlüssel Gelöscht : HKCU\Software\smartbarbackup
Schlüssel Gelöscht : HKCU\Software\smartbarlog
Schlüssel Gelöscht : HKCU\Software\SupHpUISoft
Schlüssel Gelöscht : HKCU\Software\TutoTag
Schlüssel Gelöscht : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Crossrider
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\DynConIE
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Re_Markit
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\suprasavings
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\video MediaPlay-Air
Schlüssel Gelöscht : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Schlüssel Gelöscht : HKLM\Software\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Schlüssel Gelöscht : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Schlüssel Gelöscht : HKLM\Software\{77D46E27-0E41-4478-87A6-AABE6FBCF252}
Schlüssel Gelöscht : HKLM\Software\FrEeSoFtOdAy
Schlüssel Gelöscht : HKLM\Software\GlobalUpdate
Schlüssel Gelöscht : HKLM\Software\IMGUPDATER
Schlüssel Gelöscht : HKLM\Software\Iminent
Schlüssel Gelöscht : HKLM\Software\InstalledBrowserExtensions
Schlüssel Gelöscht : HKLM\Software\nationzoomSoftware
Schlüssel Gelöscht : HKLM\Software\PIP
Schlüssel Gelöscht : HKLM\Software\SupDp
Schlüssel Gelöscht : HKLM\Software\SupTab
Schlüssel Gelöscht : HKLM\Software\supWindowsMangerProtect
Schlüssel Gelöscht : HKLM\Software\supWPM
Schlüssel Gelöscht : HKLM\Software\Tutorials
Schlüssel Gelöscht : HKLM\Software\Umbrella
Schlüssel Gelöscht : HKLM\Software\Uniblue
Schlüssel Gelöscht : HKLM\Software\video MediaPlay-Air
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1B8A71D1-31D4-EE6A-C32F-836E0BFFA6D3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3BC7022B-CDE0-4664-9AB6-E3EC25CE644A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\DomaIQ
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\suprasavings

***** [ Browser ] *****

-\\ Internet Explorer v10.0.9200.17028

Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default]

-\\ Mozilla Firefox v30.0 (de)

[ Datei : C:\Users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\ppfgea47.default\prefs.js ]

Zeile gelöscht : user_pref("CT3309350.searchProtector.notifyChanges", "{\"dataType\":\"string\",\"data\":\"false\"}");
Zeile gelöscht : user_pref("extensions.UOcWq12EbL.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1||url.indexOf(\"sumor[...]
Zeile gelöscht : user_pref("extensions.Wiz.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1||url.indexOf(\"sumorobo.net[...]
Zeile gelöscht : user_pref("extensions.a5c8764929678437cbd90994a5a82ac863d978ade40948f4c7f15bb3c4com61799.61799.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssfiles.co[...]
Zeile gelöscht : user_pref("extensions.crossrider.bic", "14336e4927061dfdedccdfadf5ddb426");
Zeile gelöscht : user_pref("extensions.enabledAddons", "webbooster%40iminent.com:8.26.4.1,faststartff%40gmail.com:4.3.0,5c8764929678437cbd90994a5a82%40ac863d978ade40948f4c7f15bb3c4.com:0.95.7,%7B972ce4c6-7e08-4474-a28[...]
Zeile gelöscht : user_pref("iminent.LayoutId", "1");
Zeile gelöscht : user_pref("iminent.ShowThankyouPixel", "0");
Zeile gelöscht : user_pref("iminent._oaZGabJJ8Q_", "{\"cpt\":0,\"cpr\":0,\"s\":0,\"es\":1}");
Zeile gelöscht : user_pref("iminent.adapters", "{\"www.v9.com\":{\"CountryCode\":\"DE\",\"NoAds\":false,\"Status\":1,\"AdapterKey\":\"v9\",\"v\":true,\"p\":0,\"t\":1,\"th\":1.1,\"expireTime\":\"140438806398286400\"},\[...]
Zeile gelöscht : user_pref("iminent.enableToolbar", "false");
Zeile gelöscht : user_pref("iminent.enabledAds", "obsolete");
Zeile gelöscht : user_pref("iminent.externalScripts", "{\"value\":[{\"addonUid\":\"b7110a40-a16f-4a12-a411-bd0b6014905a\",\"name\":\"Superfish\",\"addonId\":2,\"url\":\"//www.superfish.com/ws/sf_main.jsp\",\"queryStri[...]
Zeile gelöscht : user_pref("iminent.newtabredirect", "true");
Zeile gelöscht : user_pref("iminent.nomsi", "true");
Zeile gelöscht : user_pref("iminent.registerToolbarEvent101", "1406280040897");
Zeile gelöscht : user_pref("iminent.registerToolbarEvent102", "1406644516774");
Zeile gelöscht : user_pref("iminent.registerToolbarEvent105", "1405612585743");
Zeile gelöscht : user_pref("iminent.registerToolbarEvent109", "1406642069810");
Zeile gelöscht : user_pref("iminent.registerToolbarEvent110", "1406642278681");
Zeile gelöscht : user_pref("iminent.registerToolbarEvent111", "1406642069453");
Zeile gelöscht : user_pref("iminent.registerToolbarEvent112", "1406642070172");
Zeile gelöscht : user_pref("iminent.registerToolbarEvent122", "1406642069897");
Zeile gelöscht : user_pref("iminent.registerToolbarEvent140", "1406642795714");
Zeile gelöscht : user_pref("iminent.searchindex", "1");
Zeile gelöscht : user_pref("iminent.trackingInfo", "{\"state\":0,\"samplingRate\":0}");
Zeile gelöscht : user_pref("iminent.version", "8.26.4.1");
Zeile gelöscht : user_pref("iminent.versioning", "{\"CurrentVersion\":\"8.26.4.1\",\"InstallEventCTime\":1406719772885,\"InstallEvent\":\"True\"}");

-\\ Google Chrome v36.0.1985.125

*************************

AdwCleaner[R0].txt - [21412 octets] - [30/07/2014 13:33:50]
AdwCleaner[S0].txt - [18695 octets] - [30/07/2014 13:34:49]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [18756 octets] ##########
         
--- --- ---

[/CODE]


Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 8 x64
Ran by Markus on 30.07.2014 at 13:39:40,00
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{44444444-4444-4444-4444-440644174499}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{44444444-4444-4444-4444-440644174499}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\TypeLib\{44444444-4444-4444-4444-440644174499}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\TypeLib\{44444444-4444-4444-4444-440644174499}



~~~ Files



~~~ Folders

Failed to delete: [Folder] "C:\ProgramData\boost_interprocess"



~~~ FireFox

Emptied folder: C:\Users\Markus\AppData\Roaming\mozilla\firefox\profiles\ppfgea47.default\minidumps [6 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 30.07.2014 at 13:44:37,09
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         

Code:
ATTFilter
Combofix Logfile:
Code:
ATTFilter
ComboFix 14-07-29.01 - Markus 30.07.2014  13:48:43.3.4 - x64
Microsoft Windows 8  6.2.9200.0.1252.49.1031.18.8007.6431 [GMT 2:00]
ausgeführt von:: c:\users\Markus\Downloads\ComboFix.exe
AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-06-28 bis 2014-07-30  ))))))))))))))))))))))))))))))
.
.
