Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Win32:Rootkit-gen[Rtk] in C:\OEM\Preload\Autorun\APP\Power Management. AVAST

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 16.01.2015, 02:09   #1
selfgo
 
Win32:Rootkit-gen[Rtk] in C:\OEM\Preload\Autorun\APP\Power Management. AVAST - Standard

Win32:Rootkit-gen[Rtk] in C:\OEM\Preload\Autorun\APP\Power Management. AVAST



Guten Tag,

mein Avast meldete heute das zwei Malwares gefunden wurde, diese ich anschließend mit Avast überprüft habe. Leider finde ich keine Logs vom ersten Scan. Danach habe ich einen
zweiten Scan durchgeführt der keine Funde hatte. Leider finde ich wieder keine logs!
Werde morgen einen weiteren Scan durchführen, habe nun das Häckchen für die Logs angeschaltet. Führe grad einen Malwarebytes Scan durch und schicke beim beenden die Logs.

Können sie mir schon mal weitere Informationen geben wie ich fortfahren soll? Weitere Scans
wie mit FRST, Combofix, Securitycheck, JRT?

Name von infizierten Dateien sind:
Power_Management_x64.msi
Power_Management_x86.msi

im Pfad:

C:\OEM\Preload\Autorun\APP\Power Management


schon mal danke!

Grüße

Alt 16.01.2015, 02:14   #2
selfgo
 
Win32:Rootkit-gen[Rtk] in C:\OEM\Preload\Autorun\APP\Power Management. AVAST - Standard

Logs MB



Hab sie als Anhang, weiß leider nicht wie man sonst logs schickt.
__________________


Alt 16.01.2015, 02:20   #3
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Win32:Rootkit-gen[Rtk] in C:\OEM\Preload\Autorun\APP\Power Management. AVAST - Standard

Win32:Rootkit-gen[Rtk] in C:\OEM\Preload\Autorun\APP\Power Management. AVAST



Hi und

Logs bitte nicht anhängen, notfalls splitten und über mehrere Postings verteilt posten

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________
__________________

Alt 16.01.2015, 14:23   #4
selfgo
 
Win32:Rootkit-gen[Rtk] in C:\OEM\Preload\Autorun\APP\Power Management. AVAST - Standard

Win32:Rootkit-gen[Rtk] in C:\OEM\Preload\Autorun\APP\Power Management. AVAST



Da noch keiner geantwortet hat, habe ich mir ein paar andere Fragen durchgelesen und
habe zunächst auch ein FRST Scan durchgeführt.

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-01-2015 01
Ran by Phu at 2015-01-16 14:18:51
Running from C:\Users\Phu\Desktop\Antiviren Programme
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-3522562343-2792028621-2258892311-1001\...\uTorrent) (Version: 3.4.2.35702 - BitTorrent Inc.)
abDocs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.05.2005 - Acer Incorporated)
abDocs Office AddIn (HKLM-x32\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 3.01.2006 - Acer Incorporated)
abMedia (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.06.2003.0 - Acer Incorporated)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 3.01.2005.1 - Acer Incorporated)
Acer Explorer Agent (HKLM\...\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Version: 2.00.3000 - Acer Incorporated)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8103 - Acer Incorporated)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.04.2002 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8104 - Acer Incorporated)
Acer Quick Access (HKLM\...\{C1FA525F-D701-4B31-9D32-504FC0CF0B98}) (Version: 1.01.3010 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8106 - Acer Incorporated)
Acer Remote Files (HKLM\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 1.02.2003 - Acer Incorporated)
Acer User Experience Improvement Program App Monitor Plugin (HKLM\...\{978724F6-1863-4DD5-9E66-FB77F5AB5613}) (Version: 1.01.3003 - Acer Incorporated)
Acer User Experience Improvement Program Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 1.01.3003 - Acer Incorporated)
Acer Video Player (HKLM-x32\...\{B6846F20-4821-11E3-8F96-0800200C9A66}) (Version: 1.00.2001.4 - Acer Incorporated)
ActiveState ActivePython 2.7.8.10 (32-bit) (HKLM-x32\...\{EF34E11A-5977-4234-BCDF-6328CA642BC4}) (Version: 2.7.10 - ActiveState Software Inc.)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.257 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10)  MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.103.2020.206 - Alps Electric)
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.04.2001.2 - Acer Incorporated)
Apowersoft Gratis - Audiorekorder V2.3.2 (HKLM-x32\...\{E35F91E4-C68C-43E8-BE90-35CDEE4E5730}_is1) (Version: 2.3.2 - APOWERSOFT LIMITED)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Arma 2 (HKLM-x32\...\Steam App 33910) (Version:  - Bohemia Interactive)
Arma 2: Operation Arrowhead (HKLM-x32\...\Steam App 33930) (Version:  - Bohemia Interactive)
Arma 2: Operation Arrowhead Beta (Obsolete) (HKLM-x32\...\Steam App 219540) (Version:  - )
AudioConverter Studio 8.2 (HKLM-x32\...\AudioConverter Studio_is1) (Version:  - ManiacTools.com)
Avast License by ZeNiX [2012-03-14] (HKLM-x32\...\Avast_2050_ZeNiX [2012-03-14]_is1) (Version:  - )
avast! Premier (HKLM-x32\...\Avast) (Version: 9.0.2021 - AVAST Software)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.6.2 - EA Digital Illusions CE AB)
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version:  - )
BattlEye Uninstall (HKLM-x32\...\BattlEye for A2) (Version:  - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Call of Duty Modern Warfare 2 (HKLM-x32\...\Call of Duty Modern Warfare 2_is1) (Version:  - Activision)
Call of Duty: Black Ops II - Multiplayer (HKLM-x32\...\Steam App 202990) (Version:  - Treyarch)
Call of Duty: Ghosts - Multiplayer (HKLM-x32\...\Steam App 209170) (Version:  - Infinity Ward)
Call of Duty: Ghosts (HKLM-x32\...\Steam App 209160) (Version:  - Infinity Ward)
Call of Duty: Modern Warfare 3 - Multiplayer (HKLM-x32\...\Steam App 42690) (Version:  - Infinity Ward)
Call of Duty: Modern Warfare 3 (HKLM-x32\...\Steam App 42680) (Version:  - Infinity Ward)
CCleaner (HKLM\...\CCleaner) (Version: 4.18 - Piriform)
CF_Full_1154 (HKLM-x32\...\{5BD22BA3-CD71-432B-87BD-86C83DA27E1D}_is1) (Version:  - VTCGame)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Cradle Of Egypt Collector's Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.4917 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.3721 - CyberLink Corp.)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
DayZ Commander (HKLM-x32\...\{7B2CA5E9-763C-4FCE-81EE-13E81ABFE908}) (Version: 0.92.115 - Dotjosh Studios)
DayZLauncher version 0.0.0.7 (HKLM-x32\...\{E31045B4-9DB5-44DF-9EBD-BD4CFDE640FD}_is1) (Version: 0.0.0.7 - Maca134)
D-com 3G (HKLM-x32\...\D-com 3G) (Version: D-com 3G - )
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.3.2.2 - Dolby Laboratories Inc)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.99 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
Gyazo 2.3 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version:  - Nota Inc.)
iCloud (HKLM\...\{309768A4-A2BB-4930-A5A2-8169678C9B4C}) (Version: 4.0.6.28 - Apple Inc.)
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.8101 - Acer Incorporated)
iFunbox (v2.8.2414.748), iFunbox DevTeam (HKLM-x32\...\iFunbox_is1) (Version: v2.8.2414.748 - )
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{302600C1-6BDF-4FD1-1309-148929CC1385}) (Version: 3.1.1309.0390 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.1.1000 - Intel Corporation)
Intel(R) Smart Connect Technology (HKLM\...\{26AA61D4-B04D-4E0D-8E20-94A8FF2EE64D}) (Version: 4.2.40.2439 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{105fa5c4-72e1-41f2-a82c-884d8aa4b381}) (Version: 16.6.0 - Intel Corporation)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.8100 - Acer Incorporated)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.291 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.291 - LogMeIn, Inc.) Hidden
Luxor Evolved (x32 Version: 2.2.0.98 - WildTangent) Hidden
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Magic Bullet Suite 32-bit (HKLM-x32\...\InstallShield_{A93C9142-A903-4038-884C-F4F34D44ACB6}) (Version: 11.1.1 - Red Giant Software)
Magic Bullet Suite 32-bit (x32 Version: 11.1.1 - Red Giant Software) Hidden
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Language Pack 2013  - German/Deutsch (HKLM\...\Office15.OMUI.de-de) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
MotioninJoy Gamepad tool 0.7.0000 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.0000 - www.motioninjoy.com)
Nero BackItUp 12 Essentials OEM.a01 (HKLM-x32\...\{551AC8F2-FEA2-4B45-ACF7-C98681233CC9}) (Version: 12.5.01200 - Nero AG)
NVIDIA GeForce Experience 2.1.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.5 - NVIDIA Corporation)
NVIDIA Grafiktreiber 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.09 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.4.22.2815 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PeerBlock 1.2 (r693) (HKLM\...\{015C5B35-B678-451C-9AEE-821E8D69621C}_is1) (Version: 1.2.0.693 - PeerBlock, LLC)
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Pokki (HKU\S-1-5-21-3522562343-2792028621-2258892311-1001\...\Pokki) (Version: 0.269.5.367 - Pokki) <==== ATTENTION!
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.21238 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.19.726.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7027 - Realtek Semiconductor Corp.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version:  - Microsoft) Hidden
SHIELD Streaming (Version: 3.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.18.9 - NVIDIA Corporation) Hidden
Six Updater (HKLM-x32\...\{AD42165D-FF3C-4975-A130-7AA2801AB5DD}) (Version: 2.09.7042 - Six Projects)
Skype™ 6.21 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.)
Startfenster (HKLM\...\Startfenster) (Version:  - Startfenster) <==== ATTENTION!
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeraCopy 2.3 (HKLM\...\TeraCopy_is1) (Version:  - Code Sector)
The Chronicles of Emerland Solitaire (x32 Version: 3.0.2.32 - WildTangent) Hidden
Trinklit Supreme (x32 Version: 2.2.0.98 - WildTangent) Hidden
Überwachungstool für die Intel® Turbo-Boost-Technik 2.6 (HKLM\...\{6C9365EB-1F9E-4893-9196-3EC77C88D0C5}) (Version: 2.6.2.0 - Intel)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Vegas Pro 10.0 (HKLM-x32\...\{6E0E4D61-11EC-11E0-B454-0013D3D69929}) (Version: 10.0.469 - Sony)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VPNAutoconnect (HKLM-x32\...\{8E557F21-99AE-440D-8058-CD8CB3302E13}) (Version: 1.15 - globalip)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.10.20 - WildTangent) Hidden
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
WinRAR 5.11 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
Wondershare Dr.Fone für iOS(Build 5.5.0.13) (HKLM-x32\...\{A26F8BBD-EC10-4bdc-8AD8-F146825A8A63}_is1) (Version: 5.5.0.13 - Wondershare Software Co.,Ltd.)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3522562343-2792028621-2258892311-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)

