Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Ständig öffnen sich neue Internet-Fenster

Ständig öffnen sich neue Internet-Fenster


Plagegeister aller Art und deren Bekämpfung: Ständig öffnen sich neue Internet-Fenster

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Seite 2 von 4 1 2 34
Alt 25.08.2015, 10:44   #16
schrauber
/// the machine
/// TB-Ausbilder
 
Ständig öffnen sich neue Internet-Fenster - Standard

Ständig öffnen sich neue Internet-Fenster


Dann müssen wir wohl von aussen ran:

Scan mit Farbar's Recovery Scan Tool (Recovery Mode - Windows Vista, 7, 8)
Hinweise für Windows 8-Nutzer: Anleitung 1 (FRST-Variante) und Anleitung 2 (zweiter Teil)
  • Downloade dir bitte die passende Version des Tools (im Zweifel beide) und speichere diese auf einen USB Stick: FRST Download FRST 32-Bit | FRST 64-Bit
  • Schließe den USB Stick an das infizierte System an und boote das System in die System Reparatur Option.
  • Scanne jetzt nach der bebilderten Anleitung oder verwende die folgende Kurzanleitung:
Über den Boot Manager:
  • Starte den Rechner neu.
  • Während dem Hochfahren drücke mehrmals die F8 Taste
  • Wähle nun Computer reparieren.
  • Wähle dein Betriebssystem und Benutzerkonto und klicke jeweils "Weiter".
Mit Windows CD/DVD (auch bei Windows 8 möglich):
  • Lege die Windows CD in dein Laufwerk.
  • Starte den Rechner neu und starte von der CD.
  • Wähle die Spracheinstellungen und klicke "Weiter".
  • Klicke auf Computerreparaturoptionen !
  • Wähle dein Betriebssystem und Benutzerkonto und klicke jeweils "Weiter".
Wähle in den Reparaturoptionen: Eingabeaufforderung
  • Gib nun bitte notepad ein und drücke Enter.
  • Im öffnenden Textdokument: Datei > Speichern unter... und wähle Computer.
    Hier wird dir der Laufwerksbuchstabe deines USB Sticks angezeigt, merke ihn dir.
  • Schließe Notepad wieder
  • Gib nun bitte folgenden Befehl ein.
    e:\frst.exe bzw. e:\frst64.exe
    Hinweis: e steht für den Laufwerksbuchstaben deines USB Sticks, den du dir gemerkt hast. Gegebenfalls anpassen.
  • Akzeptiere den Disclaimer mit Ja und klicke Untersuchen
Das Tool erstellt eine FRST.txt auf deinem USB Stick. Poste den Inhalt bitte hier nach Möglichkeit in Code-Tags (Anleitung).

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 25.08.2015, 23:53   #17
Don_Camillo
 
Ständig öffnen sich neue Internet-Fenster - Standard

Ständig öffnen sich neue Internet-Fenster


Ich weiß nicht, ob ich das jetzt richtig gemacht habe. Ich bin in den abgesicherten Modus gegangen und habe dort den FRST Scan gemacht. Der Inhalt der FRST.txt ist hier:

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:24-08-2015
durchgeführt von Markus Radosztics (Administrator) auf WAUT0001 (26-08-2015 00:43:34)
Gestartet von C:\Users\Markus Radosztics\Downloads
Geladene Profile: Markus Radosztics (Verfügbare Profile: Markus Radosztics)
Platform: Windows 8 Pro (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 10 (Standard-Browser: Chrome)
Start-Modus: Safe Mode (minimal)
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Tencent) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16600.237\QQPCRTP.exe
(Tencent) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16600.237\QQPCTray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\HelpPane.exe
(Tencent) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16600.237\QMUsbGuard.exe
(Tencent) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16600.237\QQPCSoftCmd.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8466136 2015-04-30] (Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => "D:\Programme\iTunesHelper.exe"
HKLM\...\Run: [gpuminer] => C:\Users\Markus Radosztics\AppData\Roaming\cpuminer\sgminer\sgminer.cmd [218 2015-08-17] ()
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288 2010-10-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [36760 2010-10-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [821144 2010-10-25] (Adobe Systems Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-05-15] (Apple Inc.)
HKLM-x32\...\Run: [Nikon Message Center 2] => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [571392 2011-10-30] (Nikon Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [A1Servicecenter] => C:\Program Files (x86)\A1 Servicecenter\A1 Servicecenter\A1Servicecenter_Launcher.exe [11467864 2015-05-27] (A1)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => D:\Games\LogMeIn Hamachi\hamachi-2-ui.exe [5579624 2015-08-03] (LogMeIn Inc.)
HKLM-x32\...\Run: [ QQPCTray] => C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16600.237\QQPCTray.exe [355296 2015-08-20] (Tencent)
HKLM-x32\...\Run: [RSDTRAY] => C:\Program Files (x86)\Rising\RSD\popwndexe.exe [126808 2012-09-25] (Beijing Rising Information Technology Co., Ltd.)
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\...\Run: [Voobly] => C:\Program Files (x86)\Voobly\voobly.exe [159744 2015-01-12] (Voobly)
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\...\Run: [HP Officejet 6600 (NET)] => C:\Program Files\HP\HP Officejet 6600\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\...\Run: [Steam] => D:\Games\Steam.exe [2899136 2015-08-19] (Valve Corporation)
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\...\Run: [TomTomHOME.exe] => C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [248176 2014-06-05] (TomTom)
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\...\Run: [Dropbox Update] => C:\Users\Markus Radosztics\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-18] (Dropbox, Inc.)
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\...\Run: [OneDrive] => C:\Users\Markus Radosztics\AppData\Local\Microsoft\OneDrive\OneDrive.exe [404064 2015-08-20] (Microsoft Corporation)
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\...\Run: [Shop-wit] => C:\Program Files (x86)\shopwit\shopwit\1.4.0.7\shopwit.exe
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\...\Run: [apphide] => C:\Program Files (x86)\baidu\pps.exe
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\...\Run: [GoogleChromeAutoLaunch_FEA560871AAA9104DF8D8385F4A465BE] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [863560 2015-08-18] (Google Inc.)
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\...\RunOnce: [Uninstall C:\Users\Markus Radosztics\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Markus Radosztics\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64"
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\...\RunOnce: [Uninstall C:\Users\Markus Radosztics\AppData\Local\Microsoft\OneDrive\17.3.5907.0716] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Markus Radosztics\AppData\Local\Microsoft\OneDrive\17.3.5907.0716"
AppInit_DLLs: C:\ProgramData\ExtTag\Zimdox.dll => C:\ProgramData\ExtTag\Zimdox.dll Datei nicht gefunden
AppInit_DLLs-x32: C:\ProgramData\ExtTag\Biodandom.dll => "C:\ProgramData\ExtTag\Biodandom.dll" Datei nicht gefunden
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2014-01-16]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.149\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Markus Radosztics\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2015-03-18]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files (x86)\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Markus Radosztics\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2013-10-13]
ShortcutTarget: Dropbox.lnk -> C:\Users\Markus Radosztics\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [.QMDeskTopGCIcon] -> {B7667919-3765-4815-A66D-98A09BE662D6} => C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16600.237\QMGCShellExt64.dll [2015-08-20] (Tencent)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Markus Radosztics\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Markus Radosztics\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Markus Radosztics\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Markus Radosztics\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Markus Radosztics\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Markus Radosztics\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Markus Radosztics\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.)
GroupPolicy: Gruppenrichtline auf Chrome erkannt <======= ACHTUNG
CHR HKLM\SOFTWARE\Policies\Google: Richtlinienbeschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)

HKU\S-1-5-21-817472733-4082136947-4255886928-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Richtlinienbeschränkung <======= ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSE1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.hao123.com/?tn=99963976_hao_pg
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_Bz-FcOk_3gj-vPq5njNUqi6JvXMApaBQy6dI7-zBLqJIwww8hbEZ_D2j-OfsnCYPRYpkjrKE0B6yddsyT_z-DCS1yPXETxyhaNnvdxAsPQgSz3pdyHGIGPpqh1ZYU9NjUbI11dZ3i1WZYkJ6Nqn-MqE94IglK&q={searchTerms}
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.hao123.com/?tn=99963976_hao_pg
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.at.msn.com/
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_Bz-FcOk_3gj-vPq5njNUqi6JvXMApaBQy6dI7-zBLqJIwww8hbEZ_D2j-OfsnCYPRYpkjrKE0B6yddsyT_z-DCS1yPXETxyhaNnvdxAsPQgSz3pdyHGIGPpqh1ZYU9NjUbI11dZ3i1WZYkJ6Nqn-MqE94IglK&q={searchTerms}
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\Software\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_Bz-FcOk_3gj-vPq5njNUqi6JvXMApaBQy6dI7-zBLqJIwww8hbEZ_D2j-OfsnCYPRYpkjrKE0B6yddsyT_z-DCS1yPXETxyhaNnvdxAsPQgSz3pdyHGIGPpqh1ZYU9NjUbI11dZ3i1WZYkJ6Nqn-MqE94IglK&q={searchTerms}
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://at.yhs4.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_popjar_15_34&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dat%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyB0AyBzytCzyzytA0F0CyDtDyEtA0AyCtN0D0Tzu0StCtAtByBtN1L2XzutAtFtCtBtFyDtFtAtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyE0CyB0CzztAyE0BtGyByBzyzztGzzyD0D0CtGtDtB0C0DtG0EyCyE0ByEyBtBtDyC0DyBzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0F0DyE0DtD0CyE0BtGtCyEtAyEtGyEtAyDtAtGzztBtCtDtGtBtAtCyByDyC0BtC0A0A0B0C2QtN0A0LzutB%26cr%3D1829697096%26a%3Dwncy_popjar_15_34%26os%3DWindows%2B8%2BPro&p={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://at.yhs4.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_popjar_15_34&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dat%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyB0AyBzytCzyzytA0F0CyDtDyEtA0AyCtN0D0Tzu0StCtAtByBtN1L2XzutAtFtCtBtFyDtFtAtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyE0CyB0CzztAyE0BtGyByBzyzztGzzyD0D0CtGtDtB0C0DtG0EyCyE0ByEyBtBtDyC0DyBzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0F0DyE0DtD0CyE0BtGtCyEtAyEtGyEtAyDtAtGzztBtCtDtGtBtAtCyByDyC0BtC0A0A0B0C2QtN0A0LzutB%26cr%3D1829697096%26a%3Dwncy_popjar_15_34%26os%3DWindows%2B8%2BPro&p={searchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> DefaultScope {ielnksrch} URL = 
SearchScopes: HKLM-x32 -> ielnksrch URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_Bz-FcOk_3gj-vPq5njNUqi6JvXMApaBQy6dI7-zBLqJIwww8hbEZ_D2j-OfsnCYPRYpkjrKE0B6yddsyT_z-DCS1yPXETxyhaNnvdxAsPQgSz3pdyHGIGPpqh1ZYU9NjUbI11dZ3i1WZYkJ6Nqn-MqE94IglK&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-817472733-4082136947-4255886928-1001 -> DefaultScope {ielnksrch} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_Bz-FcOk_3gj-vPq5njNUqi6JvXMApaBQy6dI7-zBLqJIwww8hbEZ_D2j-OfsnCYPRYpkjrKE0B6yddsyT_z-DCS1yPXETxyhaNnvdxAsPQgSz3pdyHGIGPpqh1ZYU9NjUbI11dZ3i1WZYkJ6Nqn-MqE94IglK&q={searchTerms}
SearchScopes: HKU\S-1-5-21-817472733-4082136947-4255886928-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://at.yhs4.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_popjar_15_34&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dat%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyB0AyBzytCzyzytA0F0CyDtDyEtA0AyCtN0D0Tzu0StCtAtByBtN1L2XzutAtFtCtBtFyDtFtAtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyE0CyB0CzztAyE0BtGyByBzyzztGzzyD0D0CtGtDtB0C0DtG0EyCyE0ByEyBtBtDyC0DyBzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0F0DyE0DtD0CyE0BtGtCyEtAyEtGyEtAyDtAtGzztBtCtDtGtBtAtCyByDyC0BtC0A0A0B0C2QtN0A0LzutB%26cr%3D1829697096%26a%3Dwncy_popjar_15_34%26os%3DWindows%2B8%2BPro&p={searchTerms}
SearchScopes: HKU\S-1-5-21-817472733-4082136947-4255886928-1001 -> {ielnksrch} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_Bz-FcOk_3gj-vPq5njNUqi6JvXMApaBQy6dI7-zBLqJIwww8hbEZ_D2j-OfsnCYPRYpkjrKE0B6yddsyT_z-DCS1yPXETxyhaNnvdxAsPQgSz3pdyHGIGPpqh1ZYU9NjUbI11dZ3i1WZYkJ6Nqn-MqE94IglK&q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-07-14] (Microsoft Corporation)
BHO: 电脑管家网页防火墙 -> {7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B} -> C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16600.237\TSWebMon64.dat [2015-08-20] (Tencent)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-07-14] (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-10-25] (Adobe Systems Incorporated)
BHO-x32: Great Find -> {1cc2bb80-20ab-43e5-b958-432d72b546ca} -> C:\Program Files (x86)\Great Find\Extensions\1cc2bb80-20ab-43e5-b958-432d72b546ca.dll Keine Datei
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-07-14] (Microsoft Corporation)
BHO-x32: Ó¦Óñ¦Ò»¼ü°²×°²å¼þ -> {50F4150A-48B2-417A-BE4C-C83F580FB904} -> C:\Program Files (x86)\Common Files\Tencent\QQPhoneManager\2.0.201.3198\npQQPhoneManagerExt.dll [2014-05-30] (腾讯公司)
BHO-x32: af0.Adblock.BHO -> {90EFF544-3981-4d46-85C9-C0361D0931D6} -> C:\Windows\SysWOW64\mscoree.dll [2012-06-02] (Microsoft Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-10-25] (Adobe Systems Incorporated)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-07-14] (Microsoft Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-10-25] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-10-25] (Adobe Systems Incorporated)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-03-18] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Winsock: Catalog9 01 C:\Windows\SysWOW64\acengine.dll [299296 2015-08-20] (Abengine)
Winsock: Catalog9 02 C:\Windows\SysWOW64\acengine.dll [299296 2015-08-20] (Abengine)
Winsock: Catalog9 03 C:\Windows\SysWOW64\acengine.dll [299296 2015-08-20] (Abengine)
Winsock: Catalog9 04 C:\Windows\SysWOW64\acengine.dll [299296 2015-08-20] (Abengine)
Winsock: Catalog9 16 C:\Windows\SysWOW64\acengine.dll [299296 2015-08-20] (Abengine)
Hosts: 0.0.0.1	mssplus.mcafee.com
Tcpip\..\Interfaces\{0FFDF7C3-8718-450E-A4A2-9C59BD350F78}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{DD37C3EA-4E32-4412-AC18-EA239FC6029F}: [DhcpNameServer] 10.0.0.138
StartMenuInternet: IEXPLORE.EXE - c:\program files\internet explorer\iexplore.exe hxxp://www.mystartsearch.com/?type=sc&ts=1440141856&z=3fbd779b7c5a732cb4abd88gbz6zbeag3zcg1mawec&from=cmi&uid=SamsungXSSDX840XEVOX120GB_S1D5NEAD869028B

FireFox:
========
FF ProfilePath: C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default
FF NewTab: chrome://quick_start/content/index.html
FF DefaultSearchEngine: mystartsearch
FF SelectedSearchEngine: mystartsearch
FF Homepage: hxxp://www.istartsurf.com/?type=hp&ts=1440103432&z=81c380bb68d5eb130644762gezaz6e6gdedc7cbc7g&from=face&uid=SamsungXSSDX840XEVOX120GB_S1D5NEAD869028B
FF Keyword.URL: 
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-15] ()
FF Plugin: @iqiyi.com/npWebPlayer -> C:\IQIYI Video\LStyle\npWebPlayer.dll [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-15] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-07-30] ()
FF Plugin-x32: @iqiyi.com/npWebPlayer -> C:\IQIYI Video\LStyle\npWebPlayer.dll [Keine Datei]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-03-31] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-03-18] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-07-02] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-07-02] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [Keine Datei]
FF Plugin-x32: @qq.com/npAndroidAssistant -> C:\Program Files (x86)\Common Files\Tencent\QQPhoneManager\2.0.201.3198\npQQPhoneManagerExt.dll [2014-05-30] (腾讯公司)
FF Plugin-x32: @qq.com/QQPCMgr -> C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16600.237\npQMExtensionsMozilla.dll [2015-08-20] (Tencent Technology (Shenzhen) Company Limited)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin HKU\S-1-5-21-817472733-4082136947-4255886928-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Markus Radosztics\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2014-03-13] (Citrix Online)
FF Plugin HKU\S-1-5-21-817472733-4082136947-4255886928-1001: @iqiyi.com/npWebPlayer -> C:\IQIYI Video\LStyle\npWebPlayer.dll Keine Datei
FF Plugin HKU\S-1-5-21-817472733-4082136947-4255886928-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-06-21] ()
FF user.js: detected! => C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\user.js [2015-08-22]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-03-31] (Microsoft Corporation)
FF SearchPlugin: C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\searchplugins\findit.xml [2015-08-21]
FF SearchPlugin: C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\searchplugins\istartsurf.xml [2015-08-21]
FF SearchPlugin: C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\searchplugins\mystartsearch.xml [2015-08-23]
FF SearchPlugin: C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\searchplugins\search-provided-by-yahoo.xml [2015-08-20]
FF Extension: Default SearchProtected  - C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\Extensions\defsearchp@gmail.com [2015-08-19]
FF Extension: deskCut - C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\Extensions\deskCutv2@gmail.com [2015-08-19]
FF Extension: A1 Servicecenter - C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\Extensions\{594657B4-413A-41D0-8F85-A6D3F35C9BDF} [2015-06-03]
FF Extension: Download videos and MP3s from YouTube - C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\Extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900} [2014-10-06]
FF Extension: "Download Touch - C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\Extensions\@73ABDD53B667F486D5ACC6A263CED1CC73AB.xpi [2015-08-20]
FF Extension: Great Find - C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\Extensions\{0a4ee680-ecac-4e89-b625-5139f7130e30}.xpi [2015-08-22]
FF Extension: Kein Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-05-01]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2013-09-30]
FF HKLM-x32\...\Firefox\Extensions: [defsearchp@gmail.com] - C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\extensions\defsearchp@gmail.com
FF HKLM-x32\...\Firefox\Extensions: [deskCutv2@gmail.com] - C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\extensions\deskCutv2@gmail.com
FF HKU\S-1-5-21-817472733-4082136947-4255886928-1001\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2014-10-06]
StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe hxxp://www.mystartsearch.com/?type=sc&ts=1440141856&z=3fbd779b7c5a732cb4abd88gbz6zbeag3zcg1mawec&from=cmi&uid=SamsungXSSDX840XEVOX120GB_S1D5NEAD869028B
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\73ABDD53B667F486D5ACC6A263CED1CC73AB.js [2015-08-20]

Chrome: 
=======
CHR Profile: C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-08-24]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-23]
CHR HKLM-x32\...\Chrome\Extension: [dnligehkhogpcngalffdoomehjcbecna] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gehmndecgbcffhmfjkenpamdgechcgpe] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 acengine; C:\Program Files (x86)\FastSearch\acengine.exe [1839728 2015-08-11] (Abengine) [Datei ist nicht signiert]
S2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
S2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-07-04] ()
S2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
S2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
S2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2765496 2015-07-14] (Microsoft Corporation)
S2 eproduct; C:\Users\Markus Radosztics\AppData\Local\Salttex.exe [47616 2015-08-20] () [Datei ist nicht signiert]
S2 Hamachi2Svc; D:\Games\LogMeIn Hamachi\hamachi-2.exe [2545512 2015-08-03] (LogMeIn Inc.)
S2 IHProtect Service; C:\Program Files (x86)\MiniLite\ProtectService.exe [129688 2015-08-20] (XTab system)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\LENOVO\easyplussdk\bin\EPHotspot64.exe [619776 2015-01-15] (Lenovo)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.149\McCHSvc.exe [289256 2015-06-26] (McAfee, Inc.)
S2 MSI_Trigger_Service; C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe [30240 2013-09-26] (MICRO-STAR INTERNATIONAL CO., LTD.)
S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation)
S3 Origin Client Service; D:\Games\Origin\OriginClientService.exe [1931632 2015-05-15] (Electronic Arts)
S2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2015-05-23] ()
R2 QQPCRTP; C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16600.237\QQPCRTP.exe [297608 2015-08-20] (Tencent)
S2 RsMgrSvc; C:\Program Files (x86)\Rising\RSD\RsMgrSvc.exe [196288 2015-08-21] (Beijing Rising Information Technology Co., Ltd.)
S2 Service Mgr GreatFind; C:\ProgramData\d64c6aa4-9b30-4b06-8859-0cfa31bd50dc\plugincontainer.exe [1197792 2015-08-25] ()
S3 TAOFrame; C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16600.237\TAOFrame.exe [293856 2015-08-20] (Tencent)
S2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2145080 2015-06-25] (TuneUp Software)
S2 Update Mgr GreatFind; C:\Program Files (x86)\Common Files\d64c6aa4-9b30-4b06-8859-0cfa31bd50dc\updater.exe [702688 2015-08-25] ()
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2015-07-06] (Microsoft Corporation)
S2 dojoluri; C:\Program Files (x86)\00000000-1440101150-0000-0000-448A5BA07B78\knsb4C96.tmp [X]
S2 ExtTag; C:\ProgramData\ExtTag\ExtTag.exe [X]
S2 hyverumu; C:\Program Files (x86)\00000000-1440101150-0000-0000-448A5BA07B78\jnsiE347.tmp [X]
S2 igfx32; "C:\Program Files\igfx32\igfx32.exe" /s iid=2679535 did=Missing sid= ref= id=047e6a478a9cd5449350448a9fe4f569a5544d0a771fdc73cd2034f9b95a9549 [X]
S2 kefowydy; C:\Program Files (x86)\00000000-1440101150-0000-0000-448A5BA07B78\hnsf344.tmp [X]
S2 WindowsMangerProtect; C:\ProgramData\WWinManProW\ProtectWindowsManager.exe -service [X] <==== ACHTUNG

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 acwfp; C:\Windows\system32\Drivers\acwfp64.sys [45784 2015-08-13] (Abengine)
S1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-21] ()
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
S3 e1dexpress; C:\Windows\system32\DRIVERS\e1d63x64.sys [468752 2013-02-27] (Intel Corporation)
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2015-08-03] (LogMeIn Inc.)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-06-21] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation)
S3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
S1 QMUdisk; C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16600.237\QMUdisk64.sys [62264 2015-08-20] (Tencent)
S2 QQSysMonX64; C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16600.237\QQSysMonX64.sys [138040 2015-08-20] (电脑管家)
S2 TAOAccelerator; C:\Windows\system32\Drivers\TAOAccelerator64.sys [74040 2015-08-20] (Tencent)
S1 TAOKernelDriver; C:\Windows\System32\Drivers\TAOKernel64.sys [274232 2015-08-20] (Tencent Technology(Shenzhen) Company Limited)
S3 TFsFlt; C:\Windows\System32\Drivers\TFsFltX64.sys [87864 2015-08-20] (电脑管家)
S3 TS888x64; C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16600.237\TS888x64.sys [28984 2015-08-26] (Tencent)
S1 TSDefenseBt; C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16600.237\TSDefenseBT64.sys [28472 2015-08-20] (Tencent)
S3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [31144 2015-06-04] (TuneUp Software)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2014-07-28] (Apple, Inc.) [Datei ist nicht signiert]
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [64000 2012-07-26] (Microsoft Corporation)
S1 {092386fb-9faf-4d52-817c-d4095ab6e5cd}Gw64; C:\Windows\System32\drivers\{092386fb-9faf-4d52-817c-d4095ab6e5cd}Gw64.sys [48784 2015-08-19] (StdLib)
S1 {8b8ff336-6f1d-48e8-bf3a-a8cbaafdd963}Gw64; C:\Windows\System32\drivers\{8b8ff336-6f1d-48e8-bf3a-a8cbaafdd963}Gw64.sys [48784 2015-08-20] (StdLib)
S1 {987371d1-e860-4e27-ba6a-35575fd33b7c}Gw64; C:\Windows\System32\drivers\{987371d1-e860-4e27-ba6a-35575fd33b7c}Gw64.sys [48784 2015-08-20] (StdLib)
S3 MSICDSetup; \??\E:\CDriver64.sys [X]
S3 NTIOLib_1_0_C; \??\E:\NTIOLib_X64.sys [X]
S1 rrfd_vw_1_10_0_22; system32\drivers\rrfd_vw_1_10_0_22.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-08-25 00:40 - 2015-08-25 00:40 - 00003156 _____ C:\Windows\System32\Tasks\kajl01mh
2015-08-25 00:40 - 2015-08-25 00:40 - 00000000 ____D C:\Program Files\Common Files\r5lybh4n
2015-08-23 14:58 - 2015-08-24 07:40 - 00002253 _____ C:\Users\Markus Radosztics\Desktop\Google Chrome.lnk
2015-08-23 14:58 - 2015-08-23 14:58 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-08-23 14:56 - 2015-08-23 14:56 - 00931408 _____ (Google Inc.) C:\Users\Markus Radosztics\Downloads\ChromeSetup.exe
2015-08-23 14:33 - 2015-08-23 14:33 - 01260832 _____ C:\Users\Markus Radosztics\Downloads\Revo Uninstaller - CHIP-Installer.exe
2015-08-23 14:04 - 2015-08-24 23:35 - 00000000 ____D C:\Users\Markus Radosztics\Downloads\FRST-OlderVersion
2015-08-23 14:01 - 2015-08-26 00:43 - 00000000 _____ C:\Users\Markus Radosztics\Downloads\FRST.txt
2015-08-23 14:01 - 2015-08-23 14:02 - 00081428 _____ C:\Users\Markus Radosztics\Downloads\Addition.txt
2015-08-23 14:00 - 2015-08-23 14:00 - 00018325 _____ C:\Users\Markus Radosztics\Desktop\Fixlist.txt
2015-08-23 12:05 - 2015-08-26 00:05 - 00000320 _____ C:\Windows\Tasks\PC-Mechanic Maintenance.job
2015-08-23 12:05 - 2015-08-25 20:39 - 00000334 _____ C:\Windows\Tasks\PC-Mechanic Startup.job
2015-08-23 12:05 - 2015-08-23 12:05 - 00003248 _____ C:\Windows\System32\Tasks\PC-Mechanic Maintenance
2015-08-23 12:05 - 2015-08-23 12:05 - 00002630 _____ C:\Windows\System32\Tasks\PC-Mechanic Startup
2015-08-23 12:05 - 2015-08-23 12:05 - 00001171 _____ C:\Users\Public\Desktop\PC Mechanic.lnk
2015-08-23 12:05 - 2015-08-23 12:05 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\Uniblue
2015-08-23 12:05 - 2015-08-23 12:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue
2015-08-23 12:05 - 2015-08-23 12:05 - 00000000 ____D C:\Program Files (x86)\Uniblue
2015-08-22 17:34 - 2015-08-22 17:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\腾讯软件
2015-08-22 15:20 - 2015-08-22 15:20 - 00852684 _____ C:\Users\Markus Radosztics\Desktop\SecurityCheck.exe
2015-08-22 14:31 - 2015-08-25 23:52 - 00000000 ____D C:\ProgramData\d64c6aa4-9b30-4b06-8859-0cfa31bd50dc
2015-08-22 14:31 - 2015-08-22 14:31 - 00002215 _____ C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
2015-08-22 14:31 - 2015-08-22 14:31 - 00002207 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014.lnk
2015-08-22 14:31 - 2015-08-22 14:31 - 00002195 _____ C:\Users\Public\Desktop\TuneUp Utilities 2014.lnk
2015-08-22 14:31 - 2015-08-22 14:31 - 00000000 ____D C:\Program Files (x86)\Great Find
2015-08-22 14:31 - 2015-06-25 07:53 - 00040760 _____ (TuneUp Software) C:\Windows\system32\TURegOpt.exe
2015-08-22 14:31 - 2015-06-25 07:53 - 00029496 _____ (TuneUp Software) C:\Windows\system32\authuitu.dll
2015-08-22 14:31 - 2015-06-25 07:53 - 00025400 _____ (TuneUp Software) C:\Windows\SysWOW64\authuitu.dll
2015-08-22 14:30 - 2015-08-23 12:04 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\OpenCandy
2015-08-22 14:30 - 2015-08-22 14:31 - 00000000 ____D C:\Program Files (x86)\TuneUp Utilities 2014
2015-08-22 13:05 - 2015-08-22 13:05 - 02870984 _____ (ESET) C:\Users\Markus Radosztics\Downloads\esetsmartinstaller_deu.exe
2015-08-22 12:04 - 2015-08-22 12:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-08-21 23:42 - 2015-08-21 23:42 - 00002377 _____ C:\Windows\SysWOW64\findit.xml
2015-08-21 23:42 - 2015-08-21 23:42 - 00000000 ____D C:\ProgramData\ExtTags
2015-08-21 15:10 - 2015-08-21 15:10 - 00957064 _____ C:\Windows\Minidump\082115-9765-01.dmp
2015-08-21 10:36 - 2015-08-21 10:36 - 01162256 _____ C:\Windows\Minidump\082115-8296-01.dmp
2015-08-21 09:25 - 2015-08-21 09:25 - 00001051 _____ C:\Users\Markus Radosztics\Desktop\AnyProtect.lnk
2015-08-21 09:25 - 2015-08-21 09:25 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup
2015-08-21 09:24 - 2015-08-25 20:42 - 00000000 ____D C:\ProgramData\update
2015-08-21 09:24 - 2015-08-24 23:37 - 00000000 ____D C:\Program Files (x86)\AnyProtectEx
2015-08-21 09:24 - 2015-08-22 11:46 - 00000000 ____D C:\ProgramData\WWinManProW
2015-08-21 09:24 - 2015-08-21 09:24 - 00000000 ____D C:\Program Files (x86)\MiniLite
2015-08-21 09:14 - 2015-08-24 23:35 - 02186752 _____ (Farbar) C:\Users\Markus Radosztics\Downloads\FRST64.exe
2015-08-20 23:02 - 2015-08-20 23:02 - 00002250 _____ C:\Users\Markus Radosztics\AppData\Roaming\mKEEssqw2b6jam0xKEJW.exe.lnk
2015-08-20 23:02 - 2015-08-20 23:02 - 00002228 _____ C:\Users\Markus Radosztics\AppData\Roaming\Cus4wE9mf.exe.lnk
2015-08-20 22:58 - 2015-08-26 00:42 - 00028984 _____ (Tencent) C:\Windows\SysWOW64\Drivers\TS888x64.sys
2015-08-20 22:58 - 2015-08-20 22:58 - 00003338 _____ C:\Windows\System32\Tasks\RsDelayLauncher_{8A34248E-7D35-4832-8378-7659E0B0A380}
2015-08-20 22:57 - 2015-08-21 08:25 - 00000298 _____ C:\Windows\Tasks\Tempo Runner yvegdufu.job
2015-08-20 22:57 - 2015-08-21 08:25 - 00000298 _____ C:\Windows\Tasks\Tempo Runner yveg6ufu.job
2015-08-20 22:57 - 2015-08-20 22:57 - 00002442 _____ C:\Windows\System32\Tasks\Tempo Runner yvegdufu
2015-08-20 22:57 - 2015-08-20 22:57 - 00002442 _____ C:\Windows\System32\Tasks\Tempo Runner yveg6ufu
2015-08-20 22:51 - 2015-08-21 08:53 - 00000000 ____D C:\ProgramData\Rising
2015-08-20 22:51 - 2015-08-21 08:53 - 00000000 ____D C:\Program Files (x86)\Rising
2015-08-20 22:51 - 2015-08-21 00:36 - 00000000 ___RD C:\RavBin
2015-08-20 22:51 - 2014-07-30 04:44 - 00091928 ____N (Beijing Rising Information Technology Co., Ltd.) C:\Windows\SysWOW64\vpatch.dll
2015-08-20 22:50 - 2015-08-22 16:58 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\腾讯软件
2015-08-20 22:50 - 2015-08-20 22:50 - 00274232 _____ (Tencent Technology(Shenzhen) Company Limited) C:\Windows\system32\Drivers\TAOKernel64.sys
2015-08-20 22:50 - 2015-08-20 22:50 - 00087864 _____ (电脑管家) C:\Windows\system32\Drivers\TFsFltX64.sys
2015-08-20 22:50 - 2015-08-20 22:50 - 00074040 _____ (Tencent) C:\Windows\system32\Drivers\TAOAccelerator64.sys
2015-08-20 22:50 - 2015-08-20 22:50 - 00000000 ____D C:\ProgramData\TXQMPC
2015-08-20 22:50 - 2015-08-20 22:50 - 00000000 ____D C:\Program Files\Common Files\Tencent
2015-08-20 22:49 - 2015-08-20 23:31 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\Tencent
2015-08-20 22:49 - 2015-08-20 22:52 - 00000000 ____D C:\ProgramData\Tencent
2015-08-20 22:49 - 2015-08-20 22:49 - 00000000 ____D C:\Program Files (x86)\Tencent
2015-08-20 22:44 - 2015-08-20 22:44 - 00001113 _____ C:\Users\Markus Radosztics\Desktop\Continue Live Installation.lnk
2015-08-20 22:44 - 2015-08-20 22:44 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\istartsurf
2015-08-20 22:37 - 2015-08-20 22:37 - 00000000 _____ C:\dummy.htm
2015-08-20 22:32 - 2015-08-20 22:33 - 00000000 ____D C:\ProgramData\LocalStorage
2015-08-20 22:30 - 2015-08-20 22:30 - 00000000 ____D C:\Users\Markus Radosztics\.android
2015-08-20 22:29 - 2015-08-20 22:29 - 00001318 _____ C:\Users\Markus Radosztics\Desktop\全网影视.lnk
2015-08-20 22:29 - 2015-08-20 22:29 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\ppslog
2015-08-20 22:19 - 2015-08-21 08:25 - 00000378 _____ C:\Windows\Tasks\APSnotifierPP1.job
2015-08-20 22:19 - 2015-08-20 22:55 - 00000376 _____ C:\Windows\Tasks\APSnotifierPP2.job
2015-08-20 22:19 - 2015-08-20 22:49 - 00002832 _____ C:\Windows\System32\Tasks\APSnotifierPP1
2015-08-20 22:19 - 2015-08-20 22:49 - 00002830 _____ C:\Windows\System32\Tasks\APSnotifierPP3
2015-08-20 22:19 - 2015-08-20 22:49 - 00002830 _____ C:\Windows\System32\Tasks\APSnotifierPP2
2015-08-20 22:19 - 2015-08-20 22:49 - 00000376 _____ C:\Windows\Tasks\APSnotifierPP3.job
2015-08-20 22:17 - 2015-08-21 08:47 - 00000000 ____D C:\IQIYI Video
2015-08-20 22:17 - 2015-08-21 08:46 - 00000000 ____D C:\ProgramData\IQIYI Video
2015-08-20 22:17 - 2015-08-21 00:37 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\Unity
2015-08-20 22:17 - 2015-08-20 22:30 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\IQIYI Video
2015-08-20 22:17 - 2015-08-20 22:17 - 00000000 __SHD C:\Users\Markus Radosztics\AppData\Roaming\AnyProtectEx
2015-08-20 22:17 - 2015-08-20 22:17 - 00000000 ____D C:\Users\Public\QiYi
2015-08-20 22:17 - 2015-08-20 22:17 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\SysassistByHotWheel
2015-08-20 22:16 - 2015-08-20 22:16 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\node-webkit
2015-08-20 22:15 - 2015-08-21 00:37 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\cpuminer
2015-08-20 22:15 - 2015-08-20 22:15 - 00000217 _____ C:\task.vbs
2015-08-20 22:10 - 2015-08-20 22:10 - 29727656 _____ (Oracle Corporation) C:\Users\Markus Radosztics\Desktop\jre-8u25-windows-i586.exe
2015-08-20 22:09 - 2015-08-20 23:09 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\Gameo
2015-08-20 22:09 - 2015-08-20 22:26 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\Opera Software
2015-08-20 22:09 - 2015-08-20 22:26 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\Opera Software
2015-08-20 22:09 - 2015-08-20 22:09 - 00000185 _____ C:\Users\Markus Radosztics\Desktop\Play Games Online.url
2015-08-20 22:09 - 2015-08-20 22:09 - 00000185 _____ C:\Users\Markus Radosztics\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Play Games Online.url
2015-08-20 22:09 - 2015-08-20 22:09 - 00000000 ___HD C:\Users\Markus Radosztics\AppData\Roaming\GoldenGate
2015-08-20 22:09 - 2015-08-20 22:09 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\Gameo
2015-08-20 22:07 - 2015-08-21 00:37 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\WarThunder
2015-08-20 22:07 - 2015-08-20 22:07 - 29727656 _____ (Oracle Corporation) C:\Users\Markus Radosztics\Downloads\setup [1].exe
2015-08-20 22:06 - 2015-08-24 23:37 - 00000000 ____D C:\Program Files (x86)\Cinem Plus 2.4cV20.08
2015-08-20 22:06 - 2015-08-23 14:05 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\00000000-1440108399-0000-0000-448A5BA07B78
2015-08-20 22:06 - 2015-08-20 09:50 - 00048784 _____ (StdLib) C:\Windows\system32\Drivers\{8b8ff336-6f1d-48e8-bf3a-a8cbaafdd963}Gw64.sys
2015-08-20 22:06 - 2015-07-23 15:47 - 00000854 _____ C:\Windows\system32\Drivers\etc\hp.bak
2015-08-20 22:05 - 2015-08-23 14:05 - 00000000 ____D C:\Program Files (x86)\OLBPre
2015-08-20 22:05 - 2015-08-20 23:02 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\{1A0B2C57-3EA3-40EF-533B-65077753999F}
2015-08-20 22:05 - 2015-08-20 22:05 - 00004008 _____ C:\Windows\System32\Tasks\LaunchPreSignup
2015-08-20 22:04 - 2015-08-20 22:26 - 00000000 ____D C:\Program Files (x86)\Opera
2015-08-20 22:04 - 2015-08-20 22:04 - 00047616 _____ C:\Users\Markus Radosztics\AppData\Local\Salttex.exe
2015-08-20 21:58 - 2015-08-20 21:58 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\Sun
2015-08-20 21:58 - 2015-08-20 21:58 - 00000000 ____D C:\Users\Markus Radosztics\.oracle_jre_usage
2015-08-20 20:37 - 2015-08-21 00:38 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\WindSolutions
2015-08-20 20:37 - 2015-08-20 20:44 - 00000000 ____D C:\ProgramData\WindSolutions
2015-08-20 12:29 - 2015-08-20 14:13 - 00000190 _____ C:\mylog.log
2015-08-20 12:29 - 2015-08-20 12:29 - 00000000 ____D C:\Program Files (x86)\MSI
2015-08-20 12:22 - 2015-08-20 12:22 - 00000000 ____D C:\Users\Markus Radosztics\Downloads\intel_usb30
2015-08-20 12:21 - 2015-08-20 12:21 - 06227267 _____ C:\Users\Markus Radosztics\Downloads\intel_usb30.zip
2015-08-20 12:19 - 2015-08-20 12:19 - 02837521 _____ C:\Users\Markus Radosztics\Downloads\intel_chipse_9_w10.zip
2015-08-20 12:19 - 2015-08-20 12:19 - 00000000 ____D C:\Users\Markus Radosztics\Downloads\intel_chipse_9_w10
2015-08-20 11:43 - 2015-08-20 22:55 - 00000004 _____ C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-08-20 11:43 - 2015-08-20 11:43 - 00003156 _____ C:\Windows\System32\Tasks\Download Touch
2015-08-20 11:43 - 2015-08-20 11:43 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\Download Touch
2015-08-20 11:39 - 2015-08-24 23:37 - 00000000 ____D C:\Program Files (x86)\CinemaP-1.9cV16.03
2015-08-20 11:39 - 2015-08-21 10:44 - 00000000 ____D C:\Program Files (x86)\globalUpdate
2015-08-20 11:39 - 2015-08-20 11:39 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\globalUpdate
2015-08-20 11:37 - 2015-08-20 11:37 - 19284168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-08-20 11:34 - 2015-08-22 15:27 - 00012280 _____ C:\Windows\SysWOW64\acengineOff.ini
2015-08-20 11:34 - 2015-08-22 15:27 - 00012280 _____ C:\Windows\system32\acengineOff.ini
2015-08-20 11:34 - 2015-08-13 14:49 - 00045784 _____ (Abengine) C:\Windows\system32\Drivers\acwfp64.sys
2015-08-20 11:34 - 2015-08-11 16:50 - 00299296 _____ (Abengine) C:\Windows\SysWOW64\acengine.dll
2015-08-20 11:15 - 2015-08-20 01:24 - 00048784 _____ (StdLib) C:\Windows\system32\Drivers\{987371d1-e860-4e27-ba6a-35575fd33b7c}Gw64.sys
2015-08-20 11:13 - 2015-08-20 11:13 - 00012839 _____ C:\Users\Markus Radosztics\Desktop\Apple_Mobile_Device_USB_Driver(1).msi
2015-08-20 11:12 - 2015-08-25 20:40 - 00000000 ____D C:\Program Files (x86)\FastSearch
2015-08-20 11:12 - 2015-08-24 23:37 - 00000000 ____D C:\Program Files (x86)\GUPlayer
2015-08-20 11:12 - 2015-08-20 11:34 - 00000002 _____ C:\END
2015-08-20 11:12 - 2015-08-20 11:12 - 00012839 _____ C:\Users\Markus Radosztics\Desktop\Apple_Mobile_Device_USB_Driver.msi
2015-08-20 11:12 - 2015-08-20 11:12 - 00003578 _____ C:\Windows\System32\Tasks\Shop-wit Updater
2015-08-20 11:12 - 2015-08-20 11:12 - 00003112 _____ C:\Windows\System32\Tasks\cfr3011
2015-08-20 11:12 - 2015-08-11 21:11 - 00349584 _____ (Abengine) C:\Windows\system32\acengine64.dll
2015-08-20 10:43 - 2015-08-20 10:43 - 00001456 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-08-20 10:43 - 2015-08-20 10:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-08-20 10:43 - 2015-08-20 10:43 - 00000000 ____D C:\Program Files\iPod
2015-08-20 10:43 - 2015-08-20 10:43 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-08-20 10:42 - 2015-08-20 10:42 - 00002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2015-08-20 10:42 - 2015-08-20 10:42 - 00000000 ____D C:\Windows\System32\Tasks\Apple
2015-08-20 10:42 - 2015-08-20 10:42 - 00000000 ____D C:\Program Files\Bonjour
2015-08-20 10:42 - 2015-08-20 10:42 - 00000000 ____D C:\Program Files (x86)\Bonjour
2015-08-20 10:42 - 2015-08-20 10:42 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2015-08-19 22:11 - 2015-08-20 00:33 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\MediaMonkey
2015-08-19 22:11 - 2015-08-19 22:11 - 00000695 _____ C:\Users\Public\Desktop\MediaMonkey.lnk
2015-08-19 22:11 - 2015-08-19 22:11 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\MediaMonkey
2015-08-19 22:11 - 2015-08-19 22:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MediaMonkey
2015-08-19 22:10 - 2015-08-19 22:10 - 00000000 ____D C:\ProgramData\MediaMonkey
2015-08-19 21:18 - 2015-08-13 14:34 - 19292160 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-08-19 21:18 - 2015-08-13 13:02 - 14383616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-08-19 21:18 - 2015-08-13 12:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-08-19 21:18 - 2015-08-13 12:44 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-08-19 20:48 - 2015-08-19 20:51 - 00000512 __RSH C:\ProgramData\ntuser.pol
2015-08-19 20:46 - 2015-08-19 20:46 - 01135152 _____ C:\Windows\Minidump\081915-12953-01.dmp
2015-08-19 16:27 - 2015-08-19 02:39 - 00048784 _____ (StdLib) C:\Windows\system32\Drivers\{092386fb-9faf-4d52-817c-d4095ab6e5cd}Gw64.sys
2015-08-19 16:24 - 2015-08-23 14:06 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\mystartsearch
2015-08-19 16:24 - 2015-08-19 21:03 - 00000000 ____D C:\ProgramData\nWinManPron
2015-08-19 16:24 - 2015-08-19 16:24 - 00000000 _____ C:\Windows\prleth.sys
2015-08-19 16:24 - 2015-08-19 16:24 - 00000000 _____ C:\Windows\hgfs.sys
2015-08-19 16:22 - 2015-08-19 16:22 - 00000767 _____ C:\Users\Markus Radosztics\Desktop\MP3 Voice Recorder.lnk
2015-08-19 16:22 - 2015-08-19 16:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MP3 Voice Recorder
2015-08-19 16:22 - 2004-03-08 21:30 - 00212240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\richtx32.ocx
2015-08-16 18:23 - 2015-08-16 18:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2015-08-16 00:59 - 2015-07-30 15:11 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-16 00:59 - 2015-07-30 15:10 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-16 00:59 - 2015-07-13 23:05 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-08-16 00:59 - 2015-07-13 23:05 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-08-16 00:59 - 2015-07-09 23:46 - 05982208 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-08-16 00:59 - 2015-07-09 23:44 - 00322560 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2015-08-16 00:59 - 2015-07-09 22:17 - 05095424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-08-16 00:59 - 2015-07-09 22:16 - 00269824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-08-16 00:59 - 2015-07-06 18:16 - 00044560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2015-08-16 00:59 - 2015-07-06 16:32 - 00281944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2015-08-16 00:59 - 2015-07-01 15:00 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-08-16 00:59 - 2015-07-01 14:58 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-08-16 00:59 - 2015-07-01 13:42 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-08-16 00:59 - 2015-07-01 13:41 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-08-16 00:58 - 2015-07-28 18:25 - 00025776 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-08-16 00:58 - 2015-07-28 16:13 - 01116160 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-08-16 00:58 - 2015-07-28 16:13 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-08-16 00:58 - 2015-07-28 16:13 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-08-16 00:58 - 2015-07-28 16:13 - 00437248 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-08-16 00:58 - 2015-07-28 16:13 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-08-16 00:58 - 2015-07-28 15:12 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-08-16 00:58 - 2015-07-16 22:32 - 02239488 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-08-16 00:58 - 2015-07-16 22:32 - 01409024 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-08-16 00:58 - 2015-07-16 22:32 - 00601600 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-08-16 00:58 - 2015-07-16 22:31 - 03959808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-08-16 00:58 - 2015-07-16 22:31 - 00856064 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-08-16 00:58 - 2015-07-16 22:31 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-08-16 00:58 - 2015-07-16 22:30 - 15416320 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-08-16 00:58 - 2015-07-16 22:30 - 02657280 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-08-16 00:58 - 2015-07-16 22:30 - 00949760 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-08-16 00:58 - 2015-07-16 21:07 - 01763328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-08-16 00:58 - 2015-07-16 21:07 - 01181696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-08-16 00:58 - 2015-07-16 21:07 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-08-16 00:58 - 2015-07-16 21:06 - 13774848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-08-16 00:58 - 2015-07-16 21:06 - 02865664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-08-16 00:58 - 2015-07-16 21:06 - 02056704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-08-16 00:58 - 2015-07-16 21:06 - 00737280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-08-16 00:58 - 2015-07-16 21:06 - 00690176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-08-16 00:58 - 2015-07-16 21:06 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-08-16 00:58 - 2015-07-16 21:06 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-08-16 00:58 - 2015-07-16 21:06 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-08-16 00:58 - 2015-07-13 23:23 - 01744384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-08-16 00:58 - 2015-07-13 23:23 - 01422336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-08-16 00:58 - 2015-07-13 23:05 - 02340864 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-08-16 00:58 - 2015-07-13 23:05 - 01850880 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-08-16 00:55 - 2015-07-29 16:45 - 01412608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-08-16 00:55 - 2015-07-29 16:45 - 00035328 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-08-16 00:55 - 2015-07-29 15:52 - 01840640 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-08-16 00:55 - 2015-07-29 15:52 - 01280000 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-08-16 00:55 - 2015-07-29 15:52 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-08-16 00:55 - 2015-07-28 00:42 - 00304128 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-08-16 00:55 - 2015-07-28 00:40 - 04064768 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-08-16 00:55 - 2015-07-28 00:40 - 00366592 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-08-16 00:55 - 2015-07-15 18:09 - 06969688 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-08-16 00:55 - 2015-07-15 18:09 - 00095064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-08-16 00:55 - 2015-07-15 18:06 - 01824296 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-08-16 00:55 - 2015-07-15 15:49 - 01410000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-08-16 00:55 - 2015-07-15 15:29 - 01333248 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-08-16 00:55 - 2015-07-09 23:47 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-08-16 00:55 - 2015-07-09 23:47 - 00243712 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-08-16 00:55 - 2015-07-09 22:18 - 00233984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2015-08-16 00:55 - 2015-06-09 15:09 - 00411133 _____ C:\Windows\system32\ApnDatabase.xml
2015-08-15 11:14 - 2015-08-15 11:14 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-08-03 12:12 - 2015-08-03 12:12 - 00045680 ____H (LogMeIn Inc.) C:\Windows\system32\Drivers\Hamdrv.sys
2015-07-29 15:41 - 2015-07-29 15:41 - 01373000 _____ C:\Windows\Minidump\072915-9968-01.dmp