2014-07-30 11:53 . 2014-07-30 11:53	--------	d-----w-	c:\users\UpdatusUser\AppData\Local\temp
2014-07-30 11:53 . 2014-07-30 11:53	--------	d-----w-	c:\users\Markus\AppData\Local\temp
2014-07-30 11:53 . 2014-07-30 11:53	--------	d-----w-	c:\users\Default\AppData\Local\temp
2014-07-30 11:39 . 2014-07-30 11:39	--------	d-----w-	c:\windows\ERUNT
2014-07-30 11:34 . 2010-08-30 06:34	536576	----a-w-	c:\windows\SysWow64\sqlite3.dll
2014-07-30 11:33 . 2014-07-30 11:35	--------	d-----w-	C:\AdwCleaner
2014-07-30 11:00 . 2014-07-30 11:00	--------	d-----w-	c:\users\Markus\AppData\Roaming\Nico Mak Computing
2014-07-30 11:00 . 2014-07-30 11:00	--------	d-----w-	c:\programdata\Nico Mak Computing
2014-07-30 11:00 . 2013-03-15 15:10	20480	----a-w-	c:\windows\system32\wsusnative64.exe
2014-07-30 10:59 . 2014-07-02 03:09	10924376	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{1A5AFDA8-50E2-4A80-B737-2852D045473A}\mpengine.dll
2014-07-29 13:05 . 2014-07-29 13:08	--------	d-----w-	C:\FRST
2014-07-29 12:49 . 2014-07-15 22:51	71168	----a-w-	c:\windows\system32\drivers\hdaudbus.sys
2014-07-29 12:49 . 2014-05-29 04:04	94552	----a-w-	c:\windows\system32\drivers\mountmgr.sys
2014-07-29 12:49 . 2014-05-08 01:34	328024	----a-w-	c:\windows\system32\drivers\Classpnp.sys
2014-07-29 10:27 . 2014-07-29 10:27	--------	d-----w-	c:\windows\ServiceProfiles\LocalService\winhttp
2014-07-28 13:32 . 2014-07-28 13:32	--------	d-----w-	c:\program files (x86)\WowCouponn
2014-07-25 13:26 . 2014-07-25 13:28	--------	d-----w-	c:\users\Markus\AppData\Roaming\Probit Software
2014-07-25 13:23 . 2014-07-25 13:23	--------	d-----w-	c:\users\Markus\AppData\Local\com
2014-07-25 13:20 . 2014-07-25 13:22	--------	d-----w-	c:\program files (x86)\video MediaPlay-Air
2014-07-25 13:19 . 2014-07-25 13:19	--------	d-----w-	c:\users\UpdatusUser\AppData\Local\Google
2014-07-25 13:19 . 2014-07-25 13:19	--------	d-----w-	c:\users\UpdatusUser\AppData\Local\Comodo
2014-07-25 13:19 . 2014-07-25 13:19	--------	d-----w-	c:\users\Markus\AppData\Local\Comodo
2014-07-25 13:19 . 2014-07-25 13:19	--------	d-----w-	c:\users\HomeGroupUser$
2014-07-25 13:19 . 2014-07-25 13:19	--------	d-----w-	c:\users\Gast
2014-07-25 13:19 . 2014-07-25 13:19	--------	d-----w-	c:\users\Administrator
2014-07-25 13:19 . 2014-07-25 13:28	--------	d-----w-	c:\program files (x86)\Probit Software
2014-07-24 05:26 . 2014-07-28 13:32	--------	d-----w-	c:\programdata\7a791e75f7c17ac
2014-07-24 05:25 . 2014-07-29 10:26	--------	d-----w-	c:\programdata\WowCouponn
2014-07-11 12:53 . 2014-07-11 12:53	--------	d-----w-	c:\program files\iPod
2014-07-11 12:53 . 2014-07-11 12:53	--------	d-----w-	c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-07-11 12:53 . 2014-07-11 12:53	--------	d-----w-	c:\program files\iTunes
2014-07-11 12:53 . 2014-07-11 12:53	--------	d-----w-	c:\program files (x86)\iTunes
2014-07-11 11:42 . 2014-07-11 11:42	--------	d-----w-	c:\programdata\Microsoft OneDrive
2014-07-11 11:30 . 2014-07-11 11:30	--------	d-----r-	C:\MSOCache
2014-07-10 09:37 . 2014-06-26 20:53	703968	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2014-07-10 09:37 . 2014-06-26 20:53	105440	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-07-10 09:34 . 2014-07-10 09:35	--------	d-s---w-	c:\windows\system32\CompatTel
2014-07-08 22:37 . 2014-06-30 22:42	394240	----a-w-	c:\windows\system32\devinv.dll
2014-07-05 09:46 . 2014-07-05 09:46	257704	----a-w-	c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10243.bin
2014-07-03 16:50 . 2014-07-03 16:50	--------	d-----w-	c:\program files (x86)\DENON_DJ
2014-07-03 15:52 . 2014-07-03 15:52	--------	dc-h--w-	c:\programdata\{FA277A43-401F-4EAE-9068-FCDF88DB3EA9}
2014-07-03 15:41 . 2014-07-03 15:41	--------	dc-h--w-	c:\programdata\{05C334F7-C2A4-418A-9BC8-1542AE38D62B}
2014-07-03 15:37 . 2014-07-03 15:37	--------	d-----w-	c:\program files (x86)\Common Files\Native Instruments
2014-07-03 15:37 . 2014-07-03 15:37	--------	dc-h--w-	c:\programdata\{033B4844-E9C3-45D2-88D9-34DDF3F91100}
2014-07-03 15:37 . 2014-07-03 15:37	--------	dc-h--w-	c:\programdata\{4682E4CB-7209-4099-8AA1-580ABCCCE731}
2014-07-03 15:37 . 2014-07-03 15:37	--------	dc-h--w-	c:\programdata\{D2030082-F62A-402A-9456-8009276FD896}
2014-07-03 15:37 . 2014-07-03 15:37	--------	dc-h--w-	c:\programdata\{B3478C15-588A-4968-AD66-76AA98803A28}
2014-07-03 15:36 . 2014-07-03 15:36	--------	dc-h--w-	c:\programdata\{0CC85DFF-E70A-4AB0-968A-F1F98F4D0C67}
2014-07-03 15:36 . 2014-07-03 15:36	--------	dc-h--w-	c:\programdata\{662EAAEC-9E9A-4C69-A658-884E51E909BB}
2014-07-03 15:36 . 2014-07-03 15:36	--------	dc-h--w-	c:\programdata\{5EE4F9B1-7274-48A2-9C25-C287604C3058}
2014-07-03 15:36 . 2014-07-03 15:36	--------	dc-h--w-	c:\programdata\{219191E6-6846-4329-889D-7956C487D9A6}
2014-07-03 15:36 . 2014-07-03 15:36	--------	dc-h--w-	c:\programdata\{018F1C44-00D1-417B-B251-92A5634F74AE}
2014-07-03 15:36 . 2014-07-03 15:36	--------	dc-h--w-	c:\programdata\{9B09061B-0A4F-42DA-9987-7D3F452DCB09}
2014-07-03 15:36 . 2014-07-03 15:36	--------	dc-h--w-	c:\programdata\{9597097D-B8DC-4754-AF2D-CB61CCFC861A}
2014-07-03 15:36 . 2014-07-03 15:36	--------	dc-h--w-	c:\programdata\{EB21323D-3F46-4EF0-B849-B096B7705C69}
2014-07-03 15:35 . 2014-07-03 15:35	--------	dc-h--w-	c:\programdata\{9F570B21-E27A-40BE-A508-292899A7D042}
2014-07-03 15:35 . 2014-07-03 15:35	--------	dc-h--w-	c:\programdata\{AF79C86B-2321-4D47-A168-2A24BA2B6A73}
2014-07-03 15:35 . 2014-07-03 15:35	--------	dc-h--w-	c:\programdata\{B7C85E99-2AC6-455D-B4D1-752A56403757}
2014-07-03 15:35 . 2014-07-03 15:35	--------	dc-h--w-	c:\programdata\{57B31BE2-3175-4425-9722-D2AC5F68C7BD}
2014-07-03 15:34 . 2014-07-03 15:34	--------	dc-h--w-	c:\programdata\{C6A355F5-168B-4EEC-AB7C-75594F783EDB}
2014-07-03 15:34 . 2014-07-03 15:52	--------	d-----w-	c:\program files\Native Instruments
2014-07-03 15:34 . 2014-07-03 15:52	--------	d-----w-	c:\program files\Common Files\Native Instruments
2014-07-03 15:34 . 2014-07-03 15:37	--------	d-----w-	c:\programdata\Native Instruments
2014-07-03 11:40 . 2014-07-03 11:54	--------	d-----w-	c:\users\Markus\AppData\Local\Genesis_07031140
2014-07-02 15:51 . 2014-07-29 13:49	--------	d-----w-	c:\users\Markus\AppData\Local\assembly
2014-07-02 15:51 . 2014-07-03 10:22	--------	d-----w-	c:\users\Markus\AppData\Local\Deployment
2014-07-02 15:51 . 2014-07-02 15:51	--------	d-----w-	c:\users\Markus\AppData\Local\Apps
2014-07-01 13:23 . 2014-07-01 13:23	--------	d-----w-	c:\program files (x86)\Microsoft SkyDrive
2014-07-01 13:23 . 2014-07-01 13:23	--------	d-----r-	c:\users\Markus\SkyDrive
2014-07-01 13:23 . 2014-07-01 13:23	--------	d-----w-	c:\programdata\Microsoft SkyDrive
2014-07-01 13:20 . 2014-06-03 08:41	589008	----a-w-	c:\programdata\Microsoft\ClickToRun\{9AC08E99-230B-47e8-9721-4577B7F124EA}\integrator.exe
2014-07-01 13:17 . 2014-07-10 10:04	--------	d-----w-	c:\program files\Microsoft Office 15
2014-07-01 08:46 . 2014-07-01 08:46	--------	d-----w-	c:\users\Markus\AppData\Local\Tracker Software
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-07-09 10:18 . 2013-10-27 02:04	96441528	----a-w-	c:\windows\system32\MRT.exe
2014-05-03 05:47 . 2014-06-12 00:23	3246592	----a-w-	c:\windows\system32\rdpcorets.dll
2014-05-03 03:34 . 2014-06-12 00:23	235520	----a-w-	c:\windows\system32\rdpudd.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2014-07-11 11:43	223432	----a-w-	c:\users\Markus\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2014-07-11 11:43	223432	----a-w-	c:\users\Markus\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2014-07-11 11:43	223432	----a-w-	c:\users\Markus\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\SkyDriveShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Spotify Web Helper"="c:\users\Markus\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2014-07-01 1176632]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"RadioController"="c:\program files (x86)\RadioController\RfBtnHelper.exe" [2013-07-30 111216]
"Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2012-08-15 2994880]
"CanonQuickMenu"="c:\program files (x86)\Canon\Quick Menu\CNQMMAIN.EXE" [2012-04-03 1273448]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2014-07-03 43816]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2014-07-08 152392]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]
@=""
.