==================== Restore Points  =========================

25-12-2014 00:08:58 Geplanter Prüfpunkt
06-01-2015 23:19:00 Installed Cepstral Matthias 6.2.3
14-01-2015 16:50:14 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0191E396-A5B0-4C36-B096-F9351C5E3419} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2014-09-21] ()
Task: {0A0A4CCD-F9EB-445E-846F-C6FF0A7BB1F1} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2014-01-18] (Acer Incorporate)
Task: {18D3D124-F8FB-4A3F-BDFD-53D2A418263E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {1BE30B2D-7A34-4932-BEA4-42D44E296297} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe [2014-03-21] (Acer Incorporated)
Task: {231AFAC0-A17D-458F-868B-261888F3718D} - System32\Tasks\{5020AECC-BC0F-4FBE-850F-5349570A67B2} => Chrome.exe hxxp://ui.skype.com/ui/0/6.18.0.106/de/abandoninstall?source=lightinstaller&amp;page=tsPlugin
Task: {330D5E04-7306-4699-AAFD-9B1BC60BC062} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {4C9D6B42-A8F9-4A7D-9FEE-36851FC623F0} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2013-07-08] ()
Task: {4F610D30-20C5-4FED-B26E-0C919793BBB7} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2014-12-19] (Acer)
Task: {629A6E0C-B132-473D-ABAF-E0D7127B0B76} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {68525B9B-26DE-4083-8F0F-5979027DA7DF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-15] (Google Inc.)
Task: {6D6D1FAD-8930-45B7-9C69-4FC597B55B2B} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2014-07-03] ()
Task: {77523E02-BD88-47B7-A2F2-F443C52F0C5E} - System32\Tasks\Quick Access Quick Launcher => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-03-04] (Acer Incorporate)
Task: {79FA9456-5C95-4BCD-9F02-7818773E06F0} - System32\Tasks\Dolby Selector => C:\Program Files\Dolby Digital Plus\ddp.exe [2013-07-08] (Dolby Laboratories Inc.)
Task: {7B54914B-6415-40F3-8C0D-44608AA082E0} - System32\Tasks\Red Giant Link => C:\Program Files (x86)\Red Giant Link\Common\Red Giant Link.exe [2011-11-18] ()
Task: {800E8B60-9E81-462E-93A1-2259827E22A7} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-13] (Adobe Systems Incorporated)
Task: {879BFC58-EC01-47B2-AF1B-2B34D1F1396B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {8D31D11C-4AF6-4DE0-B214-64F39CB639D3} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-12-11] (Microsoft Corporation)
Task: {ABB5B00B-1DFE-42E3-B765-E07EED964B0B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-15] (Google Inc.)
Task: {B3FEB35E-7D91-4F35-938D-182C5229457E} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [2014-01-24] (TODO: <Company name>)
Task: {B562FA56-E4A7-4C1B-8B84-0310B28BA6D8} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-09-25] (Piriform Ltd)
Task: {C5194B24-846A-44A4-BF02-50C1574EC884} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2014-03-18] (Acer Incorporated)
Task: {D0D268B6-3447-4AB2-A1AA-01AD45B27F52} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-08-25] (AVAST Software)
Task: {D6D72C4B-1D1E-4C3D-8BB7-B8F844FE88A5} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-03-04] (Acer Incorporate)
Task: {E4ABF38D-A727-49B4-8E1A-5F3BC29579B5} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2013-01-22] ()
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2010-11-16 14:38 - 2010-11-16 14:38 - 00339456 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe
2013-08-12 18:06 - 2013-08-12 18:06 - 00198120 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2013-08-12 18:06 - 2013-08-12 18:06 - 00054760 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2013-08-12 18:06 - 2013-08-12 18:06 - 00034792 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTNetMon.dll
2014-12-16 04:00 - 2014-12-16 07:00 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-06-09 11:50 - 2012-04-24 11:43 - 00254512 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2014-12-17 21:12 - 2014-12-13 09:03 - 00117576 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-11-12 15:47 - 2012-01-20 14:55 - 00678400 _____ () C:\Program Files\TeraCopy\TeraCopyExt64.dll
2013-07-08 17:53 - 2013-07-08 17:53 - 00052096 _____ () C:\Program Files\Dolby Digital Plus\Dolby.DDP.Controls_Desktop.dll
2014-12-19 21:59 - 2014-12-19 21:59 - 00090880 _____ () C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe
2014-12-19 21:59 - 2014-12-19 21:59 - 00089344 _____ () C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
2014-08-25 16:10 - 2012-03-12 15:44 - 00217600 _____ () C:\Program Files\AVAST Software\Avast\USERENV.dll
2014-08-25 16:04 - 2014-08-25 16:04 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2015-01-15 22:27 - 2015-01-15 22:27 - 02910720 _____ () C:\Program Files\AVAST Software\Avast\defs\15011502\algo.dll
2014-07-03 12:20 - 2014-07-03 12:20 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-06-09 11:15 - 2013-09-04 00:53 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-01-09 14:19 - 2015-01-09 14:19 - 00015616 _____ () C:\Windows\assembly\GAC_MSIL\MyService\1.0.0.1__2dfa3f50f0bed57d\MyService.dll
2014-12-19 21:16 - 2014-12-19 21:16 - 00013568 _____ () C:\Program Files (x86)\Acer\AOP Framework\ServiceInterface.dll
2014-12-29 13:25 - 2014-12-29 13:25 - 00203008 _____ () C:\Program Files (x86)\Acer\abPhoto\curllib.dll
2014-12-29 13:26 - 2014-12-29 13:26 - 00654552 _____ () C:\Program Files (x86)\Acer\abPhoto\sqlite3.dll
2014-12-29 13:26 - 2014-12-29 13:26 - 00630528 _____ () C:\Program Files (x86)\Acer\abPhoto\tag.dll
2014-12-29 13:26 - 2014-12-29 13:26 - 00119552 _____ () C:\Program Files (x86)\Acer\abPhoto\OpenLDAP.dll
2014-12-19 21:10 - 2014-12-19 21:10 - 00277096 _____ () C:\Program Files (x86)\Acer\AOP Framework\libcurl.dll
2014-08-25 16:04 - 2014-08-25 16:04 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-12-19 22:00 - 2014-12-19 22:00 - 00279296 _____ () C:\Program Files (x86)\Acer\abDocs\libcurl.dll
2014-06-09 11:56 - 2014-01-03 13:13 - 00090368 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext.dll
2015-01-15 21:15 - 2015-01-09 01:35 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.99\libglesv2.dll
2015-01-15 21:15 - 2015-01-09 01:35 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.99\libegl.dll
2015-01-15 21:15 - 2015-01-09 01:35 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.99\pdf.dll
2015-01-15 21:15 - 2015-01-09 01:35 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.99\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Phu\OneDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\StartupFolder: => "ISCTSystray.lnk"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKU\S-1-5-21-3522562343-2792028621-2258892311-1001\...\StartupApproved\StartupFolder: => "Überwachungstool für die Intel® Turbo-Boost-Technik 2.6.lnk"
HKU\S-1-5-21-3522562343-2792028621-2258892311-1001\...\StartupApproved\Run: => "Gyazo"
HKU\S-1-5-21-3522562343-2792028621-2258892311-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-3522562343-2792028621-2258892311-1001\...\StartupApproved\Run: => "ApplePhotoStreams"
HKU\S-1-5-21-3522562343-2792028621-2258892311-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-3522562343-2792028621-2258892311-1001\...\StartupApproved\Run: => "DAEMON Tools Lite"

========================= Accounts: ==========================

Administrator (S-1-5-21-3522562343-2792028621-2258892311-500 - Administrator - Disabled)
Gast (S-1-5-21-3522562343-2792028621-2258892311-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3522562343-2792028621-2258892311-1003 - Limited - Enabled)
Phu (S-1-5-21-3522562343-2792028621-2258892311-1001 - Administrator - Enabled) => C:\Users\Phu

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/16/2015 02:16:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AcerPortal.exe, Version: 3.0.4.2002, Zeitstempel: 0x54942c87
Name des fehlerhaften Moduls: SHELL32.dll, Version: 6.3.9600.17331, Zeitstempel: 0x54023318
Ausnahmecode: 0xc0000005
Fehleroffset: 0x001bf5f0
ID des fehlerhaften Prozesses: 0xd0
Startzeit der fehlerhaften Anwendung: 0xAcerPortal.exe0
Pfad der fehlerhaften Anwendung: AcerPortal.exe1
Pfad des fehlerhaften Moduls: AcerPortal.exe2
Berichtskennung: AcerPortal.exe3
Vollständiger Name des fehlerhaften Pakets: AcerPortal.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: AcerPortal.exe5

Error: (01/16/2015 02:15:27 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PHU-PC)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (01/16/2015 00:41:36 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm wwahost.exe, Version 6.3.9600.17031 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: db0

Startzeit: 01d0311c145ca050

Endzeit: 4294967295

Anwendungspfad: C:\Windows\syswow64\wwahost.exe

Berichts-ID: 08b00d50-9d10-11e4-82e3-c45444832e4f

Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_3.1.0.1007_x86__kzf8qxf38zg5c

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App

Error: (01/15/2015 11:56:35 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm wwahost.exe, Version 6.3.9600.17031 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: d44

Startzeit: 01d03115cb096a63

Endzeit: 4294967295

Anwendungspfad: C:\Windows\syswow64\wwahost.exe

Berichts-ID: bf23ec8a-9d09-11e4-82e3-c45444832e4f

Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_3.1.0.1007_x86__kzf8qxf38zg5c

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App

Error: (01/15/2015 11:26:36 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm wwahost.exe, Version 6.3.9600.17031 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 15d4

Startzeit: 01d031119a31ebb9

Endzeit: 4294967295

Anwendungspfad: C:\Windows\syswow64\wwahost.exe

Berichts-ID: 8e8c3235-9d05-11e4-82e3-c45444832e4f

Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_3.1.0.1007_x86__kzf8qxf38zg5c

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App

Error: (01/15/2015 10:40:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AcerPortal.exe, Version: 3.0.4.2002, Zeitstempel: 0x54942c87
Name des fehlerhaften Moduls: SHELL32.dll, Version: 6.3.9600.17331, Zeitstempel: 0x54023318
Ausnahmecode: 0xc0000005
Fehleroffset: 0x001bf5f0
ID des fehlerhaften Prozesses: 0x1b28
Startzeit der fehlerhaften Anwendung: 0xAcerPortal.exe0
Pfad der fehlerhaften Anwendung: AcerPortal.exe1
Pfad des fehlerhaften Moduls: AcerPortal.exe2
Berichtskennung: AcerPortal.exe3
Vollständiger Name des fehlerhaften Pakets: AcerPortal.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: AcerPortal.exe5

Error: (01/15/2015 07:16:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: BackgroundAgent.exe, Version: 1.0.1.6, Zeitstempel: 0x5494253a
Name des fehlerhaften Moduls: MSVCR90.dll, Version: 9.0.30729.8387, Zeitstempel: 0x51ea24a5
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00056b1d
ID des fehlerhaften Prozesses: 0x1dbc
Startzeit der fehlerhaften Anwendung: 0xBackgroundAgent.exe0
Pfad der fehlerhaften Anwendung: BackgroundAgent.exe1
Pfad des fehlerhaften Moduls: BackgroundAgent.exe2
Berichtskennung: BackgroundAgent.exe3
Vollständiger Name des fehlerhaften Pakets: BackgroundAgent.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: BackgroundAgent.exe5

Error: (01/15/2015 06:31:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AcerPortal.exe, Version: 3.0.4.2002, Zeitstempel: 0x54942c87
Name des fehlerhaften Moduls: SHELL32.dll, Version: 6.3.9600.17331, Zeitstempel: 0x54023318
Ausnahmecode: 0xc0000005
Fehleroffset: 0x001bf5f0
ID des fehlerhaften Prozesses: 0x1920
Startzeit der fehlerhaften Anwendung: 0xAcerPortal.exe0
Pfad der fehlerhaften Anwendung: AcerPortal.exe1
Pfad des fehlerhaften Moduls: AcerPortal.exe2
Berichtskennung: AcerPortal.exe3
Vollständiger Name des fehlerhaften Pakets: AcerPortal.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: AcerPortal.exe5

Error: (01/15/2015 03:55:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AcerPortal.exe, Version: 3.0.4.2002, Zeitstempel: 0x54942c87
Name des fehlerhaften Moduls: SHELL32.dll, Version: 6.3.9600.17331, Zeitstempel: 0x54023318
Ausnahmecode: 0xc0000005
Fehleroffset: 0x001bf5f0
ID des fehlerhaften Prozesses: 0xe48
Startzeit der fehlerhaften Anwendung: 0xAcerPortal.exe0
Pfad der fehlerhaften Anwendung: AcerPortal.exe1
Pfad des fehlerhaften Moduls: AcerPortal.exe2
Berichtskennung: AcerPortal.exe3
Vollständiger Name des fehlerhaften Pakets: AcerPortal.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: AcerPortal.exe5

Error: (01/14/2015 06:30:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DllHost.exe, Version: 6.3.9600.16384, Zeitstempel: 0x5215dfc6
Name des fehlerhaften Moduls: mfmp4srcsnk.dll, Version: 12.0.9600.17334, Zeitstempel: 0x5407ae99
Ausnahmecode: 0xc0000094
Fehleroffset: 0x0000000000096125
ID des fehlerhaften Prozesses: 0x11d4
Startzeit der fehlerhaften Anwendung: 0xDllHost.exe0
Pfad der fehlerhaften Anwendung: DllHost.exe1
Pfad des fehlerhaften Moduls: DllHost.exe2
Berichtskennung: DllHost.exe3
Vollständiger Name des fehlerhaften Pakets: DllHost.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: DllHost.exe5


System errors:
=============
Error: (01/16/2015 02:17:46 PM) (Source: DCOM) (EventID: 10010) (User: PHU-PC)
Description: Microsoft.WindowsLive.Mail.wwa

Error: (01/15/2015 07:16:33 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80246013 fehlgeschlagen: Windows-Tool zum Entfernen bösartiger Software für Windows 8, 8.1 und Windows Server 2012, 2012 R2 x64 Edition - Januar 2015 (KB890830)

Error: (01/14/2015 06:13:11 PM) (Source: DCOM) (EventID: 10010) (User: PHU-PC)
Description: {ED1D0FDF-4414-470A-A56D-CFB68623FC58}

Error: (01/14/2015 05:51:34 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0xc000021a (0xffffc001b5d76e40, 0x0000000000000000, 0x0000000000000000, 0x0000000000000000)C:\Windows\MEMORY.DMP011415-20140-01

Error: (01/14/2015 05:51:32 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎14.‎01.‎2015 um 17:47:00 unerwartet heruntergefahren.

Error: (01/14/2015 05:49:40 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Systemereignissebroker" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Computers.

Error: (01/14/2015 05:49:40 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Stromversorgung" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Computers.

Error: (01/14/2015 05:49:40 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Plug & Play" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 15000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (01/14/2015 05:49:40 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Lokaler Sitzungs-Manager" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (01/14/2015 05:49:40 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "DCOM-Server-Prozessstart" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Computers.