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-08-26 00:43 - 2015-06-07 20:44 - 00000000 ____D C:\FRST
2015-08-26 00:42 - 2013-09-30 19:17 - 00283184 _____ C:\Windows\PFRO.log
2015-08-26 00:37 - 2013-09-30 21:01 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-08-26 00:37 - 2013-09-30 19:24 - 01697572 _____ C:\Windows\WindowsUpdate.log
2015-08-26 00:36 - 2013-10-01 21:22 - 00000000 ____D C:\ProgramData\NVIDIA
2015-08-26 00:36 - 2012-07-26 09:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-26 00:04 - 2013-11-22 22:24 - 00000366 _____ C:\Windows\Tasks\HP Photo Creations Communicator.job
2015-08-26 00:00 - 2015-06-18 06:45 - 00001290 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-817472733-4082136947-4255886928-1001UA.job
2015-08-26 00:00 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\sru
2015-08-25 23:51 - 2013-11-19 21:28 - 00001136 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-25 22:39 - 2014-12-27 12:45 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\36A80DEE-1AAD-4F7E-AA6A-4638F785B9B6.aplzod
2015-08-25 20:46 - 2012-07-26 12:27 - 00751892 _____ C:\Windows\system32\perfh007.dat
2015-08-25 20:46 - 2012-07-26 12:27 - 00155620 _____ C:\Windows\system32\perfc007.dat
2015-08-25 20:46 - 2012-07-26 09:28 - 01745416 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-25 20:44 - 2013-09-30 19:30 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-817472733-4082136947-4255886928-1001
2015-08-25 20:40 - 2015-01-14 23:45 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\LogMeIn Hamachi
2015-08-25 20:40 - 2014-12-27 12:46 - 00000000 ___RD C:\Users\Markus Radosztics\iCloudDrive
2015-08-25 20:40 - 2013-10-13 20:57 - 00000000 ___RD C:\Users\Markus Radosztics\Dropbox
2015-08-25 20:40 - 2013-10-13 20:55 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\Dropbox
2015-08-25 20:39 - 2013-11-19 21:28 - 00001132 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-25 11:00 - 2015-06-18 06:45 - 00001238 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-817472733-4082136947-4255886928-1001Core.job
2015-08-23 14:35 - 2015-06-07 21:40 - 00001270 _____ C:\Users\Markus Radosztics\Desktop\Revo Uninstaller.lnk
2015-08-23 14:35 - 2015-06-07 21:40 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2015-08-23 12:44 - 2014-02-01 13:30 - 00000000 ____D C:\Program Files (x86)\Java
2015-08-22 15:17 - 2014-08-06 12:17 - 00000000 ____D C:\ProgramData\TuneUp Software
2015-08-22 12:39 - 2013-10-02 17:05 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\Skype
2015-08-22 12:04 - 2015-02-23 20:21 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-08-22 12:04 - 2013-10-02 17:05 - 00000000 ____D C:\ProgramData\Skype
2015-08-22 10:00 - 2015-03-18 18:45 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-08-22 10:00 - 2014-06-17 22:52 - 00005182 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for WAUT0001-Markus Radosztics WAUT0001
2015-08-21 23:42 - 2013-10-01 18:41 - 00001171 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-08-21 23:42 - 2013-09-30 19:24 - 00001450 _____ C:\Users\Markus Radosztics\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-08-21 15:10 - 2013-11-25 12:30 - 00000000 ____D C:\Windows\Minidump
2015-08-21 08:52 - 2015-03-20 10:39 - 00507984 _____ C:\Windows\system32\FNTCACHE.DAT
2015-08-20 22:50 - 2013-09-30 19:24 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\VirtualStore
2015-08-20 22:30 - 2013-09-30 19:24 - 00000000 ____D C:\Users\Markus Radosztics
2015-08-20 22:10 - 2014-02-01 13:30 - 00000000 ____D C:\ProgramData\Oracle
2015-08-20 22:06 - 2012-07-26 07:26 - 00000269 _____ C:\Windows\win.ini
2015-08-20 21:22 - 2014-11-19 18:47 - 00000000 ____D C:\Program Files (x86)\Samsung
2015-08-20 21:22 - 2013-12-19 13:46 - 00000000 ____D C:\Users\Markus Radosztics\Documents\samsung
2015-08-20 21:22 - 2013-12-19 13:46 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\Samsung
2015-08-20 21:18 - 2013-12-19 13:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2015-08-20 21:18 - 2013-09-30 19:32 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-08-20 20:58 - 2013-09-30 20:29 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\Downloaded Installations
2015-08-20 20:27 - 2015-06-03 20:07 - 00000000 ____D C:\Program Files (x86)\A1 Servicecenter
2015-08-20 14:09 - 2015-03-18 18:59 - 00002321 _____ C:\Users\Markus Radosztics\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-08-20 11:43 - 2014-06-25 17:28 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-20 11:37 - 2013-09-30 21:01 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-08-20 10:43 - 2013-09-30 20:20 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-08-20 10:42 - 2013-09-30 20:20 - 00000000 ____D C:\ProgramData\Apple
2015-08-19 21:47 - 2013-09-30 19:24 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\Packages
2015-08-19 21:18 - 2012-07-26 09:59 - 00000000 ____D C:\Windows\CbsTemp
2015-08-19 17:27 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\GroupPolicy
2015-08-16 18:23 - 2015-07-14 21:02 - 00000650 _____ C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2015-08-16 18:22 - 2015-04-17 08:09 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-08-16 18:22 - 2015-04-17 08:09 - 00000000 ____D C:\Windows\system32\appraiser
2015-08-16 18:22 - 2013-09-30 19:57 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-08-16 18:22 - 2013-09-30 19:57 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-08-16 18:22 - 2012-07-26 10:12 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-16 18:22 - 2012-07-26 10:12 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-16 18:22 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows Defender
2015-08-16 18:22 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-08-16 10:55 - 2013-09-30 19:53 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-08-16 10:55 - 2013-09-30 19:52 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-08-16 10:54 - 2013-09-30 19:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-08-16 10:53 - 2013-09-30 22:57 - 00000000 ____D C:\Windows\system32\MRT
2015-08-16 10:51 - 2013-09-30 22:57 - 132483416 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-08-16 10:46 - 2012-07-26 10:12 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-16 10:46 - 2012-07-26 10:12 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-16 10:26 - 2013-10-01 18:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-15 11:11 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\AUInstallAgent
2015-08-08 04:27 - 2012-07-26 10:14 - 00793544 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-08-08 04:27 - 2012-07-26 10:14 - 00177632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-30 18:24 - 2015-07-24 11:56 - 00016603 _____ C:\Users\Markus Radosztics\Downloads\Schulsporthilfe-Vorschlag-2015.xlsx

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-08-20 23:02 - 2015-08-20 23:02 - 0002228 _____ () C:\Users\Markus Radosztics\AppData\Roaming\Cus4wE9mf.exe.lnk
2015-08-20 23:02 - 2015-08-20 23:02 - 0002250 _____ () C:\Users\Markus Radosztics\AppData\Roaming\mKEEssqw2b6jam0xKEJW.exe.lnk
2013-09-30 20:29 - 2013-09-30 20:29 - 0000268 ___RH () C:\Users\Markus Radosztics\AppData\Roaming\String Ensemble
2013-09-30 20:30 - 2013-09-30 20:30 - 0000268 ___RH () C:\Users\Markus Radosztics\AppData\Roaming\Strings
2013-09-30 20:29 - 2013-09-30 20:29 - 0000268 ___RH () C:\Users\Markus Radosztics\AppData\Roaming\Super Strings
2013-09-30 20:29 - 2013-09-30 20:29 - 0000268 ___RH () C:\Users\Markus Radosztics\AppData\Roaming\Techno Kit
2014-02-05 18:38 - 2015-06-07 12:43 - 0000156 _____ () C:\Users\Markus Radosztics\AppData\Roaming\WB.CFG
2013-11-06 10:01 - 2014-08-12 18:27 - 0006144 _____ () C:\Users\Markus Radosztics\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-12-23 18:56 - 2014-12-23 18:56 - 0007606 _____ () C:\Users\Markus Radosztics\AppData\Local\Resmon.ResmonCfg
2015-08-20 22:04 - 2015-08-20 22:04 - 0047616 _____ () C:\Users\Markus Radosztics\AppData\Local\Salttex.exe
2015-08-20 22:04 - 2015-08-20 22:04 - 0000187 _____ () C:\Users\Markus Radosztics\AppData\Local\Salttex.exe.config
2013-10-02 17:42 - 2013-10-02 17:42 - 0000057 _____ () C:\ProgramData\Ament.ini
2014-07-07 09:16 - 2014-07-07 09:16 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2013-09-30 20:29 - 2013-09-30 20:29 - 0000012 ___RH () C:\ProgramData\howto
2013-09-30 20:29 - 2013-09-30 20:29 - 0000020 ____H () C:\ProgramData\PKP_DLeo.DAT
2013-09-30 20:30 - 2013-09-30 20:30 - 0000020 ____H () C:\ProgramData\PKP_DLes.DAT
2013-09-30 20:29 - 2013-09-30 20:30 - 0000020 ____H () C:\ProgramData\PKP_DLet.DAT
2013-09-30 20:29 - 2013-09-30 20:29 - 0000020 ____H () C:\ProgramData\PKP_DLev.DAT
2013-09-30 20:29 - 2013-09-30 20:29 - 0000268 ___RH () C:\ProgramData\Sync Schema
2013-09-30 20:30 - 2013-09-30 20:30 - 0000268 ___RH () C:\ProgramData\Sync Services
2013-09-30 20:29 - 2013-09-30 20:29 - 0000268 ___RH () C:\ProgramData\Synth Basics
2013-09-30 20:29 - 2013-09-30 20:29 - 0000012 ___RH () C:\ProgramData\Track Settings
2013-09-30 20:30 - 2013-09-30 20:30 - 0000012 ___RH () C:\ProgramData\Transportation
2013-09-30 20:29 - 2013-09-30 20:29 - 0000012 ___RH () C:\ProgramData\Tremolo

Einige Dateien in TEMP:
====================
C:\Users\Markus Radosztics\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpco22u0.dll
C:\Users\Markus Radosztics\AppData\Local\Temp\{26ECE78A-B4C3-4D85-A58B-D4E9E5690C5C}.dll
C:\Users\Markus Radosztics\AppData\Local\Temp\{39974290-CBE6-4D67-847A-487D6885D81A}.dll
C:\Users\Markus Radosztics\AppData\Local\Temp\{60AE38EC-5EE0-48F6-9261-FDF20A16D743}.dll
C:\Users\Markus Radosztics\AppData\Local\Temp\{641C3654-92C7-4617-90B7-9AF5AE18A063}.dll
C:\Users\Markus Radosztics\AppData\Local\Temp\{8EB74426-352F-4E9D-B74A-10DE3F29D715}.dll
C:\Users\Markus Radosztics\AppData\Local\Temp\{ADC6A9D0-CA2A-45BF-9899-47E6993AC360}.dll
C:\Users\Markus Radosztics\AppData\Local\Temp\{C31609EA-E6A1-47D4-B1D8-6E05D7732D92}.dll
C:\Users\Markus Radosztics\AppData\Local\Temp\{C3398C96-3F8F-47A1-99AE-A4A8521FC7B3}.dll
C:\Users\Markus Radosztics\AppData\Local\Temp\{DE53AEC4-E966-443E-B4D2-C9729CB89C15}.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-08-16 18:02

==================== Ende von FRST.txt ============================
Warum ich verwirrt bin? in Anleitung 1 für Win8 Nutzer steht, dass ich zur Eingabeaufforderung kommen soll und dann mit dem FRST-Scan fortfahren soll. Das hab ich schon mal gemacht. Und in Anleitung 2 steht, dass ich in den abgesicherten Modus soll. Das hab ich diesmal gemacht inkl. der Eingabeaufforderung cd/ und bcdedit/set {default} bootmenupolicy legacy. Das hat auch funktioniert. Aber wie gesagt, ich bin total unsicher, ob ich diesmal richtig vorgegangen bin...

Gute Nacht
Don Camillo
__________________
Alt 26.08.2015, 11:09   #18
schrauber
/// the machine
/// TB-Ausbilder
 
Ständig öffnen sich neue Internet-Fenster - Standard

Ständig öffnen sich neue Internet-Fenster


Nee, eigentlich ist das falsch, aber egal. Den letzten Fix mit FRST bitte jetzt nochmal im Safe Mode laufen lassen.
__________________
__________________
Alt 26.08.2015, 13:37   #19
Don_Camillo
 
Ständig öffnen sich neue Internet-Fenster - Standard

Ständig öffnen sich neue Internet-Fenster


Sorry für die Fehler, bin leider Amateur, aber ich bemühe mich. Hier der letzte Fix mit FRST im abgesicherten Modus:

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:21-08-2015
durchgeführt von Markus Radosztics (Administrator) auf WAUT0001 (26-08-2015 14:32:00)
Gestartet von f:\
Geladene Profile: Markus Radosztics (Verfügbare Profile: Markus Radosztics)
Platform: Windows 8 Pro (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 10 (Standard-Browser: Chrome)
Start-Modus: Safe Mode (minimal)
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Tencent) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16600.237\QQPCRTP.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8466136 2015-04-30] (Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => "D:\Programme\iTunesHelper.exe"
HKLM\...\Run: [gpuminer] => C:\Users\Markus Radosztics\AppData\Roaming\cpuminer\sgminer\sgminer.cmd [218 2015-08-17] ()
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288 2010-10-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [36760 2010-10-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [821144 2010-10-25] (Adobe Systems Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-05-15] (Apple Inc.)
HKLM-x32\...\Run: [Nikon Message Center 2] => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [571392 2011-10-30] (Nikon Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [A1Servicecenter] => C:\Program Files (x86)\A1 Servicecenter\A1 Servicecenter\A1Servicecenter_Launcher.exe [11467864 2015-05-27] (A1)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => D:\Games\LogMeIn Hamachi\hamachi-2-ui.exe [5579624 2015-08-03] (LogMeIn Inc.)
HKLM-x32\...\Run: [ QQPCTray] => C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16600.237\QQPCTray.exe [355296 2015-08-20] (Tencent)
HKLM-x32\...\Run: [RSDTRAY] => C:\Program Files (x86)\Rising\RSD\popwndexe.exe [126808 2012-09-25] (Beijing Rising Information Technology Co., Ltd.)
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\...\Run: [Voobly] => C:\Program Files (x86)\Voobly\voobly.exe [159744 2015-01-12] (Voobly)
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\...\Run: [HP Officejet 6600 (NET)] => C:\Program Files\HP\HP Officejet 6600\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\...\Run: [Steam] => D:\Games\Steam.exe [2899136 2015-08-19] (Valve Corporation)
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\...\Run: [TomTomHOME.exe] => C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [248176 2014-06-05] (TomTom)
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\...\Run: [Dropbox Update] => C:\Users\Markus Radosztics\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-18] (Dropbox, Inc.)
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\...\Run: [OneDrive] => C:\Users\Markus Radosztics\AppData\Local\Microsoft\OneDrive\OneDrive.exe [404064 2015-08-20] (Microsoft Corporation)
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\...\Run: [Shop-wit] => C:\Program Files (x86)\shopwit\shopwit\1.4.0.7\shopwit.exe
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\...\Run: [apphide] => C:\Program Files (x86)\baidu\pps.exe
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\...\Run: [GoogleChromeAutoLaunch_FEA560871AAA9104DF8D8385F4A465BE] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [863560 2015-08-18] (Google Inc.)
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\...\RunOnce: [Uninstall C:\Users\Markus Radosztics\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Markus Radosztics\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64"
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\...\RunOnce: [Uninstall C:\Users\Markus Radosztics\AppData\Local\Microsoft\OneDrive\17.3.5907.0716] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Markus Radosztics\AppData\Local\Microsoft\OneDrive\17.3.5907.0716"
AppInit_DLLs: C:\ProgramData\ExtTag\Zimdox.dll => C:\ProgramData\ExtTag\Zimdox.dll Datei nicht gefunden
AppInit_DLLs-x32: C:\ProgramData\ExtTag\Biodandom.dll => "C:\ProgramData\ExtTag\Biodandom.dll" Datei nicht gefunden
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2014-01-16]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.149\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Markus Radosztics\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2015-03-18]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files (x86)\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Markus Radosztics\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2013-10-13]
ShortcutTarget: Dropbox.lnk -> C:\Users\Markus Radosztics\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [.QMDeskTopGCIcon] -> {B7667919-3765-4815-A66D-98A09BE662D6} => C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16600.237\QMGCShellExt64.dll [2015-08-20] (Tencent)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Markus Radosztics\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Markus Radosztics\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Markus Radosztics\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Markus Radosztics\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Markus Radosztics\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Markus Radosztics\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Markus Radosztics\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.)
GroupPolicy: Gruppenrichtline auf Chrome erkannt <======= ACHTUNG
CHR HKLM\SOFTWARE\Policies\Google: Richtlinienbeschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)

HKU\S-1-5-21-817472733-4082136947-4255886928-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Richtlinienbeschränkung <======= ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSE1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.hao123.com/?tn=99963976_hao_pg
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_Bz-FcOk_3gj-vPq5njNUqi6JvXMApaBQy6dI7-zBLqJIwww8hbEZ_D2j-OfsnCYPRYpkjrKE0B6yddsyT_z-DCS1yPXETxyhaNnvdxAsPQgSz3pdyHGIGPpqh1ZYU9NjUbI11dZ3i1WZYkJ6Nqn-MqE94IglK&q={searchTerms}
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.hao123.com/?tn=99963976_hao_pg
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.at.msn.com/
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_Bz-FcOk_3gj-vPq5njNUqi6JvXMApaBQy6dI7-zBLqJIwww8hbEZ_D2j-OfsnCYPRYpkjrKE0B6yddsyT_z-DCS1yPXETxyhaNnvdxAsPQgSz3pdyHGIGPpqh1ZYU9NjUbI11dZ3i1WZYkJ6Nqn-MqE94IglK&q={searchTerms}
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\Software\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_Bz-FcOk_3gj-vPq5njNUqi6JvXMApaBQy6dI7-zBLqJIwww8hbEZ_D2j-OfsnCYPRYpkjrKE0B6yddsyT_z-DCS1yPXETxyhaNnvdxAsPQgSz3pdyHGIGPpqh1ZYU9NjUbI11dZ3i1WZYkJ6Nqn-MqE94IglK&q={searchTerms}
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://at.yhs4.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_popjar_15_34&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dat%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyB0AyBzytCzyzytA0F0CyDtDyEtA0AyCtN0D0Tzu0StCtAtByBtN1L2XzutAtFtCtBtFyDtFtAtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyE0CyB0CzztAyE0BtGyByBzyzztGzzyD0D0CtGtDtB0C0DtG0EyCyE0ByEyBtBtDyC0DyBzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0F0DyE0DtD0CyE0BtGtCyEtAyEtGyEtAyDtAtGzztBtCtDtGtBtAtCyByDyC0BtC0A0A0B0C2QtN0A0LzutB%26cr%3D1829697096%26a%3Dwncy_popjar_15_34%26os%3DWindows%2B8%2BPro&p={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://at.yhs4.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_popjar_15_34&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dat%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyB0AyBzytCzyzytA0F0CyDtDyEtA0AyCtN0D0Tzu0StCtAtByBtN1L2XzutAtFtCtBtFyDtFtAtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyE0CyB0CzztAyE0BtGyByBzyzztGzzyD0D0CtGtDtB0C0DtG0EyCyE0ByEyBtBtDyC0DyBzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0F0DyE0DtD0CyE0BtGtCyEtAyEtGyEtAyDtAtGzztBtCtDtGtBtAtCyByDyC0BtC0A0A0B0C2QtN0A0LzutB%26cr%3D1829697096%26a%3Dwncy_popjar_15_34%26os%3DWindows%2B8%2BPro&p={searchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> DefaultScope {ielnksrch} URL = 
SearchScopes: HKLM-x32 -> ielnksrch URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_Bz-FcOk_3gj-vPq5njNUqi6JvXMApaBQy6dI7-zBLqJIwww8hbEZ_D2j-OfsnCYPRYpkjrKE0B6yddsyT_z-DCS1yPXETxyhaNnvdxAsPQgSz3pdyHGIGPpqh1ZYU9NjUbI11dZ3i1WZYkJ6Nqn-MqE94IglK&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-817472733-4082136947-4255886928-1001 -> DefaultScope {ielnksrch} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_Bz-FcOk_3gj-vPq5njNUqi6JvXMApaBQy6dI7-zBLqJIwww8hbEZ_D2j-OfsnCYPRYpkjrKE0B6yddsyT_z-DCS1yPXETxyhaNnvdxAsPQgSz3pdyHGIGPpqh1ZYU9NjUbI11dZ3i1WZYkJ6Nqn-MqE94IglK&q={searchTerms}
SearchScopes: HKU\S-1-5-21-817472733-4082136947-4255886928-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://at.yhs4.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_popjar_15_34&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dat%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyB0AyBzytCzyzytA0F0CyDtDyEtA0AyCtN0D0Tzu0StCtAtByBtN1L2XzutAtFtCtBtFyDtFtAtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyE0CyB0CzztAyE0BtGyByBzyzztGzzyD0D0CtGtDtB0C0DtG0EyCyE0ByEyBtBtDyC0DyBzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0F0DyE0DtD0CyE0BtGtCyEtAyEtGyEtAyDtAtGzztBtCtDtGtBtAtCyByDyC0BtC0A0A0B0C2QtN0A0LzutB%26cr%3D1829697096%26a%3Dwncy_popjar_15_34%26os%3DWindows%2B8%2BPro&p={searchTerms}
SearchScopes: HKU\S-1-5-21-817472733-4082136947-4255886928-1001 -> {ielnksrch} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_Bz-FcOk_3gj-vPq5njNUqi6JvXMApaBQy6dI7-zBLqJIwww8hbEZ_D2j-OfsnCYPRYpkjrKE0B6yddsyT_z-DCS1yPXETxyhaNnvdxAsPQgSz3pdyHGIGPpqh1ZYU9NjUbI11dZ3i1WZYkJ6Nqn-MqE94IglK&q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-07-14] (Microsoft Corporation)
BHO: 电脑管家网页防火墙 -> {7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B} -> C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16600.237\TSWebMon64.dat [2015-08-20] (Tencent)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-07-14] (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-10-25] (Adobe Systems Incorporated)
BHO-x32: Great Find -> {1cc2bb80-20ab-43e5-b958-432d72b546ca} -> C:\Program Files (x86)\Great Find\Extensions\1cc2bb80-20ab-43e5-b958-432d72b546ca.dll Keine Datei
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-07-14] (Microsoft Corporation)
BHO-x32: Ó¦Óñ¦Ò»¼ü°²×°²å¼þ -> {50F4150A-48B2-417A-BE4C-C83F580FB904} -> C:\Program Files (x86)\Common Files\Tencent\QQPhoneManager\2.0.201.3198\npQQPhoneManagerExt.dll [2014-05-30] (腾讯公司)
BHO-x32: af0.Adblock.BHO -> {90EFF544-3981-4d46-85C9-C0361D0931D6} -> C:\Windows\SysWOW64\mscoree.dll [2012-06-02] (Microsoft Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-10-25] (Adobe Systems Incorporated)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-07-14] (Microsoft Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-10-25] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-10-25] (Adobe Systems Incorporated)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-03-18] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Winsock: Catalog9 01 C:\Windows\SysWOW64\acengine.dll [299296 2015-08-20] (Abengine)
Winsock: Catalog9 02 C:\Windows\SysWOW64\acengine.dll [299296 2015-08-20] (Abengine)
Winsock: Catalog9 03 C:\Windows\SysWOW64\acengine.dll [299296 2015-08-20] (Abengine)
Winsock: Catalog9 04 C:\Windows\SysWOW64\acengine.dll [299296 2015-08-20] (Abengine)
Winsock: Catalog9 16 C:\Windows\SysWOW64\acengine.dll [299296 2015-08-20] (Abengine)
Hosts: 0.0.0.1	mssplus.mcafee.com
Tcpip\..\Interfaces\{0FFDF7C3-8718-450E-A4A2-9C59BD350F78}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{DD37C3EA-4E32-4412-AC18-EA239FC6029F}: [DhcpNameServer] 10.0.0.138
StartMenuInternet: IEXPLORE.EXE - c:\program files\internet explorer\iexplore.exe hxxp://www.mystartsearch.com/?type=sc&ts=1440141856&z=3fbd779b7c5a732cb4abd88gbz6zbeag3zcg1mawec&from=cmi&uid=SamsungXSSDX840XEVOX120GB_S1D5NEAD869028B

FireFox:
========
FF ProfilePath: C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default
FF NewTab: chrome://quick_start/content/index.html
FF DefaultSearchEngine: mystartsearch
FF SelectedSearchEngine: mystartsearch
FF Homepage: hxxp://www.istartsurf.com/?type=hp&ts=1440103432&z=81c380bb68d5eb130644762gezaz6e6gdedc7cbc7g&from=face&uid=SamsungXSSDX840XEVOX120GB_S1D5NEAD869028B
FF Keyword.URL: 
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-15] ()
FF Plugin: @iqiyi.com/npWebPlayer -> C:\IQIYI Video\LStyle\npWebPlayer.dll [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-15] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-07-30] ()
FF Plugin-x32: @iqiyi.com/npWebPlayer -> C:\IQIYI Video\LStyle\npWebPlayer.dll [Keine Datei]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-03-31] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-03-18] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-07-02] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-07-02] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [Keine Datei]
FF Plugin-x32: @qq.com/npAndroidAssistant -> C:\Program Files (x86)\Common Files\Tencent\QQPhoneManager\2.0.201.3198\npQQPhoneManagerExt.dll [2014-05-30] (腾讯公司)
FF Plugin-x32: @qq.com/QQPCMgr -> C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16600.237\npQMExtensionsMozilla.dll [2015-08-20] (Tencent Technology (Shenzhen) Company Limited)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin HKU\S-1-5-21-817472733-4082136947-4255886928-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Markus Radosztics\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2014-03-13] (Citrix Online)
FF Plugin HKU\S-1-5-21-817472733-4082136947-4255886928-1001: @iqiyi.com/npWebPlayer -> C:\IQIYI Video\LStyle\npWebPlayer.dll Keine Datei
FF Plugin HKU\S-1-5-21-817472733-4082136947-4255886928-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-06-21] ()
FF user.js: detected! => C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\user.js [2015-08-22]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-03-31] (Microsoft Corporation)
FF SearchPlugin: C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\searchplugins\findit.xml [2015-08-21]
FF SearchPlugin: C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\searchplugins\istartsurf.xml [2015-08-21]
FF SearchPlugin: C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\searchplugins\mystartsearch.xml [2015-08-23]
FF SearchPlugin: C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\searchplugins\search-provided-by-yahoo.xml [2015-08-20]
FF Extension: Default SearchProtected  - C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\Extensions\defsearchp@gmail.com [2015-08-19]
FF Extension: deskCut - C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\Extensions\deskCutv2@gmail.com [2015-08-19]
FF Extension: A1 Servicecenter - C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\Extensions\{594657B4-413A-41D0-8F85-A6D3F35C9BDF} [2015-06-03]
FF Extension: Download videos and MP3s from YouTube - C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\Extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900} [2014-10-06]
FF Extension: "Download Touch - C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\Extensions\@73ABDD53B667F486D5ACC6A263CED1CC73AB.xpi [2015-08-20]
FF Extension: Great Find - C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\Extensions\{0a4ee680-ecac-4e89-b625-5139f7130e30}.xpi [2015-08-22]
FF Extension: Kein Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-05-01]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2013-09-30]
FF HKLM-x32\...\Firefox\Extensions: [defsearchp@gmail.com] - C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\extensions\defsearchp@gmail.com
FF HKLM-x32\...\Firefox\Extensions: [deskCutv2@gmail.com] - C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\extensions\deskCutv2@gmail.com
FF HKU\S-1-5-21-817472733-4082136947-4255886928-1001\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2014-10-06]
StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe hxxp://www.mystartsearch.com/?type=sc&ts=1440141856&z=3fbd779b7c5a732cb4abd88gbz6zbeag3zcg1mawec&from=cmi&uid=SamsungXSSDX840XEVOX120GB_S1D5NEAD869028B
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\73ABDD53B667F486D5ACC6A263CED1CC73AB.js [2015-08-20]

Chrome: 
=======
CHR Profile: C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-08-24]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-23]
CHR HKLM-x32\...\Chrome\Extension: [dnligehkhogpcngalffdoomehjcbecna] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gehmndecgbcffhmfjkenpamdgechcgpe] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 acengine; C:\Program Files (x86)\FastSearch\acengine.exe [1839728 2015-08-11] (Abengine) [Datei ist nicht signiert]
S2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
S2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-07-04] ()
S2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
S2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
S2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2765496 2015-07-14] (Microsoft Corporation)
S2 eproduct; C:\Users\Markus Radosztics\AppData\Local\Salttex.exe [47616 2015-08-20] () [Datei ist nicht signiert]
S2 Hamachi2Svc; D:\Games\LogMeIn Hamachi\hamachi-2.exe [2545512 2015-08-03] (LogMeIn Inc.)
S2 IHProtect Service; C:\Program Files (x86)\MiniLite\ProtectService.exe [129688 2015-08-20] (XTab system)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\LENOVO\easyplussdk\bin\EPHotspot64.exe [619776 2015-01-15] (Lenovo)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.149\McCHSvc.exe [289256 2015-06-26] (McAfee, Inc.)
S2 MSI_Trigger_Service; C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe [30240 2013-09-26] (MICRO-STAR INTERNATIONAL CO., LTD.)
S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation)
S3 Origin Client Service; D:\Games\Origin\OriginClientService.exe [1931632 2015-05-15] (Electronic Arts)
S2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2015-05-23] ()
R2 QQPCRTP; C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16600.237\QQPCRTP.exe [297608 2015-08-20] (Tencent)
S2 RsMgrSvc; C:\Program Files (x86)\Rising\RSD\RsMgrSvc.exe [196288 2015-08-21] (Beijing Rising Information Technology Co., Ltd.)
S2 Service Mgr GreatFind; C:\ProgramData\d64c6aa4-9b30-4b06-8859-0cfa31bd50dc\plugincontainer.exe [1194208 2015-08-26] ()
S3 TAOFrame; C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16600.237\TAOFrame.exe [293856 2015-08-20] (Tencent)
S2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2145080 2015-06-25] (TuneUp Software)
S2 Update Mgr GreatFind; C:\Program Files (x86)\Common Files\d64c6aa4-9b30-4b06-8859-0cfa31bd50dc\updater.exe [704736 2015-08-26] ()
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2015-07-06] (Microsoft Corporation)
S2 dojoluri; C:\Program Files (x86)\00000000-1440101150-0000-0000-448A5BA07B78\knsb4C96.tmp [X]
S2 ExtTag; C:\ProgramData\ExtTag\ExtTag.exe [X]
S2 hyverumu; C:\Program Files (x86)\00000000-1440101150-0000-0000-448A5BA07B78\jnsiE347.tmp [X]
S2 igfx32; "C:\Program Files\igfx32\igfx32.exe" /s iid=2679535 did=Missing sid= ref= id=047e6a478a9cd5449350448a9fe4f569a5544d0a771fdc73cd2034f9b95a9549 [X]
S2 kefowydy; C:\Program Files (x86)\00000000-1440101150-0000-0000-448A5BA07B78\hnsf344.tmp [X]
S2 WindowsMangerProtect; C:\ProgramData\WWinManProW\ProtectWindowsManager.exe -service [X] <==== ACHTUNG