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~2\mcafee\SITEAD~1\mcsacore.exe;c:\progra~2\mcafee\SITEAD~1\mcsacore.exe [x]
R3 b57xdbd;Broadcom xD Picture Bus Driver Service;c:\windows\System32\drivers\b57xdbd.sys;c:\windows\SYSNATIVE\drivers\b57xdbd.sys [x]
R3 b57xdmp;Broadcom xD Picture vstorp client drv;c:\windows\System32\drivers\b57xdmp.sys;c:\windows\SYSNATIVE\drivers\b57xdmp.sys [x]
R3 bScsiMSa;bScsiMSa;c:\windows\System32\drivers\bScsiMSa.sys;c:\windows\SYSNATIVE\drivers\bScsiMSa.sys [x]
R3 bScsiSDa;bScsiSDa;c:\windows\System32\drivers\bScsiSDa.sys;c:\windows\SYSNATIVE\drivers\bScsiSDa.sys [x]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\System32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WUDFWpdMtp;WUDFWpdMtp;c:\windows\system32\DRIVERS\WUDFRd.sys;c:\windows\SYSNATIVE\DRIVERS\WUDFRd.sys [x]
S0 iaStorA;iaStorA;c:\windows\System32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 ccSet_NARA;NARA Settings Manager;c:\windows\system32\drivers\NARAx64\0401000.00E\ccSetx64.sys;c:\windows\SYSNATIVE\drivers\NARAx64\0401000.00E\ccSetx64.sys [x]
S2 CCDMonitorService;CCDMonitorService;c:\program files (x86)\Acer\Acer Cloud\CCDMonitorService.exe;c:\program files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [x]
S2 ClickToRunSvc;Microsoft Office-Klick-und-Los-Dienst;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [x]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe;c:\program files (x86)\Launch Manager\dsiwmis.exe [x]
S2 ETDService;Elan Service;c:\program files\Elantech\ETDService.exe;c:\program files\Elantech\ETDService.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]
S2 NIHardwareService;NIHardwareService;c:\program files\Common Files\Native Instruments\Hardware\NIHardwareService.exe;c:\program files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [x]
S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
S2 RfButtonDriverService;Dritek RF Button Command Service;c:\windows\RfBtnSvc64.exe;c:\windows\RfBtnSvc64.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 ePowerSvc;ePower Service;c:\program files\Acer\Acer Power Management\ePowerSvc.exe;c:\program files\Acer\Acer Power Management\ePowerSvc.exe [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 k57nd60a;Broadcom NetLink (TM)-Gigabit-Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]
S3 Ps2Kb2Hid;PS/2 Keyboard to HID Driver;c:\windows\System32\drivers\aPs2Kb2Hid.sys;c:\windows\SYSNATIVE\drivers\aPs2Kb2Hid.sys [x]
S3 WSDScan;WSD-Scanunterstützung;c:\windows\System32\drivers\WSDScan.sys;c:\windows\SYSNATIVE\drivers\WSDScan.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-07-18 16:35	1104200	----a-w-	c:\program files (x86)\Google\Chrome\Application\36.0.1985.125\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2014-07-30 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-28 22:50]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2014-07-11 11:43	262344	----a-w-	c:\users\Markus\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2014-07-11 11:43	262344	----a-w-	c:\users\Markus\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2014-07-11 11:43	262344	----a-w-	c:\users\Markus\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2014-06-10 10:07	2335960	----a-w-	c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2014-06-10 10:07	2335960	----a-w-	c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2014-06-10 10:07	2335960	----a-w-	c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-10-23 171040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-10-23 399392]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-10-23 441888]
"ETDCtrl"="c:\program files (x86)\Elantech\ETDCtrl.exe" [BU]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-06-11 12503184]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.de/
mDefault_Search_URL = hxxp://myhome.vi-view.com/web/?type=ds&ts=1406294425&from=tugs&uid=TOSHIBAXMQ01ABD075_53L8P7KXTXX53L8P7KXT&q={searchTerms}
mDefault_Page_URL = hxxp://myhome.vi-view.com/?type=hp&ts=1406294425&from=tugs&uid=TOSHIBAXMQ01ABD075_53L8P7KXTXX53L8P7KXT
mStart Page = hxxp://myhome.vi-view.com/?type=hp&ts=1406294425&from=tugs&uid=TOSHIBAXMQ01ABD075_53L8P7KXTXX53L8P7KXT
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://myhome.vi-view.com/web/?type=ds&ts=1406294425&from=tugs&uid=TOSHIBAXMQ01ABD075_53L8P7KXTXX53L8P7KXT&q={searchTerms}
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com
IE: E&xport to Microsoft Excel - c:\program files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\program files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\ppfgea47.default\
FF - prefs.js: browser.search.selectedEngine - StartWeb
FF - prefs.js: browser.startup.homepage - www.google.de
FF - ExtSQL: 2014-07-03 13:41; webbooster@iminent.com; c:\users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\ppfgea47.default\extensions\webbooster@iminent.com.xpi
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
AddRemove-WinZip Malware Protector_is1 - c:\program files (x86)\WinZip Malware Protector\unins000.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B9A09F18-45AB-4F09-A117-A4ADDA8FA8C8}]
@Denied: (A) (Everyone)
"Solution"="{36eb6792-3a29-43b3-8cd0-f67d266fb426}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane\0]
"Key"="ActionsPane"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\8.0\\ActionsPane.xsd"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
@SACL=(02 0000)
.
Zeit der Fertigstellung: 2014-07-30  13:55:26
ComboFix-quarantined-files.txt  2014-07-30 11:55
ComboFix2.txt  2014-07-29 13:51
.
Vor Suchlauf: 13 Verzeichnis(se), 642.514.751.488 Bytes frei
Nach Suchlauf: 15 Verzeichnis(se), 642.438.275.072 Bytes frei
.
- - End Of File - - AF9B9DDF6EEB572255E211D45128D122
         
--- --- ---

Alt 30.07.2014, 15:30   #7
schrauber
/// the machine
/// TB-Ausbilder
 

Mozilla öffnet von alleine neue Tabs - Standard

Mozilla öffnet von alleine neue Tabs




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 31.07.2014, 00:09   #8
Drums93
 
Mozilla öffnet von alleine neue Tabs - Standard

Mozilla öffnet von alleine neue Tabs



Hier den log für ESET Online Scanner

Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=7dbe5cd94780e24ba72e8f4da73d8378
# engine=19424
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=false
# utc_time=2014-07-30 10:45:47
# local_time=2014-07-31 12:45:47 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 40544 11151236 0 0
# scanned=237207
# found=132
# cleaned=0
# scan_time=7702
sh=A914E18AFBB41E13112B14D7CE24FA92018073E0 ft=1 fh=a41c62051e0d20f3 vn="Variante von MSIL/Solimba.AC evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\pc speed up\Uninstall_PCSpeedUp.exe.vir"
sh=E0D486C68536C75A4716672AA52802EE493F5DA1 ft=1 fh=cff95027911011e3 vn="Win32/Thinknice.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SupTab.dll.vir"
sh=7560ADB6881D658A46F52AD1DCDF667B615F6EDE ft=1 fh=19f14dde2ee67322 vn="Variante von MSIL/AdvancedSystemProtector.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\WinZip Malware Protector\WinZipMalwareProtector.exe.vir"
sh=8E6A6992A3C7FEC4000FA1A4D764DD597109E0B5 ft=1 fh=c71c0011cd00713e vn="Win32/NextLive.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\genienext\nengine.dll.vir"
sh=A48F78E3190E0426CAB7017C85D371A0B2515CE9 ft=1 fh=678a4d58de41779d vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\LPT\lrrot.dll.vir"