Microsoft Office Sessions:
=========================
Error: (01/16/2015 02:16:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: AcerPortal.exe3.0.4.200254942c87SHELL32.dll6.3.9600.1733154023318c0000005001bf5f0d001d0318eb47a239cC:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exeC:\Windows\SYSTEM32\SHELL32.dllf2a3fa54-9d81-11e4-82e3-c45444832e4f

Error: (01/16/2015 02:15:27 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PHU-PC)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail-2144927142

Error: (01/16/2015 00:41:36 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: wwahost.exe6.3.9600.17031db001d0311c145ca0504294967295C:\Windows\syswow64\wwahost.exe08b00d50-9d10-11e4-82e3-c45444832e4fMicrosoft.SkypeApp_3.1.0.1007_x86__kzf8qxf38zg5cApp

Error: (01/15/2015 11:56:35 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: wwahost.exe6.3.9600.17031d4401d03115cb096a634294967295C:\Windows\syswow64\wwahost.exebf23ec8a-9d09-11e4-82e3-c45444832e4fMicrosoft.SkypeApp_3.1.0.1007_x86__kzf8qxf38zg5cApp

Error: (01/15/2015 11:26:36 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: wwahost.exe6.3.9600.1703115d401d031119a31ebb94294967295C:\Windows\syswow64\wwahost.exe8e8c3235-9d05-11e4-82e3-c45444832e4fMicrosoft.SkypeApp_3.1.0.1007_x86__kzf8qxf38zg5cApp

Error: (01/15/2015 10:40:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: AcerPortal.exe3.0.4.200254942c87SHELL32.dll6.3.9600.1733154023318c0000005001bf5f01b2801d0310bea3a73cbC:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exeC:\Windows\SYSTEM32\SHELL32.dll28494b82-9cff-11e4-82e3-c45444832e4f

Error: (01/15/2015 07:16:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: BackgroundAgent.exe1.0.1.65494253aMSVCR90.dll9.0.30729.838751ea24a5c000000500056b1d1dbc01d030e8d510b08eC:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exeC:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.8387_none_5094ca96bcb6b2bb\MSVCR90.dll9fd56012-9ce2-11e4-82e2-c45444832e4f

Error: (01/15/2015 06:31:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: AcerPortal.exe3.0.4.200254942c87SHELL32.dll6.3.9600.1733154023318c0000005001bf5f0192001d030e90fce61faC:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exeC:\Windows\SYSTEM32\SHELL32.dll4e60a4bf-9cdc-11e4-82e2-c45444832e4f

Error: (01/15/2015 03:55:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: AcerPortal.exe3.0.4.200254942c87SHELL32.dll6.3.9600.1733154023318c0000005001bf5f0e4801d030d34ede0464C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exeC:\Windows\SYSTEM32\SHELL32.dll8d1c15a3-9cc6-11e4-82e2-c45444832e4f

Error: (01/14/2015 06:30:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: DllHost.exe6.3.9600.163845215dfc6mfmp4srcsnk.dll12.0.9600.173345407ae99c0000094000000000009612511d401d0301fba83f39dC:\Windows\system32\DllHost.exeC:\Windows\System32\mfmp4srcsnk.dllf837a674-9c12-11e4-82e2-c45444832e4f


CodeIntegrity Errors:
===================================
  Date: 2014-08-22 07:04:24.693
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-08-15 06:53:40.299
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-08-05 09:20:07.101
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-07-23 10:01:26.458
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-07-18 08:26:18.531
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-07-16 02:53:41.068
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-4210U CPU @ 1.70GHz
Percentage of memory in use: 31%
Total physical RAM: 8072.27 MB
Available physical RAM: 5492.7 MB
Total Pagefile: 16264.27 MB
Available Pagefile: 13267.02 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:898.59 GB) (Free:611.08 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 95695C9D)

Partition: GPT Partition Type.

==================== End Of Log ============================
         

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-01-2015 01
Ran by Phu (administrator) on PHU-PC on 16-01-2015 14:18:09
Running from C:\Users\Phu\Desktop\Antiviren Programme
Loaded Profiles: Phu (Available profiles: Phu)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\RMSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Dolby Laboratories Inc.) C:\Program Files\Dolby Digital Plus\ddp.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\hidfind.exe
(Pokki) C:\Users\Phu\AppData\Local\Pokki\Engine\HostAppServiceUpdater.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17477_none_fa2b7d3b9b36c7b4\TiWorker.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe
() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QuickAccess.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\msfeedssync.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [688984 2013-09-30] (Alps Electric Co., Ltd.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13647576 2013-08-27] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-07] (Realtek Semiconductor)
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-13] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BacKGround Agent] => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [62208 2014-12-19] (Acer Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-08-25] (AVAST Software)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3838800 2014-12-13] (LogMeIn Inc.)
HKLM-x32\...\Run: [abDocsDllLoader] => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe [90880 2014-12-19] ()
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-3522562343-2792028621-2258892311-1001\...\Run: [Pokki] => "%LOCALAPPDATA%\Pokki\Engine\HostAppServiceUpdater.exe" /LOGON
HKU\S-1-5-21-3522562343-2792028621-2258892311-1001\...\Run: [Gyazo] => [X]
HKU\S-1-5-21-3522562343-2792028621-2258892311-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3522562343-2792028621-2258892311-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-21-3522562343-2792028621-2258892311-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6480664 2014-09-25] (Piriform Ltd)
HKU\S-1-5-21-3522562343-2792028621-2258892311-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22067296 2014-10-01] (Skype Technologies S.A.)
HKU\S-1-5-21-3522562343-2792028621-2258892311-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-3522562343-2792028621-2258892311-1001\...\RunOnce: [Application Restart #1] => C:\Users\Phu\AppData\Local\Pokki\Engine\HostAppService.exe [7843656 2015-01-01] (Pokki)
HKU\S-1-5-21-3522562343-2792028621-2258892311-1001\...\MountPoints2: {a67318b2-0e53-11e4-826b-c45444832e4f} - "D:\AutoRun.exe" 
HKU\S-1-5-21-3522562343-2792028621-2258892311-1001\...\MountPoints2: {a673194e-0e53-11e4-826b-c45444832e4f} - "D:\AutoRun.exe" 
HKU\S-1-5-21-3522562343-2792028621-2258892311-1001\...\MountPoints2: {d4a71936-6a7b-11e4-82b4-c45444832e4f} - "D:\SETUP.EXE" /AUTORUN
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ISCTSystray.lnk
ShortcutTarget: ISCTSystray.lnk -> C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)
Startup: C:\Users\Phu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Überwachungstool für die Intel® Turbo-Boost-Technik 2.6.lnk
ShortcutTarget: Überwachungstool für die Intel® Turbo-Boost-Technik 2.6.lnk -> C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe (Intel® Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [ACloudSyncedRF] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll (Acer Incorporated)
ShellIconOverlayIdentifiers: [ACloudSyncedSF] -> {5D5F18B7-D59B-4B18-A3E9-0A4BDCCCB699} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll (Acer Incorporated)
ShellIconOverlayIdentifiers: [ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll (Acer Incorporated)
ShellIconOverlayIdentifiers: [ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll (Acer Incorporated)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3522562343-2792028621-2258892311-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://de.yahoo.com?fr=hp-avast&type=avastbcl
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-3522562343-2792028621-2258892311-1001\Software\Microsoft\Internet Explorer\Main,Search Page = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
HKU\S-1-5-21-3522562343-2792028621-2258892311-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.startfenster.de
HKU\S-1-5-21-3522562343-2792028621-2258892311-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = https://de.yahoo.com?fr=hp-avast&type=avastbcl
SearchScopes: HKLM -> DefaultScope {3A27A470-C4EC-431F-84DC-2AE42998C813} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {3A27A470-C4EC-431F-84DC-2AE42998C813} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKLM -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3522562343-2792028621-2258892311-1001 -> DefaultScope {3A27A470-C4EC-431F-84DC-2AE42998C813} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3522562343-2792028621-2258892311-1001 -> {3A27A470-C4EC-431F-84DC-2AE42998C813} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3522562343-2792028621-2258892311-1001 -> {460C3D19-B3D4-4964-A550-77D263B0CCCB} URL = 
SearchScopes: HKU\S-1-5-21-3522562343-2792028621-2258892311-1001 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_257.dll ()
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll (EA Digital Illusions CE AB)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_257.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-08-25]