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R5 3ware; C:\Windows\System32\drivers\3ware.sys [106736 2012-07-26] (LSI)
R5 ACPI; C:\Windows\System32\drivers\ACPI.sys [425192 2012-09-20] (Microsoft Corporation)
R5 acpiex; C:\Windows\System32\Drivers\acpiex.sys [77040 2012-07-26] (Microsoft Corporation)
S2 acwfp; C:\Windows\system32\Drivers\acwfp64.sys [45784 2015-08-13] (Abengine)
R5 adp94xx; C:\Windows\System32\drivers\adp94xx.sys [492272 2012-07-26] (Adaptec, Inc.)
R5 adpahci; C:\Windows\System32\drivers\adpahci.sys [340720 2012-07-26] (Adaptec, Inc.)
R5 adpu320; C:\Windows\System32\drivers\adpu320.sys [184048 2012-07-26] (Adaptec, Inc.)
R5 agp440; C:\Windows\System32\drivers\agp440.sys [63216 2012-07-26] (Microsoft Corporation)
R5 amdsata; C:\Windows\System32\drivers\amdsata.sys [76016 2012-07-26] (Advanced Micro Devices)
R5 amdsbs; C:\Windows\System32\drivers\amdsbs.sys [258288 2012-07-26] (AMD Technologies Inc.)
R5 amdxata; C:\Windows\System32\drivers\amdxata.sys [26352 2012-07-26] (Advanced Micro Devices)
R5 arc; C:\Windows\System32\drivers\arc.sys [104688 2012-07-26] (PMC-Sierra, Inc.)
R5 arcsas; C:\Windows\System32\drivers\arcsas.sys [108272 2012-07-26] (PMC-Sierra, Inc.)
S1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-21] ()
R5 atapi; C:\Windows\System32\drivers\atapi.sys [25840 2012-07-26] (Microsoft Corporation)
R5 b06bdrv; C:\Windows\System32\drivers\bxvbda.sys [533224 2012-09-20] (Broadcom Corporation)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R5 CLFS; C:\Windows\System32\drivers\CLFS.sys [361280 2015-03-04] (Microsoft Corporation)
R5 CNG; C:\Windows\System32\Drivers\cng.sys [570248 2015-04-14] (Microsoft Corporation)
R5 disk; C:\Windows\System32\drivers\disk.sys [100696 2013-10-13] (Microsoft Corporation)
S3 e1dexpress; C:\Windows\system32\DRIVERS\e1d63x64.sys [468752 2013-02-27] (Intel Corporation)
R5 ebdrv; C:\Windows\System32\drivers\evbda.sys [3265256 2012-09-20] (Broadcom Corporation)
S5 EhStorClass; C:\Windows\System32\drivers\EhStorClass.sys [81136 2012-07-26] (Microsoft Corporation)
R5 EhStorTcgDrv; C:\Windows\System32\drivers\EhStorTcgDrv.sys [113904 2012-07-26] (Microsoft Corporation)
R5 FileInfo; C:\Windows\System32\drivers\fileinfo.sys [71920 2012-07-26] (Microsoft Corporation)
R5 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [374512 2012-07-26] (Microsoft Corporation)
U5 Fs_Rec; C:\Windows\System32\Drivers\Fs_Rec.sys [25328 2012-07-26] (Microsoft Corporation)
R5 fvevol; C:\Windows\System32\DRIVERS\fvevol.sys [465240 2013-08-21] (Microsoft Corporation)
R5 gagp30kx; C:\Windows\System32\drivers\gagp30kx.sys [66800 2012-07-26] (Microsoft Corporation)
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2015-08-03] (LogMeIn Inc.)
R5 HpSAMD; C:\Windows\System32\drivers\HpSAMD.sys [64752 2012-07-26] (Hewlett-Packard Company)
S5 hwpolicy; C:\Windows\System32\drivers\hwpolicy.sys [24816 2012-07-26] (Microsoft Corporation)
R5 iaStorV; C:\Windows\System32\drivers\iaStorV.sys [411888 2012-07-26] (Intel Corporation)
R5 iirsp; C:\Windows\System32\drivers\iirsp.sys [45296 2012-07-26] (Intel Corp./ICP vortex GmbH)
R5 intelide; C:\Windows\System32\drivers\intelide.sys [18672 2012-07-26] (Microsoft Corporation)
R5 isapnp; C:\Windows\System32\drivers\isapnp.sys [22256 2012-07-26] (Microsoft Corporation)
R5 KSecDD; C:\Windows\System32\Drivers\ksecdd.sys [100184 2015-05-02] (Microsoft Corporation)
R5 KSecPkg; C:\Windows\System32\Drivers\ksecpkg.sys [171352 2015-06-27] (Microsoft Corporation)
R5 LSI_SAS; C:\Windows\System32\drivers\lsi_sas.sys [108784 2012-07-26] (LSI Corporation)
R5 LSI_SAS2; C:\Windows\System32\drivers\lsi_sas2.sys [92400 2012-07-26] (LSI Corporation)
R5 LSI_SCSI; C:\Windows\System32\drivers\lsi_scsi.sys [116976 2012-07-26] (LSI Corporation)
R5 LSI_SSS; C:\Windows\System32\drivers\lsi_sss.sys [81136 2012-07-26] (LSI Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-06-21] (Malwarebytes Corporation)
R5 megasas; C:\Windows\System32\drivers\megasas.sys [51952 2012-07-26] (LSI Corporation)
R5 MegaSR; C:\Windows\System32\drivers\MegaSR.sys [353008 2012-07-26] (LSI Corporation, Inc.)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation)
R5 mountmgr; C:\Windows\System32\drivers\mountmgr.sys [95064 2015-07-15] (Microsoft Corporation)
R5 msisadrv; C:\Windows\System32\drivers\msisadrv.sys [17136 2012-07-26] (Microsoft Corporation)
R5 Mup; C:\Windows\System32\Drivers\mup.sys [83696 2012-07-26] (Microsoft Corporation)
R5 mvumis; C:\Windows\System32\drivers\mvumis.sys [64240 2012-07-26] (Marvell Semiconductor, Inc.)
R5 NDIS; C:\Windows\System32\drivers\ndis.sys [997632 2013-06-17] (Microsoft Corporation)
R5 nfrd960; C:\Windows\System32\drivers\nfrd960.sys [52464 2012-07-26] (IBM Corporation)
R5 nvraid; C:\Windows\System32\drivers\nvraid.sys [150256 2012-07-26] (NVIDIA Corporation)
R5 nvstor; C:\Windows\System32\drivers\nvstor.sys [168176 2012-07-26] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation)
S3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R5 nv_agp; C:\Windows\System32\drivers\nv_agp.sys [125168 2012-07-26] (Microsoft Corporation)
R5 partmgr; C:\Windows\System32\drivers\partmgr.sys [91880 2013-01-10] (Microsoft Corporation)
R5 pci; C:\Windows\System32\drivers\pci.sys [234224 2012-07-26] (Microsoft Corporation)
R5 pciide; C:\Windows\System32\drivers\pciide.sys [14064 2012-07-26] (Microsoft Corporation)
R5 pcmcia; C:\Windows\System32\drivers\pcmcia.sys [237808 2012-07-26] (Microsoft Corporation)
R5 pcw; C:\Windows\System32\drivers\pcw.sys [52464 2012-07-26] (Microsoft Corporation)
R5 pdc; C:\Windows\System32\drivers\pdc.sys [69864 2013-03-02] (Microsoft Corporation)
S1 QMUdisk; C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16600.237\QMUdisk64.sys [62264 2015-08-20] (Tencent)
S2 QQSysMonX64; C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16600.237\QQSysMonX64.sys [138040 2015-08-20] (电脑管家)
R5 rdyboost; C:\Windows\System32\drivers\rdyboost.sys [217328 2012-07-26] (Microsoft Corporation)
R5 sbp2port; C:\Windows\System32\drivers\sbp2port.sys [107760 2012-07-26] (Microsoft Corporation)
R5 SiSRaid2; C:\Windows\System32\drivers\SiSRaid2.sys [44784 2012-07-26] (Silicon Integrated Systems Corp.)
R5 SiSRaid4; C:\Windows\System32\drivers\sisraid4.sys [81648 2012-07-26] (Silicon Integrated Systems)
R5 spaceport; C:\Windows\System32\drivers\spaceport.sys [285016 2013-10-05] (Microsoft Corporation)
R5 stexstor; C:\Windows\System32\drivers\stexstor.sys [30960 2012-07-26] (Promise Technology, Inc.)
R5 storahci; C:\Windows\System32\drivers\storahci.sys [77544 2013-03-02] (Microsoft Corporation)
R5 storflt; C:\Windows\System32\DRIVERS\vmstorfl.sys [45160 2012-07-26] (Microsoft Corporation)
R5 storvsc; C:\Windows\System32\drivers\storvsc.sys [37992 2012-07-26] (Microsoft Corporation)
S2 TAOAccelerator; C:\Windows\system32\Drivers\TAOAccelerator64.sys [74040 2015-08-20] (Tencent)
S1 TAOKernelDriver; C:\Windows\System32\Drivers\TAOKernel64.sys [274232 2015-08-20] (Tencent Technology(Shenzhen) Company Limited)
R5 Tcpip; C:\Windows\System32\drivers\tcpip.sys [2233152 2014-09-13] (Microsoft Corporation)
S3 TFsFlt; C:\Windows\System32\Drivers\TFsFltX64.sys [87864 2015-08-20] (电脑管家)
S3 TS888x64; C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16600.237\TS888x64.sys [28984 2015-08-26] (Tencent)
S1 TSDefenseBt; C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16600.237\TSDefenseBT64.sys [28472 2015-08-20] (Tencent)
S3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [31144 2015-06-04] (TuneUp Software)
R5 uagp35; C:\Windows\System32\drivers\uagp35.sys [65776 2012-07-26] (Microsoft Corporation)
R5 uliagpkx; C:\Windows\System32\drivers\uliagpkx.sys [66800 2012-07-26] (Microsoft Corporation)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2014-07-28] (Apple, Inc.) [Datei ist nicht signiert]
R5 vdrvroot; C:\Windows\System32\drivers\vdrvroot.sys [36080 2012-07-26] (Microsoft Corporation)
R5 viaide; C:\Windows\System32\drivers\viaide.sys [19184 2012-07-26] (VIA Technologies, Inc.)
R5 vmbus; C:\Windows\System32\drivers\vmbus.sys [137832 2012-07-26] (Microsoft Corporation)
R5 volmgr; C:\Windows\System32\drivers\volmgr.sys [83184 2012-07-26] (Microsoft Corporation)
R5 volmgrx; C:\Windows\System32\drivers\volmgrx.sys [378608 2012-07-26] (Microsoft Corporation)
R5 volsnap; C:\Windows\System32\drivers\volsnap.sys [328000 2014-07-04] (Microsoft Corporation)
R5 vsmraid; C:\Windows\System32\drivers\vsmraid.sys [164080 2012-07-26] (VIA Technologies Inc.,Ltd)
R5 VSTXRAID; C:\Windows\System32\drivers\vstxraid.sys [322800 2012-07-26] (VIA Corporation)
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [64000 2012-07-26] (Microsoft Corporation)
R5 Wd; C:\Windows\System32\drivers\wd.sys [23792 2012-07-26] (Microsoft Corporation)
R5 Wdf01000; C:\Windows\System32\drivers\Wdf01000.sys [785624 2013-06-22] (Microsoft Corporation)
R5 WFPLWFS; C:\Windows\System32\DRIVERS\wfplwfs.sys [96576 2014-12-18] (Microsoft Corporation)
S1 {092386fb-9faf-4d52-817c-d4095ab6e5cd}Gw64; C:\Windows\System32\drivers\{092386fb-9faf-4d52-817c-d4095ab6e5cd}Gw64.sys [48784 2015-08-19] (StdLib)
S1 {8b8ff336-6f1d-48e8-bf3a-a8cbaafdd963}Gw64; C:\Windows\System32\drivers\{8b8ff336-6f1d-48e8-bf3a-a8cbaafdd963}Gw64.sys [48784 2015-08-20] (StdLib)
S1 {987371d1-e860-4e27-ba6a-35575fd33b7c}Gw64; C:\Windows\System32\drivers\{987371d1-e860-4e27-ba6a-35575fd33b7c}Gw64.sys [48784 2015-08-20] (StdLib)
S3 MSICDSetup; \??\E:\CDriver64.sys [X]
S3 NTIOLib_1_0_C; \??\E:\NTIOLib_X64.sys [X]
S1 rrfd_vw_1_10_0_22; system32\drivers\rrfd_vw_1_10_0_22.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-08-25 00:40 - 2015-08-25 00:40 - 00003156 _____ C:\Windows\System32\Tasks\kajl01mh
2015-08-25 00:40 - 2015-08-25 00:40 - 00000000 ____D C:\Program Files\Common Files\r5lybh4n
2015-08-23 14:58 - 2015-08-24 07:40 - 00002253 _____ C:\Users\Markus Radosztics\Desktop\Google Chrome.lnk
2015-08-23 14:58 - 2015-08-23 14:58 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-08-23 14:56 - 2015-08-23 14:56 - 00931408 _____ (Google Inc.) C:\Users\Markus Radosztics\Downloads\ChromeSetup.exe
2015-08-23 14:33 - 2015-08-23 14:33 - 01260832 _____ C:\Users\Markus Radosztics\Downloads\Revo Uninstaller - CHIP-Installer.exe
2015-08-23 14:04 - 2015-08-24 23:35 - 00000000 ____D C:\Users\Markus Radosztics\Downloads\FRST-OlderVersion
2015-08-23 14:01 - 2015-08-26 00:43 - 00070353 _____ C:\Users\Markus Radosztics\Downloads\FRST.txt
2015-08-23 14:01 - 2015-08-23 14:02 - 00081428 _____ C:\Users\Markus Radosztics\Downloads\Addition.txt
2015-08-23 14:00 - 2015-08-23 14:00 - 00018325 _____ C:\Users\Markus Radosztics\Desktop\Fixlist.txt
2015-08-23 12:05 - 2015-08-26 14:05 - 00000320 _____ C:\Windows\Tasks\PC-Mechanic Maintenance.job
2015-08-23 12:05 - 2015-08-26 09:23 - 00000334 _____ C:\Windows\Tasks\PC-Mechanic Startup.job
2015-08-23 12:05 - 2015-08-23 12:05 - 00003248 _____ C:\Windows\System32\Tasks\PC-Mechanic Maintenance
2015-08-23 12:05 - 2015-08-23 12:05 - 00002630 _____ C:\Windows\System32\Tasks\PC-Mechanic Startup
2015-08-23 12:05 - 2015-08-23 12:05 - 00001171 _____ C:\Users\Public\Desktop\PC Mechanic.lnk
2015-08-23 12:05 - 2015-08-23 12:05 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\Uniblue
2015-08-23 12:05 - 2015-08-23 12:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue
2015-08-23 12:05 - 2015-08-23 12:05 - 00000000 ____D C:\Program Files (x86)\Uniblue
2015-08-22 17:34 - 2015-08-22 17:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\腾讯软件
2015-08-22 15:20 - 2015-08-22 15:20 - 00852684 _____ C:\Users\Markus Radosztics\Desktop\SecurityCheck.exe
2015-08-22 14:31 - 2015-08-26 09:55 - 00000000 ____D C:\ProgramData\d64c6aa4-9b30-4b06-8859-0cfa31bd50dc
2015-08-22 14:31 - 2015-08-22 14:31 - 00002215 _____ C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
2015-08-22 14:31 - 2015-08-22 14:31 - 00002207 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014.lnk
2015-08-22 14:31 - 2015-08-22 14:31 - 00002195 _____ C:\Users\Public\Desktop\TuneUp Utilities 2014.lnk
2015-08-22 14:31 - 2015-08-22 14:31 - 00000000 ____D C:\Program Files (x86)\Great Find
2015-08-22 14:31 - 2015-06-25 07:53 - 00040760 _____ (TuneUp Software) C:\Windows\system32\TURegOpt.exe
2015-08-22 14:31 - 2015-06-25 07:53 - 00029496 _____ (TuneUp Software) C:\Windows\system32\authuitu.dll
2015-08-22 14:31 - 2015-06-25 07:53 - 00025400 _____ (TuneUp Software) C:\Windows\SysWOW64\authuitu.dll
2015-08-22 14:30 - 2015-08-23 12:04 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\OpenCandy
2015-08-22 14:30 - 2015-08-22 14:31 - 00000000 ____D C:\Program Files (x86)\TuneUp Utilities 2014
2015-08-22 13:05 - 2015-08-22 13:05 - 02870984 _____ (ESET) C:\Users\Markus Radosztics\Downloads\esetsmartinstaller_deu.exe
2015-08-22 12:04 - 2015-08-22 12:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-08-21 23:42 - 2015-08-21 23:42 - 00002377 _____ C:\Windows\SysWOW64\findit.xml
2015-08-21 23:42 - 2015-08-21 23:42 - 00000000 ____D C:\ProgramData\ExtTags
2015-08-21 15:10 - 2015-08-21 15:10 - 00957064 _____ C:\Windows\Minidump\082115-9765-01.dmp
2015-08-21 10:36 - 2015-08-21 10:36 - 01162256 _____ C:\Windows\Minidump\082115-8296-01.dmp
2015-08-21 09:25 - 2015-08-21 09:25 - 00001051 _____ C:\Users\Markus Radosztics\Desktop\AnyProtect.lnk
2015-08-21 09:25 - 2015-08-21 09:25 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup
2015-08-21 09:24 - 2015-08-26 14:21 - 00000000 ____D C:\ProgramData\update
2015-08-21 09:24 - 2015-08-24 23:37 - 00000000 ____D C:\Program Files (x86)\AnyProtectEx
2015-08-21 09:24 - 2015-08-22 11:46 - 00000000 ____D C:\ProgramData\WWinManProW
2015-08-21 09:24 - 2015-08-21 09:24 - 00000000 ____D C:\Program Files (x86)\MiniLite
2015-08-21 09:14 - 2015-08-24 23:35 - 02186752 _____ (Farbar) C:\Users\Markus Radosztics\Downloads\FRST64.exe
2015-08-20 23:02 - 2015-08-20 23:02 - 00002250 _____ C:\Users\Markus Radosztics\AppData\Roaming\mKEEssqw2b6jam0xKEJW.exe.lnk
2015-08-20 23:02 - 2015-08-20 23:02 - 00002228 _____ C:\Users\Markus Radosztics\AppData\Roaming\Cus4wE9mf.exe.lnk
2015-08-20 22:58 - 2015-08-26 00:46 - 00028984 _____ (Tencent) C:\Windows\SysWOW64\Drivers\TS888x64.sys
2015-08-20 22:58 - 2015-08-20 22:58 - 00003338 _____ C:\Windows\System32\Tasks\RsDelayLauncher_{8A34248E-7D35-4832-8378-7659E0B0A380}
2015-08-20 22:57 - 2015-08-21 08:25 - 00000298 _____ C:\Windows\Tasks\Tempo Runner yvegdufu.job
2015-08-20 22:57 - 2015-08-21 08:25 - 00000298 _____ C:\Windows\Tasks\Tempo Runner yveg6ufu.job
2015-08-20 22:57 - 2015-08-20 22:57 - 00002442 _____ C:\Windows\System32\Tasks\Tempo Runner yvegdufu
2015-08-20 22:57 - 2015-08-20 22:57 - 00002442 _____ C:\Windows\System32\Tasks\Tempo Runner yveg6ufu
2015-08-20 22:51 - 2015-08-21 08:53 - 00000000 ____D C:\ProgramData\Rising
2015-08-20 22:51 - 2015-08-21 08:53 - 00000000 ____D C:\Program Files (x86)\Rising
2015-08-20 22:51 - 2015-08-21 00:36 - 00000000 ___RD C:\RavBin
2015-08-20 22:51 - 2014-07-30 04:44 - 00091928 ____N (Beijing Rising Information Technology Co., Ltd.) C:\Windows\SysWOW64\vpatch.dll
2015-08-20 22:50 - 2015-08-22 16:58 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\腾讯软件
2015-08-20 22:50 - 2015-08-20 22:50 - 00274232 _____ (Tencent Technology(Shenzhen) Company Limited) C:\Windows\system32\Drivers\TAOKernel64.sys
2015-08-20 22:50 - 2015-08-20 22:50 - 00087864 _____ (电脑管家) C:\Windows\system32\Drivers\TFsFltX64.sys
2015-08-20 22:50 - 2015-08-20 22:50 - 00074040 _____ (Tencent) C:\Windows\system32\Drivers\TAOAccelerator64.sys
2015-08-20 22:50 - 2015-08-20 22:50 - 00000000 ____D C:\ProgramData\TXQMPC
2015-08-20 22:50 - 2015-08-20 22:50 - 00000000 ____D C:\Program Files\Common Files\Tencent
2015-08-20 22:49 - 2015-08-20 23:31 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\Tencent
2015-08-20 22:49 - 2015-08-20 22:52 - 00000000 ____D C:\ProgramData\Tencent
2015-08-20 22:49 - 2015-08-20 22:49 - 00000000 ____D C:\Program Files (x86)\Tencent
2015-08-20 22:44 - 2015-08-20 22:44 - 00001113 _____ C:\Users\Markus Radosztics\Desktop\Continue Live Installation.lnk
2015-08-20 22:44 - 2015-08-20 22:44 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\istartsurf
2015-08-20 22:37 - 2015-08-20 22:37 - 00000000 _____ C:\dummy.htm
2015-08-20 22:32 - 2015-08-20 22:33 - 00000000 ____D C:\ProgramData\LocalStorage
2015-08-20 22:30 - 2015-08-20 22:30 - 00000000 ____D C:\Users\Markus Radosztics\.android
2015-08-20 22:29 - 2015-08-20 22:29 - 00001318 _____ C:\Users\Markus Radosztics\Desktop\全网影视.lnk
2015-08-20 22:29 - 2015-08-20 22:29 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\ppslog
2015-08-20 22:19 - 2015-08-21 08:25 - 00000378 _____ C:\Windows\Tasks\APSnotifierPP1.job
2015-08-20 22:19 - 2015-08-20 22:55 - 00000376 _____ C:\Windows\Tasks\APSnotifierPP2.job
2015-08-20 22:19 - 2015-08-20 22:49 - 00002832 _____ C:\Windows\System32\Tasks\APSnotifierPP1
2015-08-20 22:19 - 2015-08-20 22:49 - 00002830 _____ C:\Windows\System32\Tasks\APSnotifierPP3
2015-08-20 22:19 - 2015-08-20 22:49 - 00002830 _____ C:\Windows\System32\Tasks\APSnotifierPP2
2015-08-20 22:19 - 2015-08-20 22:49 - 00000376 _____ C:\Windows\Tasks\APSnotifierPP3.job
2015-08-20 22:17 - 2015-08-21 08:47 - 00000000 ____D C:\IQIYI Video
2015-08-20 22:17 - 2015-08-21 08:46 - 00000000 ____D C:\ProgramData\IQIYI Video
2015-08-20 22:17 - 2015-08-21 00:37 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\Unity
2015-08-20 22:17 - 2015-08-20 22:30 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\IQIYI Video
2015-08-20 22:17 - 2015-08-20 22:17 - 00000000 __SHD C:\Users\Markus Radosztics\AppData\Roaming\AnyProtectEx
2015-08-20 22:17 - 2015-08-20 22:17 - 00000000 ____D C:\Users\Public\QiYi
2015-08-20 22:17 - 2015-08-20 22:17 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\SysassistByHotWheel
2015-08-20 22:16 - 2015-08-20 22:16 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\node-webkit
2015-08-20 22:15 - 2015-08-21 00:37 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\cpuminer
2015-08-20 22:15 - 2015-08-20 22:15 - 00000217 _____ C:\task.vbs
2015-08-20 22:10 - 2015-08-20 22:10 - 29727656 _____ (Oracle Corporation) C:\Users\Markus Radosztics\Desktop\jre-8u25-windows-i586.exe
2015-08-20 22:09 - 2015-08-20 23:09 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\Gameo
2015-08-20 22:09 - 2015-08-20 22:26 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\Opera Software
2015-08-20 22:09 - 2015-08-20 22:26 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\Opera Software
2015-08-20 22:09 - 2015-08-20 22:09 - 00000185 _____ C:\Users\Markus Radosztics\Desktop\Play Games Online.url
2015-08-20 22:09 - 2015-08-20 22:09 - 00000185 _____ C:\Users\Markus Radosztics\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Play Games Online.url
2015-08-20 22:09 - 2015-08-20 22:09 - 00000000 ___HD C:\Users\Markus Radosztics\AppData\Roaming\GoldenGate
2015-08-20 22:09 - 2015-08-20 22:09 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\Gameo
2015-08-20 22:07 - 2015-08-21 00:37 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\WarThunder
2015-08-20 22:07 - 2015-08-20 22:07 - 29727656 _____ (Oracle Corporation) C:\Users\Markus Radosztics\Downloads\setup [1].exe
2015-08-20 22:06 - 2015-08-24 23:37 - 00000000 ____D C:\Program Files (x86)\Cinem Plus 2.4cV20.08
2015-08-20 22:06 - 2015-08-23 14:05 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\00000000-1440108399-0000-0000-448A5BA07B78
2015-08-20 22:06 - 2015-08-20 09:50 - 00048784 _____ (StdLib) C:\Windows\system32\Drivers\{8b8ff336-6f1d-48e8-bf3a-a8cbaafdd963}Gw64.sys
2015-08-20 22:06 - 2015-07-23 15:47 - 00000854 _____ C:\Windows\system32\Drivers\etc\hp.bak
2015-08-20 22:05 - 2015-08-23 14:05 - 00000000 ____D C:\Program Files (x86)\OLBPre
2015-08-20 22:05 - 2015-08-20 23:02 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\{1A0B2C57-3EA3-40EF-533B-65077753999F}
2015-08-20 22:05 - 2015-08-20 22:05 - 00004008 _____ C:\Windows\System32\Tasks\LaunchPreSignup
2015-08-20 22:04 - 2015-08-20 22:26 - 00000000 ____D C:\Program Files (x86)\Opera
2015-08-20 22:04 - 2015-08-20 22:04 - 00047616 _____ C:\Users\Markus Radosztics\AppData\Local\Salttex.exe
2015-08-20 21:58 - 2015-08-20 21:58 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\Sun
2015-08-20 21:58 - 2015-08-20 21:58 - 00000000 ____D C:\Users\Markus Radosztics\.oracle_jre_usage
2015-08-20 20:37 - 2015-08-21 00:38 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\WindSolutions
2015-08-20 20:37 - 2015-08-20 20:44 - 00000000 ____D C:\ProgramData\WindSolutions
2015-08-20 12:29 - 2015-08-20 14:13 - 00000190 _____ C:\mylog.log
2015-08-20 12:29 - 2015-08-20 12:29 - 00000000 ____D C:\Program Files (x86)\MSI
2015-08-20 12:22 - 2015-08-20 12:22 - 00000000 ____D C:\Users\Markus Radosztics\Downloads\intel_usb30
2015-08-20 12:21 - 2015-08-20 12:21 - 06227267 _____ C:\Users\Markus Radosztics\Downloads\intel_usb30.zip
2015-08-20 12:19 - 2015-08-20 12:19 - 02837521 _____ C:\Users\Markus Radosztics\Downloads\intel_chipse_9_w10.zip
2015-08-20 12:19 - 2015-08-20 12:19 - 00000000 ____D C:\Users\Markus Radosztics\Downloads\intel_chipse_9_w10
2015-08-20 11:43 - 2015-08-20 22:55 - 00000004 _____ C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-08-20 11:43 - 2015-08-20 11:43 - 00003156 _____ C:\Windows\System32\Tasks\Download Touch
2015-08-20 11:43 - 2015-08-20 11:43 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\Download Touch
2015-08-20 11:39 - 2015-08-24 23:37 - 00000000 ____D C:\Program Files (x86)\CinemaP-1.9cV16.03
2015-08-20 11:39 - 2015-08-21 10:44 - 00000000 ____D C:\Program Files (x86)\globalUpdate
2015-08-20 11:39 - 2015-08-20 11:39 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\globalUpdate
2015-08-20 11:37 - 2015-08-20 11:37 - 19284168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-08-20 11:34 - 2015-08-22 15:27 - 00012280 _____ C:\Windows\SysWOW64\acengineOff.ini
2015-08-20 11:34 - 2015-08-22 15:27 - 00012280 _____ C:\Windows\system32\acengineOff.ini
2015-08-20 11:34 - 2015-08-13 14:49 - 00045784 _____ (Abengine) C:\Windows\system32\Drivers\acwfp64.sys
2015-08-20 11:34 - 2015-08-11 16:50 - 00299296 _____ (Abengine) C:\Windows\SysWOW64\acengine.dll
2015-08-20 11:15 - 2015-08-20 01:24 - 00048784 _____ (StdLib) C:\Windows\system32\Drivers\{987371d1-e860-4e27-ba6a-35575fd33b7c}Gw64.sys
2015-08-20 11:13 - 2015-08-20 11:13 - 00012839 _____ C:\Users\Markus Radosztics\Desktop\Apple_Mobile_Device_USB_Driver(1).msi
2015-08-20 11:12 - 2015-08-26 07:49 - 00000000 ____D C:\Program Files (x86)\FastSearch
2015-08-20 11:12 - 2015-08-24 23:37 - 00000000 ____D C:\Program Files (x86)\GUPlayer
2015-08-20 11:12 - 2015-08-20 11:34 - 00000002 _____ C:\END
2015-08-20 11:12 - 2015-08-20 11:12 - 00012839 _____ C:\Users\Markus Radosztics\Desktop\Apple_Mobile_Device_USB_Driver.msi
2015-08-20 11:12 - 2015-08-20 11:12 - 00003578 _____ C:\Windows\System32\Tasks\Shop-wit Updater
2015-08-20 11:12 - 2015-08-20 11:12 - 00003112 _____ C:\Windows\System32\Tasks\cfr3011
2015-08-20 11:12 - 2015-08-11 21:11 - 00349584 _____ (Abengine) C:\Windows\system32\acengine64.dll
2015-08-20 10:43 - 2015-08-20 10:43 - 00001456 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-08-20 10:43 - 2015-08-20 10:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-08-20 10:43 - 2015-08-20 10:43 - 00000000 ____D C:\Program Files\iPod
2015-08-20 10:43 - 2015-08-20 10:43 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-08-20 10:42 - 2015-08-20 10:42 - 00002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2015-08-20 10:42 - 2015-08-20 10:42 - 00000000 ____D C:\Windows\System32\Tasks\Apple
2015-08-20 10:42 - 2015-08-20 10:42 - 00000000 ____D C:\Program Files\Bonjour
2015-08-20 10:42 - 2015-08-20 10:42 - 00000000 ____D C:\Program Files (x86)\Bonjour
2015-08-20 10:42 - 2015-08-20 10:42 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2015-08-19 22:11 - 2015-08-20 00:33 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\MediaMonkey
2015-08-19 22:11 - 2015-08-19 22:11 - 00000695 _____ C:\Users\Public\Desktop\MediaMonkey.lnk
2015-08-19 22:11 - 2015-08-19 22:11 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\MediaMonkey
2015-08-19 22:11 - 2015-08-19 22:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MediaMonkey
2015-08-19 22:10 - 2015-08-19 22:10 - 00000000 ____D C:\ProgramData\MediaMonkey
2015-08-19 21:18 - 2015-08-13 14:34 - 19292160 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-08-19 21:18 - 2015-08-13 13:02 - 14383616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-08-19 21:18 - 2015-08-13 12:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-08-19 21:18 - 2015-08-13 12:44 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-08-19 20:48 - 2015-08-19 20:51 - 00000512 __RSH C:\ProgramData\ntuser.pol
2015-08-19 20:46 - 2015-08-19 20:46 - 01135152 _____ C:\Windows\Minidump\081915-12953-01.dmp
2015-08-19 16:27 - 2015-08-19 02:39 - 00048784 _____ (StdLib) C:\Windows\system32\Drivers\{092386fb-9faf-4d52-817c-d4095ab6e5cd}Gw64.sys
2015-08-19 16:24 - 2015-08-23 14:06 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\mystartsearch
2015-08-19 16:24 - 2015-08-19 21:03 - 00000000 ____D C:\ProgramData\nWinManPron
2015-08-19 16:24 - 2015-08-19 16:24 - 00000000 _____ C:\Windows\prleth.sys
2015-08-19 16:24 - 2015-08-19 16:24 - 00000000 _____ C:\Windows\hgfs.sys
2015-08-19 16:22 - 2015-08-19 16:22 - 00000767 _____ C:\Users\Markus Radosztics\Desktop\MP3 Voice Recorder.lnk
2015-08-19 16:22 - 2015-08-19 16:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MP3 Voice Recorder
2015-08-19 16:22 - 2004-03-08 21:30 - 00212240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\richtx32.ocx
2015-08-16 18:23 - 2015-08-16 18:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2015-08-16 00:59 - 2015-07-30 15:11 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-16 00:59 - 2015-07-30 15:10 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-16 00:59 - 2015-07-13 23:05 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-08-16 00:59 - 2015-07-13 23:05 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-08-16 00:59 - 2015-07-09 23:46 - 05982208 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-08-16 00:59 - 2015-07-09 23:44 - 00322560 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2015-08-16 00:59 - 2015-07-09 22:17 - 05095424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-08-16 00:59 - 2015-07-09 22:16 - 00269824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-08-16 00:59 - 2015-07-06 18:16 - 00044560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2015-08-16 00:59 - 2015-07-06 16:32 - 00281944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2015-08-16 00:59 - 2015-07-01 15:00 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-08-16 00:59 - 2015-07-01 14:58 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-08-16 00:59 - 2015-07-01 13:42 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-08-16 00:59 - 2015-07-01 13:41 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-08-16 00:58 - 2015-07-28 18:25 - 00025776 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-08-16 00:58 - 2015-07-28 16:13 - 01116160 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-08-16 00:58 - 2015-07-28 16:13 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-08-16 00:58 - 2015-07-28 16:13 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-08-16 00:58 - 2015-07-28 16:13 - 00437248 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-08-16 00:58 - 2015-07-28 16:13 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-08-16 00:58 - 2015-07-28 15:12 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-08-16 00:58 - 2015-07-16 22:32 - 02239488 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-08-16 00:58 - 2015-07-16 22:32 - 01409024 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-08-16 00:58 - 2015-07-16 22:32 - 00601600 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-08-16 00:58 - 2015-07-16 22:31 - 03959808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-08-16 00:58 - 2015-07-16 22:31 - 00856064 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-08-16 00:58 - 2015-07-16 22:31 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-08-16 00:58 - 2015-07-16 22:30 - 15416320 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-08-16 00:58 - 2015-07-16 22:30 - 02657280 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-08-16 00:58 - 2015-07-16 22:30 - 00949760 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-08-16 00:58 - 2015-07-16 21:07 - 01763328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-08-16 00:58 - 2015-07-16 21:07 - 01181696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-08-16 00:58 - 2015-07-16 21:07 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-08-16 00:58 - 2015-07-16 21:06 - 13774848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-08-16 00:58 - 2015-07-16 21:06 - 02865664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-08-16 00:58 - 2015-07-16 21:06 - 02056704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-08-16 00:58 - 2015-07-16 21:06 - 00737280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-08-16 00:58 - 2015-07-16 21:06 - 00690176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-08-16 00:58 - 2015-07-16 21:06 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-08-16 00:58 - 2015-07-16 21:06 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-08-16 00:58 - 2015-07-16 21:06 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-08-16 00:58 - 2015-07-13 23:23 - 01744384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-08-16 00:58 - 2015-07-13 23:23 - 01422336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-08-16 00:58 - 2015-07-13 23:05 - 02340864 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-08-16 00:58 - 2015-07-13 23:05 - 01850880 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-08-16 00:55 - 2015-07-29 16:45 - 01412608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-08-16 00:55 - 2015-07-29 16:45 - 00035328 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-08-16 00:55 - 2015-07-29 15:52 - 01840640 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-08-16 00:55 - 2015-07-29 15:52 - 01280000 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-08-16 00:55 - 2015-07-29 15:52 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-08-16 00:55 - 2015-07-28 00:42 - 00304128 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-08-16 00:55 - 2015-07-28 00:40 - 04064768 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-08-16 00:55 - 2015-07-28 00:40 - 00366592 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-08-16 00:55 - 2015-07-15 18:09 - 06969688 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-08-16 00:55 - 2015-07-15 18:09 - 00095064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-08-16 00:55 - 2015-07-15 18:06 - 01824296 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-08-16 00:55 - 2015-07-15 15:49 - 01410000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-08-16 00:55 - 2015-07-15 15:29 - 01333248 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-08-16 00:55 - 2015-07-09 23:47 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-08-16 00:55 - 2015-07-09 23:47 - 00243712 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-08-16 00:55 - 2015-07-09 22:18 - 00233984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2015-08-16 00:55 - 2015-06-09 15:09 - 00411133 _____ C:\Windows\system32\ApnDatabase.xml
2015-08-15 11:14 - 2015-08-15 11:14 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-08-03 12:12 - 2015-08-03 12:12 - 00045680 ____H (LogMeIn Inc.) C:\Windows\system32\Drivers\Hamdrv.sys
2015-07-29 15:41 - 2015-07-29 15:41 - 01373000 _____ C:\Windows\Minidump\072915-9968-01.dmp