sh=402E3F17023EC662028C5C419DF48D31B4C47954 ft=1 fh=86c7edc6432607ef vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\LPT\Newtonsoft.Json.dll.vir"
sh=821846614584D57FC24BB86CF24C5B044C3A5AB0 ft=1 fh=38f8d8ab5d5f7ec8 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\LPT\Proxy.Lib.dll.vir"
sh=5D592B28A47C58385B38BF5BE85B9522912BC10A ft=1 fh=3b5e61ca8a8504aa vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\LPT\ProxySettings.dll.vir"
sh=B4878E4D93560399EE0DC807D08C50BEB6761808 ft=1 fh=69632074c0150e80 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\LPT\Smartbar.Common.dll.vir"
sh=DF700E3E3451218A58F0353A32510F8634D296BA ft=1 fh=b309d8039acdc591 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\LPT\Smartbar.Communication.dll.vir"
sh=6C259E1D637082DF6DA4D6B398F82FDCABB8B765 ft=1 fh=4acbf6ce984aa41c vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\LPT\Smartbar.Communication.NamedPipe.dll.vir"
sh=5AC61EEEFD4864B54ADD4859705CAAFA6C4CF5A2 ft=1 fh=d729506a85ba5934 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\LPT\Smartbar.Infrastructure.Utilities.dll.vir"
sh=FBCF47C3668D6C9145A1DF8256F9121D15B31E7F ft=1 fh=a050f1bff8747171 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\LPT\Smartbar.Monetization.Proxy.ProxyService.dll.vir"
sh=985F7D915121BCC1622053A4E733017C79B30730 ft=1 fh=32db1fe504d77fbd vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\LPT\Smartbar.Personalization.Common.dll.vir"
sh=F954138CC8E03FB04A455990DE15E0338D6AB912 ft=1 fh=36f8e81135ac0afb vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\LPT\Smartbar.Resources.HistoryAndStatsWrapper.dll.vir"
sh=282C3784574E4D63842B459989D58D9A01FDE6AF ft=1 fh=acb2d21d2c2498cd vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\LPT\sppsm.dll.vir"
sh=719A34FC1A21E40761C045E0C52F8855E80CDCCF ft=1 fh=c81f8f636f5132a4 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\LPT\spusm.dll.vir"
sh=CF4B12FE9E659B034ECB77641D0DC5363767BDFA ft=1 fh=b2fc897ff3c3a9c1 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\LPT\srbs.dll.vir"
sh=3401A6D9D8AF4649034F7F8656061193AA03465C ft=1 fh=8db55f9452f6901a vn="Variante von MSIL/Toolbar.Linkury.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\LPT\srbu.dll.vir"
sh=43F238352B0408FAEB2C4F0913D466BF5ED00FAD ft=1 fh=134f92e041cba1a2 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\LPT\sreu.dll.vir"
sh=6B3C75BCF39B5C7C513E9E8F7002C1E7DFF0FD92 ft=1 fh=3acc90857f6076ca vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\LPT\srpdm.dll.vir"
sh=02AC509D825A3429FD8DA7598346097157010284 ft=1 fh=77f0c1495b29d1a6 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\LPT\srprl.dll.vir"
sh=3FDA5C133E6451D7FD25E35279A38DE0C966D4F8 ft=1 fh=70c5ecb890da71d8 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\LPT\srpt.dll.vir"
sh=C44EC6E4DC487DFC18CB5A5B2795E02579F47C8B ft=1 fh=843f1902f422e7c7 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\LPT\srptc.dll.vir"
sh=CCBE054E6D592E0B63726E204F78350068612669 ft=1 fh=01825806541cfe88 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\LPT\srut.dll.vir"
sh=26399AE8BDC2D7215045EACBE0422111C796DFC4 ft=1 fh=c8795392d93927f2 vn="Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\amfclgbdpgndipgoegfpkkgobahigbcl\GoogleChromeRemotePlugin.dll.vir"
sh=5D0FF82E89BC0A4963B3FD2CF51F514250A3E4DF ft=1 fh=8b6bc8b332059833 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\ar\Smartbar.Resources.LanguageSettings.resources.dll.vir"
sh=DAB0DB732EF1B3148F2A8409C69693A8BC0F668D ft=1 fh=4741d303503cb92b vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\de\Smartbar.Resources.LanguageSettings.resources.dll.vir"
sh=59C517C8E1476806AC0B4453C863381F877C7E59 ft=1 fh=44fb8e74d96dfeb6 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\es\Smartbar.Resources.LanguageSettings.resources.dll.vir"
sh=9FB49C995BBC6508CC80D88EE251DE926201BE6B ft=1 fh=ab88d352dd6d144d vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\fr\Smartbar.Resources.LanguageSettings.resources.dll.vir"
sh=EF09058F1A8249F38882470126CBBE1B927788C4 ft=1 fh=7c3bb5a116a7be08 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\he\Smartbar.Resources.LanguageSettings.resources.dll.vir"
sh=C88DAF3FB5D3FEC090233FF251F7F0CFC73EF4CD ft=1 fh=b74c7f4df627386b vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_25.dll.vir"
sh=4B9D59EFA89F628628CE74083961743D56E460C7 ft=1 fh=8e9074b2b2075a48 vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_26.dll.vir"
sh=7290509DD9B7F8DCFA781334EBEFF3E5D4C58C5C ft=1 fh=0aae782d31fb93bd vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_27.dll.vir"
sh=32602D4077332EE0F75304C87434755510F768FD ft=1 fh=4d22cbd3b33f2e9e vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_28.dll.vir"
sh=A5517659524BFD05ABEF457FE26F1D0E80D3EF85 ft=1 fh=af4585d56f4a69b5 vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_29.dll.vir"
sh=36E31354BDEA960B9E966413460C3CB81036C629 ft=1 fh=107c58d6ba93a4af vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_30.dll.vir"
sh=7D1FEDA559B59DBFF01C4B4F53134F121D4377C1 ft=1 fh=c2a5d07a8b4f82a0 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\it\Smartbar.Resources.LanguageSettings.resources.dll.vir"
sh=D3558CD8505E43CC94A8BE5A1FFC2C3D39409CD9 ft=1 fh=9bada0f6814a3287 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\nl\Smartbar.Resources.LanguageSettings.resources.dll.vir"
sh=370E12565221A99CA327F8FB1EAAF243856E879C ft=1 fh=f6cdb3ec75080afe vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\pt\Smartbar.Resources.LanguageSettings.resources.dll.vir"
sh=E733700395C6E285DF6D36C59D119CADF14EC136 ft=1 fh=f3d835ac74302d04 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\ru\Smartbar.Resources.LanguageSettings.resources.dll.vir"
sh=20E137221A0CD062EE988380349F197FF6156CA2 ft=1 fh=8e867a7f15acd36f vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\tr\Smartbar.Resources.LanguageSettings.resources.dll.vir"
sh=44341AC3075A630346D44C97F22FE3B8DB90A2C8 ft=1 fh=03026ae03c5e9bfc vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\Interop.SHDocVw.dll.vir"
sh=B8321125D3DD8FBE693497FD476804986E8D5443 ft=1 fh=e0c870c40d823fbd vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\lrcnt.dll.vir"
sh=A48F78E3190E0426CAB7017C85D371A0B2515CE9 ft=1 fh=678a4d58de41779d vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\lrrot.dll.vir"
sh=B30DAF63ED6EE63AB6B70F4BDE3982F40E0AF319 ft=1 fh=d31df0d3b3772a4f vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\MACTrackBarLib.dll.vir"
sh=0D421B32AD2D65114D3F7CF09D33BF1D3600F960 ft=1 fh=5baaf36006c8ac9a vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\NDde.dll.vir"
sh=402E3F17023EC662028C5C419DF48D31B4C47954 ft=1 fh=86c7edc6432607ef vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\Newtonsoft.Json.dll.vir"
sh=821846614584D57FC24BB86CF24C5B044C3A5AB0 ft=1 fh=38f8d8ab5d5f7ec8 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\Proxy.Lib.dll.vir"
sh=5D592B28A47C58385B38BF5BE85B9522912BC10A ft=1 fh=3b5e61ca8a8504aa vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\ProxySettings.dll.vir"
sh=67EB8AF8E2C8ED10D29364A3927AAC8E376B7870 ft=1 fh=d0245071c2cee8ce vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\sgml.dll.vir"
sh=1BD8C2722CFC9112780B116B32E241CA56FED378 ft=1 fh=ccbd55e792ffd4a5 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\sidb.dll.vir"