Chrome: 
=======
CHR HomePage: Default -> 
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Phu\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (ProxFlow) - C:\Users\Phu\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2014-10-09]
CHR Extension: (Google Docs) - C:\Users\Phu\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-15]
CHR Extension: (Google Drive) - C:\Users\Phu\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-15]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Phu\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-04]
CHR Extension: (YouTube) - C:\Users\Phu\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-07-15]
CHR Extension: (Adblock Plus) - C:\Users\Phu\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-07-16]
CHR Extension: (Google-Suche) - C:\Users\Phu\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-07-15]
CHR Extension: (Avast Online Security) - C:\Users\Phu\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-08-25]
CHR Extension: (Google Wallet) - C:\Users\Phu\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-15]
CHR Extension: (Google Mail) - C:\Users\Phu\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-07-15]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-08-25]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-08-25] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [106488 2014-08-25] (AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [782208 2015-01-15] ()
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2713856 2014-12-19] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573544 2014-03-21] (Acer Incorporated)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-13] (NVIDIA Corporation)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [339456 2010-11-16] () [File not signed]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [314696 2014-05-20] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [157128 2013-09-18] (Intel Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [198120 2013-08-12] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-04] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2014-12-02] (LogMeIn, Inc.)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [459496 2014-01-18] (Acer Incorporate)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2013-10-11] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-13] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-13] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1903472 2014-12-18] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2014-12-16] ()
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [457960 2014-03-04] (Acer Incorporate)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
R3 RMSvc; C:\Program Files\Acer\Acer Quick Access\RMSvc.exe [449768 2014-03-04] (Acer Incorporate)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [222952 2014-01-24] (acer)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3671792 2013-10-11] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-08-25] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2014-08-25] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-08-25] (AVAST Software)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [448400 2014-08-25] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-08-25] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-08-25] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-11-24] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-08-25] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-08-25] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-08-25] ()
S3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [131584 2013-08-22] (Microsoft Corporation)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
S3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [140600 2013-07-22] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1390904 2013-09-05] (Motorola Solutions, Inc.)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-11-12] (Disc Soft Ltd)
S3 ew_mbbusbdev; C:\Windows\system32\DRIVERS\ew_mbbusbdev.sys [115584 2010-09-27] (MBB Technologies Co., Ltd.)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45112 2014-12-13] (LogMeIn Inc.)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [118728 2013-09-18] (Intel Corporation)
R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [21408 2013-08-08] ()
R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [21920 2013-08-08] ()
R3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [29088 2013-08-07] ()
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-08-07] ()
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
S3 mbbdatacard; C:\Windows\system32\DRIVERS\ewusbmdm.sys [226048 2012-12-11] (MBB Technologies Co., Ltd.)
R3 mbb_enumerator; C:\Windows\System32\drivers\ew_mbbbusenum.sys [90112 2012-12-14] (MBB Technologies Co., Ltd.)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation)
R3 NETwNb64; C:\Windows\system32\DRIVERS\NETwbw02.sys [3607520 2013-10-14] (Intel Corporation)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-13] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
S3 QRDCIO; C:\Windows\System32\drivers\QRDCIO.sys [9728 2009-10-20] (QUANTA)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [427736 2013-08-09] (Realsil Semiconductor Corporation)
U0 txdjsvw; C:\Windows\System32\drivers\qjbk.sys [79064 2015-01-16] (Malwarebytes Corporation)
S3 t_mouse.sys; C:\Windows\system32\DRIVERS\t_mouse.sys [6144 2013-04-09] ()
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
S3 X6va022; \??\C:\Windows\SysWOW64\Drivers\X6va022 [X]
S3 X6va024; \??\C:\Windows\SysWOW64\Drivers\X6va024 [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-16 02:10 - 2015-01-16 02:10 - 00079064 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\qjbk.sys
2015-01-16 01:57 - 2015-01-16 01:57 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-16 01:56 - 2015-01-16 01:56 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Phu\Downloads\mbam-setup-2.0.4.1028.exe
2015-01-16 01:56 - 2015-01-16 01:56 - 00001122 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-01-16 01:56 - 2015-01-16 01:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-01-16 01:56 - 2015-01-16 01:56 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-16 01:56 - 2015-01-16 01:56 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-01-16 01:56 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-01-16 01:56 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-01-16 01:56 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-01-16 01:44 - 2015-01-16 14:18 - 00000000 ____D () C:\FRST
2015-01-16 01:43 - 2015-01-16 01:43 - 05609736 _____ (Swearware) C:\Users\Phu\Downloads\ComboFix.exe
2015-01-15 19:24 - 2015-01-15 19:24 - 00782208 _____ () C:\Users\Phu\Downloads\BEService_x64 (1).exe
2015-01-15 19:24 - 2015-01-15 19:24 - 00634752 _____ () C:\Users\Phu\Downloads\BEService (1).exe
2015-01-15 17:20 - 2015-01-15 17:20 - 00000000 ____D () C:\Users\Phu\Downloads\DayZ_Namalsk-0.75
2015-01-15 17:09 - 2015-01-15 17:19 - 896577489 _____ () C:\Users\Phu\Downloads\DayZ_Namalsk-0.75.rar
2015-01-14 21:31 - 2015-01-14 21:33 - 15614112 _____ (AnyMP4 Studio ) C:\Users\Phu\Downloads\free-iphone-data-recovery.exe
2015-01-14 21:30 - 2015-01-14 21:30 - 28651576 _____ (Wondershare Software Co.,Ltd. ) C:\Users\Phu\Downloads\ios-data-recovery.exe
2015-01-14 18:08 - 2015-01-14 21:32 - 00001331 _____ () C:\Users\Public\Desktop\Wondershare Dr.Fone für iOS.lnk
2015-01-14 18:08 - 2015-01-14 21:32 - 00000000 ___HD () C:\Program Files (x86)\Dr.Fone_Temp
2015-01-14 18:08 - 2015-01-14 21:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2015-01-14 18:08 - 2015-01-14 21:32 - 00000000 ____D () C:\Program Files (x86)\Wondershare
2015-01-14 18:08 - 2015-01-14 18:09 - 00000000 ____D () C:\ProgramData\Wondershare
2015-01-14 18:08 - 2015-01-14 18:08 - 01125448 _____ (Wondershare) C:\Users\Phu\Downloads\drfone_setup_full1284.exe
2015-01-14 18:08 - 2015-01-14 18:08 - 00000000 ____D () C:\Users\Public\Documents\Wondershare
2015-01-14 18:08 - 2015-01-14 18:08 - 00000000 ____D () C:\Users\Phu\AppData\Local\Wondershare
2015-01-14 18:08 - 2014-08-08 16:15 - 00076384 _____ (hxxp://libusb-win32.sourceforge.net) C:\Windows\SysWOW64\libusb0.dll
2015-01-14 18:08 - 2014-08-08 16:15 - 00052832 _____ (hxxp://libusb-win32.sourceforge.net) C:\Windows\SysWOW64\Drivers\libusb0.sys
2015-01-14 18:04 - 2015-01-14 18:04 - 28155894 _____ () C:\Users\Phu\Downloads\Trampoline-v2.5-DUCHESS-AppAddict-iOS6.0-(Clutch-1.4.6).ipa
2015-01-14 17:51 - 2015-01-14 17:51 - 713164247 _____ () C:\Windows\MEMORY.DMP
2015-01-14 17:51 - 2015-01-14 17:51 - 00312416 _____ () C:\Windows\Minidump\011415-20140-01.dmp
2015-01-14 15:51 - 2014-12-19 07:26 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-14 15:51 - 2014-12-12 03:04 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-14 15:51 - 2014-12-12 01:51 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ahcache.sys
2015-01-14 15:51 - 2014-12-09 02:50 - 00225280 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 15:51 - 2014-12-08 20:42 - 00535640 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2015-01-14 15:51 - 2014-12-08 20:42 - 00531616 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-01-14 15:51 - 2014-12-08 20:42 - 00448792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2015-01-14 15:51 - 2014-12-08 20:42 - 00413248 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2015-01-14 15:51 - 2014-12-08 20:42 - 00372408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2015-01-14 15:51 - 2014-12-08 20:42 - 00108944 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-01-14 15:51 - 2014-12-08 20:42 - 00038264 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
2015-01-14 15:51 - 2014-12-08 20:42 - 00033584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe
2015-01-14 15:51 - 2014-12-06 04:17 - 00360448 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2015-01-14 15:51 - 2014-12-06 02:41 - 00391680 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-14 15:51 - 2014-12-06 02:35 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2015-01-14 15:51 - 2014-10-29 05:00 - 00465320 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2015-01-14 15:51 - 2014-10-29 05:00 - 00139984 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2015-01-14 15:51 - 2014-10-29 04:52 - 00500016 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-01-14 15:51 - 2014-10-29 04:52 - 00482872 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-01-14 15:51 - 2014-10-29 04:52 - 00394120 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-01-14 15:51 - 2014-10-29 04:52 - 00272248 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-01-14 15:51 - 2014-10-29 04:12 - 00413136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2015-01-14 15:51 - 2014-10-29 04:12 - 00136296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2015-01-14 15:51 - 2014-10-29 04:07 - 00424544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-01-14 15:51 - 2014-10-29 04:07 - 00370424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-01-14 15:51 - 2014-10-29 04:07 - 00344536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-01-14 15:51 - 2014-10-29 03:44 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2015-01-14 15:51 - 2014-10-29 02:59 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werdiagcontroller.dll
2015-01-14 15:51 - 2014-10-29 02:24 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2015-01-14 15:51 - 2014-10-29 02:02 - 00911360 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-01-14 15:51 - 2014-10-29 02:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-14 15:42 - 2015-01-14 15:43 - 00002001 _____ () C:\Users\Public\Desktop\abMedia.lnk
2015-01-13 15:56 - 2015-01-13 15:56 - 00003334 _____ () C:\Windows\System32\Tasks\AcerCloud
2015-01-13 15:56 - 2015-01-13 15:56 - 00002028 _____ () C:\Users\Public\Desktop\Acer Portal.lnk