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-08-26 14:32 - 2015-06-07 20:44 - 00000000 ____D C:\FRST
2015-08-26 14:30 - 2012-07-26 12:27 - 00751892 _____ C:\Windows\system32\perfh007.dat
2015-08-26 14:30 - 2012-07-26 12:27 - 00155620 _____ C:\Windows\system32\perfc007.dat
2015-08-26 14:30 - 2012-07-26 09:28 - 01745416 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-26 14:26 - 2013-09-30 19:17 - 00283968 _____ C:\Windows\PFRO.log
2015-08-26 14:24 - 2013-09-30 19:24 - 01772785 _____ C:\Windows\WindowsUpdate.log
2015-08-26 14:22 - 2013-10-01 21:22 - 00000000 ____D C:\ProgramData\NVIDIA
2015-08-26 14:22 - 2012-07-26 09:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-26 14:04 - 2013-11-22 22:24 - 00000366 _____ C:\Windows\Tasks\HP Photo Creations Communicator.job
2015-08-26 14:00 - 2015-06-18 06:45 - 00001290 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-817472733-4082136947-4255886928-1001UA.job
2015-08-26 14:00 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\sru
2015-08-26 13:51 - 2013-11-19 21:28 - 00001136 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-26 13:48 - 2014-12-27 12:45 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\36A80DEE-1AAD-4F7E-AA6A-4638F785B9B6.aplzod
2015-08-26 13:37 - 2013-09-30 21:01 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-08-26 11:00 - 2015-06-18 06:45 - 00001238 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-817472733-4082136947-4255886928-1001Core.job
2015-08-26 09:51 - 2013-11-19 21:28 - 00001132 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-26 08:51 - 2013-09-30 19:30 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-817472733-4082136947-4255886928-1001
2015-08-26 08:46 - 2013-10-02 17:05 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\Skype
2015-08-26 07:49 - 2015-01-14 23:45 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\LogMeIn Hamachi
2015-08-26 07:49 - 2014-12-27 12:46 - 00000000 ___RD C:\Users\Markus Radosztics\iCloudDrive
2015-08-26 07:49 - 2013-10-13 20:57 - 00000000 ___RD C:\Users\Markus Radosztics\Dropbox
2015-08-26 07:49 - 2013-10-13 20:55 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\Dropbox
2015-08-23 14:35 - 2015-06-07 21:40 - 00001270 _____ C:\Users\Markus Radosztics\Desktop\Revo Uninstaller.lnk
2015-08-23 14:35 - 2015-06-07 21:40 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2015-08-23 12:44 - 2014-02-01 13:30 - 00000000 ____D C:\Program Files (x86)\Java
2015-08-22 15:17 - 2014-08-06 12:17 - 00000000 ____D C:\ProgramData\TuneUp Software
2015-08-22 12:04 - 2015-02-23 20:21 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-08-22 12:04 - 2013-10-02 17:05 - 00000000 ____D C:\ProgramData\Skype
2015-08-22 10:00 - 2015-03-18 18:45 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-08-22 10:00 - 2014-06-17 22:52 - 00005182 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for WAUT0001-Markus Radosztics WAUT0001
2015-08-21 23:42 - 2013-10-01 18:41 - 00001171 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-08-21 23:42 - 2013-09-30 19:24 - 00001450 _____ C:\Users\Markus Radosztics\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-08-21 15:10 - 2013-11-25 12:30 - 00000000 ____D C:\Windows\Minidump
2015-08-21 08:52 - 2015-03-20 10:39 - 00507984 _____ C:\Windows\system32\FNTCACHE.DAT
2015-08-20 22:50 - 2013-09-30 19:24 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\VirtualStore
2015-08-20 22:30 - 2013-09-30 19:24 - 00000000 ____D C:\Users\Markus Radosztics
2015-08-20 22:10 - 2014-02-01 13:30 - 00000000 ____D C:\ProgramData\Oracle
2015-08-20 22:06 - 2012-07-26 07:26 - 00000269 _____ C:\Windows\win.ini
2015-08-20 21:22 - 2014-11-19 18:47 - 00000000 ____D C:\Program Files (x86)\Samsung
2015-08-20 21:22 - 2013-12-19 13:46 - 00000000 ____D C:\Users\Markus Radosztics\Documents\samsung
2015-08-20 21:22 - 2013-12-19 13:46 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\Samsung
2015-08-20 21:18 - 2013-12-19 13:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2015-08-20 21:18 - 2013-09-30 19:32 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-08-20 20:58 - 2013-09-30 20:29 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\Downloaded Installations
2015-08-20 20:27 - 2015-06-03 20:07 - 00000000 ____D C:\Program Files (x86)\A1 Servicecenter
2015-08-20 14:09 - 2015-03-18 18:59 - 00002321 _____ C:\Users\Markus Radosztics\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-08-20 11:43 - 2014-06-25 17:28 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-20 11:37 - 2013-09-30 21:01 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-08-20 10:43 - 2013-09-30 20:20 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-08-20 10:42 - 2013-09-30 20:20 - 00000000 ____D C:\ProgramData\Apple
2015-08-19 21:47 - 2013-09-30 19:24 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\Packages
2015-08-19 21:18 - 2012-07-26 09:59 - 00000000 ____D C:\Windows\CbsTemp
2015-08-19 17:27 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\GroupPolicy
2015-08-16 18:23 - 2015-07-14 21:02 - 00000650 _____ C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2015-08-16 18:22 - 2015-04-17 08:09 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-08-16 18:22 - 2015-04-17 08:09 - 00000000 ____D C:\Windows\system32\appraiser
2015-08-16 18:22 - 2013-09-30 19:57 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-08-16 18:22 - 2013-09-30 19:57 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-08-16 18:22 - 2012-07-26 10:12 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-16 18:22 - 2012-07-26 10:12 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-16 18:22 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows Defender
2015-08-16 18:22 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-08-16 10:55 - 2013-09-30 19:53 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-08-16 10:55 - 2013-09-30 19:52 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-08-16 10:54 - 2013-09-30 19:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-08-16 10:53 - 2013-09-30 22:57 - 00000000 ____D C:\Windows\system32\MRT
2015-08-16 10:51 - 2013-09-30 22:57 - 132483416 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-08-16 10:46 - 2012-07-26 10:12 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-16 10:46 - 2012-07-26 10:12 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-16 10:26 - 2013-10-01 18:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-15 11:11 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\AUInstallAgent
2015-08-08 04:27 - 2012-07-26 10:14 - 00793544 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-08-08 04:27 - 2012-07-26 10:14 - 00177632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-30 18:24 - 2015-07-24 11:56 - 00016603 _____ C:\Users\Markus Radosztics\Downloads\Schulsporthilfe-Vorschlag-2015.xlsx

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-08-20 23:02 - 2015-08-20 23:02 - 0002228 _____ () C:\Users\Markus Radosztics\AppData\Roaming\Cus4wE9mf.exe.lnk
2015-08-20 23:02 - 2015-08-20 23:02 - 0002250 _____ () C:\Users\Markus Radosztics\AppData\Roaming\mKEEssqw2b6jam0xKEJW.exe.lnk
2013-09-30 20:29 - 2013-09-30 20:29 - 0000268 ___RH () C:\Users\Markus Radosztics\AppData\Roaming\String Ensemble
2013-09-30 20:30 - 2013-09-30 20:30 - 0000268 ___RH () C:\Users\Markus Radosztics\AppData\Roaming\Strings
2013-09-30 20:29 - 2013-09-30 20:29 - 0000268 ___RH () C:\Users\Markus Radosztics\AppData\Roaming\Super Strings
2013-09-30 20:29 - 2013-09-30 20:29 - 0000268 ___RH () C:\Users\Markus Radosztics\AppData\Roaming\Techno Kit
2014-02-05 18:38 - 2015-06-07 12:43 - 0000156 _____ () C:\Users\Markus Radosztics\AppData\Roaming\WB.CFG
2013-11-06 10:01 - 2014-08-12 18:27 - 0006144 _____ () C:\Users\Markus Radosztics\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-12-23 18:56 - 2014-12-23 18:56 - 0007606 _____ () C:\Users\Markus Radosztics\AppData\Local\Resmon.ResmonCfg
2015-08-20 22:04 - 2015-08-20 22:04 - 0047616 _____ () C:\Users\Markus Radosztics\AppData\Local\Salttex.exe
2015-08-20 22:04 - 2015-08-20 22:04 - 0000187 _____ () C:\Users\Markus Radosztics\AppData\Local\Salttex.exe.config
2013-10-02 17:42 - 2013-10-02 17:42 - 0000057 _____ () C:\ProgramData\Ament.ini
2014-07-07 09:16 - 2014-07-07 09:16 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2013-09-30 20:29 - 2013-09-30 20:29 - 0000012 ___RH () C:\ProgramData\howto
2013-09-30 20:29 - 2013-09-30 20:29 - 0000020 ____H () C:\ProgramData\PKP_DLeo.DAT
2013-09-30 20:30 - 2013-09-30 20:30 - 0000020 ____H () C:\ProgramData\PKP_DLes.DAT
2013-09-30 20:29 - 2013-09-30 20:30 - 0000020 ____H () C:\ProgramData\PKP_DLet.DAT
2013-09-30 20:29 - 2013-09-30 20:29 - 0000020 ____H () C:\ProgramData\PKP_DLev.DAT
2013-09-30 20:29 - 2013-09-30 20:29 - 0000268 ___RH () C:\ProgramData\Sync Schema
2013-09-30 20:30 - 2013-09-30 20:30 - 0000268 ___RH () C:\ProgramData\Sync Services
2013-09-30 20:29 - 2013-09-30 20:29 - 0000268 ___RH () C:\ProgramData\Synth Basics
2013-09-30 20:29 - 2013-09-30 20:29 - 0000012 ___RH () C:\ProgramData\Track Settings
2013-09-30 20:30 - 2013-09-30 20:30 - 0000012 ___RH () C:\ProgramData\Transportation
2013-09-30 20:29 - 2013-09-30 20:29 - 0000012 ___RH () C:\ProgramData\Tremolo

Einige Dateien in TEMP:
====================
C:\Users\Markus Radosztics\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmppevtm3.dll
C:\Users\Markus Radosztics\AppData\Local\Temp\{26ECE78A-B4C3-4D85-A58B-D4E9E5690C5C}.dll
C:\Users\Markus Radosztics\AppData\Local\Temp\{27C9FB08-57AE-4C34-846C-1376C470FE34}.dll
C:\Users\Markus Radosztics\AppData\Local\Temp\{35BDCA8E-6DA6-4E7B-8896-C2BC3CE3EC0E}.dll
C:\Users\Markus Radosztics\AppData\Local\Temp\{39974290-CBE6-4D67-847A-487D6885D81A}.dll
C:\Users\Markus Radosztics\AppData\Local\Temp\{60AE38EC-5EE0-48F6-9261-FDF20A16D743}.dll
C:\Users\Markus Radosztics\AppData\Local\Temp\{641C3654-92C7-4617-90B7-9AF5AE18A063}.dll
C:\Users\Markus Radosztics\AppData\Local\Temp\{8EB74426-352F-4E9D-B74A-10DE3F29D715}.dll
C:\Users\Markus Radosztics\AppData\Local\Temp\{ADC6A9D0-CA2A-45BF-9899-47E6993AC360}.dll
C:\Users\Markus Radosztics\AppData\Local\Temp\{C31609EA-E6A1-47D4-B1D8-6E05D7732D92}.dll
C:\Users\Markus Radosztics\AppData\Local\Temp\{C3398C96-3F8F-47A1-99AE-A4A8521FC7B3}.dll
C:\Users\Markus Radosztics\AppData\Local\Temp\{D700BD64-43E4-446C-A9FF-6669911E878D}.dll
C:\Users\Markus Radosztics\AppData\Local\Temp\{DE53AEC4-E966-443E-B4D2-C9729CB89C15}.dll
C:\Users\Markus Radosztics\AppData\Local\Temp\{F8C4EA3F-5DD3-4CFE-ADA6-31AEE2E9FD94}.dll
C:\Users\Markus Radosztics\AppData\Local\Temp\{F9ED24B7-4408-4C05-8FA8-0568BB664EDD}.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-08-16 18:02

==================== Ende von Ergebnis ============================
lg Don Camillo

Alt 27.08.2015, 07:45   #20
schrauber
/// the machine
/// TB-Ausbilder
 
Ständig öffnen sich neue Internet-Fenster - Standard

Ständig öffnen sich neue Internet-Fenster


Das ist aber wieder ein Scan, nicht der Fix

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 27.08.2015, 10:40   #21
Don_Camillo
 
Ständig öffnen sich neue Internet-Fenster - Standard

Ständig öffnen sich neue Internet-Fenster


Sorry, war mein Fehler. Hier das Fixlog:

Code:
ATTFilter
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:24-08-2015
durchgeführt von Markus Radosztics (2015-08-27 11:35:01) Run:3
Gestartet von C:\Users\Markus Radosztics\Downloads
Geladene Profile: Markus Radosztics (Verfügbare Profile: Markus Radosztics)
Start-Modus: Safe Mode (minimal)
==============================================

fixlist Inhalt:
*****************
C:\$Recycle.Bin
C:\Program Files\igfx32
C:\Program Files (x86)\00000000-1440101150-0000-0000-448A5BA07B78

C:\Program Files (x86)\AnyProtectEx\Uninstall.exe

C:\Program Files (x86)\baidu\Bind.exe

C:\Program Files (x86)\Cinem Plus 2.4cV20.08\1159fad3-7973-4be7-b312-c162e4e7bfd9.dll

C:\Program Files (x86)\CinemaP-1.9cV16.03\156eacdc-6be3-484e-958c-b1950c01381c.dll

C:\Program Files (x86)\GUPlayer\GUPlayerUninstaller.exe

C:\Program Files (x86)\OLBPre\OLBPre.exe

C:\Program Files (x86)\shopwit\shopwit\1.4.0.7\shopwit.exe

C:\Program Files (x86)\shopwit\shopwit\1.4.0.7\yjae1Hlm.dll

C:\ProgramData\ExtTag\Alphatrax.dll

C:\ProgramData\ExtTag\Biodandom.dll

C:\ProgramData\ExtTag\Blueplus.dll

C:\ProgramData\ExtTag\ExtTag.exe

C:\ProgramData\ExtTag\Greenstring.exe

C:\ProgramData\ExtTag\Jobzimtech.dll

C:\ProgramData\ExtTag\Keyfix.dll

C:\ProgramData\ExtTag\Overnix.dll

C:\ProgramData\ExtTag\Solin.dll

C:\ProgramData\ExtTag\Vilatam.dll

C:\ProgramData\ExtTag\Zimdox.dll

C:\Users\All Users\ExtTag\Alphatrax.dll

C:\Users\All Users\ExtTag\Biodandom.dll

C:\Users\All Users\ExtTag\Blueplus.dll

C:\Users\All Users\ExtTag\ExtTag.exe

C:\Users\All Users\ExtTag\Greenstring.exe

C:\Users\All Users\ExtTag\Jobzimtech.dll

C:\Users\All Users\ExtTag\Keyfix.dll

C:\Users\All Users\ExtTag\Overnix.dll

C:\Users\All Users\ExtTag\Solin.dll

C:\Users\All Users\ExtTag\Vilatam.dll

C:\Users\All Users\ExtTag\Zimdox.dll

C:\Users\Markus Radosztics\AppData\Local\nse80CC.tmp

C:\Users\Markus Radosztics\AppData\Local\nseE692.tmp

C:\Users\Markus Radosztics\AppData\Local\nss7098.tmp

C:\Users\Markus Radosztics\AppData\Local\nsv2DEB.tmp

C:\Users\Markus Radosztics\AppData\Local\00000000-1440108399-0000-0000-448A5BA07B78\rnsc5FED.exe

C:\Users\Markus Radosztics\AppData\Local\00000000-1440108399-0000-0000-448A5BA07B78\snsc5FEC.tmp

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\102.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\178.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\179.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\180.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\184.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\19.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\200.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\220.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\223.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\231.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\232.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\234.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\242.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\253.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\262.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\263.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\273.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\281.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\288.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\289.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\300.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\335.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\339.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\380.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\385.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\389.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\390.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\391.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\424.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\437.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\91.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\js\b6b7830c988806df88c32cfddd53fc99.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\js\api\1f71f589179f394711674e1bef2e79a8.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\js\api\a08bb5eaf593c92c0258a3aa5f5d9c10.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\js\api\e859f8ab59353a98b1ba776d4ab159a6.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\js\lib\04653a6705d18bce9815dba825dbd4f3.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\js\lib\1224091a7d8a03a01c84cfece5978749.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\js\lib\148ed776917d1394e64d3bee6bb0a7d0.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\js\lib\32e72a69456c7c6b07a2b8bb2a43a288.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\js\lib\8f9803aafd03bf9d3527c303aedc96e5.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\js\lib\b20ec6be3b71d58ac5b997701b1928fb.js

C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\js\lib\d69da36dc93a45dd99574490876cba61.js

C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8187EMMG\1[1].zip

C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8187EMMG\1[2].zip

C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8187EMMG\AnyProtect[1].exe

C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8187EMMG\policyname[1].exe

C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8187EMMG\setup[1].exe

C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MWQCMX90\2[2].zip

C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MWQCMX90\AnyProtectSetup[1].exe

C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MWQCMX90\AnyProtect[1].exe

C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MWQCMX90\FinalInstaller_dotnet4[1].exe

C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MWQCMX90\SearchUpdater[1].exe

C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PYEKUK5B\2[1].zip

C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PYEKUK5B\Reimage[1].exe

C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PYEKUK5B\setup[1].exe

C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PYEKUK5B\setup_362[2].exe

C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XVRE7LXX\Reimage[1].exe

C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XVRE7LXX\VuuPC_VO2_8907[1].exe

C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1DM2S2NU\trojaner-board_de[1].htm

C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\RYADG1IT\afr[1].htm

C:\Users\Markus Radosztics\AppData\Local\Mozilla\Firefox\Profiles\febuujst.default\cache2\entries\1467BB079417F9F051FA6EA8C7391D9C03B46034

C:\Users\Markus Radosztics\AppData\Local\Mozilla\Firefox\Profiles\febuujst.default\cache2\entries\2513273621AEA92FDA7F197FE306C61AB57CD82C

C:\Users\Markus Radosztics\AppData\Local\Mozilla\Firefox\Profiles\febuujst.default\cache2\entries\2C5B5C32F614ABCE1B2E6F98262E134D3A471F55

C:\Users\Markus Radosztics\AppData\Local\Mozilla\Firefox\Profiles\febuujst.default\cache2\entries\3AFB6AD46657D59461FDAD66FB5F88F7E486DB73

C:\Users\Markus Radosztics\AppData\Local\Mozilla\Firefox\Profiles\febuujst.default\cache2\entries\4B011C0394440B2950D8F79F2239B6A410AA9ABA

C:\Users\Markus Radosztics\AppData\Local\Mozilla\Firefox\Profiles\febuujst.default\cache2\entries\5059E31C2C0B0CC7DDF6B50778335DDD090F02A3

C:\Users\Markus Radosztics\AppData\Local\Mozilla\Firefox\Profiles\febuujst.default\cache2\entries\7457893C1262DC14F9ACD39B0EDB0F4D9A3E4B74

C:\Users\Markus Radosztics\AppData\Local\Mozilla\Firefox\Profiles\febuujst.default\cache2\entries\76E89FA6682C33F128F828096B95BCA1714D8097

C:\Users\Markus Radosztics\AppData\Local\Mozilla\Firefox\Profiles\febuujst.default\cache2\entries\E2157AFFDC9A55B7C1F514C044F34F76759B5515

C:\Users\Markus Radosztics\AppData\Local\Mozilla\Firefox\Profiles\febuujst.default\cache2\entries\FEC3A29932E057A370B8C9524ABE8DA1A67FA8BD

C:\Users\Markus Radosztics\AppData\Local\Temp\2549.exe

C:\Users\Markus Radosztics\AppData\Local\Temp\5494.exe

C:\Users\Markus Radosztics\AppData\Local\Temp\976.exe

C:\Users\Markus Radosztics\AppData\Local\Temp\fsd6341.exe

C:\Users\Markus Radosztics\AppData\Local\Temp\fsd6B10.exe

C:\Users\Markus Radosztics\AppData\Local\Temp\fsdC449.exe

C:\Users\Markus Radosztics\AppData\Local\Temp\fsdD8AD.exe

C:\Users\Markus Radosztics\AppData\Local\Temp\ICReinstall_nsg2EF9.tmp

C:\Users\Markus Radosztics\AppData\Local\Temp\nsbB654.tmp

C:\Users\Markus Radosztics\AppData\Local\Temp\nsc7E69.exe

C:\Users\Markus Radosztics\AppData\Local\Temp\nscDA5A.tmp

C:\Users\Markus Radosztics\AppData\Local\Temp\nsdF6EC.tmp

C:\Users\Markus Radosztics\AppData\Local\Temp\nsg2EF9.tmp

C:\Users\Markus Radosztics\AppData\Local\Temp\nsi2FB1.tmp

C:\Users\Markus Radosztics\AppData\Local\Temp\nsj7B4.tmp

C:\Users\Markus Radosztics\AppData\Local\Temp\nsjAE42.tmp

C:\Users\Markus Radosztics\AppData\Local\Temp\nskE9B3.tmp

C:\Users\Markus Radosztics\AppData\Local\Temp\nso3242.tmp

C:\Users\Markus Radosztics\AppData\Local\Temp\nsoD141.tmp

C:\Users\Markus Radosztics\AppData\Local\Temp\nsq3687.tmp

C:\Users\Markus Radosztics\AppData\Local\Temp\nsr2E68.tmp

C:\Users\Markus Radosztics\AppData\Local\Temp\nsr38F9.tmp

C:\Users\Markus Radosztics\AppData\Local\Temp\nss10FC.tmp

C:\Users\Markus Radosztics\AppData\Local\Temp\nss8325.tmp

C:\Users\Markus Radosztics\AppData\Local\Temp\nssD54.tmp

C:\Users\Markus Radosztics\AppData\Local\Temp\nsuE86B.tmp

C:\Users\Markus Radosztics\AppData\Local\Temp\nsxF05A.tmp

C:\Users\Markus Radosztics\AppData\Local\Temp\nsy30AC.tmp

C:\Users\Markus Radosztics\AppData\Local\Temp\setup3.exe

C:\Users\Markus Radosztics\AppData\Local\Temp\shopup.exe

C:\Users\Markus Radosztics\AppData\Local\Temp\shpwt.exe

C:\Users\Markus Radosztics\AppData\Local\Temp\comh.374571\GoogleCrashHandler.exe

C:\Users\Markus Radosztics\AppData\Local\Temp\comh.374571\GoogleUpdate.exe

C:\Users\Markus Radosztics\AppData\Local\Temp\comh.374571\GoogleUpdateBroker.exe

C:\Users\Markus Radosztics\AppData\Local\Temp\comh.374571\GoogleUpdateOnDemand.exe

C:\Users\Markus Radosztics\AppData\Local\Temp\comh.374571\goopdate.dll

C:\Users\Markus Radosztics\AppData\Local\Temp\comh.374571\goopdateres_en.dll

C:\Users\Markus Radosztics\AppData\Local\Temp\comh.374571\npGoogleUpdate4.dll

C:\Users\Markus Radosztics\AppData\Local\Temp\comh.374571\psmachine.dll

C:\Users\Markus Radosztics\AppData\Local\Temp\comh.374571\psuser.dll

C:\Users\Markus Radosztics\AppData\Local\Temp\comh.476784\globalupdate.exe

C:\Users\Markus Radosztics\AppData\Local\Temp\comh.476784\globalupdateBroker.exe

C:\Users\Markus Radosztics\AppData\Local\Temp\comh.476784\globalupdateCrashHandler.exe

C:\Users\Markus Radosztics\AppData\Local\Temp\comh.476784\globalupdateOnDemand.exe

C:\Users\Markus Radosztics\AppData\Local\Temp\comh.476784\npglobalupdateUpdate4.dll

C:\Users\Markus Radosztics\AppData\Local\Temp\comh.476784\psmachine.dll

C:\Users\Markus Radosztics\AppData\Local\Temp\comh.476784\psuser.dll

C:\Users\Markus Radosztics\AppData\Local\Temp\comh.89854\globalupdate.exe

C:\Users\Markus Radosztics\AppData\Local\Temp\comh.89854\globalupdateBroker.exe

C:\Users\Markus Radosztics\AppData\Local\Temp\comh.89854\globalupdateCrashHandler.exe

C:\Users\Markus Radosztics\AppData\Local\Temp\comh.89854\globalupdateOnDemand.exe

C:\Users\Markus Radosztics\AppData\Local\Temp\comh.89854\npglobalupdateUpdate4.dll

C:\Users\Markus Radosztics\AppData\Local\Temp\comh.89854\psmachine.dll

C:\Users\Markus Radosztics\AppData\Local\Temp\comh.89854\psuser.dll

C:\Users\Markus Radosztics\AppData\Local\Temp\DMR\dmr_72.exe

C:\Users\Markus Radosztics\AppData\Local\Temp\f9626892-7a78-3199-abd2-97bbce96297b\adv_76.exe

C:\Users\Markus Radosztics\AppData\Local\Temp\f9626892-7a78-3199-abd2-97bbce96297b\OfferInstaller.exe

C:\Users\Markus Radosztics\AppData\Local\Temp\n2341\gusetup_pub.exe

C:\Users\Markus Radosztics\AppData\Local\Temp\n2341\Imalimedia_0308--b6ebc012.exe

C:\Users\Markus Radosztics\AppData\Local\Temp\n2582\BananaPhone_12_08--c5f0d88b.exe

C:\Users\Markus Radosztics\AppData\Roaming\4Kyh3h9rTUrqEq0XkfiBd

C:\Users\Markus Radosztics\AppData\Roaming\BYAIAMUF

C:\Users\Markus Radosztics\AppData\Roaming\Cus4wE9mf

C:\Users\Markus Radosztics\AppData\Roaming\GNOK

C:\Users\Markus Radosztics\AppData\Roaming\KcbELr9nVCvO5C9EQ1LmCgPDQK

C:\Users\Markus Radosztics\AppData\Roaming\mKEEssqw2b6jam0xKEJW

C:\Users\Markus Radosztics\AppData\Roaming\AnyProtectEx\swf\swfxZ.swf

C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\extensions\defsearchp@gmail.com\chrome\content\jquery-2.1.0.min.js

C:\Users\Markus Radosztics\AppData\Roaming\mystartsearch\UninstallManager.exe

C:\Users\Markus Radosztics\Downloads\Apple_Mobile_Device_USB_Driver.exe

C:\Users\Markus Radosztics\Downloads\CopyTrans Manager - CHIP-Installer.exe

C:\Users\Markus Radosztics\Downloads\kies-air.exe

C:\Windows\Temp\nse9CF.exe

C:\Windows\Temp\nsh6916.exe

C:\Windows\Temp\nsl66C4.exe

C:\Windows\Temp\nsp9C0.exe

C:\Windows\Temp\tmp6462.tmp

C:\Windows\Temp\tmp659A.tmp

C:\Windows\Temp\tmp720E.tmp
HKU\Markus Radosztics\...\Run: [Shop-wit] => C:\Program Files (x86)\shopwit\shopwit\1.4.0.7\shopwit.exe [689920 2015-08-20] ()
HKU\Markus Radosztics\...\Run: [apphide] => C:\Program Files (x86)\baidu\pps.exe
C:\Program Files (x86)\shopwit
C:\Program Files (x86)\baidu
AppInit_DLLs: C:\ProgramData\ExtTag\Zimdox.dll => C:\ProgramData\ExtTag\Zimdox.dll [135680 2015-08-21] ()
AppInit_DLLs-x32: C:\ProgramData\ExtTag\Biodandom.dll => C:\ProgramData\ExtTag\Biodandom.dll [121344 2015-08-21] ()
C:\ProgramData\ExtTag
Emptytemp:
         
*****************

C:\$Recycle.Bin => erfolgreich verschoben
"C:\Program Files\igfx32" => Datei/Ordner nicht gefunden.
"C:\Program Files (x86)\00000000-1440101150-0000-0000-448A5BA07B78" => Datei/Ordner nicht gefunden.
"C:\Program Files (x86)\AnyProtectEx\Uninstall.exe" => Datei/Ordner nicht gefunden.
"C:\Program Files (x86)\baidu\Bind.exe" => Datei/Ordner nicht gefunden.
"C:\Program Files (x86)\Cinem Plus 2.4cV20.08\1159fad3-7973-4be7-b312-c162e4e7bfd9.dll" => Datei/Ordner nicht gefunden.
"C:\Program Files (x86)\CinemaP-1.9cV16.03\156eacdc-6be3-484e-958c-b1950c01381c.dll" => Datei/Ordner nicht gefunden.
"C:\Program Files (x86)\GUPlayer\GUPlayerUninstaller.exe" => Datei/Ordner nicht gefunden.
"C:\Program Files (x86)\OLBPre\OLBPre.exe" => Datei/Ordner nicht gefunden.
"C:\Program Files (x86)\shopwit\shopwit\1.4.0.7\shopwit.exe" => Datei/Ordner nicht gefunden.
"C:\Program Files (x86)\shopwit\shopwit\1.4.0.7\yjae1Hlm.dll" => Datei/Ordner nicht gefunden.
"C:\ProgramData\ExtTag\Alphatrax.dll" => Datei/Ordner nicht gefunden.
"C:\ProgramData\ExtTag\Biodandom.dll" => Datei/Ordner nicht gefunden.
"C:\ProgramData\ExtTag\Blueplus.dll" => Datei/Ordner nicht gefunden.
"C:\ProgramData\ExtTag\ExtTag.exe" => Datei/Ordner nicht gefunden.
"C:\ProgramData\ExtTag\Greenstring.exe" => Datei/Ordner nicht gefunden.
"C:\ProgramData\ExtTag\Jobzimtech.dll" => Datei/Ordner nicht gefunden.
"C:\ProgramData\ExtTag\Keyfix.dll" => Datei/Ordner nicht gefunden.
"C:\ProgramData\ExtTag\Overnix.dll" => Datei/Ordner nicht gefunden.
"C:\ProgramData\ExtTag\Solin.dll" => Datei/Ordner nicht gefunden.
"C:\ProgramData\ExtTag\Vilatam.dll" => Datei/Ordner nicht gefunden.
"C:\ProgramData\ExtTag\Zimdox.dll" => Datei/Ordner nicht gefunden.
"C:\Users\All Users\ExtTag\Alphatrax.dll" => Datei/Ordner nicht gefunden.
"C:\Users\All Users\ExtTag\Biodandom.dll" => Datei/Ordner nicht gefunden.
"C:\Users\All Users\ExtTag\Blueplus.dll" => Datei/Ordner nicht gefunden.
"C:\Users\All Users\ExtTag\ExtTag.exe" => Datei/Ordner nicht gefunden.
"C:\Users\All Users\ExtTag\Greenstring.exe" => Datei/Ordner nicht gefunden.
"C:\Users\All Users\ExtTag\Jobzimtech.dll" => Datei/Ordner nicht gefunden.
"C:\Users\All Users\ExtTag\Keyfix.dll" => Datei/Ordner nicht gefunden.
"C:\Users\All Users\ExtTag\Overnix.dll" => Datei/Ordner nicht gefunden.
"C:\Users\All Users\ExtTag\Solin.dll" => Datei/Ordner nicht gefunden.
"C:\Users\All Users\ExtTag\Vilatam.dll" => Datei/Ordner nicht gefunden.
"C:\Users\All Users\ExtTag\Zimdox.dll" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\nse80CC.tmp" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\nseE692.tmp" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\nss7098.tmp" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\nsv2DEB.tmp" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\00000000-1440108399-0000-0000-448A5BA07B78\rnsc5FED.exe" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\00000000-1440108399-0000-0000-448A5BA07B78\snsc5FEC.tmp" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\102.js" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\178.js" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\179.js" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\180.js" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\184.js" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\19.js" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\200.js" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\220.js" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\223.js" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\231.js" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\232.js" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\234.js" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\242.js" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\253.js" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\262.js" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\263.js" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\273.js" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\281.js" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\288.js" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\289.js" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\300.js" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\335.js" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\339.js" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\380.js" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\385.js" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\389.js" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\390.js" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\391.js" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\424.js" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\437.js" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\extensionData\plugins\91.js" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\js\b6b7830c988806df88c32cfddd53fc99.js" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\js\api\1f71f589179f394711674e1bef2e79a8.js" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\js\api\a08bb5eaf593c92c0258a3aa5f5d9c10.js" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\js\api\e859f8ab59353a98b1ba776d4ab159a6.js" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\js\lib\04653a6705d18bce9815dba825dbd4f3.js" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\js\lib\1224091a7d8a03a01c84cfece5978749.js" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\js\lib\148ed776917d1394e64d3bee6bb0a7d0.js" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\js\lib\32e72a69456c7c6b07a2b8bb2a43a288.js" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\js\lib\8f9803aafd03bf9d3527c303aedc96e5.js" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\js\lib\b20ec6be3b71d58ac5b997701b1928fb.js" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.102_0\js\lib\d69da36dc93a45dd99574490876cba61.js" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8187EMMG\1[1].zip" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8187EMMG\1[2].zip" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8187EMMG\AnyProtect[1].exe" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8187EMMG\policyname[1].exe" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8187EMMG\setup[1].exe" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MWQCMX90\2[2].zip" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MWQCMX90\AnyProtectSetup[1].exe" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MWQCMX90\AnyProtect[1].exe" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MWQCMX90\FinalInstaller_dotnet4[1].exe" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MWQCMX90\SearchUpdater[1].exe" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PYEKUK5B\2[1].zip" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PYEKUK5B\Reimage[1].exe" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PYEKUK5B\setup[1].exe" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PYEKUK5B\setup_362[2].exe" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XVRE7LXX\Reimage[1].exe" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XVRE7LXX\VuuPC_VO2_8907[1].exe" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1DM2S2NU\trojaner-board_de[1].htm" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\RYADG1IT\afr[1].htm" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Mozilla\Firefox\Profiles\febuujst.default\cache2\entries\1467BB079417F9F051FA6EA8C7391D9C03B46034" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Mozilla\Firefox\Profiles\febuujst.default\cache2\entries\2513273621AEA92FDA7F197FE306C61AB57CD82C" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Mozilla\Firefox\Profiles\febuujst.default\cache2\entries\2C5B5C32F614ABCE1B2E6F98262E134D3A471F55" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Mozilla\Firefox\Profiles\febuujst.default\cache2\entries\3AFB6AD46657D59461FDAD66FB5F88F7E486DB73" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Mozilla\Firefox\Profiles\febuujst.default\cache2\entries\4B011C0394440B2950D8F79F2239B6A410AA9ABA" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Mozilla\Firefox\Profiles\febuujst.default\cache2\entries\5059E31C2C0B0CC7DDF6B50778335DDD090F02A3" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Mozilla\Firefox\Profiles\febuujst.default\cache2\entries\7457893C1262DC14F9ACD39B0EDB0F4D9A3E4B74" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Mozilla\Firefox\Profiles\febuujst.default\cache2\entries\76E89FA6682C33F128F828096B95BCA1714D8097" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Mozilla\Firefox\Profiles\febuujst.default\cache2\entries\E2157AFFDC9A55B7C1F514C044F34F76759B5515" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Mozilla\Firefox\Profiles\febuujst.default\cache2\entries\FEC3A29932E057A370B8C9524ABE8DA1A67FA8BD" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\2549.exe" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\5494.exe" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\976.exe" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\fsd6341.exe" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\fsd6B10.exe" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\fsdC449.exe" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\fsdD8AD.exe" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\ICReinstall_nsg2EF9.tmp" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\nsbB654.tmp" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\nsc7E69.exe" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\nscDA5A.tmp" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\nsdF6EC.tmp" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\nsg2EF9.tmp" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\nsi2FB1.tmp" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\nsj7B4.tmp" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\nsjAE42.tmp" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\nskE9B3.tmp" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\nso3242.tmp" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\nsoD141.tmp" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\nsq3687.tmp" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\nsr2E68.tmp" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\nsr38F9.tmp" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\nss10FC.tmp" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\nss8325.tmp" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\nssD54.tmp" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\nsuE86B.tmp" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\nsxF05A.tmp" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\nsy30AC.tmp" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\setup3.exe" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\shopup.exe" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\shpwt.exe" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\comh.374571\GoogleCrashHandler.exe" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\comh.374571\GoogleUpdate.exe" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\comh.374571\GoogleUpdateBroker.exe" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\comh.374571\GoogleUpdateOnDemand.exe" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\comh.374571\goopdate.dll" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\comh.374571\goopdateres_en.dll" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\comh.374571\npGoogleUpdate4.dll" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\comh.374571\psmachine.dll" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\comh.374571\psuser.dll" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\comh.476784\globalupdate.exe" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\comh.476784\globalupdateBroker.exe" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\comh.476784\globalupdateCrashHandler.exe" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\comh.476784\globalupdateOnDemand.exe" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\comh.476784\npglobalupdateUpdate4.dll" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\comh.476784\psmachine.dll" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\comh.476784\psuser.dll" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\comh.89854\globalupdate.exe" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\comh.89854\globalupdateBroker.exe" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\comh.89854\globalupdateCrashHandler.exe" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\comh.89854\globalupdateOnDemand.exe" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\comh.89854\npglobalupdateUpdate4.dll" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\comh.89854\psmachine.dll" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\comh.89854\psuser.dll" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\DMR\dmr_72.exe" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\f9626892-7a78-3199-abd2-97bbce96297b\adv_76.exe" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\f9626892-7a78-3199-abd2-97bbce96297b\OfferInstaller.exe" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\n2341\gusetup_pub.exe" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\n2341\Imalimedia_0308--b6ebc012.exe" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Local\Temp\n2582\BananaPhone_12_08--c5f0d88b.exe" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Roaming\4Kyh3h9rTUrqEq0XkfiBd" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Roaming\BYAIAMUF" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Roaming\Cus4wE9mf" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Roaming\GNOK" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Roaming\KcbELr9nVCvO5C9EQ1LmCgPDQK" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Roaming\mKEEssqw2b6jam0xKEJW" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Roaming\AnyProtectEx\swf\swfxZ.swf" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\extensions\defsearchp@gmail.com\chrome\content\jquery-2.1.0.min.js" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\AppData\Roaming\mystartsearch\UninstallManager.exe" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\Downloads\Apple_Mobile_Device_USB_Driver.exe" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\Downloads\CopyTrans Manager - CHIP-Installer.exe" => Datei/Ordner nicht gefunden.
"C:\Users\Markus Radosztics\Downloads\kies-air.exe" => Datei/Ordner nicht gefunden.
"C:\Windows\Temp\nse9CF.exe" => Datei/Ordner nicht gefunden.
"C:\Windows\Temp\nsh6916.exe" => Datei/Ordner nicht gefunden.
"C:\Windows\Temp\nsl66C4.exe" => Datei/Ordner nicht gefunden.
"C:\Windows\Temp\nsp9C0.exe" => Datei/Ordner nicht gefunden.
"C:\Windows\Temp\tmp6462.tmp" => Datei/Ordner nicht gefunden.
"C:\Windows\Temp\tmp659A.tmp" => Datei/Ordner nicht gefunden.
"C:\Windows\Temp\tmp720E.tmp" => Datei/Ordner nicht gefunden.
HKU\Markus Radosztics\Software\Microsoft\Windows\CurrentVersion\Run\\Shop-wit => Wert nicht gefunden.
HKU\Markus Radosztics\Software\Microsoft\Windows\CurrentVersion\Run\\apphide => Wert nicht gefunden.
"C:\Program Files (x86)\shopwit" => Datei/Ordner nicht gefunden.
"C:\Program Files (x86)\baidu" => Datei/Ordner nicht gefunden.
"C:\ProgramData\ExtTag\Zimdox.dll" => Wert Daten erfolgreich entfernt.
"C:\ProgramData\ExtTag\Biodandom.dll" => Wert Daten erfolgreich entfernt.
"C:\ProgramData\ExtTag" => Datei/Ordner nicht gefunden.
EmptyTemp: => 209.8 MB temporäre Dateien entfernt.


Das System musste neu gestartet werden.. 

==== Ende von Fixlog 11:35:01 ====
lg Don Camillo

Alt 28.08.2015, 07:22   #22
schrauber
/// the machine
/// TB-Ausbilder
 
Ständig öffnen sich neue Internet-Fenster - Standard

Ständig öffnen sich neue Internet-Fenster


Ok, jetzt bitte nochmals einen frischen FRST Scan aus dem normalen Modus. Wie läuft der Rechner?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 28.08.2015, 08:14   #23
Don_Camillo
 
Ständig öffnen sich neue Internet-Fenster - Standard

Ständig öffnen sich neue Internet-Fenster


Ich melde mich am Sonntag Abend wieder, fahre 3 Tage ins Ausland...

lg Don Camillo

Alt 28.08.2015, 15:51   #24
schrauber
/// the machine
/// TB-Ausbilder
 
Ständig öffnen sich neue Internet-Fenster - Standard

Ständig öffnen sich neue Internet-Fenster


alles klar
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 30.08.2015, 23:05   #25
Don_Camillo
 
Ständig öffnen sich neue Internet-Fenster - Standard

Ständig öffnen sich neue Internet-Fenster


Hallo Schrauber,

hier der neue FRST Scan.