sh=550E36B251DA813A5FB075D4DDBE728B5FC7786D ft=1 fh=ca67ef67b5a5be99 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\siem.dll.vir"
sh=46296181E78D3B1F6A53F1CACDD6035B02B57E1D ft=1 fh=9d321d3b0a34bff2 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\sipb.dll.vir"
sh=7BC6332DBC2D5DF45298C0575AA545798AF8ECB2 ft=1 fh=6170fef5860c8c93 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\sismlp.dll.vir"
sh=B4878E4D93560399EE0DC807D08C50BEB6761808 ft=1 fh=69632074c0150e80 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\Smartbar.Common.dll.vir"
sh=DF700E3E3451218A58F0353A32510F8634D296BA ft=1 fh=b309d8039acdc591 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\Smartbar.Communication.dll.vir"
sh=6C259E1D637082DF6DA4D6B398F82FDCABB8B765 ft=1 fh=4acbf6ce984aa41c vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\Smartbar.Communication.NamedPipe.dll.vir"
sh=B0AC0139021B61046A6BF011D95E0779DAD11F99 ft=1 fh=7df27588bb9c1087 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\Smartbar.GUI.Controls.dll.vir"
sh=50AD95CE5FD82838E19D7174B549A7BD0E4FB40A ft=1 fh=ddaa5a6a231246ec vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\Smartbar.GUI.Docking.dll.vir"
sh=14882A6F182465C0DD57555D82C894950BECA3C4 ft=1 fh=fb51d2b4c8bc4b88 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\Smartbar.GUI.MainClient.dll.vir"
sh=99AF6ECDEBB152B3A2C967F80FFA90E9168A671D ft=1 fh=85a6bd0378e94ee9 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.BusinessEntities.dll.vir"
sh=1E09548020705131357796B6F68AC61B5180CC86 ft=1 fh=7cd8f36d1f3f4f4e vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Core.dll.vir"
sh=B83094E276B956450B7ACF68CE93DCD85D95362F ft=1 fh=81a29741229eb52a vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.ChromeLocalPlugin.dll.vir"
sh=893F4D87D875F6B5F5565F6A86DCAA4729D16712 ft=1 fh=f255c18676cf4594 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.FireFoxLocalPlugin.dll.vir"
sh=71D7A552FF38B19CD9E29AC73F660BE4DF75B31A ft=1 fh=8fcfed294dd9d419 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.InternetExplorerLocalPlugin.dll.vir"
sh=5AC61EEEFD4864B54ADD4859705CAAFA6C4CF5A2 ft=1 fh=d729506a85ba5934 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Utilities.dll.vir"
sh=FBCF47C3668D6C9145A1DF8256F9121D15B31E7F ft=1 fh=a050f1bff8747171 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\Smartbar.Monetization.Proxy.ProxyService.dll.vir"
sh=985F7D915121BCC1622053A4E733017C79B30730 ft=1 fh=32db1fe504d77fbd vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\Smartbar.Personalization.Common.dll.vir"
sh=F954138CC8E03FB04A455990DE15E0338D6AB912 ft=1 fh=36f8e81135ac0afb vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\Smartbar.Resources.HistoryAndStatsWrapper.dll.vir"
sh=FD8009322EFE5C62E162BC6E88023EF8BA339E7F ft=1 fh=583143ef04de1314 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\Smartbar.Resources.LanguageSettings.dll.vir"
sh=8ED02920C203A906B1B2BCA267CC1ADF91805DC6 ft=1 fh=1ed4e1b87baac737 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.dll.vir"
sh=8175A8AE1F2DB1A34AF959A9A7FC08C61E2551BE ft=1 fh=2803c3b5568a6e48 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.XmlSerializers.dll.vir"
sh=6AC9D369C7B58F5BE35AF423774D6F350BFD0561 ft=1 fh=1cb38c3299e1660f vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\Smartbar.Resources.Translations.dll.vir"
sh=9FFF858BF9B8A2A552539E1E0C198E25C7D2B3EF ft=1 fh=1a46c8b2595d1a09 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\SmartbarInternetExplorerBHO.dll.vir"
sh=9FFF858BF9B8A2A552539E1E0C198E25C7D2B3EF ft=1 fh=1a46c8b2595d1a09 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\SmartbarInternetExplorerBHO2.dll.vir"
sh=4B53AC771E2C80681A15C73F08D3F30CA2590975 ft=1 fh=15c935441a7e65bb vn="Variante von MSIL/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\SmartbarInternetExplorerExtension.dll.vir"
sh=4B53AC771E2C80681A15C73F08D3F30CA2590975 ft=1 fh=15c935441a7e65bb vn="Variante von MSIL/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\SmartbarInternetExplorerExtension2.dll.vir"
sh=AA36575A40264209CC6F99345542FC841BA626B0 ft=1 fh=4d304fca6bb460c9 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\smta.dll.vir"
sh=7B7980FE9F0A9488AD49CC74956634F74AB55E51 ft=1 fh=eef88e5d9859c86e vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\smti.dll.vir"
sh=734715A3C53478C47B667F2687DF1693B022D529 ft=1 fh=61538d6f9e36af3a vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\smtu.dll.vir"
sh=34A1BB19F84A433CCF57DB94EF3A9BE732F714DA ft=1 fh=6a35be02fe18f9e5 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\spbe.dll.vir"
sh=00DEECDF3C98B4858DBFF5DE0EA4A52A4F645C89 ft=1 fh=759597e18afc46cb vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\spbl.dll.vir"
sh=282C3784574E4D63842B459989D58D9A01FDE6AF ft=1 fh=acb2d21d2c2498cd vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\sppsm.dll.vir"
sh=67D92E10B0698D5FEBC4F9A462236BD8BEB9C7A4 ft=1 fh=fc04499782a79bec vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\spsm.dll.vir"
sh=719A34FC1A21E40761C045E0C52F8855E80CDCCF ft=1 fh=c81f8f636f5132a4 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\spusm.dll.vir"
sh=F8DECDAD3EB07DFB736A5134E14A1A5F03077B77 ft=1 fh=c5b89d195122ef24 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\srau.dll.vir"
sh=0A02C60CA9DF48818A811160A46DA8891A3DFC79 ft=1 fh=9ed14ed1c43085ca vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\srbhu.dll.vir"
sh=CF4B12FE9E659B034ECB77641D0DC5363767BDFA ft=1 fh=b2fc897ff3c3a9c1 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\srbs.dll.vir"
sh=3401A6D9D8AF4649034F7F8656061193AA03465C ft=1 fh=8db55f9452f6901a vn="Variante von MSIL/Toolbar.Linkury.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\srbu.dll.vir"
sh=43F238352B0408FAEB2C4F0913D466BF5ED00FAD ft=1 fh=134f92e041cba1a2 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\sreu.dll.vir"
sh=4ADEED9853020E9C608517699CE35E4AB46B1A6F ft=1 fh=f17c6a58ae8e51e6 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\srgu.dll.vir"
sh=37EB6534E3D8B753F98A41BC16F402C909B39ED2 ft=1 fh=d9ccf5dc08eaea01 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\srns.dll.vir"
sh=481E78E7AC2D66FA47CA2473B92DF87834912EB1 ft=1 fh=11859c11abe34608 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\srom.dll.vir"
sh=6B3C75BCF39B5C7C513E9E8F7002C1E7DFF0FD92 ft=1 fh=3acc90857f6076ca vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\srpdm.dll.vir"
sh=02AC509D825A3429FD8DA7598346097157010284 ft=1 fh=77f0c1495b29d1a6 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\srprl.dll.vir"
sh=B5190936D771F4F95AF1D6D25A1AFD4CA442FE4C ft=1 fh=c84bd411ffb6f50c vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\srpu.dll.vir"
sh=E64D27FE025476730144D7CB1FB88351523DAFE3 ft=1 fh=f62074867e208329 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\srsbs.dll.vir"
sh=28B8C47DB9B0E9EC2EFE464D7F8A1342A0E8C7B8 ft=1 fh=52bfb6a85f371785 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\srsbsau.dll.vir"
sh=482BB3D3E448D54A6520E973CF271961B32ED4F6 ft=1 fh=4ddb6dcafd630cb2 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\srsl.dll.vir"
sh=2268FF7CE8C0FBA5212C1974FD64A659B67B698F ft=1 fh=24d569904a6990c9 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\sruhs.dll.vir"