2015-01-07 15:32 - 2015-01-07 15:32 - 00764800 _____ () C:\Users\Phu\Downloads\BEService_x64.exe
2015-01-07 15:32 - 2015-01-07 15:32 - 00647040 _____ () C:\Users\Phu\Downloads\BEService.exe
2015-01-06 23:25 - 2015-01-06 23:26 - 00000000 ____D () C:\Users\Phu\Downloads\DARF
2015-01-06 23:11 - 2015-01-06 23:13 - 00311000 _____ () C:\Users\Phu\Downloads\Farid Bang - Lutsch (Prod. Juh-Dee) (2014).mp3.sfk
2015-01-06 23:07 - 2015-01-06 23:11 - 159208792 _____ (Microsoft Corporation) C:\Users\Phu\Downloads\Cepstral_Matthias_windows_6.2.3.767.exe
2015-01-06 23:03 - 2015-01-06 23:03 - 09998490 _____ () C:\Users\Phu\Downloads\balabolka_CB-DL-Manager [1].exe
2015-01-06 23:03 - 2015-01-06 23:03 - 00823792 _____ ( ) C:\Users\Phu\Downloads\balabolka_CB-DL-Manager.exe
2015-01-06 19:21 - 2015-01-06 19:21 - 18308353 _____ () C:\Users\Phu\Downloads\SoundCloud-v2.7.2-KBar-(Cracked) .ipa
2015-01-06 16:03 - 2015-01-06 16:03 - 00000000 ____D () C:\Users\Phu\AppData\Roaming\Sony Creative Software Inc
2015-01-05 21:12 - 2015-01-05 21:12 - 00195688 _____ () C:\Users\Phu\Downloads\Zack_Hemsey_-_Mind_Heist_The_Inception_OST_(mp3.pm).mp3.sfk
2015-01-05 21:02 - 2015-01-05 21:02 - 01174352 _____ () C:\Users\Phu\Downloads\FunnyVoice - CHIP-Installer.exe
2015-01-05 20:39 - 2015-01-05 23:40 - 00000000 ____D () C:\Users\Phu\Documents\Apowersoft Free Audio Recorder
2015-01-05 20:39 - 2015-01-05 20:39 - 00001440 _____ () C:\Users\Public\Desktop\Apowersoft Gratis - Audiorekorder.lnk
2015-01-05 20:39 - 2015-01-05 20:39 - 00000000 ____D () C:\Users\Phu\AppData\Roaming\Apowersoft
2015-01-05 20:39 - 2015-01-05 20:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apowersoft
2015-01-05 20:39 - 2015-01-05 20:39 - 00000000 ____D () C:\Program Files (x86)\Apowersoft
2015-01-05 20:38 - 2015-01-05 20:39 - 07914704 _____ (APOWERSOFT LIMITED ) C:\Users\Phu\Downloads\free-audio-recorder-chipde_2.3.2.exe
2015-01-05 20:28 - 2015-01-05 20:28 - 00010792 _____ () C:\Users\Phu\Downloads\SPOOKY.mp3.sfk
2015-01-05 19:20 - 2015-01-12 13:51 - 00000000 ____D () C:\Users\Phu\Desktop\aufgdeckt
2014-12-28 11:40 - 2014-12-28 11:42 - 00000000 ____D () C:\Users\Phu\AppData\Local\ftblauncher
2014-12-28 11:40 - 2014-12-28 11:41 - 00000000 ____D () C:\Users\Phu\AppData\Roaming\ftblauncher
2014-12-25 09:34 - 2015-01-15 22:38 - 00003635 _____ () C:\Windows\setupact.log
2014-12-25 09:34 - 2014-12-25 09:34 - 00000000 _____ () C:\Windows\setuperr.log
2014-12-24 21:33 - 2014-12-24 21:33 - 00376832 _____ (Oracle) C:\Users\Phu\Desktop\mysql.data.dll
2014-12-24 17:07 - 2014-12-24 17:07 - 00000000 ____D () C:\Users\Phu\AppData\Roaming\NVIDIA
2014-12-24 17:01 - 2015-01-16 14:18 - 01347867 _____ () C:\Windows\WindowsUpdate.log
2014-12-17 21:12 - 2014-12-17 21:12 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-12-17 21:12 - 2014-12-13 09:03 - 06859408 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-12-17 21:12 - 2014-12-13 09:03 - 03513488 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-12-17 21:12 - 2014-12-13 09:03 - 02558608 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2014-12-17 21:12 - 2014-12-13 09:03 - 01097360 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2014-12-17 21:12 - 2014-12-13 09:03 - 00935240 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-12-17 21:12 - 2014-12-13 09:03 - 00386368 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-12-17 21:12 - 2014-12-13 09:03 - 00075080 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2014-12-17 21:12 - 2014-12-13 09:03 - 00062608 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-12-17 21:12 - 2014-12-13 00:11 - 04151176 _____ () C:\Windows\system32\nvcoproc.bin
2014-12-17 21:10 - 2014-12-13 11:08 - 32099472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-12-17 21:10 - 2014-12-13 11:08 - 25460552 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-12-17 21:10 - 2014-12-13 11:08 - 24764232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-12-17 21:10 - 2014-12-13 11:08 - 20465808 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-12-17 21:10 - 2014-12-13 11:08 - 18594432 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-12-17 21:10 - 2014-12-13 11:08 - 17264312 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-12-17 21:10 - 2014-12-13 11:08 - 16040184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-12-17 21:10 - 2014-12-13 11:08 - 14128496 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-12-17 21:10 - 2014-12-13 11:08 - 13288360 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-12-17 21:10 - 2014-12-13 11:08 - 13202520 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-12-17 21:10 - 2014-12-13 11:08 - 10770120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-12-17 21:10 - 2014-12-13 11:08 - 10710160 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-12-17 21:10 - 2014-12-13 11:08 - 10345280 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-12-17 21:10 - 2014-12-13 11:08 - 03610440 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-12-17 21:10 - 2014-12-13 11:08 - 03293136 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-12-17 21:10 - 2014-12-13 11:08 - 03248968 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-12-17 21:10 - 2014-12-13 11:08 - 02897824 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-12-17 21:10 - 2014-12-13 11:08 - 01895056 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434709.dll
2014-12-17 21:10 - 2014-12-13 11:08 - 01556624 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434709.dll
2014-12-17 21:10 - 2014-12-13 11:08 - 00968336 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-12-17 21:10 - 2014-12-13 11:08 - 00942400 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-12-17 21:10 - 2014-12-13 11:08 - 00928072 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-12-17 21:10 - 2014-12-13 11:08 - 00906560 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-12-17 21:10 - 2014-12-13 11:08 - 00496272 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2014-12-17 21:10 - 2014-12-13 11:08 - 00399688 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2014-12-17 21:10 - 2014-12-13 11:08 - 00391488 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2014-12-17 21:10 - 2014-12-13 11:08 - 00346944 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2014-12-17 21:10 - 2014-12-13 11:08 - 00178632 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-12-17 21:10 - 2014-12-13 11:08 - 00165760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-12-17 21:10 - 2014-12-13 11:08 - 00027983 _____ () C:\Windows\system32\nvinfo.pb
2014-12-17 21:05 - 2014-11-22 11:46 - 00038032 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-12-17 21:05 - 2014-11-22 11:46 - 00032400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-16 14:18 - 2014-08-28 17:54 - 00000000 ____D () C:\Users\Phu\Desktop\Antiviren Programme
2015-01-16 14:18 - 2014-07-15 22:19 - 00003914 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{B7484398-1D91-4D12-90F4-35A6A823A32D}
2015-01-16 14:18 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-01-16 14:17 - 2014-07-16 01:53 - 00000000 ____D () C:\Users\Phu\AppData\Local\CrashDumps
2015-01-16 14:16 - 2014-09-21 16:55 - 00003758 _____ () C:\Windows\System32\Tasks\AutoKMS
2015-01-16 14:16 - 2014-07-15 22:59 - 00001128 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-16 14:16 - 2014-07-15 19:32 - 00000000 ____D () C:\Users\Phu\AppData\Local\Pokki
2015-01-16 14:15 - 2014-07-16 14:36 - 00000000 __RDO () C:\Users\Phu\OneDrive
2015-01-16 14:14 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sru
2015-01-16 02:16 - 2014-07-15 19:38 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3522562343-2792028621-2258892311-1001
2015-01-16 02:14 - 2014-07-15 22:59 - 00001132 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-16 02:10 - 2014-09-04 21:49 - 00000000 ____D () C:\ProgramData\Iminent
2015-01-16 02:10 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\ADFS
2015-01-16 01:56 - 2014-09-04 22:19 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-16 01:40 - 2014-08-29 13:55 - 00000000 ____D () C:\Users\Phu\AppData\Roaming\TS3Client
2015-01-15 23:58 - 2014-09-06 18:13 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-01-15 23:57 - 2014-07-16 14:06 - 00000000 ____D () C:\Users\Phu\AppData\Local\ArmA 2 OA
2015-01-15 22:41 - 2014-06-09 20:39 - 00765582 _____ () C:\Windows\system32\perfh007.dat
2015-01-15 22:41 - 2014-06-09 20:39 - 00159366 _____ () C:\Windows\system32\perfc007.dat
2015-01-15 22:41 - 2014-03-18 11:03 - 01776918 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-15 22:36 - 2013-08-22 15:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-15 22:28 - 2013-08-22 14:25 - 00524288 ___SH () C:\Windows\system32\config\BBI
2015-01-15 18:37 - 2014-07-15 19:32 - 00000000 ____D () C:\Users\Phu\AppData\Local\Packages
2015-01-14 18:02 - 2014-07-23 16:00 - 00000000 ____D () C:\Users\Phu\AppData\Roaming\iFunbox_UserCache
2015-01-14 17:51 - 2014-11-18 07:43 - 00000000 ____D () C:\Windows\Minidump
2015-01-14 16:51 - 2013-08-22 16:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-01-14 15:43 - 2014-05-27 04:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2015-01-14 15:43 - 2014-05-27 04:58 - 00000000 ____D () C:\Program Files (x86)\Acer
2015-01-14 15:42 - 2014-07-15 19:34 - 00000000 ____D () C:\Users\Phu\AppData\Local\clear.fi
2015-01-13 21:56 - 2014-09-04 22:19 - 00003772 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-01-12 13:53 - 2014-09-04 14:31 - 00401408 ___SH () C:\Users\Phu\Documents\Thumbs.db
2015-01-10 22:04 - 2014-09-03 20:01 - 00002976 _____ () C:\Users\Phu\Desktop\Schuhe.txt
2015-01-10 22:04 - 2014-07-15 19:32 - 00000000 ____D () C:\Users\Phu
2015-01-08 23:01 - 2014-10-20 19:33 - 00000854 _____ () C:\Users\Phu\Desktop\DAYZ.txt
2015-01-08 22:29 - 2014-08-26 06:51 - 00000000 ____D () C:\Program Files (x86)\Gyazo
2015-01-08 14:51 - 2014-08-26 06:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gyazo
2015-01-07 18:09 - 2014-09-02 15:09 - 00276480 ___SH () C:\Users\Phu\Desktop\Thumbs.db
2015-01-07 00:05 - 2014-10-10 05:48 - 00000000 ____D () C:\Windows\ENG
2015-01-06 01:08 - 2014-07-16 00:40 - 00714720 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-06 01:08 - 2014-07-16 00:40 - 00106976 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-05 22:45 - 2014-08-30 16:36 - 00000132 _____ () C:\Users\Phu\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen
2015-01-05 19:55 - 2014-09-28 19:43 - 00000000 ____D () C:\Users\Phu\Desktop\egal wie
2015-01-05 19:27 - 2014-08-15 04:14 - 00625152 ___SH () C:\Users\Phu\Downloads\Thumbs.db
2015-01-04 22:16 - 2014-10-15 20:22 - 00000000 ____D () C:\ProgramData\Origin
2015-01-04 21:19 - 2014-12-16 06:55 - 00348928 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2015-01-04 21:19 - 2014-12-16 04:00 - 00348928 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2015-01-04 21:18 - 2014-12-16 04:00 - 00280904 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2015-01-04 20:57 - 2014-10-15 20:22 - 00000000 ____D () C:\Program Files (x86)\Origin
2015-01-03 13:26 - 2014-07-15 19:35 - 00002332 _____ () C:\Users\Phu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
2014-12-25 00:29 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\rescache
2014-12-24 13:16 - 2014-11-17 18:14 - 00000000 ____D () C:\Users\Phu\AppData\Local\LogMeIn Hamachi
2014-12-24 13:16 - 2014-11-12 15:55 - 00000000 ____D () C:\Users\Phu\AppData\Roaming\DAEMON Tools Lite
2014-12-24 13:16 - 2014-07-20 16:00 - 00000000 ____D () C:\Users\Phu\AppData\Roaming\uTorrent
2014-12-17 21:12 - 2014-06-09 11:12 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-12-17 21:12 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\Help
2014-12-17 21:11 - 2014-06-09 11:12 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-12-17 19:50 - 2014-12-16 06:54 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins