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:30-08-2015
durchgeführt von Markus Radosztics (Administrator) auf WAUT0001 (30-08-2015 23:56:25)
Gestartet von C:\Users\Markus Radosztics\Downloads
Geladene Profile: Markus Radosztics (Verfügbare Profile: Markus Radosztics)
Platform: Windows 8 Pro (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 10 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Tencent) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16600.237\QQPCRTP.exe
(Beijing Rising Information Technology Co., Ltd.) C:\Program Files (x86)\Rising\RSD\RsMgrSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Abengine) C:\Program Files (x86)\FastSearch\acengine.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office15\OUTLOOK.EXE
(Tencent) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16600.237\QQPCTray.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
() C:\Users\Markus Radosztics\AppData\Local\Salttex.exe
(XTab system) C:\Program Files (x86)\MiniLite\ProtectService.exe
(MICRO-STAR INTERNATIONAL CO., LTD.) C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
(LogMeIn Inc.) D:\Games\LogMeIn Hamachi\hamachi-2.exe
(LogMeIn, Inc.) D:\Games\LogMeIn Hamachi\LMIGuardianSvc.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(LogMeIn Inc.) D:\Games\LogMeIn Hamachi\hamachi-2-ui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(LogMeIn, Inc.) D:\Games\LogMeIn Hamachi\LMIGuardianSvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(Tencent) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16600.237\QMUsbGuard.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6600\Bin\ScanToPCActivationApp.exe
(Open Source) C:\Users\Markus Radosztics\AppData\Roaming\cpuminer\sgminer\sgminer.exe
(Valve Corporation) D:\Games\Steam.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Valve Corporation) D:\Games\bin\steamwebhelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Microsoft Corporation) C:\Users\Markus Radosztics\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.149\SSScheduler.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office15\ONENOTEM.EXE
(Dropbox, Inc.) C:\Users\Markus Radosztics\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Beijing Rising Information Technology Co., Ltd.) C:\Program Files (x86)\Rising\RSD\popwndexe.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6600\Bin\HPNetworkCommunicator.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Reader_6.2.9200.20780_x64__8wekyb3d8bbwe\glcnd.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office15\EXCEL.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
() C:\ProgramData\HP Photo Creations\Communicator.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8466136 2015-04-30] (Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => "D:\Programme\iTunesHelper.exe"
HKLM\...\Run: [gpuminer] => C:\Users\Markus Radosztics\AppData\Roaming\cpuminer\sgminer\sgminer.cmd [218 2015-08-17] ()
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288 2010-10-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [36760 2010-10-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [821144 2010-10-25] (Adobe Systems Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-05-15] (Apple Inc.)
HKLM-x32\...\Run: [Nikon Message Center 2] => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [571392 2011-10-30] (Nikon Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [A1Servicecenter] => C:\Program Files (x86)\A1 Servicecenter\A1 Servicecenter\A1Servicecenter_Launcher.exe [11467864 2015-05-27] (A1)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => D:\Games\LogMeIn Hamachi\hamachi-2-ui.exe [5579624 2015-08-03] (LogMeIn Inc.)
HKLM-x32\...\Run: [ QQPCTray] => C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16600.237\QQPCTRAY.EXE [355296 2015-08-20] (Tencent)
HKLM-x32\...\Run: [RSDTRAY] => C:\Program Files (x86)\Rising\RSD\popwndexe.exe [126808 2012-09-25] (Beijing Rising Information Technology Co., Ltd.)
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\...\Run: [Voobly] => C:\Program Files (x86)\Voobly\voobly.exe [159744 2015-01-12] (Voobly)
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\...\Run: [HP Officejet 6600 (NET)] => C:\Program Files\HP\HP Officejet 6600\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\...\Run: [Steam] => D:\Games\Steam.exe [2899136 2015-08-19] (Valve Corporation)
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\...\Run: [TomTomHOME.exe] => C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [248176 2014-06-05] (TomTom)
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\...\Run: [Dropbox Update] => C:\Users\Markus Radosztics\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-18] (Dropbox, Inc.)
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\...\Run: [OneDrive] => C:\Users\Markus Radosztics\AppData\Local\Microsoft\OneDrive\OneDrive.exe [404064 2015-08-20] (Microsoft Corporation)
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\...\Run: [Shop-wit] => C:\Program Files (x86)\shopwit\shopwit\1.4.0.7\shopwit.exe
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\...\Run: [apphide] => C:\Program Files (x86)\baidu\pps.exe
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\...\Run: [GoogleChromeAutoLaunch_FEA560871AAA9104DF8D8385F4A465BE] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [863560 2015-08-18] (Google Inc.)
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\...\RunOnce: [Uninstall C:\Users\Markus Radosztics\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Markus Radosztics\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64"
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\...\RunOnce: [Uninstall C:\Users\Markus Radosztics\AppData\Local\Microsoft\OneDrive\17.3.5907.0716] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Markus Radosztics\AppData\Local\Microsoft\OneDrive\17.3.5907.0716"
AppInit_DLLs: C:\ProgramData\Saophase\StrongDubflex.dll => C:\ProgramData\Saophase\StrongDubflex.dll [212992 2015-08-27] ()
AppInit_DLLs-x32: C:\ProgramData\Saophase\Alphawarm.dll => C:\ProgramData\Saophase\Alphawarm.dll [194560 2015-08-27] ()
ShellIconOverlayIdentifiers: [.QMDeskTopGCIcon] -> {B7667919-3765-4815-A66D-98A09BE662D6} => C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16600.237\QMGCShellExt64.dll [2015-08-20] (Tencent)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Markus Radosztics\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Markus Radosztics\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Markus Radosztics\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Markus Radosztics\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Markus Radosztics\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Markus Radosztics\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Markus Radosztics\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2014-01-16]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.149\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Markus Radosztics\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2015-03-18]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files (x86)\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Markus Radosztics\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2013-10-13]
ShortcutTarget: Dropbox.lnk -> C:\Users\Markus Radosztics\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
GroupPolicy: Gruppenrichtline auf Chrome erkannt <======= ACHTUNG
CHR HKLM\SOFTWARE\Policies\Google: Richtlinienbeschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)

Winsock: Catalog9 01 C:\Windows\SysWOW64\acengine.dll [299296 2015-08-20] (Abengine)
Winsock: Catalog9 02 C:\Windows\SysWOW64\acengine.dll [299296 2015-08-20] (Abengine)
Winsock: Catalog9 03 C:\Windows\SysWOW64\acengine.dll [299296 2015-08-20] (Abengine)
Winsock: Catalog9 04 C:\Windows\SysWOW64\acengine.dll [299296 2015-08-20] (Abengine)
Winsock: Catalog9 16 C:\Windows\SysWOW64\acengine.dll [299296 2015-08-20] (Abengine)
Hosts: 0.0.0.1	mssplus.mcafee.com
Tcpip\..\Interfaces\{0FFDF7C3-8718-450E-A4A2-9C59BD350F78}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{DD37C3EA-4E32-4412-AC18-EA239FC6029F}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Richtlinienbeschränkung <======= ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSE1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.hao123.com/?tn=99963976_hao_pg
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_Bz-FcOk_3gj-vPv3NlKo8MSBpvROYxPxZtiNBg5BVI482FpkZWURTZlEyu3DxrLfqf4rEYcVqXlnHexXPItBSxhRn3JsyTA5CW8aIoDmvRY-WPlE5nBVxJyZHu4TRwJIP5nfpssR2POChGPPZAS6FLsK3ZBtq&q={searchTerms}
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.hao123.com/?tn=99963976_hao_pg
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.at.msn.com/
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_Bz-FcOk_3gj-vPv3NlKo8MSBpvROYxPxZtiNBg5BVI482FpkZWURTZlEyu3DxrLfqf4rEYcVqXlnHexXPItBSxhRn3JsyTA5CW8aIoDmvRY-WPlE5nBVxJyZHu4TRwJIP5nfpssR2POChGPPZAS6FLsK3ZBtq&q={searchTerms}
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\Software\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_Bz-FcOk_3gj-vPv3NlKo8MSBpvROYxPxZtiNBg5BVI482FpkZWURTZlEyu3DxrLfqf4rEYcVqXlnHexXPItBSxhRn3JsyTA5CW8aIoDmvRY-WPlE5nBVxJyZHu4TRwJIP5nfpssR2POChGPPZAS6FLsK3ZBtq&q={searchTerms}
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://at.yhs4.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_popjar_15_34&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dat%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyB0AyBzytCzyzytA0F0CyDtDyEtA0AyCtN0D0Tzu0StCtAtByBtN1L2XzutAtFtCtBtFyDtFtAtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyE0CyB0CzztAyE0BtGyByBzyzztGzzyD0D0CtGtDtB0C0DtG0EyCyE0ByEyBtBtDyC0DyBzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0F0DyE0DtD0CyE0BtGtCyEtAyEtGyEtAyDtAtGzztBtCtDtGtBtAtCyByDyC0BtC0A0A0B0C2QtN0A0LzutB%26cr%3D1829697096%26a%3Dwncy_popjar_15_34%26os%3DWindows%2B8%2BPro&p={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://at.yhs4.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_popjar_15_34&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dat%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyB0AyBzytCzyzytA0F0CyDtDyEtA0AyCtN0D0Tzu0StCtAtByBtN1L2XzutAtFtCtBtFyDtFtAtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyE0CyB0CzztAyE0BtGyByBzyzztGzzyD0D0CtGtDtB0C0DtG0EyCyE0ByEyBtBtDyC0DyBzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0F0DyE0DtD0CyE0BtGtCyEtAyEtGyEtAyDtAtGzztBtCtDtGtBtAtCyByDyC0BtC0A0A0B0C2QtN0A0LzutB%26cr%3D1829697096%26a%3Dwncy_popjar_15_34%26os%3DWindows%2B8%2BPro&p={searchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> DefaultScope {ielnksrch} URL = 
SearchScopes: HKLM-x32 -> ielnksrch URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_Bz-FcOk_3gj-vPv3NlKo8MSBpvROYxPxZtiNBg5BVI482FpkZWURTZlEyu3DxrLfqf4rEYcVqXlnHexXPItBSxhRn3JsyTA5CW8aIoDmvRY-WPlE5nBVxJyZHu4TRwJIP5nfpssR2POChGPPZAS6FLsK3ZBtq&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-817472733-4082136947-4255886928-1001 -> DefaultScope {ielnksrch} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_Bz-FcOk_3gj-vPv3NlKo8MSBpvROYxPxZtiNBg5BVI482FpkZWURTZlEyu3DxrLfqf4rEYcVqXlnHexXPItBSxhRn3JsyTA5CW8aIoDmvRY-WPlE5nBVxJyZHu4TRwJIP5nfpssR2POChGPPZAS6FLsK3ZBtq&q={searchTerms}
SearchScopes: HKU\S-1-5-21-817472733-4082136947-4255886928-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://at.yhs4.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_popjar_15_34&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dat%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyB0AyBzytCzyzytA0F0CyDtDyEtA0AyCtN0D0Tzu0StCtAtByBtN1L2XzutAtFtCtBtFyDtFtAtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyE0CyB0CzztAyE0BtGyByBzyzztGzzyD0D0CtGtDtB0C0DtG0EyCyE0ByEyBtBtDyC0DyBzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0F0DyE0DtD0CyE0BtGtCyEtAyEtGyEtAyDtAtGzztBtCtDtGtBtAtCyByDyC0BtC0A0A0B0C2QtN0A0LzutB%26cr%3D1829697096%26a%3Dwncy_popjar_15_34%26os%3DWindows%2B8%2BPro&p={searchTerms}
SearchScopes: HKU\S-1-5-21-817472733-4082136947-4255886928-1001 -> {ielnksrch} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_Bz-FcOk_3gj-vPv3NlKo8MSBpvROYxPxZtiNBg5BVI482FpkZWURTZlEyu3DxrLfqf4rEYcVqXlnHexXPItBSxhRn3JsyTA5CW8aIoDmvRY-WPlE5nBVxJyZHu4TRwJIP5nfpssR2POChGPPZAS6FLsK3ZBtq&q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-07-14] (Microsoft Corporation)
BHO: 电脑管家网页防火墙 -> {7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B} -> C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16600.237\TSWebMon64.dat [2015-08-20] (Tencent)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-07-14] (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-10-25] (Adobe Systems Incorporated)
BHO-x32: Great Find -> {1cc2bb80-20ab-43e5-b958-432d72b546ca} -> C:\Program Files (x86)\Great Find\Extensions\1cc2bb80-20ab-43e5-b958-432d72b546ca.dll Keine Datei
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-07-14] (Microsoft Corporation)
BHO-x32: Ó¦Óñ¦Ò»¼ü°²×°²å¼þ -> {50F4150A-48B2-417A-BE4C-C83F580FB904} -> C:\Program Files (x86)\Common Files\Tencent\QQPhoneManager\2.0.201.3198\npQQPhoneManagerExt.dll [2014-05-30] (腾讯公司)
BHO-x32: af0.Adblock.BHO -> {90EFF544-3981-4d46-85C9-C0361D0931D6} -> C:\Windows\SysWOW64\mscoree.dll [2012-06-02] (Microsoft Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-10-25] (Adobe Systems Incorporated)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-07-14] (Microsoft Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-10-25] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-10-25] (Adobe Systems Incorporated)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-03-18] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - c:\program files\internet explorer\iexplore.exe hxxp://www.mystartsearch.com/?type=sc&ts=1440141856&z=3fbd779b7c5a732cb4abd88gbz6zbeag3zcg1mawec&from=cmi&uid=SamsungXSSDX840XEVOX120GB_S1D5NEAD869028B

FireFox:
========
FF ProfilePath: C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default
FF NewTab: chrome://quick_start/content/index.html
FF DefaultSearchEngine: findit
FF SelectedSearchEngine: mystartsearch
FF Homepage: C:\\ProgramData\\Saophases\\ff.HP
FF Keyword.URL: 
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-15] ()
FF Plugin: @iqiyi.com/npWebPlayer -> C:\IQIYI Video\LStyle\npWebPlayer.dll [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-15] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-07-30] ()
FF Plugin-x32: @iqiyi.com/npWebPlayer -> C:\IQIYI Video\LStyle\npWebPlayer.dll [Keine Datei]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-03-31] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-03-18] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-07-02] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-07-02] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [Keine Datei]
FF Plugin-x32: @qq.com/npAndroidAssistant -> C:\Program Files (x86)\Common Files\Tencent\QQPhoneManager\2.0.201.3198\npQQPhoneManagerExt.dll [2014-05-30] (腾讯公司)
FF Plugin-x32: @qq.com/QQPCMgr -> C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16600.237\npQMExtensionsMozilla.dll [2015-08-20] (Tencent Technology (Shenzhen) Company Limited)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin HKU\S-1-5-21-817472733-4082136947-4255886928-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Markus Radosztics\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2014-03-13] (Citrix Online)
FF Plugin HKU\S-1-5-21-817472733-4082136947-4255886928-1001: @iqiyi.com/npWebPlayer -> C:\IQIYI Video\LStyle\npWebPlayer.dll Keine Datei
FF Plugin HKU\S-1-5-21-817472733-4082136947-4255886928-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-06-21] ()
FF user.js: detected! => C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\user.js [2015-08-22]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-03-31] (Microsoft Corporation)
FF SearchPlugin: C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\searchplugins\findit.xml [2015-08-27]
FF SearchPlugin: C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\searchplugins\istartsurf.xml [2015-08-21]
FF SearchPlugin: C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\searchplugins\mystartsearch.xml [2015-08-23]
FF SearchPlugin: C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\searchplugins\search-provided-by-yahoo.xml [2015-08-20]
FF Extension: Default SearchProtected  - C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\Extensions\defsearchp@gmail.com [2015-08-19]
FF Extension: deskCut - C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\Extensions\deskCutv2@gmail.com [2015-08-19]
FF Extension: A1 Servicecenter - C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\Extensions\{594657B4-413A-41D0-8F85-A6D3F35C9BDF} [2015-06-03]
FF Extension: Download videos and MP3s from YouTube - C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\Extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900} [2014-10-06]
FF Extension: "Download Touch - C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\Extensions\@73ABDD53B667F486D5ACC6A263CED1CC73AB.xpi [2015-08-20]
FF Extension: Great Find - C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\Extensions\{0a4ee680-ecac-4e89-b625-5139f7130e30}.xpi [2015-08-22]
FF Extension: Kein Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-05-01]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2013-09-30]
FF HKLM-x32\...\Firefox\Extensions: [defsearchp@gmail.com] - C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\extensions\defsearchp@gmail.com
FF HKLM-x32\...\Firefox\Extensions: [deskCutv2@gmail.com] - C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\extensions\deskCutv2@gmail.com
FF HKU\S-1-5-21-817472733-4082136947-4255886928-1001\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2014-10-06]
StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe hxxp://www.mystartsearch.com/?type=sc&ts=1440141856&z=3fbd779b7c5a732cb4abd88gbz6zbeag3zcg1mawec&from=cmi&uid=SamsungXSSDX840XEVOX120GB_S1D5NEAD869028B
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\73ABDD53B667F486D5ACC6A263CED1CC73AB.js [2015-08-20]

Chrome: 
=======
CHR Profile: C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-08-24]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-23]
CHR HKLM-x32\...\Chrome\Extension: [dnligehkhogpcngalffdoomehjcbecna] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gehmndecgbcffhmfjkenpamdgechcgpe] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 acengine; C:\Program Files (x86)\FastSearch\acengine.exe [1839728 2015-08-11] (Abengine) [Datei ist nicht signiert]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
S2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-07-04] ()
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2765496 2015-07-14] (Microsoft Corporation)
R2 eproduct; C:\Users\Markus Radosztics\AppData\Local\Salttex.exe [47616 2015-08-20] () [Datei ist nicht signiert]
R2 Hamachi2Svc; D:\Games\LogMeIn Hamachi\hamachi-2.exe [2545512 2015-08-03] (LogMeIn Inc.)
R2 IHProtect Service; C:\Program Files (x86)\MiniLite\ProtectService.exe [129688 2015-08-20] (XTab system)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\LENOVO\easyplussdk\bin\EPHotspot64.exe [619776 2015-01-15] (Lenovo)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.149\McCHSvc.exe [289256 2015-06-26] (McAfee, Inc.)
R2 MSI_Trigger_Service; C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe [30240 2013-09-26] (MICRO-STAR INTERNATIONAL CO., LTD.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation)
S3 Origin Client Service; D:\Games\Origin\OriginClientService.exe [1931632 2015-05-15] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2015-05-23] ()
R2 QQPCRTP; C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16600.237\QQPCRTP.exe [297608 2015-08-20] (Tencent)
R2 RsMgrSvc; C:\Program Files (x86)\Rising\RSD\RsMgrSvc.exe [196288 2015-08-21] (Beijing Rising Information Technology Co., Ltd.)
S3 TAOFrame; C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16600.237\TAOFrame.exe [293856 2015-08-20] (Tencent)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2145080 2015-06-25] (TuneUp Software)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2015-07-06] (Microsoft Corporation)
S2 dojoluri; C:\Program Files (x86)\00000000-1440101150-0000-0000-448A5BA07B78\knsb4C96.tmp [X]
S2 ExtTag; C:\ProgramData\ExtTag\ExtTag.exe [X]
S2 hyverumu; C:\Program Files (x86)\00000000-1440101150-0000-0000-448A5BA07B78\jnsiE347.tmp [X]
S2 igfx32; "C:\Program Files\igfx32\igfx32.exe" /s iid=2679535 did=Missing sid= ref= id=047e6a478a9cd5449350448a9fe4f569a5544d0a771fdc73cd2034f9b95a9549 [X]
S2 kefowydy; C:\Program Files (x86)\00000000-1440101150-0000-0000-448A5BA07B78\hnsf344.tmp [X]
S2 Saophase; C:\ProgramData\Saophase\Saophase.exe [X]
S2 Service Mgr GreatFind; "C:\ProgramData\d64c6aa4-9b30-4b06-8859-0cfa31bd50dc\plugincontainer.exe" [X]
S2 Update Mgr GreatFind; "C:\Program Files (x86)\Common Files\d64c6aa4-9b30-4b06-8859-0cfa31bd50dc\updater.exe" [X]
S2 WindowsMangerProtect; C:\ProgramData\WWinManProW\ProtectWindowsManager.exe -service [X] <==== ACHTUNG

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 acwfp; C:\Windows\system32\Drivers\acwfp64.sys [45784 2015-08-13] (Abengine)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-21] ()
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
S3 e1dexpress; C:\Windows\system32\DRIVERS\e1d63x64.sys [468752 2013-02-27] (Intel Corporation)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2015-08-03] (LogMeIn Inc.)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-06-21] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R1 QMUdisk; C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16600.237\QMUdisk64.sys [62264 2015-08-20] (Tencent)
R2 QQSysMonX64; C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16600.237\QQSysMonX64.sys [138040 2015-08-20] (电脑管家)
R2 TAOAccelerator; C:\Windows\system32\Drivers\TAOAccelerator64.sys [74040 2015-08-20] (Tencent)
R1 TAOKernelDriver; C:\Windows\System32\Drivers\TAOKernel64.sys [274232 2015-08-20] (Tencent Technology(Shenzhen) Company Limited)
R3 TFsFlt; C:\Windows\System32\Drivers\TFsFltX64.sys [87864 2015-08-20] (电脑管家)
R3 TS888x64; C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16600.237\TS888x64.sys [28984 2015-08-30] (Tencent)
R1 TSDefenseBt; C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16600.237\TSDefenseBT64.sys [28472 2015-08-20] (Tencent)
R1 TSSysKit; C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16600.237\TSSysKit64.sys [87352 2015-08-20] (电脑管家)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [31144 2015-06-04] (TuneUp Software)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2014-07-28] (Apple, Inc.) [Datei ist nicht signiert]
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [64000 2012-07-26] (Microsoft Corporation)
R1 {092386fb-9faf-4d52-817c-d4095ab6e5cd}Gw64; C:\Windows\System32\drivers\{092386fb-9faf-4d52-817c-d4095ab6e5cd}Gw64.sys [48784 2015-08-19] (StdLib)
R1 {8b8ff336-6f1d-48e8-bf3a-a8cbaafdd963}Gw64; C:\Windows\System32\drivers\{8b8ff336-6f1d-48e8-bf3a-a8cbaafdd963}Gw64.sys [48784 2015-08-20] (StdLib)
R1 {987371d1-e860-4e27-ba6a-35575fd33b7c}Gw64; C:\Windows\System32\drivers\{987371d1-e860-4e27-ba6a-35575fd33b7c}Gw64.sys [48784 2015-08-20] (StdLib)
S3 MSICDSetup; \??\E:\CDriver64.sys [X]
S3 NTIOLib_1_0_C; \??\E:\NTIOLib_X64.sys [X]
S1 rrfd_vw_1_10_0_22; system32\drivers\rrfd_vw_1_10_0_22.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-08-27 23:37 - 2015-08-27 23:37 - 00003248 _____ C:\Windows\System32\Tasks\uydate
2015-08-27 12:52 - 2015-08-30 17:30 - 00000000 ____D C:\ProgramData\Saophase
2015-08-27 12:52 - 2015-08-27 12:52 - 04241742 _____ (Bycatch) C:\Program Files\Common Files\ypiub0mz.exe
2015-08-27 12:52 - 2015-08-27 12:52 - 00000000 ____D C:\ProgramData\Saophases
2015-08-27 12:36 - 2015-08-27 12:36 - 00003156 _____ C:\Windows\System32\Tasks\r4v4x4kf
2015-08-27 12:36 - 2015-08-27 12:36 - 00000000 ____D C:\Program Files\Common Files\vkwznlph
2015-08-25 00:40 - 2015-08-25 00:40 - 00003156 _____ C:\Windows\System32\Tasks\kajl01mh
2015-08-25 00:40 - 2015-08-25 00:40 - 00000000 ____D C:\Program Files\Common Files\r5lybh4n
2015-08-23 14:58 - 2015-08-27 12:52 - 00002265 _____ C:\Users\Markus Radosztics\Desktop\Google Chrome.lnk
2015-08-23 14:58 - 2015-08-23 14:58 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-08-23 14:56 - 2015-08-23 14:56 - 00931408 _____ (Google Inc.) C:\Users\Markus Radosztics\Downloads\ChromeSetup.exe
2015-08-23 14:33 - 2015-08-23 14:33 - 01260832 _____ C:\Users\Markus Radosztics\Downloads\Revo Uninstaller - CHIP-Installer.exe
2015-08-23 14:04 - 2015-08-30 23:56 - 00000000 ____D C:\Users\Markus Radosztics\Downloads\FRST-OlderVersion
2015-08-23 14:01 - 2015-08-30 23:56 - 00038506 _____ C:\Users\Markus Radosztics\Downloads\FRST.txt
2015-08-23 14:01 - 2015-08-23 14:02 - 00081428 _____ C:\Users\Markus Radosztics\Downloads\Addition.txt
2015-08-23 14:00 - 2015-08-23 14:00 - 00018325 _____ C:\Users\Markus Radosztics\Desktop\Fixlist.txt
2015-08-23 12:05 - 2015-08-30 23:35 - 00000320 _____ C:\Windows\Tasks\PC-Mechanic Maintenance.job
2015-08-23 12:05 - 2015-08-30 17:28 - 00000334 _____ C:\Windows\Tasks\PC-Mechanic Startup.job
2015-08-23 12:05 - 2015-08-23 12:05 - 00003248 _____ C:\Windows\System32\Tasks\PC-Mechanic Maintenance
2015-08-23 12:05 - 2015-08-23 12:05 - 00002630 _____ C:\Windows\System32\Tasks\PC-Mechanic Startup
2015-08-23 12:05 - 2015-08-23 12:05 - 00001171 _____ C:\Users\Public\Desktop\PC Mechanic.lnk
2015-08-23 12:05 - 2015-08-23 12:05 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\Uniblue
2015-08-23 12:05 - 2015-08-23 12:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue
2015-08-23 12:05 - 2015-08-23 12:05 - 00000000 ____D C:\Program Files (x86)\Uniblue
2015-08-22 17:34 - 2015-08-22 17:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\腾讯软件
2015-08-22 15:20 - 2015-08-22 15:20 - 00852684 _____ C:\Users\Markus Radosztics\Desktop\SecurityCheck.exe
2015-08-22 14:31 - 2015-08-27 11:28 - 00000000 ____D C:\ProgramData\d64c6aa4-9b30-4b06-8859-0cfa31bd50dc
2015-08-22 14:31 - 2015-08-22 14:31 - 00002215 _____ C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
2015-08-22 14:31 - 2015-08-22 14:31 - 00002207 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014.lnk
2015-08-22 14:31 - 2015-08-22 14:31 - 00002195 _____ C:\Users\Public\Desktop\TuneUp Utilities 2014.lnk
2015-08-22 14:31 - 2015-08-22 14:31 - 00000000 ____D C:\Program Files (x86)\Great Find
2015-08-22 14:31 - 2015-06-25 07:53 - 00040760 _____ (TuneUp Software) C:\Windows\system32\TURegOpt.exe
2015-08-22 14:31 - 2015-06-25 07:53 - 00029496 _____ (TuneUp Software) C:\Windows\system32\authuitu.dll
2015-08-22 14:31 - 2015-06-25 07:53 - 00025400 _____ (TuneUp Software) C:\Windows\SysWOW64\authuitu.dll
2015-08-22 14:30 - 2015-08-23 12:04 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\OpenCandy
2015-08-22 14:30 - 2015-08-22 14:31 - 00000000 ____D C:\Program Files (x86)\TuneUp Utilities 2014
2015-08-22 13:05 - 2015-08-22 13:05 - 02870984 _____ (ESET) C:\Users\Markus Radosztics\Downloads\esetsmartinstaller_deu.exe
2015-08-22 12:04 - 2015-08-22 12:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-08-21 23:42 - 2015-08-27 12:52 - 00002377 _____ C:\Windows\SysWOW64\findit.xml
2015-08-21 23:42 - 2015-08-21 23:42 - 00000000 ____D C:\ProgramData\ExtTags
2015-08-21 15:10 - 2015-08-21 15:10 - 00957064 _____ C:\Windows\Minidump\082115-9765-01.dmp
2015-08-21 10:36 - 2015-08-21 10:36 - 01162256 _____ C:\Windows\Minidump\082115-8296-01.dmp
2015-08-21 09:25 - 2015-08-21 09:25 - 00001051 _____ C:\Users\Markus Radosztics\Desktop\AnyProtect.lnk
2015-08-21 09:25 - 2015-08-21 09:25 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup
2015-08-21 09:24 - 2015-08-30 21:51 - 00000000 ____D C:\ProgramData\update
2015-08-21 09:24 - 2015-08-24 23:37 - 00000000 ____D C:\Program Files (x86)\AnyProtectEx
2015-08-21 09:24 - 2015-08-22 11:46 - 00000000 ____D C:\ProgramData\WWinManProW
2015-08-21 09:24 - 2015-08-21 09:24 - 00000000 ____D C:\Program Files (x86)\MiniLite
2015-08-21 09:14 - 2015-08-30 23:56 - 02188288 _____ (Farbar) C:\Users\Markus Radosztics\Downloads\FRST64.exe
2015-08-20 23:02 - 2015-08-20 23:02 - 00002250 _____ C:\Users\Markus Radosztics\AppData\Roaming\mKEEssqw2b6jam0xKEJW.exe.lnk
2015-08-20 23:02 - 2015-08-20 23:02 - 00002228 _____ C:\Users\Markus Radosztics\AppData\Roaming\Cus4wE9mf.exe.lnk
2015-08-20 22:58 - 2015-08-30 17:29 - 00028984 _____ (Tencent) C:\Windows\SysWOW64\Drivers\TS888x64.sys
2015-08-20 22:58 - 2015-08-20 22:58 - 00003338 _____ C:\Windows\System32\Tasks\RsDelayLauncher_{8A34248E-7D35-4832-8378-7659E0B0A380}
2015-08-20 22:57 - 2015-08-21 08:25 - 00000298 _____ C:\Windows\Tasks\Tempo Runner yvegdufu.job
2015-08-20 22:57 - 2015-08-21 08:25 - 00000298 _____ C:\Windows\Tasks\Tempo Runner yveg6ufu.job
2015-08-20 22:57 - 2015-08-20 22:57 - 00002442 _____ C:\Windows\System32\Tasks\Tempo Runner yvegdufu
2015-08-20 22:57 - 2015-08-20 22:57 - 00002442 _____ C:\Windows\System32\Tasks\Tempo Runner yveg6ufu
2015-08-20 22:51 - 2015-08-21 08:53 - 00000000 ____D C:\ProgramData\Rising
2015-08-20 22:51 - 2015-08-21 08:53 - 00000000 ____D C:\Program Files (x86)\Rising
2015-08-20 22:51 - 2015-08-21 00:36 - 00000000 ___RD C:\RavBin
2015-08-20 22:51 - 2014-07-30 04:44 - 00091928 ____N (Beijing Rising Information Technology Co., Ltd.) C:\Windows\SysWOW64\vpatch.dll
2015-08-20 22:50 - 2015-08-22 16:58 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\腾讯软件
2015-08-20 22:50 - 2015-08-20 22:50 - 00274232 _____ (Tencent Technology(Shenzhen) Company Limited) C:\Windows\system32\Drivers\TAOKernel64.sys
2015-08-20 22:50 - 2015-08-20 22:50 - 00087864 _____ (电脑管家) C:\Windows\system32\Drivers\TFsFltX64.sys
2015-08-20 22:50 - 2015-08-20 22:50 - 00074040 _____ (Tencent) C:\Windows\system32\Drivers\TAOAccelerator64.sys
2015-08-20 22:50 - 2015-08-20 22:50 - 00000000 ____D C:\ProgramData\TXQMPC
2015-08-20 22:50 - 2015-08-20 22:50 - 00000000 ____D C:\Program Files\Common Files\Tencent
2015-08-20 22:49 - 2015-08-20 23:31 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\Tencent
2015-08-20 22:49 - 2015-08-20 22:52 - 00000000 ____D C:\ProgramData\Tencent
2015-08-20 22:49 - 2015-08-20 22:49 - 00000000 ____D C:\Program Files (x86)\Tencent
2015-08-20 22:44 - 2015-08-20 22:44 - 00001113 _____ C:\Users\Markus Radosztics\Desktop\Continue Live Installation.lnk
2015-08-20 22:44 - 2015-08-20 22:44 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\istartsurf
2015-08-20 22:37 - 2015-08-20 22:37 - 00000000 _____ C:\dummy.htm
2015-08-20 22:32 - 2015-08-20 22:33 - 00000000 ____D C:\ProgramData\LocalStorage
2015-08-20 22:30 - 2015-08-20 22:30 - 00000000 ____D C:\Users\Markus Radosztics\.android
2015-08-20 22:29 - 2015-08-20 22:29 - 00001318 _____ C:\Users\Markus Radosztics\Desktop\全网影视.lnk
2015-08-20 22:29 - 2015-08-20 22:29 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\ppslog
2015-08-20 22:19 - 2015-08-21 08:25 - 00000378 _____ C:\Windows\Tasks\APSnotifierPP1.job
2015-08-20 22:19 - 2015-08-20 22:55 - 00000376 _____ C:\Windows\Tasks\APSnotifierPP2.job
2015-08-20 22:19 - 2015-08-20 22:49 - 00002832 _____ C:\Windows\System32\Tasks\APSnotifierPP1
2015-08-20 22:19 - 2015-08-20 22:49 - 00002830 _____ C:\Windows\System32\Tasks\APSnotifierPP3
2015-08-20 22:19 - 2015-08-20 22:49 - 00002830 _____ C:\Windows\System32\Tasks\APSnotifierPP2
2015-08-20 22:19 - 2015-08-20 22:49 - 00000376 _____ C:\Windows\Tasks\APSnotifierPP3.job
2015-08-20 22:17 - 2015-08-21 08:47 - 00000000 ____D C:\IQIYI Video
2015-08-20 22:17 - 2015-08-21 08:46 - 00000000 ____D C:\ProgramData\IQIYI Video
2015-08-20 22:17 - 2015-08-21 00:37 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\Unity
2015-08-20 22:17 - 2015-08-20 22:30 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\IQIYI Video
2015-08-20 22:17 - 2015-08-20 22:17 - 00000000 __SHD C:\Users\Markus Radosztics\AppData\Roaming\AnyProtectEx
2015-08-20 22:17 - 2015-08-20 22:17 - 00000000 ____D C:\Users\Public\QiYi
2015-08-20 22:17 - 2015-08-20 22:17 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\SysassistByHotWheel
2015-08-20 22:16 - 2015-08-20 22:16 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\node-webkit
2015-08-20 22:15 - 2015-08-21 00:37 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\cpuminer
2015-08-20 22:15 - 2015-08-20 22:15 - 00000217 _____ C:\task.vbs
2015-08-20 22:10 - 2015-08-20 22:10 - 29727656 _____ (Oracle Corporation) C:\Users\Markus Radosztics\Desktop\jre-8u25-windows-i586.exe
2015-08-20 22:09 - 2015-08-20 23:09 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\Gameo
2015-08-20 22:09 - 2015-08-20 22:26 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\Opera Software
2015-08-20 22:09 - 2015-08-20 22:26 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\Opera Software
2015-08-20 22:09 - 2015-08-20 22:09 - 00000185 _____ C:\Users\Markus Radosztics\Desktop\Play Games Online.url
2015-08-20 22:09 - 2015-08-20 22:09 - 00000185 _____ C:\Users\Markus Radosztics\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Play Games Online.url
2015-08-20 22:09 - 2015-08-20 22:09 - 00000000 ___HD C:\Users\Markus Radosztics\AppData\Roaming\GoldenGate
2015-08-20 22:09 - 2015-08-20 22:09 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\Gameo
2015-08-20 22:07 - 2015-08-21 00:37 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\WarThunder
2015-08-20 22:07 - 2015-08-20 22:07 - 29727656 _____ (Oracle Corporation) C:\Users\Markus Radosztics\Downloads\setup [1].exe
2015-08-20 22:06 - 2015-08-24 23:37 - 00000000 ____D C:\Program Files (x86)\Cinem Plus 2.4cV20.08
2015-08-20 22:06 - 2015-08-23 14:05 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\00000000-1440108399-0000-0000-448A5BA07B78
2015-08-20 22:06 - 2015-08-20 09:50 - 00048784 _____ (StdLib) C:\Windows\system32\Drivers\{8b8ff336-6f1d-48e8-bf3a-a8cbaafdd963}Gw64.sys
2015-08-20 22:06 - 2015-07-23 15:47 - 00000854 _____ C:\Windows\system32\Drivers\etc\hp.bak
2015-08-20 22:05 - 2015-08-23 14:05 - 00000000 ____D C:\Program Files (x86)\OLBPre
2015-08-20 22:05 - 2015-08-20 23:02 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\{1A0B2C57-3EA3-40EF-533B-65077753999F}
2015-08-20 22:05 - 2015-08-20 22:05 - 00004008 _____ C:\Windows\System32\Tasks\LaunchPreSignup
2015-08-20 22:04 - 2015-08-20 22:26 - 00000000 ____D C:\Program Files (x86)\Opera
2015-08-20 22:04 - 2015-08-20 22:04 - 00047616 _____ C:\Users\Markus Radosztics\AppData\Local\Salttex.exe
2015-08-20 21:58 - 2015-08-20 21:58 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\Sun
2015-08-20 21:58 - 2015-08-20 21:58 - 00000000 ____D C:\Users\Markus Radosztics\.oracle_jre_usage
2015-08-20 20:37 - 2015-08-21 00:38 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\WindSolutions
2015-08-20 20:37 - 2015-08-20 20:44 - 00000000 ____D C:\ProgramData\WindSolutions
2015-08-20 12:29 - 2015-08-20 14:13 - 00000190 _____ C:\mylog.log
2015-08-20 12:29 - 2015-08-20 12:29 - 00000000 ____D C:\Program Files (x86)\MSI
2015-08-20 12:22 - 2015-08-20 12:22 - 00000000 ____D C:\Users\Markus Radosztics\Downloads\intel_usb30
2015-08-20 12:21 - 2015-08-20 12:21 - 06227267 _____ C:\Users\Markus Radosztics\Downloads\intel_usb30.zip
2015-08-20 12:19 - 2015-08-20 12:19 - 02837521 _____ C:\Users\Markus Radosztics\Downloads\intel_chipse_9_w10.zip
2015-08-20 12:19 - 2015-08-20 12:19 - 00000000 ____D C:\Users\Markus Radosztics\Downloads\intel_chipse_9_w10
2015-08-20 11:43 - 2015-08-20 22:55 - 00000004 _____ C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-08-20 11:43 - 2015-08-20 11:43 - 00003156 _____ C:\Windows\System32\Tasks\Download Touch
2015-08-20 11:43 - 2015-08-20 11:43 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\Download Touch
2015-08-20 11:39 - 2015-08-24 23:37 - 00000000 ____D C:\Program Files (x86)\CinemaP-1.9cV16.03
2015-08-20 11:39 - 2015-08-21 10:44 - 00000000 ____D C:\Program Files (x86)\globalUpdate
2015-08-20 11:39 - 2015-08-20 11:39 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\globalUpdate
2015-08-20 11:37 - 2015-08-20 11:37 - 19284168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-08-20 11:34 - 2015-08-28 08:41 - 00012312 _____ C:\Windows\SysWOW64\acengineOff.ini
2015-08-20 11:34 - 2015-08-28 08:41 - 00012312 _____ C:\Windows\system32\acengineOff.ini
2015-08-20 11:34 - 2015-08-13 14:49 - 00045784 _____ (Abengine) C:\Windows\system32\Drivers\acwfp64.sys
2015-08-20 11:34 - 2015-08-11 16:50 - 00299296 _____ (Abengine) C:\Windows\SysWOW64\acengine.dll
2015-08-20 11:15 - 2015-08-20 01:24 - 00048784 _____ (StdLib) C:\Windows\system32\Drivers\{987371d1-e860-4e27-ba6a-35575fd33b7c}Gw64.sys
2015-08-20 11:13 - 2015-08-20 11:13 - 00012839 _____ C:\Users\Markus Radosztics\Desktop\Apple_Mobile_Device_USB_Driver(1).msi
2015-08-20 11:12 - 2015-08-30 17:29 - 00000000 ____D C:\Program Files (x86)\FastSearch
2015-08-20 11:12 - 2015-08-24 23:37 - 00000000 ____D C:\Program Files (x86)\GUPlayer
2015-08-20 11:12 - 2015-08-20 11:34 - 00000002 _____ C:\END
2015-08-20 11:12 - 2015-08-20 11:12 - 00012839 _____ C:\Users\Markus Radosztics\Desktop\Apple_Mobile_Device_USB_Driver.msi
2015-08-20 11:12 - 2015-08-20 11:12 - 00003578 _____ C:\Windows\System32\Tasks\Shop-wit Updater
2015-08-20 11:12 - 2015-08-20 11:12 - 00003112 _____ C:\Windows\System32\Tasks\cfr3011
2015-08-20 11:12 - 2015-08-11 21:11 - 00349584 _____ (Abengine) C:\Windows\system32\acengine64.dll
2015-08-20 10:43 - 2015-08-20 10:43 - 00001456 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-08-20 10:43 - 2015-08-20 10:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-08-20 10:43 - 2015-08-20 10:43 - 00000000 ____D C:\Program Files\iPod
2015-08-20 10:43 - 2015-08-20 10:43 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-08-20 10:42 - 2015-08-20 10:42 - 00002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2015-08-20 10:42 - 2015-08-20 10:42 - 00000000 ____D C:\Windows\System32\Tasks\Apple
2015-08-20 10:42 - 2015-08-20 10:42 - 00000000 ____D C:\Program Files\Bonjour
2015-08-20 10:42 - 2015-08-20 10:42 - 00000000 ____D C:\Program Files (x86)\Bonjour
2015-08-20 10:42 - 2015-08-20 10:42 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2015-08-19 22:11 - 2015-08-20 00:33 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\MediaMonkey
2015-08-19 22:11 - 2015-08-19 22:11 - 00000695 _____ C:\Users\Public\Desktop\MediaMonkey.lnk
2015-08-19 22:11 - 2015-08-19 22:11 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\MediaMonkey
2015-08-19 22:11 - 2015-08-19 22:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MediaMonkey
2015-08-19 22:10 - 2015-08-19 22:10 - 00000000 ____D C:\ProgramData\MediaMonkey
2015-08-19 21:18 - 2015-08-13 14:34 - 19292160 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-08-19 21:18 - 2015-08-13 13:02 - 14383616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-08-19 21:18 - 2015-08-13 12:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-08-19 21:18 - 2015-08-13 12:44 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-08-19 20:48 - 2015-08-19 20:51 - 00000512 __RSH C:\ProgramData\ntuser.pol
2015-08-19 20:46 - 2015-08-19 20:46 - 01135152 _____ C:\Windows\Minidump\081915-12953-01.dmp
2015-08-19 16:27 - 2015-08-19 02:39 - 00048784 _____ (StdLib) C:\Windows\system32\Drivers\{092386fb-9faf-4d52-817c-d4095ab6e5cd}Gw64.sys
2015-08-19 16:24 - 2015-08-23 14:06 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\mystartsearch
2015-08-19 16:24 - 2015-08-19 21:03 - 00000000 ____D C:\ProgramData\nWinManPron
2015-08-19 16:24 - 2015-08-19 16:24 - 00000000 _____ C:\Windows\prleth.sys
2015-08-19 16:24 - 2015-08-19 16:24 - 00000000 _____ C:\Windows\hgfs.sys
2015-08-19 16:22 - 2015-08-19 16:22 - 00000767 _____ C:\Users\Markus Radosztics\Desktop\MP3 Voice Recorder.lnk
2015-08-19 16:22 - 2015-08-19 16:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MP3 Voice Recorder
2015-08-19 16:22 - 2004-03-08 21:30 - 00212240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\richtx32.ocx
2015-08-16 18:23 - 2015-08-16 18:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2015-08-16 00:59 - 2015-07-30 15:11 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-16 00:59 - 2015-07-30 15:10 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-16 00:59 - 2015-07-13 23:05 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-08-16 00:59 - 2015-07-13 23:05 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-08-16 00:59 - 2015-07-09 23:46 - 05982208 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-08-16 00:59 - 2015-07-09 23:44 - 00322560 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2015-08-16 00:59 - 2015-07-09 22:17 - 05095424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-08-16 00:59 - 2015-07-09 22:16 - 00269824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-08-16 00:59 - 2015-07-06 18:16 - 00044560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2015-08-16 00:59 - 2015-07-06 16:32 - 00281944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2015-08-16 00:59 - 2015-07-01 15:00 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-08-16 00:59 - 2015-07-01 14:58 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-08-16 00:59 - 2015-07-01 13:42 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-08-16 00:59 - 2015-07-01 13:41 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-08-16 00:58 - 2015-07-28 18:25 - 00025776 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-08-16 00:58 - 2015-07-28 16:13 - 01116160 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-08-16 00:58 - 2015-07-28 16:13 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-08-16 00:58 - 2015-07-28 16:13 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-08-16 00:58 - 2015-07-28 16:13 - 00437248 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-08-16 00:58 - 2015-07-28 16:13 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-08-16 00:58 - 2015-07-28 15:12 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-08-16 00:58 - 2015-07-16 22:32 - 02239488 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-08-16 00:58 - 2015-07-16 22:32 - 01409024 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-08-16 00:58 - 2015-07-16 22:32 - 00601600 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-08-16 00:58 - 2015-07-16 22:31 - 03959808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-08-16 00:58 - 2015-07-16 22:31 - 00856064 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-08-16 00:58 - 2015-07-16 22:31 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-08-16 00:58 - 2015-07-16 22:30 - 15416320 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-08-16 00:58 - 2015-07-16 22:30 - 02657280 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-08-16 00:58 - 2015-07-16 22:30 - 00949760 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-08-16 00:58 - 2015-07-16 21:07 - 01763328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-08-16 00:58 - 2015-07-16 21:07 - 01181696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-08-16 00:58 - 2015-07-16 21:07 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-08-16 00:58 - 2015-07-16 21:06 - 13774848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-08-16 00:58 - 2015-07-16 21:06 - 02865664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-08-16 00:58 - 2015-07-16 21:06 - 02056704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-08-16 00:58 - 2015-07-16 21:06 - 00737280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-08-16 00:58 - 2015-07-16 21:06 - 00690176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-08-16 00:58 - 2015-07-16 21:06 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-08-16 00:58 - 2015-07-16 21:06 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-08-16 00:58 - 2015-07-16 21:06 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-08-16 00:58 - 2015-07-13 23:23 - 01744384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-08-16 00:58 - 2015-07-13 23:23 - 01422336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-08-16 00:58 - 2015-07-13 23:05 - 02340864 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-08-16 00:58 - 2015-07-13 23:05 - 01850880 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-08-16 00:55 - 2015-07-29 16:45 - 01412608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-08-16 00:55 - 2015-07-29 16:45 - 00035328 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-08-16 00:55 - 2015-07-29 15:52 - 01840640 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-08-16 00:55 - 2015-07-29 15:52 - 01280000 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-08-16 00:55 - 2015-07-29 15:52 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-08-16 00:55 - 2015-07-28 00:42 - 00304128 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-08-16 00:55 - 2015-07-28 00:40 - 04064768 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-08-16 00:55 - 2015-07-28 00:40 - 00366592 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-08-16 00:55 - 2015-07-15 18:09 - 06969688 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-08-16 00:55 - 2015-07-15 18:09 - 00095064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-08-16 00:55 - 2015-07-15 18:06 - 01824296 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-08-16 00:55 - 2015-07-15 15:49 - 01410000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-08-16 00:55 - 2015-07-15 15:29 - 01333248 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-08-16 00:55 - 2015-07-09 23:47 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-08-16 00:55 - 2015-07-09 23:47 - 00243712 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-08-16 00:55 - 2015-07-09 22:18 - 00233984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2015-08-16 00:55 - 2015-06-09 15:09 - 00411133 _____ C:\Windows\system32\ApnDatabase.xml
2015-08-15 11:14 - 2015-08-15 11:14 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-08-03 12:12 - 2015-08-03 12:12 - 00045680 ____H (LogMeIn Inc.) C:\Windows\system32\Drivers\Hamdrv.sys