sh=CC140B2680061037EE0A8E09FFD1DF589E31D02B ft=1 fh=9a344598546bc5c8 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\srus.dll.vir"
sh=CCBE054E6D592E0B63726E204F78350068612669 ft=1 fh=01825806541cfe88 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\srut.dll.vir"
sh=C5C86F4CA1F5F7B36C36BD55A380F8A7E0900AFA ft=1 fh=6115a62324625876 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.DMP.dll.vir"
sh=B306BBBE7DA3A3E94C53FEA930B0D0D75760AD6E ft=1 fh=747ce14d1d26f6e8 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.MessengerPlugin.dll.vir"
sh=410DC598705896D3DE77227B5335B4AB9B8EB05A ft=1 fh=c570c8d373d9e5f9 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.WeatherPlugin.dll.vir"
sh=6FA22D3A68DADF536EECCEEAFCAB689880E6872A ft=1 fh=d9b41938fdd5406b vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.WordPlugin.dll.vir"
sh=8BABEC12F2F3F54CA21B0D09D81A98D70D1C99BC ft=1 fh=ab077553fefabf92 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.YoutubeDownloadPlugin.dll.vir"
sh=F6CD5612F2EB91C6031CC873C21CF8C81D803097 ft=1 fh=f7f54b067bbc5a98 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Common\ServicesPlugins\spup.dll.vir"
sh=81447912A34F2B17146525275592838967D4FFF7 ft=1 fh=e9acee4b46b6c119 vn="Variante von Win32/RiskWare.Astori.A Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Roaming\InetStat\inetstat.exe.vir"
sh=336F3BCB48ECB1F5B206A8B1BCBD184D6AA9E8B4 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\ppfgea47.default\Extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\extensionData\plugins\91.js.vir"
sh=BB613799215BA3B68D44449FBE2941E9F9EB5E42 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\ppfgea47.default\Extensions\d55cd0d7-9f24-4660-95b3-188599e8e4f8@6b2faf04-e86f-4bcf-a878-632814acf518.com\extensionData\plugins\91.js.vir"
sh=8E6A6992A3C7FEC4000FA1A4D764DD597109E0B5 ft=1 fh=c71c0011cd00713e vn="Win32/NextLive.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Roaming\newnext.me\nengine.dll.vir"
sh=4A453378C9443670BBB123CC7162BB3C1BA7878D ft=1 fh=cc2ccd571fb766b7 vn="Variante von Win32/Toolbar.CrossRider.AJ evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\video MediaPlay-Air\c421907c-8d5f-4b54-af6e-98e6584c00d7-2.exe"
sh=9380ED412E0ED1AB53B9AC4147A5E8518F2733E5 ft=1 fh=cf556ea92d8d7a9e vn="Variante von Win32/Toolbar.CrossRider.AK evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\video MediaPlay-Air\c421907c-8d5f-4b54-af6e-98e6584c00d7-4.exe"
sh=5CE086B59D5A823641BB4DCCC52F546C9F530963 ft=1 fh=2e0d3509e7954017 vn="Variante von Win32/Toolbar.CrossRider.AH evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\video MediaPlay-Air\c421907c-8d5f-4b54-af6e-98e6584c00d7-5.exe"
sh=2C4D6EF9B56F78E65FCEAC65E6C2EE2B82234710 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\video MediaPlay-Air\c421907c-8d5f-4b54-af6e-98e6584c00d7.xpi"
sh=5A4912EC0392BAFD6EC106381D9157F40792D4A5 ft=1 fh=8d7828411ae558cf vn="Variante von Win32/Toolbar.CrossRider.AL evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\video MediaPlay-Air\video MediaPlay-Air-bg.exe"
sh=7F2FF61B3763DB9D1F51E445A22052871D55AAC3 ft=1 fh=24997d5d4edeebc9 vn="Variante von Win32/Toolbar.CrossRider.AF evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\video MediaPlay-Air\video MediaPlay-Air-bho.dll"
sh=C292C9454D0AF7E67A043D37A1C72158A1F8C3A3 ft=1 fh=fed90379974948fd vn="Variante von Win64/Toolbar.Crossrider.F evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\video MediaPlay-Air\video MediaPlay-Air-bho64.dll"
sh=4424FE8C41FBAF5FF75CC29106CBF1D76FC6BE82 ft=1 fh=331d5ac52443d014 vn="Variante von Win32/Toolbar.CrossRider.AJ evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\video MediaPlay-Air\video MediaPlay-Air-codedownloader.exe"
sh=E3B202651C97FD7241F76EB147B5CD163DFD7078 ft=1 fh=c71c00117859331c vn="Variante von Win32/SProtector.D evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\ProgramData\Fast And Safe\FastAndSafe.dll.vir"
sh=D3E58DA9FB271D4BCA31AEBD45748F5AFE1B491E ft=1 fh=8419c0bdb0e5b97e vn="Variante von Win32/SProtector.D evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\ProgramData\Fast And Safe\FastAndSafeSvc.dll.vir"
sh=A0D52DCF369EF5A26EDD02F381A30BC06D6159F1 ft=1 fh=c71c00110a80296a vn="Variante von Win64/SProtector.B evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\ProgramData\Fast And Safe\FastAndSafe_x64.dll.vir"
sh=336F3BCB48ECB1F5B206A8B1BCBD184D6AA9E8B4 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PYYWYCL\91[1].js"
sh=836CEABE6A4D7178F7BE9FC56FB9C70071260CE0 ft=1 fh=1650ddb5623e84e1 vn="Variante von Win32/SoftPulse.F evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus\Downloads\jvlsetup.exe"
sh=3BC8ED9B8E94D86A11A9BE4067D4CA539898D3B6 ft=1 fh=d2bd1ef5e865ce1c vn="Variante von Win32/SoftPulse.H evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus\Downloads\Setup.exe"
sh=FF03CD55A17A0304C08EE3C759740ADA3A5340F3 ft=1 fh=92794a186f977033 vn="Variante von MSIL/DomaIQ.N evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus\Downloads\Setup_V2.1.exe"
sh=177E910063A87B4C6E2DE4069C9401D95E73CC21 ft=1 fh=ec3123f74738cdb1 vn="Variante von Win32/4Shared.W evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus\Downloads\Virtual DJ v7.0 PRO   Crack [ChattChitto RG].exe"
sh=A981E3D6F03D3BD57D1472F33A4093A01533F8A8 ft=1 fh=7aaf7b3d0491af48 vn="Variante von MSIL/AdvancedSystemProtector.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus\Downloads\wzmp_8.exe"
sh=44341AC3075A630346D44C97F22FE3B8DB90A2C8 ft=1 fh=03026ae03c5e9bfc vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\assembly\GAC_MSIL\Interop.SHDocVw\1.1.0.0__84542ff99aed6a4d\Interop.SHDocVw.dll"
sh=5BA2A1AB903E6B0FAC7FD1B0BC4B4F32262BAC67 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\3df9ac.msi"
         

Der SecurityCheck hat leider mehrmals nicht funktioniert. Siehe hier:

Code:
ATTFilter
 UNSUPPORTED OPERATING SYSTEM! ABORTED!
         
Das neue FRST

Code:
ATTFilter
Combofix Logfile:
Code:
ATTFilter
ComboFix 14-07-29.01 - Markus 31.07.2014   0:56.4.4 - x64
Microsoft Windows 8  6.2.9200.0.1252.49.1031.18.8007.6173 [GMT 2:00]
ausgeführt von:: c:\users\Markus\Downloads\ComboFix.exe
AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-06-28 bis 2014-07-30  ))))))))))))))))))))))))))))))
.
.
2014-07-30 23:00 . 2014-07-30 23:00	--------	d-----w-	c:\users\UpdatusUser\AppData\Local\temp
2014-07-30 23:00 . 2014-07-30 23:00	--------	d-----w-	c:\users\Markus\AppData\Local\temp
2014-07-30 23:00 . 2014-07-30 23:00	--------	d-----w-	c:\users\Default\AppData\Local\temp
2014-07-30 14:48 . 2014-07-30 14:48	--------	d-----w-	c:\program files (x86)\ESET
2014-07-30 14:48 . 2014-07-30 14:48	5342	----a-w-	c:\windows\system32\PerfStringBackup.TMP
2014-07-30 11:39 . 2014-07-30 11:39	--------	d-----w-	c:\windows\ERUNT
2014-07-30 11:34 . 2010-08-30 06:34	536576	----a-w-	c:\windows\SysWow64\sqlite3.dll
2014-07-30 11:33 . 2014-07-30 11:35	--------	d-----w-	C:\AdwCleaner
2014-07-30 11:00 . 2014-07-30 11:00	--------	d-----w-	c:\users\Markus\AppData\Roaming\Nico Mak Computing
2014-07-30 11:00 . 2014-07-30 11:00	--------	d-----w-	c:\programdata\Nico Mak Computing
2014-07-30 11:00 . 2013-03-15 15:10	20480	----a-w-	c:\windows\system32\wsusnative64.exe
2014-07-30 10:59 . 2014-07-02 03:09	10924376	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{1A5AFDA8-50E2-4A80-B737-2852D045473A}\mpengine.dll
2014-07-29 13:05 . 2014-07-29 13:08	--------	d-----w-	C:\FRST