Some content of TEMP:
====================
C:\Users\Phu\AppData\Local\Temp\oct7A74.tmp.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-05 19:59

==================== End Of Log ============================
         
--- --- ---

Alt 16.01.2015, 15:04   #5
selfgo
 
Win32:Rootkit-gen[Rtk] in C:\OEM\Preload\Autorun\APP\Power Management. AVAST - Standard

Win32:Rootkit-gen[Rtk] in C:\OEM\Preload\Autorun\APP\Power Management. AVAST



Nochmal von Malwarebytes:

Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 16.01.2015
Suchlauf-Zeit: 01:57:37
Logdatei: Malwarebytes2.txt
Administrator: Ja

Version: 2.00.4.1028
Malware Datenbank: v2015.01.15.16
Rootkit Datenbank: v2015.01.14.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: Phu

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 352334
Verstrichene Zeit: 11 Min, 51 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente erkannt)

Module: 0
(Keine schädliche Elemente erkannt)

Registrierungsschlüssel: 147
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\APPID\{0E4B2CAB-B859-4C57-B96E-63DDEC692BC4}, , [209c8b6c76131026c1e6ee018979916f], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{0E4B2CAB-B859-4C57-B96E-63DDEC692BC4}, , [209c8b6c76131026c1e6ee018979916f], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\CLSID\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}, , [e3d9a354ee9bfd264ef427da67d86d927], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\IminentWebBooster.BrowserHelperObject.1, , [e3d9a354ee9bd264ef427da67d86d927], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\IminentWebBooster.BrowserHelperObject, , [e3d9a354ee9bd264ef427da67d86d927], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\IminentWebBooster.BrowserHelperObject, , [e3d9a354ee9bd264ef427da67d86d927], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}, , [e3d9a354ee9bd264ef427da67d86d927], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}, , [e3d9a354ee9bd264ef427da67d86d927], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\IminentWebBooster.BrowserHelperObject.1, , [e3d9a354ee9bd264ef427da67d86d927], 
PUP.Optional.Iminent.A, HKU\S-1-5-21-3522562343-2792028621-2258892311-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}, , [e3d9a354ee9bd264ef427da67d86d927], 
PUP.Optional.Iminent.A, HKU\S-1-5-21-3522562343-2792028621-2258892311-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}, , [e3d9a354ee9bd264ef427da67d86d927], 
PUP.Optional.DynConIE.A, HKLM\SOFTWARE\CLASSES\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}, , [ead2ad4ab8d141f52c43f7f84cb6e020], 
PUP.Optional.DynConIE.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}, , [ead2ad4ab8d141f52c43f7f84cb6e020], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{01A602A0-D0B9-445B-8081-719E4177C4A7}, , [4d6f2acd3158979fc424c65d3bc8f808], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.ShowControlCenterCommand, , [4d6f2acd3158979fc424c65d3bc8f808], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Mediator.Communication.DataContracts.ShowControlCenterCommand, , [4d6f2acd3158979fc424c65d3bc8f808], 
PUP.Optional.Snapdo.T, HKU\S-1-5-21-3522562343-2792028621-2258892311-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{006ee092-9658-4fd6-bd8e-a21a348e59f5}, , [9d1f886f9cedbd7942091b0cb251718f], 
PUP.Optional.Snapdo.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{006EE092-9658-4FD6-BD8E-A21A348E59F5}, , [9d1f886f9cedbd7942091b0cb251718f], 
PUP.Optional.Iminent.A, HKU\S-1-5-21-3522562343-2792028621-2258892311-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{112BA211-334C-4A90-90EC-2AD1CDAB287C}, , [9c204fa8662388ae455b55cef0132ed2], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{112BA211-334C-4A90-90EC-2AD1CDAB287C}, , [9c204fa8662388ae455b55cef0132ed2], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\iminent.iminentHlpr, , [9c204fa8662388ae455b55cef0132ed2], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\iminent.iminentHlpr.1, , [9c204fa8662388ae455b55cef0132ed2], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\iminent.iminentHlpr, , [9c204fa8662388ae455b55cef0132ed2], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\iminent.iminentHlpr.1, , [9c204fa8662388ae455b55cef0132ed2], 
PUP.Optional.Iminent.A, HKU\S-1-5-21-3522562343-2792028621-2258892311-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{112BA211-334C-4A90-90EC-2AD1CDAB287C}, , [9c204fa8662388ae455b55cef0132ed2], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{0af350d9-3916-454b-ac53-0b0b65f41301}, , [fac26c8bcdbc10261aef73b117ec768a], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{68B81CCD-A80C-4060-8947-5AE69ED01199}, , [b3095d9acfba6fc76f9b73b1fb08b749], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E6B969FB-6D33-48d2-9061-8BBD4899EB08}, , [7e3ed0271c6db38377949e864cb7c23e], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\iminent.iminentdskBnd, , [219b94639eeb51e5f8a9988b33d0b848], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\iminent.iminentdskBnd.1, , [219b94639eeb51e5f8a9988b33d0b848], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\iminent.iminentdskBnd, , [219b94639eeb51e5f8a9988b33d0b848], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\iminent.iminentdskBnd.1, , [219b94639eeb51e5f8a9988b33d0b848], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\Iminent, , [b507f8ff8306bc7ad4a4feb7699ae917], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\esrv.iminentESrvc, , [08b42acdacddec4ad9549322cf34d22e], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\esrv.iminentESrvc.1, , [fcc01fd84346a0968ba2585ddd265ba5], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\iminent, , [14a8c82f6a1ff5413d3c459a0ef653ad], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Business.Tinyfying.DownloadArgs, , [704c44b30c7d58de98ffaf1cbb496e92], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Business.Tinyfying.LinkToPromoteArgs, , [02baea0d8108171f7b1c3299fc08827e], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Business.Tinyfying.RawDataArgs, , [7b410fe8147559ddfd9a884355af50b0], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Business.Tinyfying.TinyUrlArgs, , [526acb2cdaaf7abc4552c20963a119e7], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Business.Tinyfying.ViralLinkArgs, , [c3f924d33a4fab8b2d6adfecf21219e7], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\iminent.iminentappCore, , [7c40a7507811b4826ac40ea746bd6e92], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\iminent.iminentappCore.1, , [378504f3a4e50d299f8f4a6b59aa1ce4], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.ClientCallback, , [9f1db2454742a591a26a943491739070], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.ContractBase, , [9b215c9bc0c978bef21a8048a3616f91], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.AddToUserContentCommand, , [dbe1f3048cfd6cca4cc07e4a9b69857b], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.CheckLoginStatusCommand, , [4775688f4e3b280ed8346662a75d03fd], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.CleanCacheCommand, , [378576812c5d76c061ab963246be54ac], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.GameOverCallback, , [6359ad4ac2c7c472020ab61249bbde22], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.GetCreditCommand, , [a61655a2c9c078bea7651eaa2cd8fd03], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.GetInstallationContextCommand, , [d3e9ee097f0ab97d33d9d7f1de2636ca], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.GetLoginStatusCommand, , [922a2dca5d2c3afc24e83494f50f6d93], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.GetLoginStatusResult, , [2a921add2a5f2313d636e9df8a7aa858], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.GetVariableCommand, , [1ca0f106f2972b0b3cd083459d67b848], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.GetVariableResult, , [89338a6da2e75fd7cf3debdd37cde31d], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.InstallationContextResult, , [526a28cf1c6d81b5a567d7f1a361bd43], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.LoadContentCommand, , [05b78374f69361d56ca031974cb8ec14], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.LoadContentCommandResult, , [dce006f13a4f3bfb7b9105c355afc23e], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.LoginCommand, , [febed621e5a4fd39fb111dabce36669a], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.LoginStatusChangedCallback, , [615bfbfccbbe96a036d6874129db3fc1], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.LogoutCommand, , [4973f007cfbafe3837d5e6e21de71de3], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.MergeIdentityCommand, , [7d3f3eb9880187af24e8eddbfa0a47b9], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.MyAccountCommand, , [4775fdfa97f2ff37d13befd9d62ee21e], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.PlayContentCommand, , [655747b0e8a1cf6703093e8a55af09f7], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.PostContentCallback, , [b10be3145e2b082e709cb31552b28080], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.RecycleViewsCommand, , [754719defc8dea4c9676aa1ed92bb947], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.SetVariableCommand, , [3785e90e1970da5c98741eaab84c8b75], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.ShowBrowserWindowCommand, , [3b8115e246437abca06c4e7a20e4768a], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.ShowPluginWindowCommand, , [d3e9c433afdaf73fc844b414857f57a9], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.TestContentCommand, , [605c7c7babde06300c00d5f372929967], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.UserContentChangedCallback, , [c2fa40b72b5e6cca40cca3257391a957], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.VariableChangedCallback, , [3d7fcf286128bb7b6aa2dbedba4ae41c], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.WarmUpCommand, , [f4c8e80f8603af8767a56a5ea85c6e92], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.WelcomeCommand, , [7d3f72857b0e91a5ae5e735501032dd3], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.ServerCommand, , [04b83fb80e7bea4c28e47355b94ba858], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.ServerResult, , [c3f9a2554742f54140cc1dab08fc827e], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.LightContent, , [fdbf0fe803862f070b017d4b22e2dd23], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.LightUri, , [ab11ac4b3a4f5dd914f882469074de22], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.MediatorServiceProxy, , [8d2fad4a593071c5ad5f22a60afabb45], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\IminentWebBooster.ScriptExtender, , [1ca0f9fee0a964d2405666651de7df21], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\IminentWebBooster.ScriptExtender.1, , [526adf183158f3437f1726a5e32155ab], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\APPID\Iminent.WebBooster.InternetExplorer.DLL, , [edcf18dfb7d26cca84edece7ea1a04fc], 
PUP.Optional.DataMangr.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\DatamngrCoordinator.exe, , [4a729b5c2663ca6c8d03cdc029daa35d], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\Iminent, , [b705bb3cd0b956e02652b104f70c6799], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\IminentToolbar, , [5f5d46b10b7e8ea8b9add7df09fac63a], 
PUP.Optional.Wajam.A, HKLM\SOFTWARE\WOW6432NODE\Wajam, , [24983eb96821c47245b15a8aec188080], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\esrv.iminentESrvc, , [9f1d23d4bacf9e9885a81c9954af619f], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\esrv.iminentESrvc.1, , [11abc433533606308ca1e4d1b54e32ce], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\iminent, , [96261dda93f6c670ff7a8e519a6a9e62], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Business.Tinyfying.DownloadArgs, , [4a7257a0048561d5b6e11cafa65e21df], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Business.Tinyfying.LinkToPromoteArgs, , [526acc2b55340333e3b44f7c9f65b34d], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Business.Tinyfying.RawDataArgs, , [992328cf3a4f280e1a7ddfec62a2f709], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Business.Tinyfying.TinyUrlArgs, , [f9c3d522ec9d84b2bed9f2d9c2427888], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Business.Tinyfying.ViralLinkArgs, , [ac101fd8ee9b6fc76730c7041fe5b050], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\iminent.iminentappCore, , [487480778efb92a49a94e7cec043b14f], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\iminent.iminentappCore.1, , [a81423d4ff8aff371c127c39b84bd828], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Mediator.Communication.ClientCallback, , [09b30bec8dfcca6c8a8295332bd94eb2], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Mediator.Communication.ContractBase, , [398340b7187144f2fd0f0eba4bb933cd], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Mediator.Communication.DataContracts.AddToUserContentCommand, , [ab110ceb7e0b2016ff0d7f49e02435cb], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Mediator.Communication.DataContracts.CheckLoginStatusCommand, , [9824dd1a56338fa725e774541de729d7], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Mediator.Communication.DataContracts.CleanCacheCommand, , [4a72688ff99058de2ddf488012f2e818], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Mediator.Communication.DataContracts.GameOverCallback, , [05b7a552a1e853e33ad2a12706fe7888], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Mediator.Communication.DataContracts.GetCreditCommand, , [b5079b5c87029f97000c4484986cba46], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Mediator.Communication.DataContracts.GetInstallationContextCommand, , [08b4688fb0d983b3ac607b4d9b69eb15], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Mediator.Communication.DataContracts.GetLoginStatusCommand, , [e5d746b1fb8eec4a83895c6c9e66d927], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Mediator.Communication.DataContracts.GetLoginStatusResult, , [f3c91addb9d053e342ca596f976dd32d], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Mediator.Communication.DataContracts.GetVariableCommand, , [1ba134c38efb56e0b85424a452b24eb2], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Mediator.Communication.DataContracts.GetVariableResult, , [5666f601b8d1171f8e7e16b25ba904fc], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Mediator.Communication.DataContracts.InstallationContextResult, , [caf2b93ea5e493a310fc2b9deb19619f], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Mediator.Communication.DataContracts.LoadContentCommand, , [18a47c7bed9c96a04dbfd1f7f311ef11], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Mediator.Communication.DataContracts.LoadContentCommandResult, , [f4c88c6b8306cb6b34d8b4141be9c13f], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Mediator.Communication.DataContracts.LoginCommand, , [b3096394b0d95cda17f518b0d3310ff1], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Mediator.Communication.DataContracts.LoginStatusChangedCallback, , [2b917e798aff2313d7351aae49bb23dd], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Mediator.Communication.DataContracts.LogoutCommand, , [b309b443f49571c5ab61bf09699bed13], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Mediator.Communication.DataContracts.MergeIdentityCommand, , [05b7fcfb1b6ed06625e71dabc3419769], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Mediator.Communication.DataContracts.MyAccountCommand, , [9b21b93e7b0e2115e22ad1f72adaf808], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Mediator.Communication.DataContracts.PlayContentCommand, , [d6e6c730d6b3a2944cc015b320e409f7], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Mediator.Communication.DataContracts.PostContentCallback, , [9626ab4c6a1fcc6a0efec503877d7987], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Mediator.Communication.DataContracts.RecycleViewsCommand, , [6d4f15e22366bc7ad438e8e0966e7987], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Mediator.Communication.DataContracts.SetVariableCommand, , [c5f78b6c30594cea0a02d4f433d118e8], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Mediator.Communication.DataContracts.ShowBrowserWindowCommand, , [5c609a5d41482d09729abc0cd92b8080], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Mediator.Communication.DataContracts.ShowPluginWindowCommand, , [b7054fa8b2d75ed8000c2f9916eef50b], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Mediator.Communication.DataContracts.TestContentCommand, , [c7f5e3143653de5814f817b10301a45c], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Mediator.Communication.DataContracts.UserContentChangedCallback, , [477508ef8efb5bdb2be1ebdd669e0af6], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Mediator.Communication.DataContracts.VariableChangedCallback, , [0eae787fd8b12214c04c32964cb8758b], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Mediator.Communication.DataContracts.WarmUpCommand, , [942808ef632677bfc94306c27b894db3], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Mediator.Communication.DataContracts.WelcomeCommand, , [02bac334335671c5927a3d8b3ec6ef11], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Mediator.Communication.ServerCommand, , [d3e9db1cc1c821150ffd6a5e7e867090], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Mediator.Communication.ServerResult, , [1f9d20d79cedd066f418fcccfd075ba5], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Mediator.LightContent, , [9626ea0d1f6af640f3190dbbd72d8080], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Mediator.LightUri, , [bdff30c79aef0333818bc701947049b7], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent.Mediator.MediatorServiceProxy, , [07b5ea0d96f346f099739f290ff54cb4], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\IminentWebBooster.ScriptExtender, , [93291fd8622747efccca3794d52ff60a], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\IminentWebBooster.ScriptExtender.1, , [3b819b5c2f5a87af0f874388ff050000], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\Iminent.WebBooster.InternetExplorer.DLL, , [a31946b1cebb4ee886eb835015efd12f], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\ehhlaekjfiiojlddgndcnefflngfmhen, , [00bc04f32b5eea4c728c206006fd5da3], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\nbljechdpodpbchbmjcoamidppmpnmlc, , [c6f6e7106a1f77bf3cc193ed7192d828], 
PUP.Optional.DataMangr.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\DatamngrCoordinator.exe, , [83399b5c7910ea4cbed22b6257accf31], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{E30EFF6C-E021-46C2-888A-E58E93213D97}, , [15a7a84fe7a20d2994863a4b10f30ff1], 
PUP.Optional.Umbrella.A, HKLM\SOFTWARE\WOW6432NODE\UMBRELLA, , [8c307b7c8207999d63c6b418cf35fb05], 
PUP.Optional.Iminent.A, HKU\S-1-5-21-3522562343-2792028621-2258892311-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Iminent, , [5b61a4531c6dc274f485268f1be86e92], 
PUP.Optional.Iminent.A, HKU\S-1-5-21-3522562343-2792028621-2258892311-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\IminentToolbar, , [23994fa895f4df57422509adb25134cc], 
PUP.Optional.MultiIE.A, HKU\S-1-5-21-3522562343-2792028621-2258892311-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\DynConIE, , [803c9463375259ddf6f37b6cef15768a], 
PUP.Optional.Iminent.A, HKU\S-1-5-21-3522562343-2792028621-2258892311-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOWREGISTRY\Iminent, , [bb0146b1b2d786b0215f851b699af50b], 
PUP.Optional.Linkury.A, HKU\S-1-5-21-3522562343-2792028621-2258892311-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SMARTBAR, , [0bb18f6895f448ee041f4a3dfb082bd5], 
PUP.Optional.Wajam.A, HKU\S-1-5-21-3522562343-2792028621-2258892311-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\WAJAM, , [5c6050a790f9e6508b5a5e6ff60e40c0], 
PUP.Optional.Wajam.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Wajam, , [a31957a02a5f1a1c226a6bcc956eb14f], 

Registrierungswerte: 9
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\{1FAFD711-ABF9-4F6A-8130-5166C7371427}, , [219b94639eeb51e5f8a9988b33d0b848], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{1FAFD711-ABF9-4F6A-8130-5166C7371427}, Iminent Toolbar, , [219b94639eeb51e5f8a9988b33d0b848]
PUP.Optional.SmartBar, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{ae07101b-46d4-4a98-af68-0333ea26e113}, Smartbar, , [1d9f7f78cbbe53e37993265ecc371fe1]
PUP.Optional.SmartBar, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{ae07101b-46d4-4a98-af68-0333ea26e113}, Smartbar, , [eece6196d6b30630ff0d8103e0233ac6]
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Iminent, C:\Program Files (x86)\Iminent\Iminent.exe /warmup "F77F87E5-A6BD-4922-A530-EDF63D7E9F8C", , [8636b047cabf1a1c58beb3d2a2610ff1]
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|IminentMessenger, C:\Program Files (x86)\Iminent\Iminent.Messengers.exe, , [2696df185336bc7a76a1176ec24112ee]
PUP.Optional.Umbrella.A, HKLM\SOFTWARE\WOW6432NODE\UMBRELLA|MUpdBlock, {
   "MASSUPDATE" : {
      "CHROME_MBAR" : {
         "Checked" : 1,
         "RetryIdx" : 0,
         "Version" : 1
      },
      "FIREFOX_MBAR" : {
         "Checked" : 1,
         "RetryIdx" : 0,
         "Version" : 1
      },
      "IEXPLORE_BHO" : {
         "Checked" : 1,
         "RetryIdx" : 0,
         "Version" : 4
      }
   }
}
, , [8c307b7c8207999d63c6b418cf35fb05]
PUP.Optional.Linkury.A, HKU\S-1-5-21-3522562343-2792028621-2258892311-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SMARTBAR|publisher, YahooSM, , [0bb18f6895f448ee041f4a3dfb082bd5]
PUP.Optional.Wajam.A, HKU\S-1-5-21-3522562343-2792028621-2258892311-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\WAJAM|affiliate_id, 8755, , [5c6050a790f9e6508b5a5e6ff60e40c0]

Registrierungsdaten: 2
PUP.Optional.HelperBar.A, HKU\S-1-5-21-3522562343-2792028621-2258892311-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|Default_Search_URL, hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StLKYZZHUxozG7WbG8M4ZbpPFmdMdnxsM5TEzN82KpLlHjFbDeQsDHFeiwp8SeapuiRKJ7fI0M1W0SIMCkRJqx4qOKgW08KsMt2uEb_h7XwuH48pTjzt_dxTyR0E5yy2lu0FvKIxmiuC-B23SCv6yxZ4PXhCHLbUuVTcoFn2q6Jkawo_M9ecilcQl1KpK5YkNYDglEq9M_Xg,,&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StLKYZZHUxozG7WbG8M4ZbpPFmdMdnxsM5TEzN82KpLlHjFbDeQsDHFeiwp8SeapuiRKJ7fI0M1W0SIMCkRJqx4qOKgW08KsMt2uEb_h7XwuH48pTjzt_dxTyR0E5yy2lu0FvKIxmiuC-B23SCv6yxZ4PXhCHLbUuVTcoFn2q6Jkawo_M9ecilcQl1KpK5YkNYDglEq9M_Xg,,&q={searchTerms}),,[fdbf0fe8b6d395a19386d3bab253b64a]
PUP.Optional.HelperBar.A, HKU\S-1-5-21-3522562343-2792028621-2258892311-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|SearchAssistant, hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StLKYZZHUxozG7WbG8M4ZbpPFmdMdnxsM5TEzN82KpLlHjFbDeQsDHFeiwp8SeapuiRKJ7fI0M1W0SIMCkRJqx4qOKgW08KsMt2uEb_h7XwuH48pTjzt_dxTyR0E5yy2lu0FvKIxmiuC-B23SCv6yxZ4PXhCHLbUuVTcoFn2q6Jkawo_M9ecilcQl1KpK5YkNYDglEq9M_Xg,,&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StLKYZZHUxozG7WbG8M4ZbpPFmdMdnxsM5TEzN82KpLlHjFbDeQsDHFeiwp8SeapuiRKJ7fI0M1W0SIMCkRJqx4qOKgW08KsMt2uEb_h7XwuH48pTjzt_dxTyR0E5yy2lu0FvKIxmiuC-B23SCv6yxZ4PXhCHLbUuVTcoFn2q6Jkawo_M9ecilcQl1KpK5YkNYDglEq9M_Xg,,&q={searchTerms}),,[12aabc3b6b1e55e1ed2d494450b5649c]