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-08-30 23:56 - 2015-06-07 20:44 - 00000000 ____D C:\FRST
2015-08-30 23:51 - 2013-11-19 21:28 - 00001136 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-30 23:50 - 2013-11-22 22:24 - 00000366 _____ C:\Windows\Tasks\HP Photo Creations Communicator.job
2015-08-30 23:37 - 2013-09-30 21:01 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-08-30 23:36 - 2013-09-30 19:24 - 01119010 _____ C:\Windows\WindowsUpdate.log
2015-08-30 23:28 - 2014-12-27 12:45 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\36A80DEE-1AAD-4F7E-AA6A-4638F785B9B6.aplzod
2015-08-30 23:02 - 2015-06-18 06:45 - 00001290 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-817472733-4082136947-4255886928-1001UA.job
2015-08-30 23:02 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\sru
2015-08-30 17:35 - 2012-07-26 12:27 - 00751892 _____ C:\Windows\system32\perfh007.dat
2015-08-30 17:35 - 2012-07-26 12:27 - 00155620 _____ C:\Windows\system32\perfc007.dat
2015-08-30 17:35 - 2012-07-26 09:28 - 01745416 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-30 17:33 - 2013-09-30 19:30 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-817472733-4082136947-4255886928-1001
2015-08-30 17:32 - 2013-10-13 20:57 - 00000000 ___RD C:\Users\Markus Radosztics\Dropbox
2015-08-30 17:32 - 2013-10-13 20:55 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\Dropbox
2015-08-30 17:29 - 2015-01-14 23:45 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\LogMeIn Hamachi
2015-08-30 17:29 - 2014-12-27 12:46 - 00000000 ___RD C:\Users\Markus Radosztics\iCloudDrive
2015-08-30 17:28 - 2013-11-19 21:28 - 00001132 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-30 17:28 - 2013-10-01 21:22 - 00000000 ____D C:\ProgramData\NVIDIA
2015-08-30 17:28 - 2012-07-26 09:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-28 08:41 - 2013-09-30 19:17 - 00291526 _____ C:\Windows\PFRO.log
2015-08-27 12:52 - 2013-10-01 18:41 - 00001171 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-08-27 12:52 - 2013-09-30 19:24 - 00001450 _____ C:\Users\Markus Radosztics\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-08-27 11:00 - 2015-06-18 06:45 - 00001238 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-817472733-4082136947-4255886928-1001Core.job
2015-08-26 08:46 - 2013-10-02 17:05 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\Skype
2015-08-23 14:35 - 2015-06-07 21:40 - 00001270 _____ C:\Users\Markus Radosztics\Desktop\Revo Uninstaller.lnk
2015-08-23 14:35 - 2015-06-07 21:40 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2015-08-23 12:44 - 2014-02-01 13:30 - 00000000 ____D C:\Program Files (x86)\Java
2015-08-22 15:17 - 2014-08-06 12:17 - 00000000 ____D C:\ProgramData\TuneUp Software
2015-08-22 12:04 - 2015-02-23 20:21 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-08-22 12:04 - 2013-10-02 17:05 - 00000000 ____D C:\ProgramData\Skype
2015-08-22 10:00 - 2015-03-18 18:45 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-08-22 10:00 - 2014-06-17 22:52 - 00005182 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for WAUT0001-Markus Radosztics WAUT0001
2015-08-21 15:10 - 2013-11-25 12:30 - 00000000 ____D C:\Windows\Minidump
2015-08-21 08:52 - 2015-03-20 10:39 - 00507984 _____ C:\Windows\system32\FNTCACHE.DAT
2015-08-20 22:50 - 2013-09-30 19:24 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\VirtualStore
2015-08-20 22:30 - 2013-09-30 19:24 - 00000000 ____D C:\Users\Markus Radosztics
2015-08-20 22:10 - 2014-02-01 13:30 - 00000000 ____D C:\ProgramData\Oracle
2015-08-20 22:06 - 2012-07-26 07:26 - 00000269 _____ C:\Windows\win.ini
2015-08-20 21:22 - 2014-11-19 18:47 - 00000000 ____D C:\Program Files (x86)\Samsung
2015-08-20 21:22 - 2013-12-19 13:46 - 00000000 ____D C:\Users\Markus Radosztics\Documents\samsung
2015-08-20 21:22 - 2013-12-19 13:46 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\Samsung
2015-08-20 21:18 - 2013-12-19 13:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2015-08-20 21:18 - 2013-09-30 19:32 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-08-20 20:58 - 2013-09-30 20:29 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\Downloaded Installations
2015-08-20 20:27 - 2015-06-03 20:07 - 00000000 ____D C:\Program Files (x86)\A1 Servicecenter
2015-08-20 14:09 - 2015-03-18 18:59 - 00002321 _____ C:\Users\Markus Radosztics\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-08-20 11:43 - 2014-06-25 17:28 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-20 11:37 - 2013-09-30 21:01 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-08-20 10:43 - 2013-09-30 20:20 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-08-20 10:42 - 2013-09-30 20:20 - 00000000 ____D C:\ProgramData\Apple
2015-08-19 21:47 - 2013-09-30 19:24 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\Packages
2015-08-19 21:18 - 2012-07-26 09:59 - 00000000 ____D C:\Windows\CbsTemp
2015-08-19 17:27 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\GroupPolicy
2015-08-16 18:23 - 2015-07-14 21:02 - 00000650 _____ C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2015-08-16 18:22 - 2015-04-17 08:09 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-08-16 18:22 - 2015-04-17 08:09 - 00000000 ____D C:\Windows\system32\appraiser
2015-08-16 18:22 - 2013-09-30 19:57 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-08-16 18:22 - 2013-09-30 19:57 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-08-16 18:22 - 2012-07-26 10:12 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-16 18:22 - 2012-07-26 10:12 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-16 18:22 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows Defender
2015-08-16 18:22 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-08-16 10:55 - 2013-09-30 19:53 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-08-16 10:55 - 2013-09-30 19:52 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-08-16 10:54 - 2013-09-30 19:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-08-16 10:53 - 2013-09-30 22:57 - 00000000 ____D C:\Windows\system32\MRT
2015-08-16 10:51 - 2013-09-30 22:57 - 132483416 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-08-16 10:46 - 2012-07-26 10:12 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-16 10:46 - 2012-07-26 10:12 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-16 10:26 - 2013-10-01 18:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-15 11:11 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\AUInstallAgent
2015-08-08 04:27 - 2012-07-26 10:14 - 00793544 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-08-08 04:27 - 2012-07-26 10:14 - 00177632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-08-27 12:52 - 2015-08-27 12:52 - 4241742 _____ (Bycatch) C:\Program Files\Common Files\ypiub0mz.exe
2015-08-20 23:02 - 2015-08-20 23:02 - 0002228 _____ () C:\Users\Markus Radosztics\AppData\Roaming\Cus4wE9mf.exe.lnk
2015-08-20 23:02 - 2015-08-20 23:02 - 0002250 _____ () C:\Users\Markus Radosztics\AppData\Roaming\mKEEssqw2b6jam0xKEJW.exe.lnk
2013-09-30 20:29 - 2013-09-30 20:29 - 0000268 ___RH () C:\Users\Markus Radosztics\AppData\Roaming\String Ensemble
2013-09-30 20:30 - 2013-09-30 20:30 - 0000268 ___RH () C:\Users\Markus Radosztics\AppData\Roaming\Strings
2013-09-30 20:29 - 2013-09-30 20:29 - 0000268 ___RH () C:\Users\Markus Radosztics\AppData\Roaming\Super Strings
2013-09-30 20:29 - 2013-09-30 20:29 - 0000268 ___RH () C:\Users\Markus Radosztics\AppData\Roaming\Techno Kit
2014-02-05 18:38 - 2015-06-07 12:43 - 0000156 _____ () C:\Users\Markus Radosztics\AppData\Roaming\WB.CFG
2013-11-06 10:01 - 2014-08-12 18:27 - 0006144 _____ () C:\Users\Markus Radosztics\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-12-23 18:56 - 2014-12-23 18:56 - 0007606 _____ () C:\Users\Markus Radosztics\AppData\Local\Resmon.ResmonCfg
2015-08-20 22:04 - 2015-08-20 22:04 - 0047616 _____ () C:\Users\Markus Radosztics\AppData\Local\Salttex.exe
2015-08-20 22:04 - 2015-08-20 22:04 - 0000187 _____ () C:\Users\Markus Radosztics\AppData\Local\Salttex.exe.config
2013-10-02 17:42 - 2013-10-02 17:42 - 0000057 _____ () C:\ProgramData\Ament.ini
2014-07-07 09:16 - 2014-07-07 09:16 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2013-09-30 20:29 - 2013-09-30 20:29 - 0000012 ___RH () C:\ProgramData\howto
2013-09-30 20:29 - 2013-09-30 20:29 - 0000020 ____H () C:\ProgramData\PKP_DLeo.DAT
2013-09-30 20:30 - 2013-09-30 20:30 - 0000020 ____H () C:\ProgramData\PKP_DLes.DAT
2013-09-30 20:29 - 2013-09-30 20:30 - 0000020 ____H () C:\ProgramData\PKP_DLet.DAT
2013-09-30 20:29 - 2013-09-30 20:29 - 0000020 ____H () C:\ProgramData\PKP_DLev.DAT
2013-09-30 20:29 - 2013-09-30 20:29 - 0000268 ___RH () C:\ProgramData\Sync Schema
2013-09-30 20:30 - 2013-09-30 20:30 - 0000268 ___RH () C:\ProgramData\Sync Services
2013-09-30 20:29 - 2013-09-30 20:29 - 0000268 ___RH () C:\ProgramData\Synth Basics
2013-09-30 20:29 - 2013-09-30 20:29 - 0000012 ___RH () C:\ProgramData\Track Settings
2013-09-30 20:30 - 2013-09-30 20:30 - 0000012 ___RH () C:\ProgramData\Transportation
2013-09-30 20:29 - 2013-09-30 20:29 - 0000012 ___RH () C:\ProgramData\Tremolo

Einige Dateien in TEMP:
====================
C:\Users\Markus Radosztics\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpnhhhmw.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-08-27 18:43

==================== Ende von FRST.txt ============================
Der Rechner läuft nach wie vor nicht rund. Mit Google Chrome lassen sich keine Seiten öffnen. Mit Firefox konnte ich jetzt gerade keine Antwort verfassen in den Beitrag, hab ich jetzt über den IE gemacht.
Die Fenster mit den chinesischen Zeichen öffnen sich weiterhin ungefragt. Und die USB-Anschlüsse an der Front des PCs funktionieren nicht, da wird kein Stick erkannt.

Don Camillo, der hofft, dass der PC irgendwann wieder normal läuft...

Alt 31.08.2015, 15:55   #26
schrauber
/// the machine
/// TB-Ausbilder
 
Ständig öffnen sich neue Internet-Fenster - Standard

Ständig öffnen sich neue Internet-Fenster


Jetz bitte nochmal, aber diesmal wirklich aus der Recovery:

Scan mit Farbar's Recovery Scan Tool (Recovery Mode - Windows Vista, 7, 8)
Hinweise für Windows 8-Nutzer: Anleitung 1 (FRST-Variante) und Anleitung 2 (zweiter Teil)
  • Downloade dir bitte die passende Version des Tools (im Zweifel beide) und speichere diese auf einen USB Stick: FRST Download FRST 32-Bit | FRST 64-Bit
  • Schließe den USB Stick an das infizierte System an und boote das System in die System Reparatur Option.
  • Scanne jetzt nach der bebilderten Anleitung oder verwende die folgende Kurzanleitung:
Über den Boot Manager:
  • Starte den Rechner neu.
  • Während dem Hochfahren drücke mehrmals die F8 Taste
  • Wähle nun Computer reparieren.
  • Wähle dein Betriebssystem und Benutzerkonto und klicke jeweils "Weiter".
Mit Windows CD/DVD (auch bei Windows 8 möglich):
  • Lege die Windows CD in dein Laufwerk.
  • Starte den Rechner neu und starte von der CD.
  • Wähle die Spracheinstellungen und klicke "Weiter".
  • Klicke auf Computerreparaturoptionen !
  • Wähle dein Betriebssystem und Benutzerkonto und klicke jeweils "Weiter".
Wähle in den Reparaturoptionen: Eingabeaufforderung
  • Gib nun bitte notepad ein und drücke Enter.
  • Im öffnenden Textdokument: Datei > Speichern unter... und wähle Computer.
    Hier wird dir der Laufwerksbuchstabe deines USB Sticks angezeigt, merke ihn dir.
  • Schließe Notepad wieder
  • Gib nun bitte folgenden Befehl ein.
    e:\frst.exe bzw. e:\frst64.exe
    Hinweis: e steht für den Laufwerksbuchstaben deines USB Sticks, den du dir gemerkt hast. Gegebenfalls anpassen.
  • Akzeptiere den Disclaimer mit Ja und klicke Untersuchen
Das Tool erstellt eine FRST.txt auf deinem USB Stick. Poste den Inhalt bitte hier nach Möglichkeit in Code-Tags (Anleitung).

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 31.08.2015, 22:16   #27
Don_Camillo
 
Ständig öffnen sich neue Internet-Fenster - Standard

Ständig öffnen sich neue Internet-Fenster


Ich hoffe, ich hab alles richtig gemacht. Hab beim Sperrschirm Strg-Alt-Entf gedrückt und bei gehaltener SHIFT-Taste auf Neustart geklickt. Dann hab ich Problembehandlung - Erweiterte Optionen - Eingabeaufforderung geklickt. Nach dem Neustart hab ich Abgesicherter Modus mit Eingabeaufforderung gewählt. Ich hab dann in die Eingabeaufforderung die FRST64.exe gestartet (nicht vom USB-Stick, denn die USB-Schnittstelle geht leider nicht, daher von der Festplatte). Und dann im Programm FRST auf Scan geklickt. Das Ergebnis findest Du hier:

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:30-08-2015
durchgeführt von Markus Radosztics (Administrator) auf WAUT0001 (31-08-2015 23:07:03)
Gestartet von C:\Users\Markus Radosztics\Downloads
Geladene Profile: Markus Radosztics (Verfügbare Profile: Markus Radosztics)
Platform: Windows 8 Pro (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 10 (Standard-Browser: Chrome)
Start-Modus: Safe Mode (minimal)
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Tencent) C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16600.237\QQPCRTP.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8466136 2015-04-30] (Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => "D:\Programme\iTunesHelper.exe"
HKLM\...\Run: [gpuminer] => C:\Users\Markus Radosztics\AppData\Roaming\cpuminer\sgminer\sgminer.cmd [218 2015-08-17] ()
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288 2010-10-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [36760 2010-10-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [821144 2010-10-25] (Adobe Systems Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-05-15] (Apple Inc.)
HKLM-x32\...\Run: [Nikon Message Center 2] => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [571392 2011-10-30] (Nikon Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [A1Servicecenter] => C:\Program Files (x86)\A1 Servicecenter\A1 Servicecenter\A1Servicecenter_Launcher.exe [11467864 2015-05-27] (A1)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => D:\Games\LogMeIn Hamachi\hamachi-2-ui.exe [5579624 2015-08-03] (LogMeIn Inc.)
HKLM-x32\...\Run: [ QQPCTray] => C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16600.237\QQPCTRAY.EXE [355296 2015-08-20] (Tencent)
HKLM-x32\...\Run: [RSDTRAY] => C:\Program Files (x86)\Rising\RSD\popwndexe.exe [126808 2012-09-25] (Beijing Rising Information Technology Co., Ltd.)
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\...\Run: [Voobly] => C:\Program Files (x86)\Voobly\voobly.exe [159744 2015-01-12] (Voobly)
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\...\Run: [HP Officejet 6600 (NET)] => C:\Program Files\HP\HP Officejet 6600\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\...\Run: [Steam] => D:\Games\Steam.exe [2899136 2015-08-19] (Valve Corporation)
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\...\Run: [TomTomHOME.exe] => C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [248176 2014-06-05] (TomTom)
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\...\Run: [Dropbox Update] => C:\Users\Markus Radosztics\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-18] (Dropbox, Inc.)
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\...\Run: [OneDrive] => C:\Users\Markus Radosztics\AppData\Local\Microsoft\OneDrive\OneDrive.exe [404064 2015-08-20] (Microsoft Corporation)
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\...\Run: [Shop-wit] => C:\Program Files (x86)\shopwit\shopwit\1.4.0.7\shopwit.exe
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\...\Run: [apphide] => C:\Program Files (x86)\baidu\pps.exe
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\...\Run: [GoogleChromeAutoLaunch_FEA560871AAA9104DF8D8385F4A465BE] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [863560 2015-08-18] (Google Inc.)
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\...\RunOnce: [Uninstall C:\Users\Markus Radosztics\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Markus Radosztics\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64"
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\...\RunOnce: [Uninstall C:\Users\Markus Radosztics\AppData\Local\Microsoft\OneDrive\17.3.5907.0716] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Markus Radosztics\AppData\Local\Microsoft\OneDrive\17.3.5907.0716"
AppInit_DLLs: C:\ProgramData\Saophase\StrongDubflex.dll => C:\ProgramData\Saophase\StrongDubflex.dll [212992 2015-08-27] ()
AppInit_DLLs-x32: C:\ProgramData\Saophase\Alphawarm.dll => C:\ProgramData\Saophase\Alphawarm.dll [194560 2015-08-27] ()
ShellIconOverlayIdentifiers: [.QMDeskTopGCIcon] -> {B7667919-3765-4815-A66D-98A09BE662D6} => C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16600.237\QMGCShellExt64.dll [2015-08-20] (Tencent)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Markus Radosztics\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Markus Radosztics\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Markus Radosztics\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Markus Radosztics\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Markus Radosztics\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Markus Radosztics\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Markus Radosztics\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2014-01-16]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.149\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Markus Radosztics\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2015-03-18]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files (x86)\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Markus Radosztics\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2013-10-13]
ShortcutTarget: Dropbox.lnk -> C:\Users\Markus Radosztics\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
GroupPolicy: Gruppenrichtline auf Chrome erkannt <======= ACHTUNG
CHR HKLM\SOFTWARE\Policies\Google: Richtlinienbeschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)

Winsock: Catalog9 01 C:\Windows\SysWOW64\acengine.dll [299296 2015-08-20] (Abengine)
Winsock: Catalog9 02 C:\Windows\SysWOW64\acengine.dll [299296 2015-08-20] (Abengine)
Winsock: Catalog9 03 C:\Windows\SysWOW64\acengine.dll [299296 2015-08-20] (Abengine)
Winsock: Catalog9 04 C:\Windows\SysWOW64\acengine.dll [299296 2015-08-20] (Abengine)
Winsock: Catalog9 16 C:\Windows\SysWOW64\acengine.dll [299296 2015-08-20] (Abengine)
Hosts: 0.0.0.1	mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{0FFDF7C3-8718-450E-A4A2-9C59BD350F78}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{DD37C3EA-4E32-4412-AC18-EA239FC6029F}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Richtlinienbeschränkung <======= ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSE1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.hao123.com/?tn=99963976_hao_pg
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_Bz-FcOk_3gj-vPv3NlKo8MSBpvROYxPxZtiNBg5BVI482FpkZWURTZlEyu3DxrLfqf4rEYcVqXlnHexXPItBSxhRn3JsyTA5CW8aIoDmvRY-WPlE5nBVxJyZHu4TRwJIP5nfpssR2POChGPPZAS6FLsK3ZBtq&q={searchTerms}
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.hao123.com/?tn=99963976_hao_pg
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.at.msn.com/
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_Bz-FcOk_3gj-vPv3NlKo8MSBpvROYxPxZtiNBg5BVI482FpkZWURTZlEyu3DxrLfqf4rEYcVqXlnHexXPItBSxhRn3JsyTA5CW8aIoDmvRY-WPlE5nBVxJyZHu4TRwJIP5nfpssR2POChGPPZAS6FLsK3ZBtq&q={searchTerms}
HKU\S-1-5-21-817472733-4082136947-4255886928-1001\Software\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_Bz-FcOk_3gj-vPv3NlKo8MSBpvROYxPxZtiNBg5BVI482FpkZWURTZlEyu3DxrLfqf4rEYcVqXlnHexXPItBSxhRn3JsyTA5CW8aIoDmvRY-WPlE5nBVxJyZHu4TRwJIP5nfpssR2POChGPPZAS6FLsK3ZBtq&q={searchTerms}
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://at.yhs4.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_popjar_15_34&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dat%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyB0AyBzytCzyzytA0F0CyDtDyEtA0AyCtN0D0Tzu0StCtAtByBtN1L2XzutAtFtCtBtFyDtFtAtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyE0CyB0CzztAyE0BtGyByBzyzztGzzyD0D0CtGtDtB0C0DtG0EyCyE0ByEyBtBtDyC0DyBzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0F0DyE0DtD0CyE0BtGtCyEtAyEtGyEtAyDtAtGzztBtCtDtGtBtAtCyByDyC0BtC0A0A0B0C2QtN0A0LzutB%26cr%3D1829697096%26a%3Dwncy_popjar_15_34%26os%3DWindows%2B8%2BPro&p={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://at.yhs4.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_popjar_15_34&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dat%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyB0AyBzytCzyzytA0F0CyDtDyEtA0AyCtN0D0Tzu0StCtAtByBtN1L2XzutAtFtCtBtFyDtFtAtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyE0CyB0CzztAyE0BtGyByBzyzztGzzyD0D0CtGtDtB0C0DtG0EyCyE0ByEyBtBtDyC0DyBzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0F0DyE0DtD0CyE0BtGtCyEtAyEtGyEtAyDtAtGzztBtCtDtGtBtAtCyByDyC0BtC0A0A0B0C2QtN0A0LzutB%26cr%3D1829697096%26a%3Dwncy_popjar_15_34%26os%3DWindows%2B8%2BPro&p={searchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> DefaultScope {ielnksrch} URL = 
SearchScopes: HKLM-x32 -> ielnksrch URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_Bz-FcOk_3gj-vPv3NlKo8MSBpvROYxPxZtiNBg5BVI482FpkZWURTZlEyu3DxrLfqf4rEYcVqXlnHexXPItBSxhRn3JsyTA5CW8aIoDmvRY-WPlE5nBVxJyZHu4TRwJIP5nfpssR2POChGPPZAS6FLsK3ZBtq&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-817472733-4082136947-4255886928-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://at.yhs4.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_popjar_15_34&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dat%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyB0AyBzytCzyzytA0F0CyDtDyEtA0AyCtN0D0Tzu0StCtAtByBtN1L2XzutAtFtCtBtFyDtFtAtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyE0CyB0CzztAyE0BtGyByBzyzztGzzyD0D0CtGtDtB0C0DtG0EyCyE0ByEyBtBtDyC0DyBzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0F0DyE0DtD0CyE0BtGtCyEtAyEtGyEtAyDtAtGzztBtCtDtGtBtAtCyByDyC0BtC0A0A0B0C2QtN0A0LzutB%26cr%3D1829697096%26a%3Dwncy_popjar_15_34%26os%3DWindows%2B8%2BPro&p={searchTerms}
SearchScopes: HKU\S-1-5-21-817472733-4082136947-4255886928-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://at.yhs4.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_popjar_15_34&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dat%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyB0AyBzytCzyzytA0F0CyDtDyEtA0AyCtN0D0Tzu0StCtAtByBtN1L2XzutAtFtCtBtFyDtFtAtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyE0CyB0CzztAyE0BtGyByBzyzztGzzyD0D0CtGtDtB0C0DtG0EyCyE0ByEyBtBtDyC0DyBzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0F0DyE0DtD0CyE0BtGtCyEtAyEtGyEtAyDtAtGzztBtCtDtGtBtAtCyByDyC0BtC0A0A0B0C2QtN0A0LzutB%26cr%3D1829697096%26a%3Dwncy_popjar_15_34%26os%3DWindows%2B8%2BPro&p={searchTerms}
SearchScopes: HKU\S-1-5-21-817472733-4082136947-4255886928-1001 -> {ielnksrch} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_Bz-FcOk_3gj-vPv3NlKo8MSBpvROYxPxZtiNBg5BVI482FpkZWURTZlEyu3DxrLfqf4rEYcVqXlnHexXPItBSxhRn3JsyTA5CW8aIoDmvRY-WPlE5nBVxJyZHu4TRwJIP5nfpssR2POChGPPZAS6FLsK3ZBtq&q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-07-14] (Microsoft Corporation)
BHO: 电脑管家网页防火墙 -> {7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B} -> C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16600.237\TSWebMon64.dat [2015-08-20] (Tencent)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-07-14] (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-10-25] (Adobe Systems Incorporated)
BHO-x32: Great Find -> {1cc2bb80-20ab-43e5-b958-432d72b546ca} -> C:\Program Files (x86)\Great Find\Extensions\1cc2bb80-20ab-43e5-b958-432d72b546ca.dll Keine Datei
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-07-14] (Microsoft Corporation)
BHO-x32: Ó¦Óñ¦Ò»¼ü°²×°²å¼þ -> {50F4150A-48B2-417A-BE4C-C83F580FB904} -> C:\Program Files (x86)\Common Files\Tencent\QQPhoneManager\2.0.201.3198\npQQPhoneManagerExt.dll [2014-05-30] (腾讯公司)
BHO-x32: af0.Adblock.BHO -> {90EFF544-3981-4d46-85C9-C0361D0931D6} -> C:\Windows\SysWOW64\mscoree.dll [2012-06-02] (Microsoft Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-10-25] (Adobe Systems Incorporated)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-07-14] (Microsoft Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-10-25] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-10-25] (Adobe Systems Incorporated)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-03-18] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - c:\program files\internet explorer\iexplore.exe hxxp://www.mystartsearch.com/?type=sc&ts=1440141856&z=3fbd779b7c5a732cb4abd88gbz6zbeag3zcg1mawec&from=cmi&uid=SamsungXSSDX840XEVOX120GB_S1D5NEAD869028B

FireFox:
========
FF ProfilePath: C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default
FF NewTab: chrome://quick_start/content/index.html
FF DefaultSearchEngine: findit
FF SelectedSearchEngine: mystartsearch
FF Homepage: C:\\ProgramData\\Saophases\\ff.HP
FF Keyword.URL: 
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-15] ()
FF Plugin: @iqiyi.com/npWebPlayer -> C:\IQIYI Video\LStyle\npWebPlayer.dll [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-15] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-07-30] ()
FF Plugin-x32: @iqiyi.com/npWebPlayer -> C:\IQIYI Video\LStyle\npWebPlayer.dll [Keine Datei]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-03-31] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-03-18] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-07-02] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-07-02] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [Keine Datei]
FF Plugin-x32: @qq.com/npAndroidAssistant -> C:\Program Files (x86)\Common Files\Tencent\QQPhoneManager\2.0.201.3198\npQQPhoneManagerExt.dll [2014-05-30] (腾讯公司)
FF Plugin-x32: @qq.com/QQPCMgr -> C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16600.237\npQMExtensionsMozilla.dll [2015-08-20] (Tencent Technology (Shenzhen) Company Limited)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-31] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-31] (Google Inc.)
FF Plugin HKU\S-1-5-21-817472733-4082136947-4255886928-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Markus Radosztics\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2014-03-13] (Citrix Online)
FF Plugin HKU\S-1-5-21-817472733-4082136947-4255886928-1001: @iqiyi.com/npWebPlayer -> C:\IQIYI Video\LStyle\npWebPlayer.dll Keine Datei
FF Plugin HKU\S-1-5-21-817472733-4082136947-4255886928-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-06-21] ()
FF user.js: detected! => C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\user.js [2015-08-22]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-03-31] (Microsoft Corporation)
FF SearchPlugin: C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\searchplugins\findit.xml [2015-08-27]
FF SearchPlugin: C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\searchplugins\istartsurf.xml [2015-08-21]
FF SearchPlugin: C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\searchplugins\mystartsearch.xml [2015-08-23]
FF SearchPlugin: C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\searchplugins\search-provided-by-yahoo.xml [2015-08-20]
FF Extension: Default SearchProtected  - C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\Extensions\defsearchp@gmail.com [2015-08-19]
FF Extension: deskCut - C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\Extensions\deskCutv2@gmail.com [2015-08-19]
FF Extension: A1 Servicecenter - C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\Extensions\{594657B4-413A-41D0-8F85-A6D3F35C9BDF} [2015-06-03]
FF Extension: Download videos and MP3s from YouTube - C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\Extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900} [2014-10-06]
FF Extension: "Download Touch - C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\Extensions\@73ABDD53B667F486D5ACC6A263CED1CC73AB.xpi [2015-08-20]
FF Extension: Great Find - C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\Extensions\{0a4ee680-ecac-4e89-b625-5139f7130e30}.xpi [2015-08-22]
FF Extension: Kein Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-05-01]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2013-09-30]
FF HKLM-x32\...\Firefox\Extensions: [defsearchp@gmail.com] - C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\extensions\defsearchp@gmail.com
FF HKLM-x32\...\Firefox\Extensions: [deskCutv2@gmail.com] - C:\Users\Markus Radosztics\AppData\Roaming\Mozilla\Firefox\Profiles\febuujst.default\extensions\deskCutv2@gmail.com
FF HKU\S-1-5-21-817472733-4082136947-4255886928-1001\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2014-10-06]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\73ABDD53B667F486D5ACC6A263CED1CC73AB.js [2015-08-20]

Chrome: 
=======
CHR Profile: C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-08-24]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Markus Radosztics\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-23]
CHR HKLM-x32\...\Chrome\Extension: [dnligehkhogpcngalffdoomehjcbecna] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gehmndecgbcffhmfjkenpamdgechcgpe] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 acengine; C:\Program Files (x86)\FastSearch\acengine.exe [1839728 2015-08-11] (Abengine) [Datei ist nicht signiert]
S2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
S2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-07-04] ()
S2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
S2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
S2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2765496 2015-07-14] (Microsoft Corporation)
S2 eproduct; C:\Users\Markus Radosztics\AppData\Local\Salttex.exe [47616 2015-08-20] () [Datei ist nicht signiert]
S2 Hamachi2Svc; D:\Games\LogMeIn Hamachi\hamachi-2.exe [2545512 2015-08-03] (LogMeIn Inc.)
S2 IHProtect Service; C:\Program Files (x86)\MiniLite\ProtectService.exe [129688 2015-08-20] (XTab system)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\LENOVO\easyplussdk\bin\EPHotspot64.exe [619776 2015-01-15] (Lenovo)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.149\McCHSvc.exe [289256 2015-06-26] (McAfee, Inc.)
S2 MSI_Trigger_Service; C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe [30240 2013-09-26] (MICRO-STAR INTERNATIONAL CO., LTD.)
S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation)
S3 Origin Client Service; D:\Games\Origin\OriginClientService.exe [1931632 2015-05-15] (Electronic Arts)
S2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2015-05-23] ()
R2 QQPCRTP; C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16600.237\QQPCRTP.exe [297608 2015-08-20] (Tencent)
S2 RsMgrSvc; C:\Program Files (x86)\Rising\RSD\RsMgrSvc.exe [196288 2015-08-21] (Beijing Rising Information Technology Co., Ltd.)
S3 TAOFrame; C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16600.237\TAOFrame.exe [293856 2015-08-20] (Tencent)
S2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2145080 2015-06-25] (TuneUp Software)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2015-07-06] (Microsoft Corporation)
S2 dojoluri; C:\Program Files (x86)\00000000-1440101150-0000-0000-448A5BA07B78\knsb4C96.tmp [X]
S2 ExtTag; C:\ProgramData\ExtTag\ExtTag.exe [X]
S2 hyverumu; C:\Program Files (x86)\00000000-1440101150-0000-0000-448A5BA07B78\jnsiE347.tmp [X]
S2 igfx32; "C:\Program Files\igfx32\igfx32.exe" /s iid=2679535 did=Missing sid= ref= id=047e6a478a9cd5449350448a9fe4f569a5544d0a771fdc73cd2034f9b95a9549 [X]
S2 kefowydy; C:\Program Files (x86)\00000000-1440101150-0000-0000-448A5BA07B78\hnsf344.tmp [X]
S2 Saophase; C:\ProgramData\Saophase\Saophase.exe [X]
S2 Service Mgr GreatFind; "C:\ProgramData\d64c6aa4-9b30-4b06-8859-0cfa31bd50dc\plugincontainer.exe" [X]
S2 Update Mgr GreatFind; "C:\Program Files (x86)\Common Files\d64c6aa4-9b30-4b06-8859-0cfa31bd50dc\updater.exe" [X]
S2 WindowsMangerProtect; C:\ProgramData\WWinManProW\ProtectWindowsManager.exe -service [X] <==== ACHTUNG