2014-07-29 12:49 . 2014-07-15 22:51	71168	----a-w-	c:\windows\system32\drivers\hdaudbus.sys
2014-07-29 12:49 . 2014-05-29 04:04	94552	----a-w-	c:\windows\system32\drivers\mountmgr.sys
2014-07-29 12:49 . 2014-05-08 01:34	328024	----a-w-	c:\windows\system32\drivers\Classpnp.sys
2014-07-29 10:27 . 2014-07-29 10:27	--------	d-----w-	c:\windows\ServiceProfiles\LocalService\winhttp
2014-07-28 13:32 . 2014-07-28 13:32	--------	d-----w-	c:\program files (x86)\WowCouponn
2014-07-25 13:26 . 2014-07-25 13:28	--------	d-----w-	c:\users\Markus\AppData\Roaming\Probit Software
2014-07-25 13:23 . 2014-07-25 13:23	--------	d-----w-	c:\users\Markus\AppData\Local\com
2014-07-25 13:20 . 2014-07-25 13:22	--------	d-----w-	c:\program files (x86)\video MediaPlay-Air
2014-07-25 13:19 . 2014-07-25 13:19	--------	d-----w-	c:\users\UpdatusUser\AppData\Local\Google
2014-07-25 13:19 . 2014-07-25 13:19	--------	d-----w-	c:\users\UpdatusUser\AppData\Local\Comodo
2014-07-25 13:19 . 2014-07-25 13:19	--------	d-----w-	c:\users\Markus\AppData\Local\Comodo
2014-07-25 13:19 . 2014-07-25 13:19	--------	d-----w-	c:\users\HomeGroupUser$
2014-07-25 13:19 . 2014-07-25 13:19	--------	d-----w-	c:\users\Gast
2014-07-25 13:19 . 2014-07-25 13:19	--------	d-----w-	c:\users\Administrator
2014-07-25 13:19 . 2014-07-25 13:28	--------	d-----w-	c:\program files (x86)\Probit Software
2014-07-24 05:26 . 2014-07-28 13:32	--------	d-----w-	c:\programdata\7a791e75f7c17ac
2014-07-24 05:25 . 2014-07-29 10:26	--------	d-----w-	c:\programdata\WowCouponn
2014-07-11 12:53 . 2014-07-11 12:53	--------	d-----w-	c:\program files\iPod
2014-07-11 12:53 . 2014-07-11 12:53	--------	d-----w-	c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-07-11 12:53 . 2014-07-11 12:53	--------	d-----w-	c:\program files\iTunes
2014-07-11 12:53 . 2014-07-11 12:53	--------	d-----w-	c:\program files (x86)\iTunes
2014-07-11 11:42 . 2014-07-11 11:42	--------	d-----w-	c:\programdata\Microsoft OneDrive
2014-07-11 11:30 . 2014-07-11 11:30	--------	d-----r-	C:\MSOCache
2014-07-10 09:37 . 2014-06-26 20:53	703968	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2014-07-10 09:37 . 2014-06-26 20:53	105440	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-07-10 09:34 . 2014-07-10 09:35	--------	d-s---w-	c:\windows\system32\CompatTel
2014-07-08 22:37 . 2014-06-30 22:42	394240	----a-w-	c:\windows\system32\devinv.dll
2014-07-05 09:46 . 2014-07-05 09:46	257704	----a-w-	c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10243.bin
2014-07-03 16:50 . 2014-07-03 16:50	--------	d-----w-	c:\program files (x86)\DENON_DJ
2014-07-03 15:52 . 2014-07-03 15:52	--------	dc-h--w-	c:\programdata\{FA277A43-401F-4EAE-9068-FCDF88DB3EA9}
2014-07-03 15:41 . 2014-07-03 15:41	--------	dc-h--w-	c:\programdata\{05C334F7-C2A4-418A-9BC8-1542AE38D62B}
2014-07-03 15:37 . 2014-07-03 15:37	--------	d-----w-	c:\program files (x86)\Common Files\Native Instruments
2014-07-03 15:37 . 2014-07-03 15:37	--------	dc-h--w-	c:\programdata\{033B4844-E9C3-45D2-88D9-34DDF3F91100}
2014-07-03 15:37 . 2014-07-03 15:37	--------	dc-h--w-	c:\programdata\{4682E4CB-7209-4099-8AA1-580ABCCCE731}
2014-07-03 15:37 . 2014-07-03 15:37	--------	dc-h--w-	c:\programdata\{D2030082-F62A-402A-9456-8009276FD896}
2014-07-03 15:37 . 2014-07-03 15:37	--------	dc-h--w-	c:\programdata\{B3478C15-588A-4968-AD66-76AA98803A28}
2014-07-03 15:36 . 2014-07-03 15:36	--------	dc-h--w-	c:\programdata\{0CC85DFF-E70A-4AB0-968A-F1F98F4D0C67}
2014-07-03 15:36 . 2014-07-03 15:36	--------	dc-h--w-	c:\programdata\{662EAAEC-9E9A-4C69-A658-884E51E909BB}
2014-07-03 15:36 . 2014-07-03 15:36	--------	dc-h--w-	c:\programdata\{5EE4F9B1-7274-48A2-9C25-C287604C3058}
2014-07-03 15:36 . 2014-07-03 15:36	--------	dc-h--w-	c:\programdata\{219191E6-6846-4329-889D-7956C487D9A6}
2014-07-03 15:36 . 2014-07-03 15:36	--------	dc-h--w-	c:\programdata\{018F1C44-00D1-417B-B251-92A5634F74AE}
2014-07-03 15:36 . 2014-07-03 15:36	--------	dc-h--w-	c:\programdata\{9B09061B-0A4F-42DA-9987-7D3F452DCB09}
2014-07-03 15:36 . 2014-07-03 15:36	--------	dc-h--w-	c:\programdata\{9597097D-B8DC-4754-AF2D-CB61CCFC861A}
2014-07-03 15:36 . 2014-07-03 15:36	--------	dc-h--w-	c:\programdata\{EB21323D-3F46-4EF0-B849-B096B7705C69}
2014-07-03 15:35 . 2014-07-03 15:35	--------	dc-h--w-	c:\programdata\{9F570B21-E27A-40BE-A508-292899A7D042}
2014-07-03 15:35 . 2014-07-03 15:35	--------	dc-h--w-	c:\programdata\{AF79C86B-2321-4D47-A168-2A24BA2B6A73}
2014-07-03 15:35 . 2014-07-03 15:35	--------	dc-h--w-	c:\programdata\{B7C85E99-2AC6-455D-B4D1-752A56403757}
2014-07-03 15:35 . 2014-07-03 15:35	--------	dc-h--w-	c:\programdata\{57B31BE2-3175-4425-9722-D2AC5F68C7BD}
2014-07-03 15:34 . 2014-07-03 15:34	--------	dc-h--w-	c:\programdata\{C6A355F5-168B-4EEC-AB7C-75594F783EDB}
2014-07-03 15:34 . 2014-07-03 15:52	--------	d-----w-	c:\program files\Native Instruments
2014-07-03 15:34 . 2014-07-03 15:52	--------	d-----w-	c:\program files\Common Files\Native Instruments
2014-07-03 15:34 . 2014-07-03 15:37	--------	d-----w-	c:\programdata\Native Instruments
2014-07-03 11:40 . 2014-07-03 11:54	--------	d-----w-	c:\users\Markus\AppData\Local\Genesis_07031140
2014-07-02 15:51 . 2014-07-29 13:49	--------	d-----w-	c:\users\Markus\AppData\Local\assembly
2014-07-02 15:51 . 2014-07-03 10:22	--------	d-----w-	c:\users\Markus\AppData\Local\Deployment
2014-07-02 15:51 . 2014-07-02 15:51	--------	d-----w-	c:\users\Markus\AppData\Local\Apps
2014-07-01 13:23 . 2014-07-01 13:23	--------	d-----w-	c:\program files (x86)\Microsoft SkyDrive
2014-07-01 13:23 . 2014-07-01 13:23	--------	d-----r-	c:\users\Markus\SkyDrive
2014-07-01 13:23 . 2014-07-01 13:23	--------	d-----w-	c:\programdata\Microsoft SkyDrive
2014-07-01 13:20 . 2014-06-03 08:41	589008	----a-w-	c:\programdata\Microsoft\ClickToRun\{9AC08E99-230B-47e8-9721-4577B7F124EA}\integrator.exe
2014-07-01 13:17 . 2014-07-10 10:04	--------	d-----w-	c:\program files\Microsoft Office 15
2014-07-01 08:46 . 2014-07-01 08:46	--------	d-----w-	c:\users\Markus\AppData\Local\Tracker Software
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-07-09 10:18 . 2013-10-27 02:04	96441528	----a-w-	c:\windows\system32\MRT.exe
2014-05-03 05:47 . 2014-06-12 00:23	3246592	----a-w-	c:\windows\system32\rdpcorets.dll
2014-05-03 03:34 . 2014-06-12 00:23	235520	----a-w-	c:\windows\system32\rdpudd.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2014-07-11 11:43	223432	----a-w-	c:\users\Markus\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2014-07-11 11:43	223432	----a-w-	c:\users\Markus\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2014-07-11 11:43	223432	----a-w-	c:\users\Markus\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\SkyDriveShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Spotify Web Helper"="c:\users\Markus\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2014-07-01 1176632]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"RadioController"="c:\program files (x86)\RadioController\RfBtnHelper.exe" [2013-07-30 111216]
"Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2012-08-15 2994880]
"CanonQuickMenu"="c:\program files (x86)\Canon\Quick Menu\CNQMMAIN.EXE" [2012-04-03 1273448]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2014-07-03 43816]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2014-07-08 152392]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]
@=""
.