Ordner: 13
PUP.Optional.Iminent.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Iminent, , [9e1ec82fbecbde5888b9fccee91b0df3], 
PUP.Optional.Iminent.A, C:\ProgramData\Iminent\Mediator, , [734954a3d2b703334f39cc6bf40f31cf], 
PUP.Optional.Iminent.A, C:\ProgramData\Iminent\Mediator\Datas, , [734954a3d2b703334f39cc6bf40f31cf], 
PUP.Optional.Iminent.A, C:\ProgramData\Iminent\Mediator\Datas\Cache, , [734954a3d2b703334f39cc6bf40f31cf], 
PUP.Optional.Iminent.A, C:\ProgramData\Iminent\Mediator\Datas\Cache\apix.iminent.com, , [734954a3d2b703334f39cc6bf40f31cf], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam, , [a31957a02a5f1a1c226a6bcc956eb14f], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos, , [a31957a02a5f1a1c226a6bcc956eb14f], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Wajam Internet Enhancer, , [a31957a02a5f1a1c226a6bcc956eb14f], 
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam, , [edcf886f76134cea77a9c4757192b050], 
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Search, , [edcf886f76134cea77a9c4757192b050], 
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Shopping, , [edcf886f76134cea77a9c4757192b050], 
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Uninstall Wajam, , [edcf886f76134cea77a9c4757192b050], 
PUP.Optional.Iminent.A, C:\Users\Phu\AppData\Roaming\IminentToolbar, , [f1cb5e999aefd3638fda3aff10f3da26], 

Dateien: 73
PUP.Optional.Iminent.A, C:\Windows\Installer\89226c5.msi, , [a01c3abd41481f17fbfbb89716eb13ed], 
PUP.Optional.SmartBar, C:\Windows\Installer\MSIF801.tmp-\Smartbar.Installer.CustomActions.dll, , [0dafa4536e1bc86ea4dfbc72619fed13], 
PUP.Optional.Iminent.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Iminent\SearchTheWeb.lnk, , [9e1ec82fbecbde5888b9fccee91b0df3], 
PUP.Optional.Iminent.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Iminent\Blog.lnk, , [9e1ec82fbecbde5888b9fccee91b0df3], 
PUP.Optional.Iminent.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Iminent\FAQ.lnk, , [9e1ec82fbecbde5888b9fccee91b0df3], 
PUP.Optional.Iminent.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Iminent\Help.lnk, , [9e1ec82fbecbde5888b9fccee91b0df3], 
PUP.Optional.Iminent.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Iminent\Iminent.lnk, , [9e1ec82fbecbde5888b9fccee91b0df3], 
PUP.Optional.Iminent.A, C:\ProgramData\Iminent\Mediator\Datas\Cache\apix.iminent.com\1033.11575f00-7bdc-4181-ba0a-b298aeab228c.dat, , [734954a3d2b703334f39cc6bf40f31cf], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\uninstall.exe, , [a31957a02a5f1a1c226a6bcc956eb14f], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\amazon.ico, , [a31957a02a5f1a1c226a6bcc956eb14f], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\argos.ico, , [a31957a02a5f1a1c226a6bcc956eb14f], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\ask.ico, , [a31957a02a5f1a1c226a6bcc956eb14f], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\bestbuy.ico, , [a31957a02a5f1a1c226a6bcc956eb14f], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\ebay.ico, , [a31957a02a5f1a1c226a6bcc956eb14f], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\etsy.ico, , [a31957a02a5f1a1c226a6bcc956eb14f], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\facebook.ico, , [a31957a02a5f1a1c226a6bcc956eb14f], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\favicon.ico, , [a31957a02a5f1a1c226a6bcc956eb14f], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\google.ico, , [a31957a02a5f1a1c226a6bcc956eb14f], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\homedepot.ico, , [a31957a02a5f1a1c226a6bcc956eb14f], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\ikea.ico, , [a31957a02a5f1a1c226a6bcc956eb14f], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\imdb.ico, , [a31957a02a5f1a1c226a6bcc956eb14f], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\lowes.ico, , [a31957a02a5f1a1c226a6bcc956eb14f], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\mercado.ico, , [a31957a02a5f1a1c226a6bcc956eb14f], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\mysearchweb.ico, , [a31957a02a5f1a1c226a6bcc956eb14f], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\myshopping.ico, , [a31957a02a5f1a1c226a6bcc956eb14f], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\searchresult.ico, , [a31957a02a5f1a1c226a6bcc956eb14f], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\sears.ico, , [a31957a02a5f1a1c226a6bcc956eb14f], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\setting.ico, , [a31957a02a5f1a1c226a6bcc956eb14f], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\settings.ico, , [a31957a02a5f1a1c226a6bcc956eb14f], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\shopping.ico, , [a31957a02a5f1a1c226a6bcc956eb14f], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\target.ico, , [a31957a02a5f1a1c226a6bcc956eb14f], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\tesco.ico, , [a31957a02a5f1a1c226a6bcc956eb14f], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\tripadvisor.ico, , [a31957a02a5f1a1c226a6bcc956eb14f], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\twitter.ico, , [a31957a02a5f1a1c226a6bcc956eb14f], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\wajam.ico, , [a31957a02a5f1a1c226a6bcc956eb14f], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\walmart.ico, , [a31957a02a5f1a1c226a6bcc956eb14f], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\wiki.ico, , [a31957a02a5f1a1c226a6bcc956eb14f], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\yahoo.ico, , [a31957a02a5f1a1c226a6bcc956eb14f], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\zalando.ico, , [a31957a02a5f1a1c226a6bcc956eb14f], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\FiddlerCore.dll, , [a31957a02a5f1a1c226a6bcc956eb14f], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\HtmlAgilityPack.dll, , [a31957a02a5f1a1c226a6bcc956eb14f], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\makecert.exe, , [a31957a02a5f1a1c226a6bcc956eb14f], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\Newtonsoft.Json.dll, , [a31957a02a5f1a1c226a6bcc956eb14f], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\WajamHttpServer.exe, , [a31957a02a5f1a1c226a6bcc956eb14f], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\WajamInternetEnhancer.exe, , [a31957a02a5f1a1c226a6bcc956eb14f], 
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\wie, , [a31957a02a5f1a1c226a6bcc956eb14f], 
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Settings.lnk, , [edcf886f76134cea77a9c4757192b050], 
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\SignIn with Facebook.lnk, , [edcf886f76134cea77a9c4757192b050], 
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\SignIn with Twitter.lnk, , [edcf886f76134cea77a9c4757192b050], 
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Wajam Website.lnk, , [edcf886f76134cea77a9c4757192b050], 
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Search\Ask.lnk, , [edcf886f76134cea77a9c4757192b050], 
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Search\Google.lnk, , [edcf886f76134cea77a9c4757192b050], 
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Search\IMDb.lnk, , [edcf886f76134cea77a9c4757192b050], 
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Search\Shopping.com.lnk, , [edcf886f76134cea77a9c4757192b050], 
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Search\TripAdvisor.lnk, , [edcf886f76134cea77a9c4757192b050], 
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Search\Wikipedia.lnk, , [edcf886f76134cea77a9c4757192b050], 
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Search\Yahoo!.lnk, , [edcf886f76134cea77a9c4757192b050], 
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Shopping\Amazon.lnk, , [edcf886f76134cea77a9c4757192b050], 
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Shopping\Argos.lnk, , [edcf886f76134cea77a9c4757192b050], 
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Shopping\Ebay.lnk, , [edcf886f76134cea77a9c4757192b050], 
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Shopping\Etsy.lnk, , [edcf886f76134cea77a9c4757192b050], 
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Shopping\HomeDepot.lnk, , [edcf886f76134cea77a9c4757192b050], 
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Shopping\Ikea.lnk, , [edcf886f76134cea77a9c4757192b050], 
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Shopping\Lowe's.lnk, , [edcf886f76134cea77a9c4757192b050], 
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Shopping\Mercadolivre.lnk, , [edcf886f76134cea77a9c4757192b050], 
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Shopping\MyShopping.lnk, , [edcf886f76134cea77a9c4757192b050], 
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Shopping\Sears.lnk, , [edcf886f76134cea77a9c4757192b050], 
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Shopping\Target.lnk, , [edcf886f76134cea77a9c4757192b050], 
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Shopping\Tesco.lnk, , [edcf886f76134cea77a9c4757192b050], 
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Shopping\Walmart.lnk, , [edcf886f76134cea77a9c4757192b050], 
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Shopping\Zalando.lnk, , [edcf886f76134cea77a9c4757192b050], 
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Uninstall Wajam\uninstall.lnk, , [edcf886f76134cea77a9c4757192b050], 
PUP.Optional.Iminent.A, C:\Users\Phu\AppData\Roaming\IminentToolbar\sqlite3.dll, , [f1cb5e999aefd3638fda3aff10f3da26], 

Physische Sektoren: 0
(Keine schädliche Elemente erkannt)


(end)
         
Bitte antworten danke

ADCleaner LOG

Code:
ATTFilter
# AdwCleaner v4.107 - Bericht erstellt am 16/01/2015 um 14:34:53
# Aktualisiert 07/01/2015 von Xplode
# Database : 2015-01-13.2 [Live]
# Betriebssystem : Windows 8.1  (64 bits)
# Benutzername : Phu - PHU-PC
# Gestartet von : C:\Users\Phu\Downloads\adwcleaner_4.107.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\Iminent
Ordner Gelöscht : C:\Program Files (x86)\Common Files\Umbrella
Datei Gelöscht : C:\Users\Phu\Favorites\Startfenster.lnk
Datei Gelöscht : C:\Users\Phu\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Startfenster.lnk
Datei Gelöscht : C:\Users\Phu\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Startfenster.lnk
Datei Gelöscht : C:\Users\Phu\AppData\Roaming\Microsoft\Windows\Start Menu\Startfenster.lnk