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~2\mcafee\SITEAD~1\mcsacore.exe;c:\progra~2\mcafee\SITEAD~1\mcsacore.exe [x]
R3 b57xdbd;Broadcom xD Picture Bus Driver Service;c:\windows\System32\drivers\b57xdbd.sys;c:\windows\SYSNATIVE\drivers\b57xdbd.sys [x]
R3 b57xdmp;Broadcom xD Picture vstorp client drv;c:\windows\System32\drivers\b57xdmp.sys;c:\windows\SYSNATIVE\drivers\b57xdmp.sys [x]
R3 bScsiMSa;bScsiMSa;c:\windows\System32\drivers\bScsiMSa.sys;c:\windows\SYSNATIVE\drivers\bScsiMSa.sys [x]
R3 bScsiSDa;bScsiSDa;c:\windows\System32\drivers\bScsiSDa.sys;c:\windows\SYSNATIVE\drivers\bScsiSDa.sys [x]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\System32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
S0 iaStorA;iaStorA;c:\windows\System32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 ccSet_NARA;NARA Settings Manager;c:\windows\system32\drivers\NARAx64\0401000.00E\ccSetx64.sys;c:\windows\SYSNATIVE\drivers\NARAx64\0401000.00E\ccSetx64.sys [x]
S2 CCDMonitorService;CCDMonitorService;c:\program files (x86)\Acer\Acer Cloud\CCDMonitorService.exe;c:\program files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [x]
S2 ClickToRunSvc;Microsoft Office-Klick-und-Los-Dienst;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [x]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe;c:\program files (x86)\Launch Manager\dsiwmis.exe [x]
S2 ETDService;Elan Service;c:\program files\Elantech\ETDService.exe;c:\program files\Elantech\ETDService.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]
S2 NIHardwareService;NIHardwareService;c:\program files\Common Files\Native Instruments\Hardware\NIHardwareService.exe;c:\program files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [x]
S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
S2 RfButtonDriverService;Dritek RF Button Command Service;c:\windows\RfBtnSvc64.exe;c:\windows\RfBtnSvc64.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 ePowerSvc;ePower Service;c:\program files\Acer\Acer Power Management\ePowerSvc.exe;c:\program files\Acer\Acer Power Management\ePowerSvc.exe [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 k57nd60a;Broadcom NetLink (TM)-Gigabit-Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]
S3 Ps2Kb2Hid;PS/2 Keyboard to HID Driver;c:\windows\System32\drivers\aPs2Kb2Hid.sys;c:\windows\SYSNATIVE\drivers\aPs2Kb2Hid.sys [x]
S3 WSDScan;WSD-Scanunterstützung;c:\windows\System32\drivers\WSDScan.sys;c:\windows\SYSNATIVE\drivers\WSDScan.sys [x]
S3 WUDFWpdMtp;WUDFWpdMtp;c:\windows\system32\DRIVERS\WUDFRd.sys;c:\windows\SYSNATIVE\DRIVERS\WUDFRd.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-07-18 16:35	1104200	----a-w-	c:\program files (x86)\Google\Chrome\Application\36.0.1985.125\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2014-07-30 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-28 22:50]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2014-07-11 11:43	262344	----a-w-	c:\users\Markus\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2014-07-11 11:43	262344	----a-w-	c:\users\Markus\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2014-07-11 11:43	262344	----a-w-	c:\users\Markus\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2014-06-10 10:07	2335960	----a-w-	c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2014-06-10 10:07	2335960	----a-w-	c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2014-06-10 10:07	2335960	----a-w-	c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-10-23 171040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-10-23 399392]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-10-23 441888]
"ETDCtrl"="c:\program files (x86)\Elantech\ETDCtrl.exe" [BU]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-06-11 12503184]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.de/
mDefault_Search_URL = hxxp://myhome.vi-view.com/web/?type=ds&ts=1406294425&from=tugs&uid=TOSHIBAXMQ01ABD075_53L8P7KXTXX53L8P7KXT&q={searchTerms}
mDefault_Page_URL = hxxp://myhome.vi-view.com/?type=hp&ts=1406294425&from=tugs&uid=TOSHIBAXMQ01ABD075_53L8P7KXTXX53L8P7KXT
mStart Page = hxxp://myhome.vi-view.com/?type=hp&ts=1406294425&from=tugs&uid=TOSHIBAXMQ01ABD075_53L8P7KXTXX53L8P7KXT
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://myhome.vi-view.com/web/?type=ds&ts=1406294425&from=tugs&uid=TOSHIBAXMQ01ABD075_53L8P7KXTXX53L8P7KXT&q={searchTerms}
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com
IE: E&xport to Microsoft Excel - c:\program files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\program files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\ppfgea47.default\
FF - prefs.js: browser.search.selectedEngine - StartWeb
FF - prefs.js: browser.startup.homepage - www.google.de
FF - ExtSQL: 2014-07-03 13:41; webbooster@iminent.com; c:\users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\ppfgea47.default\extensions\webbooster@iminent.com.xpi
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
AddRemove-WinZip Malware Protector_is1 - c:\program files (x86)\WinZip Malware Protector\unins000.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B9A09F18-45AB-4F09-A117-A4ADDA8FA8C8}]
@Denied: (A) (Everyone)
"Solution"="{36eb6792-3a29-43b3-8cd0-f67d266fb426}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane\0]
"Key"="ActionsPane"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\8.0\\ActionsPane.xsd"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
@SACL=(02 0000)
.
Zeit der Fertigstellung: 2014-07-31  01:02:28
ComboFix-quarantined-files.txt  2014-07-30 23:02
ComboFix2.txt  2014-07-30 11:55
ComboFix3.txt  2014-07-29 13:51
.
Vor Suchlauf: 14 Verzeichnis(se), 642.368.225.280 Bytes frei
Nach Suchlauf: 15 Verzeichnis(se), 642.162.692.096 Bytes frei
.
- - End Of File - - D78F3F457F099749E14D673DA59BF2D5
         
--- --- ---
Sieht aber bisher ganz gut aus. Keine Werbung, keine neuen Tabs.
Was mache ich mit den ganzen Downloads un? TXT Dateien? Benötige ich vielleicht ein derartiges Scan Programm oder ist jedes individuell?
Vielen lieben Dank aber schon mal vorab. Das hat sehr geholfen und ich bin sehr dankbar dafür !!!!

Liebe Grüße

Alt 31.07.2014, 21:00   #9
schrauber
/// the machine
/// TB-Ausbilder
 

Mozilla öffnet von alleine neue Tabs - Standard

Mozilla öffnet von alleine neue Tabs



Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
C:\Program Files (x86)\video MediaPlay-Air
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.



Frisches FRST log bitte. Und lösch die Cracks aus deinem Download Ordner....
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Mozilla öffnet von alleine neue Tabs
anyprotect, fast start, js/toolbar.crossrider.b, launch, linkury, mobogenie, mobogenie entfernen, msil/advancedsystemprotector.a, msil/domaiq.n, msil/solimba.ac, msil/toolbar.linkury.d, msil/toolbar.linkury.e, msil/toolbar.linkury.f, newtab, spotify web helper, tracker, win32/4shared.w, win32/nextlive.a, win32/riskware.astori.a, win32/softpulse.f, win32/softpulse.h, win32/sprotector.d, win32/thinknice.b, win32/toolbar.crossrider.af, win32/toolbar.crossrider.ah, win32/toolbar.crossrider.aj, win32/toolbar.crossrider.ak, win32/toolbar.crossrider.al, win32/toolbar.linkury.d, win32/toolbar.linkury.g, win64/sprotector.b, win64/toolbar.crossrider.f, yahoo community smartbar



Ähnliche Themen: Mozilla öffnet von alleine neue Tabs


  1. Chrome und Mozilla öffnen dauernd neue Ad-Tabs wenn ich auf Links klicke
    Log-Analyse und Auswertung - 15.09.2015 (7)
  2. Mozilla Firefox öffnet nach gewisser Zeit immer neue Tabs
    Plagegeister aller Art und deren Bekämpfung - 05.09.2015 (3)
  3. Mozilla Firefox öffnet ständig Werbung und neue Tabs mit Werbung
    Log-Analyse und Auswertung - 21.07.2015 (10)
  4. Mozilla öffnet immer wieder neue Tabs
    Mülltonne - 29.07.2014 (1)
  5. Mozilla Firefox öffnet automatisch Tabs
    Netzwerk und Hardware - 20.07.2014 (2)
  6. Windows 7 Ultimate: Google Chrome öffnet von alleine neue Fenster mit Werbung oder neue Tabs
    Plagegeister aller Art und deren Bekämpfung - 28.04.2014 (19)
  7. Mozilla Firefox öffnet neue Tabs
    Plagegeister aller Art und deren Bekämpfung - 27.04.2014 (3)
  8. Youtube ist voll mit Werbung und Browser öffnet alleine Tabs
    Log-Analyse und Auswertung - 22.04.2014 (15)
  9. Mozilla Firefox öffnet neue Tabs, die mit "123srv" beginnen
    Log-Analyse und Auswertung - 13.04.2014 (13)
  10. Mozilla Firefox öffnet neue Tabs, die mit "123srv" beginnen inkl. hyperlinks auf Internetseiten
    Log-Analyse und Auswertung - 09.04.2014 (3)
  11. Mozilla Firefox Pupups und neue Tabs: ohne Besuch Webseiten
    Log-Analyse und Auswertung - 14.02.2014 (4)
  12. unerwünschte Werbung und neue Tabs bei fast jedem Klick - Windows8, mozilla Firefox
    Plagegeister aller Art und deren Bekämpfung - 06.01.2014 (32)
  13. Windows XP: Firefox öffnet Tabs von alleine.
    Log-Analyse und Auswertung - 16.09.2013 (9)
  14. Pc schreibt von alleine und öffnet Tabs
    Plagegeister aller Art und deren Bekämpfung - 22.06.2011 (7)
  15. HiJackThis Log. Mozilla öffnet immer neue Werbe-Fenster von alleine!
    Log-Analyse und Auswertung - 30.06.2010 (10)
  16. Mozilla öffnet unaufgefordert Werbe-Tabs
    Plagegeister aller Art und deren Bekämpfung - 03.02.2009 (0)
  17. Mozilla öffnet werbeseiten oder öffnet sich komplett von alleine
    Log-Analyse und Auswertung - 25.10.2005 (2)

Zum Thema Mozilla öffnet von alleine neue Tabs - Hallo liebes Trojaner Board Team, seit einiger Zeit öffnet sich bei meinem Firefox von alleine neue Tabs mit allerhand Werbung. Dazu kommt, dass ich auf den Seiten, auf denen ich - Mozilla öffnet von alleine neue Tabs...
Archiv
Du betrachtest: Mozilla öffnet von alleine neue Tabs auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.