***** [ Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKCU\Software\Classes\pokki
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Pokki]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\I
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{01994268-3C10-4044-A1EA-7A9C1B739A11}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{8E9F2D02-6B06-4EBA-92C2-68438EADED28}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02C9C7B0-C7C8-4AAC-A9E4-55295BF60F8F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{0398B101-6DA7-473F-A290-17D2FBC88CC0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{0CC36196-8589-4B80-A771-D659411D7F90}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{143D96F9-EB64-48B3-B192-91C2C41A1F43}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{14F7D91F-F669-45C9-9F42-BACBFDB86EAD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{187A6488-6E71-4A2A-B118-7BEFBFE58257}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{2D065204-A024-4C39-8A38-EE7078EC7ACF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{30F5476C-677B-4DB0-B397-51F5BFD86840}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3223F2FB-D9B9-45FC-9D66-CD717FFA4EE5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{351798B1-C1D2-45AB-92B4-4D6C2D6AB5AF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3AEA1BEF-6195-46F4-ACA2-0ED14F7EFA1B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3D7F9AC3-BAC3-4E51-81D7-D121D79E550A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4498C5E9-93C6-4142-B6BE-F0C6DC48B77A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{479BF2D6-E362-4A99-B1AB-BC764D7B97AE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{492A108F-51D0-4BD8-899D-AD4AB2893064}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4B6D6E60-FBD2-4E79-BF4B-886BC98F1797}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5C176BA0-6FC0-4EBD-8ACF-24AC592506B6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{60893E02-2E5B-43F9-A93A-BAD60C2DF6EF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6D39931F-451E-4BDD-BAF4-37FB96DBBA5D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{76C684D2-C35D-4284-976A-D862F53ADB81}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{796D822A-C3F9-4A97-BAAB-42FE7628EA63}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{79EF3691-EC1A-4705-A01A-D2E36EC11758}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{82F41418-8E64-47EB-A7F1-4702A974D289}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{85D920CE-63A7-46DC-8992-41D1D2E07FAD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{895ED5E8-ABB4-40C3-A0CA-2571964268E2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{8AAC123A-1959-4A45-BFC5-E2D50783098A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{99E71BF1-5F51-4AF9-830B-67015D59640D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{9FD0C1D9-180B-4834-B80B-4B7325AF90E1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A07956CD-81F8-4A03-B524-5D87E690DC83}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A2CC3C46-143B-4142-9D5A-B8543F0A6F55}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{B5E3B26B-6E5C-4865-A63D-58D04B10E245}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{B84D2DC5-42B2-4E5E-BF61-7B48152FF8EF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{B89D5309-0367-4494-A92F-3D4C94F88307}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C014EBF8-8854-448B-B5A4-557C4090EDCE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C31191DB-2F64-464C-B97C-6AC81ACB7AAC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C342C7A7-F622-4EF3-8B7F-ABB9FBE73F14}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C4765B07-BC2F-477B-925C-B2BF24887823}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C875C0A1-09E3-48D5-9F8E-BD337796FD14}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CD126DA6-FF5B-4181-AC13-54A62240D2FA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{DD438708-AAB4-422D-A322-B619589F5680}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E812AE43-7799-4E67-8CF8-4104297A2D16}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F0BAAEC7-9AE0-49FF-9C4B-86E774FF397F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F92193FD-2243-4401-9ACC-49FF30885898}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FD21B8A2-910B-45AC-9C10-45E6A8B84984}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{5563BEFE-3B03-43B1-8041-64A9745DAA56}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{8E9F2D02-6B06-4EBA-92C2-68438EADED28}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{A9CAF365-EA35-45DA-BD8B-2EFA09D374AC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{208D4124-3895-4974-B293-A159BD306078}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{5C176BA0-6FC0-4EBD-8ACF-24AC592506B6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{460C3D19-B3D4-4964-A550-77D263B0CCCB}
Schlüssel Gelöscht : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9CB96984-43C3-4D44-90EF-01466EFCF7BB}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{460C3D19-B3D4-4964-A550-77D263B0CCCB}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3A27A470-C4EC-431F-84DC-2AE42998C813}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{3A27A470-C4EC-431F-84DC-2AE42998C813}
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\Pokki
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Installer\Features\C6FFE03E120E2C6488A85EE83912D379
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Installer\Products\C6FFE03E120E2C6488A85EE83912D379
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\04D01B4BB24CCD043B69431CCABB1A34
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0702826FCAC36EE52AC0441EEEEE2170
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1198E28F40C3E185E9958608554D4253
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\15A073601B9AEC3549BE4A9314794615
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1F7C80F9CE5CDF44E9AADDC99402534C
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\206AF45B775E3A445B3B2273827DA85F
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\225C3CBCEB850204D860A6C7CC7724AF
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2310FC151CD4F185798FA0996B3524D7
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\26707ED04B511954795390209ACE9875
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\28572D2E2DE533256AC6B560EA573C22
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29C79786B109AC443B0DC7BFD61B1896
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2ABB56EABB920EB59B04BDDD26A62083
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2DABA02DFED47E352A2FA2EBDD6F6187
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\311567B4A9A002050BB9423FD73FB880
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\373FCED70D7F84E5FB5F3F7B76BEE024
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3BE992C130B235E53A2937391FDCA35B
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3DA5F64B3483DE549947A9164ACBAD21
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3ED93605BB9B6635E9D0D86615AF31F1
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\43C098337DB065A49B665D4EA7F16D1C
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4759B017032BA185F9BA6F7DBC95A2D4
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4A78ABCBB54E46E5482A3EE0AD66C39E
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4F9E947B6B895EB5A86757FC5D3DB862
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4FEEA83BF72B97E43A2DF0EE4BE4F261
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\509EC7EFB89B7D942997574AB14037A4
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\50A730A9A3A61BF5BA70CA8A3B7C133B
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\51A95A1D4CDE4F958A9451FBB39BF54A
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\536133807DE80465BA6CD0A9742B7DE5
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5E25036E68895D45B95E72D1C3C58C74
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\60ECC80C54085B141A40437A96CA2618
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\60FD8CD5BE007315CA3B5C7E41F24017
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\618E7D05458C4F257909ED9C8CDC0D66
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\621C21014D3C152529E2460FA6304EE3
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6241FF6F317CABD4EBBEE0DE9076BD94
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\636B9C23C79154B57AB561F39A139BFD
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\65AAF0F0CB7F0B45F900FDF19CEAAF2B
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6879A5E348601C45986308CA84958E94
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6A6F3B7A9805E1F5492A1020EEDF2341
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6B1F5D204E4EEB342A5AD1D7E60D61BF
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\712EAF07EE73CC65C822CC3BAE3B2483
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75FF6D97AF9FC004A9521D4B83FA6321
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7947B301B2446E752A3FE06EAD7D26B5
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7987CE52D13E16258B0E1E3DB1BB0974
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7BEED197C514FDA53901AE8DD8EF0891
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DFDCF03D46C34159BDE29FBDBF1ACF5
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\890F436B85B790A55A582B7307DA12CE
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8C13DA6755F685B529615C8E92B3CA39
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8D07CD9CB3E6BE652872BF06A1CCA782
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\90841B1FC98200349925C88999866F17
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\94194FDD4DF523E53A888D65722A135D
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\95266D07D008D2E4E9B6F8E0DD15432A
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A4223BBC9438CAD49BBE10B4E344B1DD
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A71991503412AEB42838B02C5ED9F9CD
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A72F23B1D745C27508518132197BC982
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A89E2B6FB14D8275DA63D075171DA184
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A9C43CD4001E9E4518B274AF9A0EFDA9
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AABA081CF7F19915FBB80B3BAF47CE63
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AC2A0FFD0A1686D53A4E24D6E96949E4
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AE5BDB2750259915D8442D4591A7717B
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B1A79C71D5DC1C150B76B6ED11195DFC
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B6D497DB33974935488761F7C4C3D755
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B752EF3300008394886C402CC27B474F
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B8C8BCC1206978D51A8B9EECBF806C53
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BAD3576CEA646895B962F94754612791
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BB4091512C8F4295E99CE2D061ED2020
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BBCD189EC41EB4E4AB05DC8A9EB51C45
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BEE6BBC9A31531F598794A62120B51C7
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C19162788CA4D235E829F88E2F771567
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C71F07DA356B66B5484A8E7F2ADEB7DC
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C96AD15EE8E887B56BAF2136A9088503
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C9E6B66ECC49D155888399C51D05C49E
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA360F24F0B214744BE40657FDA0B727
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CB13D869D7D092348847B7481BB59E27
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE85F265816AE2D4E9B73C3E207E679C
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D5389AEEA4A1E20428D045E86BCF643B
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D5B62BB7BC607FB539585E2B7B6AFD16
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB027F01D4D53765C8E4FBE7DB77E07E
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DC2EB492393411F5ABE8ED13C59FBF20
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DDA2534BD056D1F44B6EC96AAA7F1F6E
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DDCA763D4C48A105086B4CCCEE78043F
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DEF7558C7CD27EF46AF802AFBE402675
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E05B987540A9E2849AAF9E5B06C27DA8
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E09F4A6B9D2A08B599AE9E38BFC93CD6
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E27B6535D0D94A24E91047C7D86F27BC
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E45D171E075A5425CBACF6631A45FA39
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E513C2076D90AD04F888BD762143F191
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E8F4C985459564F5B8DCFF2B3C7EBD27
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E96E33222BAC06B57A1FA9D72951C945
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EAA46CE9007F70A5CAFA5F26E5DDEBE5
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EE43FF091A8714A599F33EF2533FB59A
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EE790015CF30DAA569960905FF1651A0
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EEB44C47185BD304D80FDF5A4BBE8F54
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F214EB834D2EC474CA76C1CDE306CF3A
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F25491036D0FA5D5FA6742F5742F151A
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F2E0D3DD9E5E4B74CA43BCE77815E287
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F4D1BA8B482D9734E943EE260A7ADEF2
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F6704141BAAF6884785EC6843143D6A7
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F7507D4D4C310125E9A22BD909A41FB6
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F7652513C62FF63448CFF05163719DB7
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F79C21D785419125595AC59458A6142D
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA15C90F092A60F53A4E0F88CED02968
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA1CF130B3D58B553833ACB6BE8AFAD4
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FB0F1A18E4F0DBD509A42F4D4C05C02A
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FD17ED194F1C2B457B4F6EF4AE8DEAF3
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\C6FFE03E120E2C6488A85EE83912D379
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F1057DD419AED0B468AD8888429E139A

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17416

Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]

-\\ Google Chrome v39.0.2171.99

[C:\Users\Phu\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
[C:\Users\Phu\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://start.iminent.com/?appId=A46188FD-5D38-4847-B462-934C5CB611E2&ref=toolbox&q={searchTerms}

*************************

AdwCleaner[R0].txt - [33999 octets] - [16/01/2015 14:30:41]
AdwCleaner[S0].txt - [32863 octets] - [16/01/2015 14:34:53]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [32924 octets] ##########
         
JRT LOG

Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.1 (12.28.2014:1)
OS: Windows 8.1 x64
Ran by Phu on 16.01.2015 at 14:40:55,88
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL



~~~ Registry Keys



~~~ Files

Successfully deleted: [File] "C:\Users\Phu\favorites\links\startfenster.lnk"



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 16.01.2015 at 14:44:13,80
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         


Alt 17.01.2015, 16:50   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Win32:Rootkit-gen[Rtk] in C:\OEM\Preload\Autorun\APP\Power Management. AVAST - Standard

Win32:Rootkit-gen[Rtk] in C:\OEM\Preload\Autorun\APP\Power Management. AVAST



Zitat:
System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe
MS Office Crack

Lesestoff:
Illegale Software: Cracks, Keygens und Co

Bitte lesen => http://www.trojaner-board.de/95393-c...-software.html

Es geht weiter wenn du alles Illegale entfernt hast.

Bei wiederholten Crack/Keygen Verstößen behalte ich es mir vor, den Support einzustellen, d.h. Hilfe nur noch bei der Datensicherung und Neuinstallation des Betriebssystems.
__________________
--> Win32:Rootkit-gen[Rtk] in C:\OEM\Preload\Autorun\APP\Power Management. AVAST

Antwort

Themen zu Win32:Rootkit-gen[Rtk] in C:\OEM\Preload\Autorun\APP\Power Management. AVAST
bluescreen 0xc000021a, combofix, durchführen, durchgeführt, fehlercode 0xc0000005, fehlercode 0xc0000094, informationen, malwarebytes, pokki entfernen, pup.optional.datamangr.a, pup.optional.dynconie.a, pup.optional.helperbar.a, pup.optional.iminent.a, pup.optional.linkury.a, pup.optional.multiie.a, pup.optional.smartbar, pup.optional.snapdo.t, pup.optional.umbrella.a, pup.optional.wajam.a, startfenster entfernen, win32:rootkit-gen, win32:rootkit-gen[rtk], überprüft



Ähnliche Themen: Win32:Rootkit-gen[Rtk] in C:\OEM\Preload\Autorun\APP\Power Management. AVAST


  1. installieren des power management system-treibers
    Alles rund um Windows - 06.11.2015 (0)
  2. Fund von Win32: Rootkit-Gen von Avast und Trojan.Downloader von Malwarebytes!
    Plagegeister aller Art und deren Bekämpfung - 22.04.2015 (15)
  3. PC langsam, hängt sich beim Surfen auf, Bluescreen, Advanced System Protector, Win32:Dropper-gen, Win32:Malware-gen, Win32:Rootkit-gen u.a.
    Log-Analyse und Auswertung - 07.02.2015 (12)
  4. Win32:rootkit-gen [RtK] durch Avast gefunden.
    Plagegeister aller Art und deren Bekämpfung - 05.02.2015 (5)
  5. Avast findet Win32:Rootkit-gen
    Plagegeister aller Art und deren Bekämpfung - 05.02.2015 (5)
  6. Win32:Rootkit-gen [Rtk] von Avast! gemeldet - Was tun?
    Log-Analyse und Auswertung - 31.12.2014 (3)
  7. Avast Fund: Win32:Rootkit-gen [rtk] Echtzeitprüfung und Startzeit-Prüfung
    Plagegeister aller Art und deren Bekämpfung - 16.12.2014 (13)
  8. Win32 Dropper Gen Meldung von Avast, aber kein Fund durch Malwarebytes Anti-Rootkit
    Antiviren-, Firewall- und andere Schutzprogramme - 01.06.2014 (14)
  9. Win32-rootkit-gen von Avast erkannt
    Log-Analyse und Auswertung - 25.04.2014 (11)
  10. Win32:rootkit-gen [Rtk] von avast! gefunden - Wie werde ich den wieder los?
    Log-Analyse und Auswertung - 19.11.2013 (9)
  11. PWS:Win32/Zbot malware - mit Norton Power Eraser gelöscht?
    Plagegeister aller Art und deren Bekämpfung - 10.04.2013 (18)
  12. Rootkit Infektion, danach Windows-Neuinstallation, GMER zeigt erneut Rootkit Aktivitäten an (Avast! false positive?)
    Log-Analyse und Auswertung - 05.03.2013 (2)
  13. Win32:Rootkit-gen (rtk) von Avast gefunden...was ist zu tun?
    Plagegeister aller Art und deren Bekämpfung - 30.10.2011 (36)
  14. avast! meldet Bedrohung: Win32:rootkit-gen [Rtk]
    Log-Analyse und Auswertung - 03.12.2010 (3)
  15. C:\Acer\Preload\Autorun\DRV7\ShirPeak.exe
    Alles rund um Windows - 23.10.2010 (3)
  16. Win32.Trojan.Agent/Win32.Worm.Autorun mit Ad-Aware unschädlich gemacht?
    Plagegeister aller Art und deren Bekämpfung - 06.08.2009 (6)
  17. Trojaner gaopdxcounter, autorun.inf, Rootkit & W32/Renos.CNZ auf Win XP Pro SP 3
    Plagegeister aller Art und deren Bekämpfung - 10.04.2009 (22)

Zum Thema Win32:Rootkit-gen[Rtk] in C:\OEM\Preload\Autorun\APP\Power Management. AVAST - Guten Tag, mein Avast meldete heute das zwei Malwares gefunden wurde, diese ich anschließend mit Avast überprüft habe. Leider finde ich keine Logs vom ersten Scan. Danach habe ich einen - Win32:Rootkit-gen[Rtk] in C:\OEM\Preload\Autorun\APP\Power Management. AVAST...
Archiv
Du betrachtest: Win32:Rootkit-gen[Rtk] in C:\OEM\Preload\Autorun\APP\Power Management. AVAST auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.