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 acwfp; C:\Windows\system32\Drivers\acwfp64.sys [45784 2015-08-13] (Abengine)
S1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-21] ()
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
S3 e1dexpress; C:\Windows\system32\DRIVERS\e1d63x64.sys [468752 2013-02-27] (Intel Corporation)
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2015-08-03] (LogMeIn Inc.)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-06-21] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation)
S3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
S1 QMUdisk; C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16600.237\QMUdisk64.sys [62264 2015-08-20] (Tencent)
S2 QQSysMonX64; C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16600.237\QQSysMonX64.sys [138040 2015-08-20] (电脑管家)
S2 TAOAccelerator; C:\Windows\system32\Drivers\TAOAccelerator64.sys [74040 2015-08-20] (Tencent)
S1 TAOKernelDriver; C:\Windows\System32\Drivers\TAOKernel64.sys [274232 2015-08-20] (Tencent Technology(Shenzhen) Company Limited)
S3 TFsFlt; C:\Windows\System32\Drivers\TFsFltX64.sys [87864 2015-08-20] (电脑管家)
S3 TS888x64; C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16600.237\TS888x64.sys [28984 2015-08-31] (Tencent)
S1 TSDefenseBt; C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16600.237\TSDefenseBT64.sys [28472 2015-08-20] (Tencent)
S3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [31144 2015-06-04] (TuneUp Software)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2014-07-28] (Apple, Inc.) [Datei ist nicht signiert]
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [64000 2012-07-26] (Microsoft Corporation)
S1 {092386fb-9faf-4d52-817c-d4095ab6e5cd}Gw64; C:\Windows\System32\drivers\{092386fb-9faf-4d52-817c-d4095ab6e5cd}Gw64.sys [48784 2015-08-19] (StdLib)
S1 {8b8ff336-6f1d-48e8-bf3a-a8cbaafdd963}Gw64; C:\Windows\System32\drivers\{8b8ff336-6f1d-48e8-bf3a-a8cbaafdd963}Gw64.sys [48784 2015-08-20] (StdLib)
S1 {987371d1-e860-4e27-ba6a-35575fd33b7c}Gw64; C:\Windows\System32\drivers\{987371d1-e860-4e27-ba6a-35575fd33b7c}Gw64.sys [48784 2015-08-20] (StdLib)
S3 MSICDSetup; \??\E:\CDriver64.sys [X]
S3 NTIOLib_1_0_C; \??\E:\NTIOLib_X64.sys [X]
S1 rrfd_vw_1_10_0_22; system32\drivers\rrfd_vw_1_10_0_22.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-08-31 08:21 - 2015-08-31 08:21 - 00002770 _____ C:\Windows\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013
2015-08-27 23:37 - 2015-08-27 23:37 - 00003248 _____ C:\Windows\System32\Tasks\uydate
2015-08-27 12:52 - 2015-08-30 17:30 - 00000000 ____D C:\ProgramData\Saophase
2015-08-27 12:52 - 2015-08-27 12:52 - 04241742 _____ (Bycatch) C:\Program Files\Common Files\ypiub0mz.exe
2015-08-27 12:52 - 2015-08-27 12:52 - 00000000 ____D C:\ProgramData\Saophases
2015-08-27 12:36 - 2015-08-27 12:36 - 00003156 _____ C:\Windows\System32\Tasks\r4v4x4kf
2015-08-27 12:36 - 2015-08-27 12:36 - 00000000 ____D C:\Program Files\Common Files\vkwznlph
2015-08-25 00:40 - 2015-08-25 00:40 - 00003156 _____ C:\Windows\System32\Tasks\kajl01mh
2015-08-25 00:40 - 2015-08-25 00:40 - 00000000 ____D C:\Program Files\Common Files\r5lybh4n
2015-08-23 14:58 - 2015-08-27 12:52 - 00002265 _____ C:\Users\Markus Radosztics\Desktop\Google Chrome.lnk
2015-08-23 14:58 - 2015-08-23 14:58 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-08-23 14:56 - 2015-08-23 14:56 - 00931408 _____ (Google Inc.) C:\Users\Markus Radosztics\Downloads\ChromeSetup.exe
2015-08-23 14:33 - 2015-08-23 14:33 - 01260832 _____ C:\Users\Markus Radosztics\Downloads\Revo Uninstaller - CHIP-Installer.exe
2015-08-23 14:04 - 2015-08-30 23:56 - 00000000 ____D C:\Users\Markus Radosztics\Downloads\FRST-OlderVersion
2015-08-23 14:01 - 2015-08-31 23:07 - 00000000 _____ C:\Users\Markus Radosztics\Downloads\FRST.txt
2015-08-23 14:01 - 2015-08-23 14:02 - 00081428 _____ C:\Users\Markus Radosztics\Downloads\Addition.txt
2015-08-23 14:00 - 2015-08-23 14:00 - 00018325 _____ C:\Users\Markus Radosztics\Desktop\Fixlist.txt
2015-08-23 12:05 - 2015-08-31 22:59 - 00000334 _____ C:\Windows\Tasks\PC-Mechanic Startup.job
2015-08-23 12:05 - 2015-08-31 22:35 - 00000320 _____ C:\Windows\Tasks\PC-Mechanic Maintenance.job
2015-08-23 12:05 - 2015-08-23 12:05 - 00003248 _____ C:\Windows\System32\Tasks\PC-Mechanic Maintenance
2015-08-23 12:05 - 2015-08-23 12:05 - 00002630 _____ C:\Windows\System32\Tasks\PC-Mechanic Startup
2015-08-23 12:05 - 2015-08-23 12:05 - 00001171 _____ C:\Users\Public\Desktop\PC Mechanic.lnk
2015-08-23 12:05 - 2015-08-23 12:05 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\Uniblue
2015-08-23 12:05 - 2015-08-23 12:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue
2015-08-23 12:05 - 2015-08-23 12:05 - 00000000 ____D C:\Program Files (x86)\Uniblue
2015-08-22 17:34 - 2015-08-22 17:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\腾讯软件
2015-08-22 15:20 - 2015-08-22 15:20 - 00852684 _____ C:\Users\Markus Radosztics\Desktop\SecurityCheck.exe
2015-08-22 14:31 - 2015-08-27 11:28 - 00000000 ____D C:\ProgramData\d64c6aa4-9b30-4b06-8859-0cfa31bd50dc
2015-08-22 14:31 - 2015-08-22 14:31 - 00002215 _____ C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
2015-08-22 14:31 - 2015-08-22 14:31 - 00002207 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014.lnk
2015-08-22 14:31 - 2015-08-22 14:31 - 00002195 _____ C:\Users\Public\Desktop\TuneUp Utilities 2014.lnk
2015-08-22 14:31 - 2015-08-22 14:31 - 00000000 ____D C:\Program Files (x86)\Great Find
2015-08-22 14:31 - 2015-06-25 07:53 - 00040760 _____ (TuneUp Software) C:\Windows\system32\TURegOpt.exe
2015-08-22 14:31 - 2015-06-25 07:53 - 00029496 _____ (TuneUp Software) C:\Windows\system32\authuitu.dll
2015-08-22 14:31 - 2015-06-25 07:53 - 00025400 _____ (TuneUp Software) C:\Windows\SysWOW64\authuitu.dll
2015-08-22 14:30 - 2015-08-23 12:04 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\OpenCandy
2015-08-22 14:30 - 2015-08-22 14:31 - 00000000 ____D C:\Program Files (x86)\TuneUp Utilities 2014
2015-08-22 13:05 - 2015-08-22 13:05 - 02870984 _____ (ESET) C:\Users\Markus Radosztics\Downloads\esetsmartinstaller_deu.exe
2015-08-22 12:04 - 2015-08-22 12:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-08-21 23:42 - 2015-08-27 12:52 - 00002377 _____ C:\Windows\SysWOW64\findit.xml
2015-08-21 23:42 - 2015-08-21 23:42 - 00000000 ____D C:\ProgramData\ExtTags
2015-08-21 15:10 - 2015-08-21 15:10 - 00957064 _____ C:\Windows\Minidump\082115-9765-01.dmp
2015-08-21 10:36 - 2015-08-21 10:36 - 01162256 _____ C:\Windows\Minidump\082115-8296-01.dmp
2015-08-21 09:25 - 2015-08-21 09:25 - 00001051 _____ C:\Users\Markus Radosztics\Desktop\AnyProtect.lnk
2015-08-21 09:25 - 2015-08-21 09:25 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup
2015-08-21 09:24 - 2015-08-31 21:18 - 00000000 ____D C:\ProgramData\update
2015-08-21 09:24 - 2015-08-24 23:37 - 00000000 ____D C:\Program Files (x86)\AnyProtectEx
2015-08-21 09:24 - 2015-08-22 11:46 - 00000000 ____D C:\ProgramData\WWinManProW
2015-08-21 09:24 - 2015-08-21 09:24 - 00000000 ____D C:\Program Files (x86)\MiniLite
2015-08-21 09:14 - 2015-08-30 23:56 - 02188288 _____ (Farbar) C:\Users\Markus Radosztics\Downloads\FRST64.exe
2015-08-20 23:02 - 2015-08-20 23:02 - 00002250 _____ C:\Users\Markus Radosztics\AppData\Roaming\mKEEssqw2b6jam0xKEJW.exe.lnk
2015-08-20 23:02 - 2015-08-20 23:02 - 00002228 _____ C:\Users\Markus Radosztics\AppData\Roaming\Cus4wE9mf.exe.lnk
2015-08-20 22:58 - 2015-08-31 08:16 - 00028984 _____ (Tencent) C:\Windows\SysWOW64\Drivers\TS888x64.sys
2015-08-20 22:58 - 2015-08-20 22:58 - 00003338 _____ C:\Windows\System32\Tasks\RsDelayLauncher_{8A34248E-7D35-4832-8378-7659E0B0A380}
2015-08-20 22:57 - 2015-08-21 08:25 - 00000298 _____ C:\Windows\Tasks\Tempo Runner yvegdufu.job
2015-08-20 22:57 - 2015-08-21 08:25 - 00000298 _____ C:\Windows\Tasks\Tempo Runner yveg6ufu.job
2015-08-20 22:57 - 2015-08-20 22:57 - 00002442 _____ C:\Windows\System32\Tasks\Tempo Runner yvegdufu
2015-08-20 22:57 - 2015-08-20 22:57 - 00002442 _____ C:\Windows\System32\Tasks\Tempo Runner yveg6ufu
2015-08-20 22:51 - 2015-08-21 08:53 - 00000000 ____D C:\ProgramData\Rising
2015-08-20 22:51 - 2015-08-21 08:53 - 00000000 ____D C:\Program Files (x86)\Rising
2015-08-20 22:51 - 2015-08-21 00:36 - 00000000 ___RD C:\RavBin
2015-08-20 22:51 - 2014-07-30 04:44 - 00091928 ____N (Beijing Rising Information Technology Co., Ltd.) C:\Windows\SysWOW64\vpatch.dll
2015-08-20 22:50 - 2015-08-22 16:58 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\腾讯软件
2015-08-20 22:50 - 2015-08-20 22:50 - 00274232 _____ (Tencent Technology(Shenzhen) Company Limited) C:\Windows\system32\Drivers\TAOKernel64.sys
2015-08-20 22:50 - 2015-08-20 22:50 - 00087864 _____ (电脑管家) C:\Windows\system32\Drivers\TFsFltX64.sys
2015-08-20 22:50 - 2015-08-20 22:50 - 00074040 _____ (Tencent) C:\Windows\system32\Drivers\TAOAccelerator64.sys
2015-08-20 22:50 - 2015-08-20 22:50 - 00000000 ____D C:\ProgramData\TXQMPC
2015-08-20 22:50 - 2015-08-20 22:50 - 00000000 ____D C:\Program Files\Common Files\Tencent
2015-08-20 22:49 - 2015-08-20 23:31 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\Tencent
2015-08-20 22:49 - 2015-08-20 22:52 - 00000000 ____D C:\ProgramData\Tencent
2015-08-20 22:49 - 2015-08-20 22:49 - 00000000 ____D C:\Program Files (x86)\Tencent
2015-08-20 22:44 - 2015-08-20 22:44 - 00001113 _____ C:\Users\Markus Radosztics\Desktop\Continue Live Installation.lnk
2015-08-20 22:44 - 2015-08-20 22:44 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\istartsurf
2015-08-20 22:37 - 2015-08-20 22:37 - 00000000 _____ C:\dummy.htm
2015-08-20 22:32 - 2015-08-20 22:33 - 00000000 ____D C:\ProgramData\LocalStorage
2015-08-20 22:30 - 2015-08-20 22:30 - 00000000 ____D C:\Users\Markus Radosztics\.android
2015-08-20 22:29 - 2015-08-20 22:29 - 00001318 _____ C:\Users\Markus Radosztics\Desktop\全网影视.lnk
2015-08-20 22:29 - 2015-08-20 22:29 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\ppslog
2015-08-20 22:19 - 2015-08-21 08:25 - 00000378 _____ C:\Windows\Tasks\APSnotifierPP1.job
2015-08-20 22:19 - 2015-08-20 22:55 - 00000376 _____ C:\Windows\Tasks\APSnotifierPP2.job
2015-08-20 22:19 - 2015-08-20 22:49 - 00002832 _____ C:\Windows\System32\Tasks\APSnotifierPP1
2015-08-20 22:19 - 2015-08-20 22:49 - 00002830 _____ C:\Windows\System32\Tasks\APSnotifierPP3
2015-08-20 22:19 - 2015-08-20 22:49 - 00002830 _____ C:\Windows\System32\Tasks\APSnotifierPP2
2015-08-20 22:19 - 2015-08-20 22:49 - 00000376 _____ C:\Windows\Tasks\APSnotifierPP3.job
2015-08-20 22:17 - 2015-08-21 08:47 - 00000000 ____D C:\IQIYI Video
2015-08-20 22:17 - 2015-08-21 08:46 - 00000000 ____D C:\ProgramData\IQIYI Video
2015-08-20 22:17 - 2015-08-21 00:37 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\Unity
2015-08-20 22:17 - 2015-08-20 22:30 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\IQIYI Video
2015-08-20 22:17 - 2015-08-20 22:17 - 00000000 __SHD C:\Users\Markus Radosztics\AppData\Roaming\AnyProtectEx
2015-08-20 22:17 - 2015-08-20 22:17 - 00000000 ____D C:\Users\Public\QiYi
2015-08-20 22:17 - 2015-08-20 22:17 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\SysassistByHotWheel
2015-08-20 22:16 - 2015-08-20 22:16 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\node-webkit
2015-08-20 22:15 - 2015-08-21 00:37 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\cpuminer
2015-08-20 22:15 - 2015-08-20 22:15 - 00000217 _____ C:\task.vbs
2015-08-20 22:10 - 2015-08-20 22:10 - 29727656 _____ (Oracle Corporation) C:\Users\Markus Radosztics\Desktop\jre-8u25-windows-i586.exe
2015-08-20 22:09 - 2015-08-20 23:09 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\Gameo
2015-08-20 22:09 - 2015-08-20 22:26 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\Opera Software
2015-08-20 22:09 - 2015-08-20 22:26 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\Opera Software
2015-08-20 22:09 - 2015-08-20 22:09 - 00000185 _____ C:\Users\Markus Radosztics\Desktop\Play Games Online.url
2015-08-20 22:09 - 2015-08-20 22:09 - 00000185 _____ C:\Users\Markus Radosztics\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Play Games Online.url
2015-08-20 22:09 - 2015-08-20 22:09 - 00000000 ___HD C:\Users\Markus Radosztics\AppData\Roaming\GoldenGate
2015-08-20 22:09 - 2015-08-20 22:09 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\Gameo
2015-08-20 22:07 - 2015-08-21 00:37 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\WarThunder
2015-08-20 22:07 - 2015-08-20 22:07 - 29727656 _____ (Oracle Corporation) C:\Users\Markus Radosztics\Downloads\setup [1].exe
2015-08-20 22:06 - 2015-08-24 23:37 - 00000000 ____D C:\Program Files (x86)\Cinem Plus 2.4cV20.08
2015-08-20 22:06 - 2015-08-23 14:05 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\00000000-1440108399-0000-0000-448A5BA07B78
2015-08-20 22:06 - 2015-08-20 09:50 - 00048784 _____ (StdLib) C:\Windows\system32\Drivers\{8b8ff336-6f1d-48e8-bf3a-a8cbaafdd963}Gw64.sys
2015-08-20 22:06 - 2015-07-23 15:47 - 00000854 _____ C:\Windows\system32\Drivers\etc\hp.bak
2015-08-20 22:05 - 2015-08-23 14:05 - 00000000 ____D C:\Program Files (x86)\OLBPre
2015-08-20 22:05 - 2015-08-20 23:02 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\{1A0B2C57-3EA3-40EF-533B-65077753999F}
2015-08-20 22:05 - 2015-08-20 22:05 - 00004008 _____ C:\Windows\System32\Tasks\LaunchPreSignup
2015-08-20 22:04 - 2015-08-20 22:26 - 00000000 ____D C:\Program Files (x86)\Opera
2015-08-20 22:04 - 2015-08-20 22:04 - 00047616 _____ C:\Users\Markus Radosztics\AppData\Local\Salttex.exe
2015-08-20 21:58 - 2015-08-20 21:58 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\Sun
2015-08-20 21:58 - 2015-08-20 21:58 - 00000000 ____D C:\Users\Markus Radosztics\.oracle_jre_usage
2015-08-20 20:37 - 2015-08-21 00:38 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\WindSolutions
2015-08-20 20:37 - 2015-08-20 20:44 - 00000000 ____D C:\ProgramData\WindSolutions
2015-08-20 12:29 - 2015-08-20 14:13 - 00000190 _____ C:\mylog.log
2015-08-20 12:29 - 2015-08-20 12:29 - 00000000 ____D C:\Program Files (x86)\MSI
2015-08-20 12:22 - 2015-08-20 12:22 - 00000000 ____D C:\Users\Markus Radosztics\Downloads\intel_usb30
2015-08-20 12:21 - 2015-08-20 12:21 - 06227267 _____ C:\Users\Markus Radosztics\Downloads\intel_usb30.zip
2015-08-20 12:19 - 2015-08-20 12:19 - 02837521 _____ C:\Users\Markus Radosztics\Downloads\intel_chipse_9_w10.zip
2015-08-20 12:19 - 2015-08-20 12:19 - 00000000 ____D C:\Users\Markus Radosztics\Downloads\intel_chipse_9_w10
2015-08-20 11:43 - 2015-08-20 22:55 - 00000004 _____ C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-08-20 11:43 - 2015-08-20 11:43 - 00003156 _____ C:\Windows\System32\Tasks\Download Touch
2015-08-20 11:43 - 2015-08-20 11:43 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\Download Touch
2015-08-20 11:39 - 2015-08-24 23:37 - 00000000 ____D C:\Program Files (x86)\CinemaP-1.9cV16.03
2015-08-20 11:39 - 2015-08-21 10:44 - 00000000 ____D C:\Program Files (x86)\globalUpdate
2015-08-20 11:39 - 2015-08-20 11:39 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\globalUpdate
2015-08-20 11:37 - 2015-08-20 11:37 - 19284168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-08-20 11:34 - 2015-08-28 08:41 - 00012312 _____ C:\Windows\SysWOW64\acengineOff.ini
2015-08-20 11:34 - 2015-08-28 08:41 - 00012312 _____ C:\Windows\system32\acengineOff.ini
2015-08-20 11:34 - 2015-08-13 14:49 - 00045784 _____ (Abengine) C:\Windows\system32\Drivers\acwfp64.sys
2015-08-20 11:34 - 2015-08-11 16:50 - 00299296 _____ (Abengine) C:\Windows\SysWOW64\acengine.dll
2015-08-20 11:15 - 2015-08-20 01:24 - 00048784 _____ (StdLib) C:\Windows\system32\Drivers\{987371d1-e860-4e27-ba6a-35575fd33b7c}Gw64.sys
2015-08-20 11:13 - 2015-08-20 11:13 - 00012839 _____ C:\Users\Markus Radosztics\Desktop\Apple_Mobile_Device_USB_Driver(1).msi
2015-08-20 11:12 - 2015-08-31 22:54 - 00000000 ____D C:\Program Files (x86)\FastSearch
2015-08-20 11:12 - 2015-08-24 23:37 - 00000000 ____D C:\Program Files (x86)\GUPlayer
2015-08-20 11:12 - 2015-08-20 11:34 - 00000002 _____ C:\END
2015-08-20 11:12 - 2015-08-20 11:12 - 00012839 _____ C:\Users\Markus Radosztics\Desktop\Apple_Mobile_Device_USB_Driver.msi
2015-08-20 11:12 - 2015-08-20 11:12 - 00003578 _____ C:\Windows\System32\Tasks\Shop-wit Updater
2015-08-20 11:12 - 2015-08-20 11:12 - 00003112 _____ C:\Windows\System32\Tasks\cfr3011
2015-08-20 11:12 - 2015-08-11 21:11 - 00349584 _____ (Abengine) C:\Windows\system32\acengine64.dll
2015-08-20 10:43 - 2015-08-20 10:43 - 00001456 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-08-20 10:43 - 2015-08-20 10:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-08-20 10:43 - 2015-08-20 10:43 - 00000000 ____D C:\Program Files\iPod
2015-08-20 10:43 - 2015-08-20 10:43 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-08-20 10:42 - 2015-08-20 10:42 - 00002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2015-08-20 10:42 - 2015-08-20 10:42 - 00000000 ____D C:\Windows\System32\Tasks\Apple
2015-08-20 10:42 - 2015-08-20 10:42 - 00000000 ____D C:\Program Files\Bonjour
2015-08-20 10:42 - 2015-08-20 10:42 - 00000000 ____D C:\Program Files (x86)\Bonjour
2015-08-20 10:42 - 2015-08-20 10:42 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2015-08-19 22:11 - 2015-08-20 00:33 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\MediaMonkey
2015-08-19 22:11 - 2015-08-19 22:11 - 00000695 _____ C:\Users\Public\Desktop\MediaMonkey.lnk
2015-08-19 22:11 - 2015-08-19 22:11 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\MediaMonkey
2015-08-19 22:11 - 2015-08-19 22:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MediaMonkey
2015-08-19 22:10 - 2015-08-19 22:10 - 00000000 ____D C:\ProgramData\MediaMonkey
2015-08-19 21:18 - 2015-08-13 14:34 - 19292160 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-08-19 21:18 - 2015-08-13 13:02 - 14383616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-08-19 21:18 - 2015-08-13 12:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-08-19 21:18 - 2015-08-13 12:44 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-08-19 20:48 - 2015-08-19 20:51 - 00000512 __RSH C:\ProgramData\ntuser.pol
2015-08-19 20:46 - 2015-08-19 20:46 - 01135152 _____ C:\Windows\Minidump\081915-12953-01.dmp
2015-08-19 16:27 - 2015-08-19 02:39 - 00048784 _____ (StdLib) C:\Windows\system32\Drivers\{092386fb-9faf-4d52-817c-d4095ab6e5cd}Gw64.sys
2015-08-19 16:24 - 2015-08-23 14:06 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\mystartsearch
2015-08-19 16:24 - 2015-08-19 21:03 - 00000000 ____D C:\ProgramData\nWinManPron
2015-08-19 16:24 - 2015-08-19 16:24 - 00000000 _____ C:\Windows\prleth.sys
2015-08-19 16:24 - 2015-08-19 16:24 - 00000000 _____ C:\Windows\hgfs.sys
2015-08-19 16:22 - 2015-08-19 16:22 - 00000767 _____ C:\Users\Markus Radosztics\Desktop\MP3 Voice Recorder.lnk
2015-08-19 16:22 - 2015-08-19 16:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MP3 Voice Recorder
2015-08-19 16:22 - 2004-03-08 21:30 - 00212240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\richtx32.ocx
2015-08-16 18:23 - 2015-08-16 18:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2015-08-16 00:59 - 2015-07-30 15:11 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-16 00:59 - 2015-07-30 15:10 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-16 00:59 - 2015-07-13 23:05 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-08-16 00:59 - 2015-07-13 23:05 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-08-16 00:59 - 2015-07-09 23:46 - 05982208 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-08-16 00:59 - 2015-07-09 23:44 - 00322560 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2015-08-16 00:59 - 2015-07-09 22:17 - 05095424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-08-16 00:59 - 2015-07-09 22:16 - 00269824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-08-16 00:59 - 2015-07-06 18:16 - 00044560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2015-08-16 00:59 - 2015-07-06 16:32 - 00281944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2015-08-16 00:59 - 2015-07-01 15:00 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-08-16 00:59 - 2015-07-01 14:58 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-08-16 00:59 - 2015-07-01 13:42 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-08-16 00:59 - 2015-07-01 13:41 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-08-16 00:58 - 2015-07-28 18:25 - 00025776 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-08-16 00:58 - 2015-07-28 16:13 - 01116160 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-08-16 00:58 - 2015-07-28 16:13 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-08-16 00:58 - 2015-07-28 16:13 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-08-16 00:58 - 2015-07-28 16:13 - 00437248 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-08-16 00:58 - 2015-07-28 16:13 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-08-16 00:58 - 2015-07-28 15:12 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-08-16 00:58 - 2015-07-16 22:32 - 02239488 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-08-16 00:58 - 2015-07-16 22:32 - 01409024 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-08-16 00:58 - 2015-07-16 22:32 - 00601600 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-08-16 00:58 - 2015-07-16 22:31 - 03959808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-08-16 00:58 - 2015-07-16 22:31 - 00856064 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-08-16 00:58 - 2015-07-16 22:31 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-08-16 00:58 - 2015-07-16 22:30 - 15416320 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-08-16 00:58 - 2015-07-16 22:30 - 02657280 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-08-16 00:58 - 2015-07-16 22:30 - 00949760 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-08-16 00:58 - 2015-07-16 21:07 - 01763328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-08-16 00:58 - 2015-07-16 21:07 - 01181696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-08-16 00:58 - 2015-07-16 21:07 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-08-16 00:58 - 2015-07-16 21:06 - 13774848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-08-16 00:58 - 2015-07-16 21:06 - 02865664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-08-16 00:58 - 2015-07-16 21:06 - 02056704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-08-16 00:58 - 2015-07-16 21:06 - 00737280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-08-16 00:58 - 2015-07-16 21:06 - 00690176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-08-16 00:58 - 2015-07-16 21:06 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-08-16 00:58 - 2015-07-16 21:06 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-08-16 00:58 - 2015-07-16 21:06 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-08-16 00:58 - 2015-07-13 23:23 - 01744384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-08-16 00:58 - 2015-07-13 23:23 - 01422336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-08-16 00:58 - 2015-07-13 23:05 - 02340864 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-08-16 00:58 - 2015-07-13 23:05 - 01850880 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-08-16 00:55 - 2015-07-29 16:45 - 01412608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-08-16 00:55 - 2015-07-29 16:45 - 00035328 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-08-16 00:55 - 2015-07-29 15:52 - 01840640 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-08-16 00:55 - 2015-07-29 15:52 - 01280000 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-08-16 00:55 - 2015-07-29 15:52 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-08-16 00:55 - 2015-07-28 00:42 - 00304128 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-08-16 00:55 - 2015-07-28 00:40 - 04064768 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-08-16 00:55 - 2015-07-28 00:40 - 00366592 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-08-16 00:55 - 2015-07-15 18:09 - 06969688 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-08-16 00:55 - 2015-07-15 18:09 - 00095064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-08-16 00:55 - 2015-07-15 18:06 - 01824296 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-08-16 00:55 - 2015-07-15 15:49 - 01410000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-08-16 00:55 - 2015-07-15 15:29 - 01333248 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-08-16 00:55 - 2015-07-09 23:47 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-08-16 00:55 - 2015-07-09 23:47 - 00243712 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-08-16 00:55 - 2015-07-09 22:18 - 00233984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2015-08-16 00:55 - 2015-06-09 15:09 - 00411133 _____ C:\Windows\system32\ApnDatabase.xml
2015-08-15 11:14 - 2015-08-15 11:14 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-08-03 12:12 - 2015-08-03 12:12 - 00045680 ____H (LogMeIn Inc.) C:\Windows\system32\Drivers\Hamdrv.sys

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-08-31 23:07 - 2015-06-07 20:44 - 00000000 ____D C:\FRST
2015-08-31 23:00 - 2015-06-18 06:45 - 00001290 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-817472733-4082136947-4255886928-1001UA.job
2015-08-31 23:00 - 2013-11-19 21:28 - 00001136 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-31 22:59 - 2014-12-27 12:46 - 00000000 ___RD C:\Users\Markus Radosztics\iCloudDrive
2015-08-31 22:59 - 2013-11-19 21:28 - 00001132 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-31 22:59 - 2013-10-01 21:22 - 00000000 ____D C:\ProgramData\NVIDIA
2015-08-31 22:59 - 2012-07-26 09:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-31 22:54 - 2014-06-25 17:28 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-31 22:54 - 2013-09-30 19:17 - 00297004 _____ C:\Windows\PFRO.log
2015-08-31 22:49 - 2012-07-26 07:26 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-08-31 22:44 - 2013-09-30 19:24 - 01310764 _____ C:\Windows\WindowsUpdate.log
2015-08-31 22:37 - 2013-09-30 21:01 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-08-31 22:15 - 2014-12-27 12:45 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\36A80DEE-1AAD-4F7E-AA6A-4638F785B9B6.aplzod
2015-08-31 22:04 - 2013-11-22 22:24 - 00000366 _____ C:\Windows\Tasks\HP Photo Creations Communicator.job
2015-08-31 22:00 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\sru
2015-08-31 11:00 - 2015-06-18 06:45 - 00001238 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-817472733-4082136947-4255886928-1001Core.job
2015-08-31 08:55 - 2013-11-19 21:28 - 00004108 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-08-31 08:55 - 2013-11-19 21:28 - 00003872 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-08-31 08:22 - 2012-07-26 12:27 - 00751892 _____ C:\Windows\system32\perfh007.dat
2015-08-31 08:22 - 2012-07-26 12:27 - 00155620 _____ C:\Windows\system32\perfc007.dat
2015-08-31 08:22 - 2012-07-26 09:28 - 01745416 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-31 08:20 - 2013-09-30 19:30 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-817472733-4082136947-4255886928-1001
2015-08-31 08:17 - 2013-10-13 20:57 - 00000000 ___RD C:\Users\Markus Radosztics\Dropbox
2015-08-31 08:17 - 2013-10-13 20:55 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\Dropbox
2015-08-31 08:16 - 2015-01-14 23:45 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\LogMeIn Hamachi
2015-08-31 08:16 - 2013-10-01 18:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-27 12:52 - 2013-10-01 18:41 - 00001171 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-08-27 12:52 - 2013-09-30 19:24 - 00001450 _____ C:\Users\Markus Radosztics\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-08-26 08:46 - 2013-10-02 17:05 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\Skype
2015-08-23 14:35 - 2015-06-07 21:40 - 00001270 _____ C:\Users\Markus Radosztics\Desktop\Revo Uninstaller.lnk
2015-08-23 14:35 - 2015-06-07 21:40 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2015-08-23 12:44 - 2014-02-01 13:30 - 00000000 ____D C:\Program Files (x86)\Java
2015-08-22 15:17 - 2014-08-06 12:17 - 00000000 ____D C:\ProgramData\TuneUp Software
2015-08-22 12:04 - 2015-02-23 20:21 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-08-22 12:04 - 2013-10-02 17:05 - 00000000 ____D C:\ProgramData\Skype
2015-08-22 10:00 - 2015-03-18 18:45 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-08-22 10:00 - 2014-06-17 22:52 - 00005182 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for WAUT0001-Markus Radosztics WAUT0001
2015-08-21 15:10 - 2013-11-25 12:30 - 00000000 ____D C:\Windows\Minidump
2015-08-21 08:52 - 2015-03-20 10:39 - 00507984 _____ C:\Windows\system32\FNTCACHE.DAT
2015-08-20 22:50 - 2013-09-30 19:24 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\VirtualStore
2015-08-20 22:30 - 2013-09-30 19:24 - 00000000 ____D C:\Users\Markus Radosztics
2015-08-20 22:10 - 2014-02-01 13:30 - 00000000 ____D C:\ProgramData\Oracle
2015-08-20 22:06 - 2012-07-26 07:26 - 00000269 _____ C:\Windows\win.ini
2015-08-20 21:22 - 2014-11-19 18:47 - 00000000 ____D C:\Program Files (x86)\Samsung
2015-08-20 21:22 - 2013-12-19 13:46 - 00000000 ____D C:\Users\Markus Radosztics\Documents\samsung
2015-08-20 21:22 - 2013-12-19 13:46 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\Samsung
2015-08-20 21:18 - 2013-12-19 13:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2015-08-20 21:18 - 2013-09-30 19:32 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-08-20 20:58 - 2013-09-30 20:29 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\Downloaded Installations
2015-08-20 20:27 - 2015-06-03 20:07 - 00000000 ____D C:\Program Files (x86)\A1 Servicecenter
2015-08-20 14:09 - 2015-03-18 18:59 - 00002321 _____ C:\Users\Markus Radosztics\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-08-20 11:37 - 2013-09-30 21:01 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-08-20 10:43 - 2013-09-30 20:20 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-08-20 10:42 - 2013-09-30 20:20 - 00000000 ____D C:\ProgramData\Apple
2015-08-19 21:47 - 2013-09-30 19:24 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\Packages
2015-08-19 21:18 - 2012-07-26 09:59 - 00000000 ____D C:\Windows\CbsTemp
2015-08-19 17:27 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\GroupPolicy
2015-08-16 18:23 - 2015-07-14 21:02 - 00000650 _____ C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2015-08-16 18:22 - 2015-04-17 08:09 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-08-16 18:22 - 2015-04-17 08:09 - 00000000 ____D C:\Windows\system32\appraiser
2015-08-16 18:22 - 2013-09-30 19:57 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-08-16 18:22 - 2013-09-30 19:57 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-08-16 18:22 - 2012-07-26 10:12 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-16 18:22 - 2012-07-26 10:12 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-16 18:22 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows Defender
2015-08-16 18:22 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-08-16 10:55 - 2013-09-30 19:53 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-08-16 10:55 - 2013-09-30 19:52 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-08-16 10:54 - 2013-09-30 19:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-08-16 10:53 - 2013-09-30 22:57 - 00000000 ____D C:\Windows\system32\MRT
2015-08-16 10:51 - 2013-09-30 22:57 - 132483416 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-08-16 10:46 - 2012-07-26 10:12 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-16 10:46 - 2012-07-26 10:12 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-15 11:11 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\AUInstallAgent
2015-08-08 04:27 - 2012-07-26 10:14 - 00793544 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-08-08 04:27 - 2012-07-26 10:14 - 00177632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-08-27 12:52 - 2015-08-27 12:52 - 4241742 _____ (Bycatch) C:\Program Files\Common Files\ypiub0mz.exe
2015-08-20 23:02 - 2015-08-20 23:02 - 0002228 _____ () C:\Users\Markus Radosztics\AppData\Roaming\Cus4wE9mf.exe.lnk
2015-08-20 23:02 - 2015-08-20 23:02 - 0002250 _____ () C:\Users\Markus Radosztics\AppData\Roaming\mKEEssqw2b6jam0xKEJW.exe.lnk
2013-09-30 20:29 - 2013-09-30 20:29 - 0000268 ___RH () C:\Users\Markus Radosztics\AppData\Roaming\String Ensemble
2013-09-30 20:30 - 2013-09-30 20:30 - 0000268 ___RH () C:\Users\Markus Radosztics\AppData\Roaming\Strings
2013-09-30 20:29 - 2013-09-30 20:29 - 0000268 ___RH () C:\Users\Markus Radosztics\AppData\Roaming\Super Strings
2013-09-30 20:29 - 2013-09-30 20:29 - 0000268 ___RH () C:\Users\Markus Radosztics\AppData\Roaming\Techno Kit
2014-02-05 18:38 - 2015-06-07 12:43 - 0000156 _____ () C:\Users\Markus Radosztics\AppData\Roaming\WB.CFG
2013-11-06 10:01 - 2014-08-12 18:27 - 0006144 _____ () C:\Users\Markus Radosztics\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-12-23 18:56 - 2014-12-23 18:56 - 0007606 _____ () C:\Users\Markus Radosztics\AppData\Local\Resmon.ResmonCfg
2015-08-20 22:04 - 2015-08-20 22:04 - 0047616 _____ () C:\Users\Markus Radosztics\AppData\Local\Salttex.exe
2015-08-20 22:04 - 2015-08-20 22:04 - 0000187 _____ () C:\Users\Markus Radosztics\AppData\Local\Salttex.exe.config
2013-10-02 17:42 - 2013-10-02 17:42 - 0000057 _____ () C:\ProgramData\Ament.ini
2014-07-07 09:16 - 2014-07-07 09:16 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2013-09-30 20:29 - 2013-09-30 20:29 - 0000012 ___RH () C:\ProgramData\howto
2013-09-30 20:29 - 2013-09-30 20:29 - 0000020 ____H () C:\ProgramData\PKP_DLeo.DAT
2013-09-30 20:30 - 2013-09-30 20:30 - 0000020 ____H () C:\ProgramData\PKP_DLes.DAT
2013-09-30 20:29 - 2013-09-30 20:30 - 0000020 ____H () C:\ProgramData\PKP_DLet.DAT
2013-09-30 20:29 - 2013-09-30 20:29 - 0000020 ____H () C:\ProgramData\PKP_DLev.DAT
2013-09-30 20:29 - 2013-09-30 20:29 - 0000268 ___RH () C:\ProgramData\Sync Schema
2013-09-30 20:30 - 2013-09-30 20:30 - 0000268 ___RH () C:\ProgramData\Sync Services
2013-09-30 20:29 - 2013-09-30 20:29 - 0000268 ___RH () C:\ProgramData\Synth Basics
2013-09-30 20:29 - 2013-09-30 20:29 - 0000012 ___RH () C:\ProgramData\Track Settings
2013-09-30 20:30 - 2013-09-30 20:30 - 0000012 ___RH () C:\ProgramData\Transportation
2013-09-30 20:29 - 2013-09-30 20:29 - 0000012 ___RH () C:\ProgramData\Tremolo

Einige Dateien in TEMP:
====================
C:\Users\Markus Radosztics\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpzfuwrr.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-08-27 18:43

==================== Ende von FRST.txt ============================
Ich hoffe, diesmal hab ich alles richtig gemacht.

lg Don Camillo

Alt 01.09.2015, 17:32   #28
schrauber
/// the machine
/// TB-Ausbilder
 
Ständig öffnen sich neue Internet-Fenster - Standard

Ständig öffnen sich neue Internet-Fenster


Nee, nicht Safe Mode wählen, sondern Computer Reparieren
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 02.09.2015, 20:11   #29
Don_Camillo
 
Ständig öffnen sich neue Internet-Fenster - Standard

Ständig öffnen sich neue Internet-Fenster


Diesmal hab ich Computer reparieren geklickt und dann via Eingabeaufforderung FRST64 gestartet und gescannt. Hier das Ergebnis:

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:21-08-2015
durchgeführt von SYSTEM auf MININT-3R851RD (02-09-2015 21:05:14)
Gestartet von I:\
Platform: Windows 8 Pro (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 10
Start-Modus: Recovery

Standard: ControlSet001
ACHTUNG!:=====> Wenn das System startfähig ist sollte FRST im normalen oder abgesicherten Modus ausgeführt werden, um ein vollständiges Ergebnis zu erhalten.

Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8466136 2015-04-30] (Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => "D:\Programme\iTunesHelper.exe"
HKLM\...\Run: [gpuminer] => C:\Users\Markus Radosztics\AppData\Roaming\cpuminer\sgminer\sgminer.cmd [218 2015-08-17] ()
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288 2010-10-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [36760 2010-10-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [821144 2010-10-25] (Adobe Systems Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-05-15] (Apple Inc.)
HKLM-x32\...\Run: [Nikon Message Center 2] => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [571392 2011-10-30] (Nikon Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [A1Servicecenter] => C:\Program Files (x86)\A1 Servicecenter\A1 Servicecenter\A1Servicecenter_Launcher.exe [11467864 2015-05-27] (A1)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => D:\Games\LogMeIn Hamachi\hamachi-2-ui.exe [5579624 2015-08-03] (LogMeIn Inc.)
HKLM-x32\...\Run: [ QQPCTray] => C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16600.237\QQPCTRAY.EXE [355296 2015-08-20] (Tencent)
HKLM-x32\...\Run: [RSDTRAY] => C:\Program Files (x86)\Rising\RSD\popwndexe.exe [126808 2012-09-25] (Beijing Rising Information Technology Co., Ltd.)
HKU\Markus Radosztics\...\Run: [Voobly] => C:\Program Files (x86)\Voobly\voobly.exe [159744 2015-01-12] (Voobly)
HKU\Markus Radosztics\...\Run: [HP Officejet 6600 (NET)] => C:\Program Files\HP\HP Officejet 6600\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\Markus Radosztics\...\Run: [Steam] => D:\Games\Steam.exe [2899136 2015-08-19] (Valve Corporation)
HKU\Markus Radosztics\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2015-04-26] (Apple Inc.)
HKU\Markus Radosztics\...\Run: [TomTomHOME.exe] => C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [248176 2014-06-05] (TomTom)
HKU\Markus Radosztics\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2015-04-26] (Apple Inc.)
HKU\Markus Radosztics\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [43816 2015-04-26] (Apple Inc.)
HKU\Markus Radosztics\...\Run: [Dropbox Update] => C:\Users\Markus Radosztics\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-18] (Dropbox, Inc.)
HKU\Markus Radosztics\...\Run: [OneDrive] => C:\Users\Markus Radosztics\AppData\Local\Microsoft\OneDrive\OneDrive.exe [404064 2015-08-20] (Microsoft Corporation)
HKU\Markus Radosztics\...\Run: [Shop-wit] => C:\Program Files (x86)\shopwit\shopwit\1.4.0.7\shopwit.exe
HKU\Markus Radosztics\...\Run: [apphide] => C:\Program Files (x86)\baidu\pps.exe
HKU\Markus Radosztics\...\Run: [GoogleChromeAutoLaunch_FEA560871AAA9104DF8D8385F4A465BE] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [863560 2015-08-18] (Google Inc.)
HKU\Markus Radosztics\...\RunOnce: [Uninstall C:\Users\Markus Radosztics\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Markus Radosztics\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64"
HKU\Markus Radosztics\...\RunOnce: [Uninstall C:\Users\Markus Radosztics\AppData\Local\Microsoft\OneDrive\17.3.5907.0716] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Markus Radosztics\AppData\Local\Microsoft\OneDrive\17.3.5907.0716"
AppInit_DLLs: C:\ProgramData\Saophase\StrongDubflex.dll => C:\ProgramData\Saophase\StrongDubflex.dll [212992 2015-08-27] ()
AppInit_DLLs-x32: C:\ProgramData\Saophase\Alphawarm.dll => C:\ProgramData\Saophase\Alphawarm.dll [194560 2015-08-27] ()
Startup: C:\Users\Markus Radosztics\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2015-03-18]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files (x86)\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Markus Radosztics\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2013-10-13]
ShortcutTarget: Dropbox.lnk ->  (Keine Datei)
GroupPolicy: Gruppenrichtline auf Chrome erkannt <======= ACHTUNG

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 acengine; C:\Program Files (x86)\FastSearch\acengine.exe [1839728 2015-08-11] (Abengine)
S2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
S2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-07-04] ()
S2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
S2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
S2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2765496 2015-07-14] (Microsoft Corporation)
S2 Hamachi2Svc; D:\Games\LogMeIn Hamachi\hamachi-2.exe [2545512 2015-08-03] (LogMeIn Inc.)
S2 IHProtect Service; C:\Program Files (x86)\MiniLite\ProtectService.exe [129688 2015-08-20] (XTab system)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\LENOVO\easyplussdk\bin\EPHotspot64.exe [619776 2015-01-15] (Lenovo)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.149\McCHSvc.exe [289256 2015-06-26] (McAfee, Inc.)
S2 MSI_Trigger_Service; C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe [30240 2013-09-26] (MICRO-STAR INTERNATIONAL CO., LTD.)
S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation)
S3 Origin Client Service; D:\Games\Origin\OriginClientService.exe [1931632 2015-05-15] (Electronic Arts)
S2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2015-05-23] ()
S2 QQPCRTP; C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16600.237\QQPCRtp.exe [297608 2015-08-20] (Tencent)
S2 RsMgrSvc; C:\Program Files (x86)\Rising\RSD\RsMgrSvc.exe [196288 2015-08-20] (Beijing Rising Information Technology Co., Ltd.)
S3 TAOFrame; C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16600.237\TAOFrame.exe [293856 2015-08-20] (Tencent)
S2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2145080 2015-06-25] (TuneUp Software)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2015-07-06] (Microsoft Corporation)
S2 dojoluri; C:\Program Files (x86)\00000000-1440101150-0000-0000-448A5BA07B78\knsb4C96.tmp [X]
S2 eproduct; C:\Users\Markus Radosztics\AppData\Local\Salttex.exe uydate eproduct [X]
S2 ExtTag; C:\ProgramData\ExtTag\ExtTag.exe [X]
S2 hyverumu; C:\Program Files (x86)\00000000-1440101150-0000-0000-448A5BA07B78\jnsiE347.tmp [X]
S2 igfx32; "C:\Program Files\igfx32\igfx32.exe" /s iid=2679535 did=Missing sid= ref= id=047e6a478a9cd5449350448a9fe4f569a5544d0a771fdc73cd2034f9b95a9549 [X]
S2 kefowydy; C:\Program Files (x86)\00000000-1440101150-0000-0000-448A5BA07B78\hnsf344.tmp [X]
S2 Saophase; C:\ProgramData\Saophase\Saophase.exe [X]
S2 Service Mgr GreatFind; "C:\ProgramData\d64c6aa4-9b30-4b06-8859-0cfa31bd50dc\plugincontainer.exe" [X]
S2 Update Mgr GreatFind; "C:\Program Files (x86)\Common Files\d64c6aa4-9b30-4b06-8859-0cfa31bd50dc\updater.exe" [X]
S2 WindowsMangerProtect; C:\ProgramData\WWinManProW\ProtectWindowsManager.exe -service [X] <==== ACHTUNG

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S5 3ware; C:\Windows\System32\drivers\3ware.sys [106736 2012-07-26] (LSI)
S5 ACPI; C:\Windows\System32\drivers\ACPI.sys [425192 2012-09-20] (Microsoft Corporation)
S5 acpiex; C:\Windows\System32\Drivers\acpiex.sys [77040 2012-07-26] (Microsoft Corporation)
S2 acwfp; C:\Windows\system32\Drivers\acwfp64.sys [45784 2015-08-13] (Abengine)
S5 adp94xx; C:\Windows\System32\drivers\adp94xx.sys [492272 2012-07-26] (Adaptec, Inc.)
S5 adpahci; C:\Windows\System32\drivers\adpahci.sys [340720 2012-07-26] (Adaptec, Inc.)
S5 adpu320; C:\Windows\System32\drivers\adpu320.sys [184048 2012-07-26] (Adaptec, Inc.)
S5 agp440; C:\Windows\System32\drivers\agp440.sys [63216 2012-07-26] (Microsoft Corporation)
S5 amdsata; C:\Windows\System32\drivers\amdsata.sys [76016 2012-07-26] (Advanced Micro Devices)
S5 amdsbs; C:\Windows\System32\drivers\amdsbs.sys [258288 2012-07-26] (AMD Technologies Inc.)
S5 amdxata; C:\Windows\System32\drivers\amdxata.sys [26352 2012-07-26] (Advanced Micro Devices)
S5 arc; C:\Windows\System32\drivers\arc.sys [104688 2012-07-26] (PMC-Sierra, Inc.)
S5 arcsas; C:\Windows\System32\drivers\arcsas.sys [108272 2012-07-26] (PMC-Sierra, Inc.)
S1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-21] ()
S5 atapi; C:\Windows\System32\drivers\atapi.sys [25840 2012-07-26] (Microsoft Corporation)
S5 b06bdrv; C:\Windows\System32\drivers\bxvbda.sys [533224 2012-09-20] (Broadcom Corporation)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
S5 CLFS; C:\Windows\System32\drivers\CLFS.sys [361280 2015-03-04] (Microsoft Corporation)
S5 CNG; C:\Windows\System32\Drivers\cng.sys [570248 2015-04-13] (Microsoft Corporation)
S5 disk; C:\Windows\System32\drivers\disk.sys [100696 2013-10-13] (Microsoft Corporation)
S3 e1dexpress; C:\Windows\system32\DRIVERS\e1d63x64.sys [468752 2013-02-27] (Intel Corporation)
S5 ebdrv; C:\Windows\System32\drivers\evbda.sys [3265256 2012-09-20] (Broadcom Corporation)
S5 EhStorClass; C:\Windows\System32\drivers\EhStorClass.sys [81136 2012-07-26] (Microsoft Corporation)
S5 EhStorTcgDrv; C:\Windows\System32\drivers\EhStorTcgDrv.sys [113904 2012-07-26] (Microsoft Corporation)
S5 FileInfo; C:\Windows\System32\drivers\fileinfo.sys [71920 2012-07-26] (Microsoft Corporation)
S5 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [374512 2012-07-26] (Microsoft Corporation)
S5 Fs_Rec; C:\Windows\System32\Drivers\Fs_Rec.sys [25328 2012-07-26] (Microsoft Corporation)
S5 fvevol; C:\Windows\System32\DRIVERS\fvevol.sys [465240 2013-08-21] (Microsoft Corporation)
S5 gagp30kx; C:\Windows\System32\drivers\gagp30kx.sys [66800 2012-07-26] (Microsoft Corporation)
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2015-08-03] (LogMeIn Inc.)
S5 HpSAMD; C:\Windows\System32\drivers\HpSAMD.sys [64752 2012-07-26] (Hewlett-Packard Company)
S5 hwpolicy; C:\Windows\System32\drivers\hwpolicy.sys [24816 2012-07-26] (Microsoft Corporation)
S5 iaStorV; C:\Windows\System32\drivers\iaStorV.sys [411888 2012-07-26] (Intel Corporation)
S5 iirsp; C:\Windows\System32\drivers\iirsp.sys [45296 2012-07-26] (Intel Corp./ICP vortex GmbH)
S5 intelide; C:\Windows\System32\drivers\intelide.sys [18672 2012-07-26] (Microsoft Corporation)
S5 isapnp; C:\Windows\System32\drivers\isapnp.sys [22256 2012-07-26] (Microsoft Corporation)
S5 KSecDD; C:\Windows\System32\Drivers\ksecdd.sys [100184 2015-05-02] (Microsoft Corporation)
S5 KSecPkg; C:\Windows\System32\Drivers\ksecpkg.sys [171352 2015-06-27] (Microsoft Corporation)
S5 LSI_SAS; C:\Windows\System32\drivers\lsi_sas.sys [108784 2012-07-26] (LSI Corporation)
S5 LSI_SAS2; C:\Windows\System32\drivers\lsi_sas2.sys [92400 2012-07-26] (LSI Corporation)
S5 LSI_SCSI; C:\Windows\System32\drivers\lsi_scsi.sys [116976 2012-07-26] (LSI Corporation)
S5 LSI_SSS; C:\Windows\System32\drivers\lsi_sss.sys [81136 2012-07-26] (LSI Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-06-21] (Malwarebytes Corporation)
S5 megasas; C:\Windows\System32\drivers\megasas.sys [51952 2012-07-26] (LSI Corporation)
S5 MegaSR; C:\Windows\System32\drivers\MegaSR.sys [353008 2012-07-26] (LSI Corporation, Inc.)
S3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation)
S5 mountmgr; C:\Windows\System32\drivers\mountmgr.sys [95064 2015-07-15] (Microsoft Corporation)
S5 msisadrv; C:\Windows\System32\drivers\msisadrv.sys [17136 2012-07-26] (Microsoft Corporation)
S5 Mup; C:\Windows\System32\Drivers\mup.sys [83696 2012-07-26] (Microsoft Corporation)
S5 mvumis; C:\Windows\System32\drivers\mvumis.sys [64240 2012-07-26] (Marvell Semiconductor, Inc.)
S5 NDIS; C:\Windows\System32\drivers\ndis.sys [997632 2013-06-16] (Microsoft Corporation)
S5 nfrd960; C:\Windows\System32\drivers\nfrd960.sys [52464 2012-07-26] (IBM Corporation)
S5 nvraid; C:\Windows\System32\drivers\nvraid.sys [150256 2012-07-26] (NVIDIA Corporation)
S5 nvstor; C:\Windows\System32\drivers\nvstor.sys [168176 2012-07-26] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation)
S3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
S5 nv_agp; C:\Windows\System32\drivers\nv_agp.sys [125168 2012-07-26] (Microsoft Corporation)
S5 partmgr; C:\Windows\System32\drivers\partmgr.sys [91880 2013-01-10] (Microsoft Corporation)
S5 pci; C:\Windows\System32\drivers\pci.sys [234224 2012-07-26] (Microsoft Corporation)
S5 pciide; C:\Windows\System32\drivers\pciide.sys [14064 2012-07-26] (Microsoft Corporation)
S5 pcmcia; C:\Windows\System32\drivers\pcmcia.sys [237808 2012-07-26] (Microsoft Corporation)
S5 pcw; C:\Windows\System32\drivers\pcw.sys [52464 2012-07-26] (Microsoft Corporation)
S5 pdc; C:\Windows\System32\drivers\pdc.sys [69864 2013-03-02] (Microsoft Corporation)
S1 QMUdisk; C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16600.237\QMUdisk64.sys [62264 2015-08-20] (Tencent)
S2 QQSysMonX64; C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16600.237\QQSysMonX64.sys [138040 2015-08-20] (电脑管家)
S5 rdyboost; C:\Windows\System32\drivers\rdyboost.sys [217328 2012-07-26] (Microsoft Corporation)
S5 sbp2port; C:\Windows\System32\drivers\sbp2port.sys [107760 2012-07-26] (Microsoft Corporation)
S5 SiSRaid2; C:\Windows\System32\drivers\SiSRaid2.sys [44784 2012-07-26] (Silicon Integrated Systems Corp.)
S5 SiSRaid4; C:\Windows\System32\drivers\sisraid4.sys [81648 2012-07-26] (Silicon Integrated Systems)
S5 spaceport; C:\Windows\System32\drivers\spaceport.sys [285016 2013-10-05] (Microsoft Corporation)
S5 stexstor; C:\Windows\System32\drivers\stexstor.sys [30960 2012-07-26] (Promise Technology, Inc.)
S5 storahci; C:\Windows\System32\drivers\storahci.sys [77544 2013-03-02] (Microsoft Corporation)
S5 storflt; C:\Windows\System32\DRIVERS\vmstorfl.sys [45160 2012-07-26] (Microsoft Corporation)
S5 storvsc; C:\Windows\System32\drivers\storvsc.sys [37992 2012-07-26] (Microsoft Corporation)
S2 TAOAccelerator; C:\Windows\system32\Drivers\TAOAccelerator64.sys [74040 2015-08-20] (Tencent)
S1 TAOKernelDriver; C:\Windows\System32\Drivers\TAOKernel64.sys [274232 2015-08-20] (Tencent Technology(Shenzhen) Company Limited)
S5 Tcpip; C:\Windows\System32\drivers\tcpip.sys [2233152 2014-09-13] (Microsoft Corporation)
S3 TFsFlt; C:\Windows\System32\Drivers\TFsFltX64.sys [87864 2015-08-20] (电脑管家)
S3 TS888x64; C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16600.237\TS888x64.sys [28984 2015-09-02] (Tencent)
S1 TSDefenseBt; C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16600.237\TsDefenseBT64.sys [28472 2015-08-20] (Tencent)
S1 TSSysKit; C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16600.237\TSSysKit64.sys [87352 2015-08-20] (电脑管家)
S3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [31144 2015-06-04] (TuneUp Software)
S5 uagp35; C:\Windows\System32\drivers\uagp35.sys [65776 2012-07-26] (Microsoft Corporation)
S5 uliagpkx; C:\Windows\System32\drivers\uliagpkx.sys [66800 2012-07-26] (Microsoft Corporation)
S5 vdrvroot; C:\Windows\System32\drivers\vdrvroot.sys [36080 2012-07-26] (Microsoft Corporation)
S5 viaide; C:\Windows\System32\drivers\viaide.sys [19184 2012-07-26] (VIA Technologies, Inc.)
S5 vmbus; C:\Windows\System32\drivers\vmbus.sys [137832 2012-07-26] (Microsoft Corporation)
S5 volmgr; C:\Windows\System32\drivers\volmgr.sys [83184 2012-07-26] (Microsoft Corporation)
S5 volmgrx; C:\Windows\System32\drivers\volmgrx.sys [378608 2012-07-26] (Microsoft Corporation)
S5 volsnap; C:\Windows\System32\drivers\volsnap.sys [328000 2014-07-04] (Microsoft Corporation)
S5 vsmraid; C:\Windows\System32\drivers\vsmraid.sys [164080 2012-07-26] (VIA Technologies Inc.,Ltd)
S5 VSTXRAID; C:\Windows\System32\drivers\vstxraid.sys [322800 2012-07-26] (VIA Corporation)
S5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [64000 2012-07-26] (Microsoft Corporation)
S5 Wd; C:\Windows\System32\drivers\wd.sys [23792 2012-07-26] (Microsoft Corporation)
S5 Wdf01000; C:\Windows\System32\drivers\Wdf01000.sys [785624 2013-06-22] (Microsoft Corporation)
S5 WFPLWFS; C:\Windows\System32\DRIVERS\wfplwfs.sys [96576 2014-12-18] (Microsoft Corporation)
S1 {092386fb-9faf-4d52-817c-d4095ab6e5cd}Gw64; C:\Windows\System32\drivers\{092386fb-9faf-4d52-817c-d4095ab6e5cd}Gw64.sys [48784 2015-08-19] (StdLib)
S1 {8b8ff336-6f1d-48e8-bf3a-a8cbaafdd963}Gw64; C:\Windows\System32\drivers\{8b8ff336-6f1d-48e8-bf3a-a8cbaafdd963}Gw64.sys [48784 2015-08-20] (StdLib)
S1 {987371d1-e860-4e27-ba6a-35575fd33b7c}Gw64; C:\Windows\System32\drivers\{987371d1-e860-4e27-ba6a-35575fd33b7c}Gw64.sys [48784 2015-08-20] (StdLib)
S3 MSICDSetup; \??\E:\CDriver64.sys [X]
S3 NTIOLib_1_0_C; \??\E:\NTIOLib_X64.sys [X]
S1 rrfd_vw_1_10_0_22; system32\drivers\rrfd_vw_1_10_0_22.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-08-31 07:21 - 2015-08-31 07:21 - 00002770 _____ C:\Windows\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013
2015-08-27 22:37 - 2015-08-27 22:37 - 00003248 _____ C:\Windows\System32\Tasks\uydate
2015-08-27 11:52 - 2015-08-30 16:30 - 00000000 ____D C:\ProgramData\Saophase
2015-08-27 11:52 - 2015-08-27 11:52 - 04241742 _____ (Bycatch) C:\Program Files\Common Files\ypiub0mz.exe
2015-08-27 11:52 - 2015-08-27 11:52 - 00000000 ____D C:\ProgramData\Saophases
2015-08-27 11:36 - 2015-08-27 11:36 - 00003156 _____ C:\Windows\System32\Tasks\r4v4x4kf
2015-08-27 11:36 - 2015-08-27 11:36 - 00000000 ____D C:\Program Files\Common Files\vkwznlph
2015-08-24 23:40 - 2015-08-24 23:40 - 00003156 _____ C:\Windows\System32\Tasks\kajl01mh
2015-08-24 23:40 - 2015-08-24 23:40 - 00000000 ____D C:\Program Files\Common Files\r5lybh4n
2015-08-23 13:58 - 2015-08-27 11:52 - 00002265 _____ C:\Users\Markus Radosztics\Desktop\Google Chrome.lnk
2015-08-23 13:56 - 2015-08-23 13:56 - 00931408 _____ (Google Inc.) C:\Users\Markus Radosztics\Downloads\ChromeSetup.exe
2015-08-23 13:33 - 2015-08-23 13:33 - 01260832 _____ C:\Users\Markus Radosztics\Downloads\Revo Uninstaller - CHIP-Installer.exe
2015-08-23 13:04 - 2015-08-30 22:56 - 00000000 ____D C:\Users\Markus Radosztics\Downloads\FRST-OlderVersion
2015-08-23 13:01 - 2015-08-31 22:07 - 00070173 _____ C:\Users\Markus Radosztics\Downloads\FRST.txt
2015-08-23 13:01 - 2015-08-23 13:02 - 00081428 _____ C:\Users\Markus Radosztics\Downloads\Addition.txt
2015-08-23 13:00 - 2015-08-23 13:00 - 00018325 _____ C:\Users\Markus Radosztics\Desktop\Fixlist.txt
2015-08-23 11:05 - 2015-09-02 19:35 - 00000320 _____ C:\Windows\Tasks\PC-Mechanic Maintenance.job
2015-08-23 11:05 - 2015-09-02 14:20 - 00000334 _____ C:\Windows\Tasks\PC-Mechanic Startup.job
2015-08-23 11:05 - 2015-08-23 11:05 - 00003248 _____ C:\Windows\System32\Tasks\PC-Mechanic Maintenance
2015-08-23 11:05 - 2015-08-23 11:05 - 00002630 _____ C:\Windows\System32\Tasks\PC-Mechanic Startup
2015-08-23 11:05 - 2015-08-23 11:05 - 00001171 _____ C:\Users\Public\Desktop\PC Mechanic.lnk
2015-08-23 11:05 - 2015-08-23 11:05 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\Uniblue
2015-08-23 11:05 - 2015-08-23 11:05 - 00000000 ____D C:\Program Files (x86)\Uniblue
2015-08-22 14:20 - 2015-08-22 14:20 - 00852684 _____ C:\Users\Markus Radosztics\Desktop\SecurityCheck.exe
2015-08-22 13:31 - 2015-08-27 10:28 - 00000000 ____D C:\ProgramData\d64c6aa4-9b30-4b06-8859-0cfa31bd50dc
2015-08-22 13:31 - 2015-08-22 13:31 - 00002215 _____ C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
2015-08-22 13:31 - 2015-08-22 13:31 - 00002195 _____ C:\Users\Public\Desktop\TuneUp Utilities 2014.lnk
2015-08-22 13:31 - 2015-08-22 13:31 - 00000000 ____D C:\Program Files (x86)\Great Find
2015-08-22 13:31 - 2015-06-25 06:53 - 00040760 _____ (TuneUp Software) C:\Windows\System32\TURegOpt.exe
2015-08-22 13:31 - 2015-06-25 06:53 - 00029496 _____ (TuneUp Software) C:\Windows\System32\authuitu.dll
2015-08-22 13:31 - 2015-06-25 06:53 - 00025400 _____ (TuneUp Software) C:\Windows\SysWOW64\authuitu.dll
2015-08-22 13:30 - 2015-08-23 11:04 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\OpenCandy
2015-08-22 13:30 - 2015-08-22 13:31 - 00000000 ____D C:\Program Files (x86)\TuneUp Utilities 2014
2015-08-22 12:05 - 2015-08-22 12:05 - 02870984 _____ (ESET) C:\Users\Markus Radosztics\Downloads\esetsmartinstaller_deu.exe
2015-08-21 22:42 - 2015-08-27 11:52 - 00002377 _____ C:\Windows\SysWOW64\findit.xml
2015-08-21 22:42 - 2015-08-21 22:42 - 00000000 ____D C:\ProgramData\ExtTags
2015-08-21 14:10 - 2015-08-21 14:10 - 00957064 _____ C:\Windows\Minidump\082115-9765-01.dmp
2015-08-21 09:36 - 2015-08-21 09:36 - 01162256 _____ C:\Windows\Minidump\082115-8296-01.dmp
2015-08-21 08:25 - 2015-08-21 08:25 - 00001051 _____ C:\Users\Markus Radosztics\Desktop\AnyProtect.lnk
2015-08-21 08:24 - 2015-09-02 18:43 - 00000000 ____D C:\ProgramData\update
2015-08-21 08:24 - 2015-08-24 22:37 - 00000000 ____D C:\Program Files (x86)\AnyProtectEx
2015-08-21 08:24 - 2015-08-22 10:46 - 00000000 ____D C:\ProgramData\WWinManProW
2015-08-21 08:24 - 2015-08-21 08:24 - 00000000 ____D C:\Program Files (x86)\MiniLite
2015-08-21 08:14 - 2015-08-30 22:56 - 02188288 _____ (Farbar) C:\Users\Markus Radosztics\Downloads\FRST64.exe
2015-08-20 22:02 - 2015-08-20 22:02 - 00002250 _____ C:\Users\Markus Radosztics\AppData\Roaming\mKEEssqw2b6jam0xKEJW.exe.lnk
2015-08-20 22:02 - 2015-08-20 22:02 - 00002228 _____ C:\Users\Markus Radosztics\AppData\Roaming\Cus4wE9mf.exe.lnk
2015-08-20 21:58 - 2015-09-02 14:21 - 00028984 _____ (Tencent) C:\Windows\SysWOW64\Drivers\TS888x64.sys
2015-08-20 21:58 - 2015-08-20 21:58 - 00003338 _____ C:\Windows\System32\Tasks\RsDelayLauncher_{8A34248E-7D35-4832-8378-7659E0B0A380}
2015-08-20 21:57 - 2015-08-21 07:25 - 00000298 _____ C:\Windows\Tasks\Tempo Runner yvegdufu.job
2015-08-20 21:57 - 2015-08-21 07:25 - 00000298 _____ C:\Windows\Tasks\Tempo Runner yveg6ufu.job
2015-08-20 21:57 - 2015-08-20 21:57 - 00002442 _____ C:\Windows\System32\Tasks\Tempo Runner yvegdufu
2015-08-20 21:57 - 2015-08-20 21:57 - 00002442 _____ C:\Windows\System32\Tasks\Tempo Runner yveg6ufu
2015-08-20 21:51 - 2015-08-21 07:53 - 00000000 ____D C:\ProgramData\Rising
2015-08-20 21:51 - 2015-08-21 07:53 - 00000000 ____D C:\Program Files (x86)\Rising
2015-08-20 21:51 - 2015-08-20 23:36 - 00000000 ___RD C:\RavBin
2015-08-20 21:51 - 2014-07-30 03:44 - 00091928 ____N (Beijing Rising Information Technology Co., Ltd.) C:\Windows\SysWOW64\vpatch.dll
2015-08-20 21:50 - 2015-08-20 21:50 - 00274232 _____ (Tencent Technology(Shenzhen) Company Limited) C:\Windows\System32\Drivers\TAOKernel64.sys
2015-08-20 21:50 - 2015-08-20 21:50 - 00087864 _____ (电脑管家) C:\Windows\System32\Drivers\TFsFltX64.sys
2015-08-20 21:50 - 2015-08-20 21:50 - 00074040 _____ (Tencent) C:\Windows\System32\Drivers\TAOAccelerator64.sys
2015-08-20 21:50 - 2015-08-20 21:50 - 00000000 ____D C:\ProgramData\TXQMPC
2015-08-20 21:50 - 2015-08-20 21:50 - 00000000 ____D C:\Program Files\Common Files\Tencent
2015-08-20 21:49 - 2015-08-20 22:31 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\Tencent
2015-08-20 21:49 - 2015-08-20 21:52 - 00000000 ____D C:\ProgramData\Tencent
2015-08-20 21:49 - 2015-08-20 21:49 - 00000000 ____D C:\Program Files (x86)\Tencent
2015-08-20 21:44 - 2015-08-20 21:44 - 00001113 _____ C:\Users\Markus Radosztics\Desktop\Continue Live Installation.lnk
2015-08-20 21:44 - 2015-08-20 21:44 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\istartsurf
2015-08-20 21:37 - 2015-08-20 21:37 - 00000000 _____ C:\dummy.htm
2015-08-20 21:32 - 2015-08-20 21:33 - 00000000 ____D C:\ProgramData\LocalStorage
2015-08-20 21:30 - 2015-08-20 21:30 - 00000000 ____D C:\Users\Markus Radosztics\.android
2015-08-20 21:29 - 2015-08-20 21:29 - 00001318 _____ C:\Users\Markus Radosztics\Desktop\全网影视.lnk
2015-08-20 21:29 - 2015-08-20 21:29 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\ppslog
2015-08-20 21:19 - 2015-08-21 07:25 - 00000378 _____ C:\Windows\Tasks\APSnotifierPP1.job
2015-08-20 21:19 - 2015-08-20 21:55 - 00000376 _____ C:\Windows\Tasks\APSnotifierPP2.job
2015-08-20 21:19 - 2015-08-20 21:49 - 00002832 _____ C:\Windows\System32\Tasks\APSnotifierPP1
2015-08-20 21:19 - 2015-08-20 21:49 - 00002830 _____ C:\Windows\System32\Tasks\APSnotifierPP3
2015-08-20 21:19 - 2015-08-20 21:49 - 00002830 _____ C:\Windows\System32\Tasks\APSnotifierPP2
2015-08-20 21:19 - 2015-08-20 21:49 - 00000376 _____ C:\Windows\Tasks\APSnotifierPP3.job
2015-08-20 21:17 - 2015-08-21 07:47 - 00000000 ____D C:\IQIYI Video
2015-08-20 21:17 - 2015-08-21 07:46 - 00000000 ____D C:\ProgramData\IQIYI Video
2015-08-20 21:17 - 2015-08-20 23:37 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\Unity
2015-08-20 21:17 - 2015-08-20 21:30 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\IQIYI Video
2015-08-20 21:17 - 2015-08-20 21:17 - 00000000 __SHD C:\Users\Markus Radosztics\AppData\Roaming\AnyProtectEx
2015-08-20 21:17 - 2015-08-20 21:17 - 00000000 ____D C:\Users\Public\QiYi
2015-08-20 21:17 - 2015-08-20 21:17 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\SysassistByHotWheel
2015-08-20 21:16 - 2015-08-20 21:16 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\node-webkit
2015-08-20 21:15 - 2015-08-20 23:37 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\cpuminer
2015-08-20 21:15 - 2015-08-20 21:15 - 00000217 _____ C:\task.vbs
2015-08-20 21:10 - 2015-08-20 21:10 - 29727656 _____ (Oracle Corporation) C:\Users\Markus Radosztics\Desktop\jre-8u25-windows-i586.exe
2015-08-20 21:09 - 2015-08-20 22:09 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\Gameo
2015-08-20 21:09 - 2015-08-20 21:26 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\Opera Software
2015-08-20 21:09 - 2015-08-20 21:26 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\Opera Software
2015-08-20 21:09 - 2015-08-20 21:09 - 00000185 _____ C:\Users\Markus Radosztics\Desktop\Play Games Online.url
2015-08-20 21:09 - 2015-08-20 21:09 - 00000000 ___HD C:\Users\Markus Radosztics\AppData\Roaming\GoldenGate
2015-08-20 21:09 - 2015-08-20 21:09 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\Gameo
2015-08-20 21:07 - 2015-08-20 23:37 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\WarThunder
2015-08-20 21:07 - 2015-08-20 21:07 - 29727656 _____ (Oracle Corporation) C:\Users\Markus Radosztics\Downloads\setup [1].exe
2015-08-20 21:06 - 2015-08-24 22:37 - 00000000 ____D C:\Program Files (x86)\Cinem Plus 2.4cV20.08
2015-08-20 21:06 - 2015-08-23 13:05 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\00000000-1440108399-0000-0000-448A5BA07B78
2015-08-20 21:06 - 2015-08-20 08:50 - 00048784 _____ (StdLib) C:\Windows\System32\Drivers\{8b8ff336-6f1d-48e8-bf3a-a8cbaafdd963}Gw64.sys
2015-08-20 21:06 - 2015-07-23 14:47 - 00000854 _____ C:\Windows\System32\Drivers\etc\hp.bak
2015-08-20 21:05 - 2015-08-23 13:05 - 00000000 ____D C:\Program Files (x86)\OLBPre
2015-08-20 21:05 - 2015-08-20 22:02 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\{1A0B2C57-3EA3-40EF-533B-65077753999F}
2015-08-20 21:05 - 2015-08-20 21:05 - 00004008 _____ C:\Windows\System32\Tasks\LaunchPreSignup
2015-08-20 21:04 - 2015-08-20 21:26 - 00000000 ____D C:\Program Files (x86)\Opera
2015-08-20 20:58 - 2015-08-20 20:58 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\Sun
2015-08-20 20:58 - 2015-08-20 20:58 - 00000000 ____D C:\Users\Markus Radosztics\.oracle_jre_usage
2015-08-20 19:37 - 2015-08-20 23:38 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\WindSolutions
2015-08-20 19:37 - 2015-08-20 19:44 - 00000000 ____D C:\ProgramData\WindSolutions
2015-08-20 11:29 - 2015-08-20 13:13 - 00000190 _____ C:\mylog.log
2015-08-20 11:29 - 2015-08-20 11:29 - 00000000 ____D C:\Program Files (x86)\MSI
2015-08-20 11:22 - 2015-08-20 11:22 - 00000000 ____D C:\Users\Markus Radosztics\Downloads\intel_usb30
2015-08-20 11:21 - 2015-08-20 11:21 - 06227267 _____ C:\Users\Markus Radosztics\Downloads\intel_usb30.zip
2015-08-20 11:19 - 2015-08-20 11:19 - 02837521 _____ C:\Users\Markus Radosztics\Downloads\intel_chipse_9_w10.zip
2015-08-20 11:19 - 2015-08-20 11:19 - 00000000 ____D C:\Users\Markus Radosztics\Downloads\intel_chipse_9_w10
2015-08-20 10:43 - 2015-08-20 21:55 - 00000004 _____ C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-08-20 10:43 - 2015-08-20 10:43 - 00003156 _____ C:\Windows\System32\Tasks\Download Touch
2015-08-20 10:43 - 2015-08-20 10:43 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\Download Touch
2015-08-20 10:39 - 2015-08-24 22:37 - 00000000 ____D C:\Program Files (x86)\CinemaP-1.9cV16.03
2015-08-20 10:39 - 2015-08-21 09:44 - 00000000 ____D C:\Program Files (x86)\globalUpdate
2015-08-20 10:39 - 2015-08-20 10:39 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\globalUpdate
2015-08-20 10:37 - 2015-08-20 10:37 - 19284168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-08-20 10:34 - 2015-08-28 07:41 - 00012312 _____ C:\Windows\SysWOW64\acengineOff.ini
2015-08-20 10:34 - 2015-08-28 07:41 - 00012312 _____ C:\Windows\System32\acengineOff.ini
2015-08-20 10:34 - 2015-08-13 13:49 - 00045784 _____ (Abengine) C:\Windows\System32\Drivers\acwfp64.sys
2015-08-20 10:34 - 2015-08-11 15:50 - 00299296 _____ (Abengine) C:\Windows\SysWOW64\acengine.dll
2015-08-20 10:15 - 2015-08-20 00:24 - 00048784 _____ (StdLib) C:\Windows\System32\Drivers\{987371d1-e860-4e27-ba6a-35575fd33b7c}Gw64.sys
2015-08-20 10:13 - 2015-08-20 10:13 - 00012839 _____ C:\Users\Markus Radosztics\Desktop\Apple_Mobile_Device_USB_Driver(1).msi
2015-08-20 10:12 - 2015-09-02 14:21 - 00000000 ____D C:\Program Files (x86)\FastSearch
2015-08-20 10:12 - 2015-08-24 22:37 - 00000000 ____D C:\Program Files (x86)\GUPlayer
2015-08-20 10:12 - 2015-08-20 10:34 - 00000002 _____ C:\END
2015-08-20 10:12 - 2015-08-20 10:12 - 00012839 _____ C:\Users\Markus Radosztics\Desktop\Apple_Mobile_Device_USB_Driver.msi
2015-08-20 10:12 - 2015-08-20 10:12 - 00003578 _____ C:\Windows\System32\Tasks\Shop-wit Updater
2015-08-20 10:12 - 2015-08-20 10:12 - 00003112 _____ C:\Windows\System32\Tasks\cfr3011
2015-08-20 10:12 - 2015-08-11 20:11 - 00349584 _____ (Abengine) C:\Windows\System32\acengine64.dll
2015-08-20 09:43 - 2015-08-20 09:43 - 00001456 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-08-20 09:43 - 2015-08-20 09:43 - 00000000 ____D C:\Program Files\iPod
2015-08-20 09:43 - 2015-08-20 09:43 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-08-20 09:42 - 2015-08-20 09:42 - 00000000 ____D C:\Windows\System32\Tasks\Apple
2015-08-20 09:42 - 2015-08-20 09:42 - 00000000 ____D C:\Program Files\Bonjour
2015-08-20 09:42 - 2015-08-20 09:42 - 00000000 ____D C:\Program Files (x86)\Bonjour
2015-08-20 09:42 - 2015-08-20 09:42 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2015-08-19 21:11 - 2015-08-19 23:33 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\MediaMonkey
2015-08-19 21:11 - 2015-08-19 21:11 - 00000695 _____ C:\Users\Public\Desktop\MediaMonkey.lnk
2015-08-19 21:11 - 2015-08-19 21:11 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\MediaMonkey
2015-08-19 21:10 - 2015-08-19 21:10 - 00000000 ____D C:\ProgramData\MediaMonkey
2015-08-19 20:18 - 2015-08-13 13:34 - 19292160 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2015-08-19 20:18 - 2015-08-13 12:02 - 14383616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-08-19 20:18 - 2015-08-13 11:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2015-08-19 20:18 - 2015-08-13 11:44 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-08-19 19:48 - 2015-08-19 19:51 - 00000512 __RSH C:\ProgramData\ntuser.pol
2015-08-19 19:46 - 2015-08-19 19:46 - 01135152 _____ C:\Windows\Minidump\081915-12953-01.dmp
2015-08-19 15:27 - 2015-08-19 01:39 - 00048784 _____ (StdLib) C:\Windows\System32\Drivers\{092386fb-9faf-4d52-817c-d4095ab6e5cd}Gw64.sys
2015-08-19 15:24 - 2015-08-23 13:06 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\mystartsearch
2015-08-19 15:24 - 2015-08-19 20:03 - 00000000 ____D C:\ProgramData\nWinManPron
2015-08-19 15:24 - 2015-08-19 15:24 - 00000000 _____ C:\Windows\prleth.sys
2015-08-19 15:24 - 2015-08-19 15:24 - 00000000 _____ C:\Windows\hgfs.sys
2015-08-19 15:22 - 2015-08-19 15:22 - 00000767 _____ C:\Users\Markus Radosztics\Desktop\MP3 Voice Recorder.lnk
2015-08-19 15:22 - 2004-03-08 20:30 - 00212240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\richtx32.ocx
2015-08-15 23:59 - 2015-07-30 14:11 - 00124624 _____ (Microsoft Corporation) C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
2015-08-15 23:59 - 2015-07-30 14:10 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-15 23:59 - 2015-07-13 22:05 - 00054272 _____ (Microsoft Corporation) C:\Windows\System32\basesrv.dll
2015-08-15 23:59 - 2015-07-13 22:05 - 00048128 _____ (Microsoft Corporation) C:\Windows\System32\csrsrv.dll
2015-08-15 23:59 - 2015-07-09 22:46 - 05982208 _____ (Microsoft Corporation) C:\Windows\System32\mstscax.dll
2015-08-15 23:59 - 2015-07-09 22:44 - 00322560 _____ (Microsoft Corporation) C:\Windows\System32\aaclient.dll
2015-08-15 23:59 - 2015-07-09 21:17 - 05095424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-08-15 23:59 - 2015-07-09 21:16 - 00269824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-08-15 23:59 - 2015-07-06 17:16 - 00044560 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\WdBoot.sys
2015-08-15 23:59 - 2015-07-06 15:32 - 00281944 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\WdFilter.sys
2015-08-15 23:59 - 2015-07-01 14:00 - 00227328 _____ (Microsoft Corporation) C:\Windows\System32\WebClnt.dll
2015-08-15 23:59 - 2015-07-01 13:58 - 00104448 _____ (Microsoft Corporation) C:\Windows\System32\davclnt.dll
2015-08-15 23:59 - 2015-07-01 12:42 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-08-15 23:59 - 2015-07-01 12:41 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-08-15 23:58 - 2015-07-28 17:25 - 00025776 _____ (Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
2015-08-15 23:58 - 2015-07-28 15:13 - 01116160 _____ (Microsoft Corporation) C:\Windows\System32\appraiser.dll
2015-08-15 23:58 - 2015-07-28 15:13 - 00774144 _____ (Microsoft Corporation) C:\Windows\System32\invagent.dll
2015-08-15 23:58 - 2015-07-28 15:13 - 00743424 _____ (Microsoft Corporation) C:\Windows\System32\generaltel.dll
2015-08-15 23:58 - 2015-07-28 15:13 - 00437248 _____ (Microsoft Corporation) C:\Windows\System32\devinv.dll
2015-08-15 23:58 - 2015-07-28 15:13 - 00069120 _____ (Microsoft Corporation) C:\Windows\System32\acmigration.dll
2015-08-15 23:58 - 2015-07-28 14:12 - 01148416 _____ (Microsoft Corporation) C:\Windows\System32\aeinv.dll
2015-08-15 23:58 - 2015-07-16 21:32 - 02239488 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2015-08-15 23:58 - 2015-07-16 21:32 - 01409024 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2015-08-15 23:58 - 2015-07-16 21:32 - 00601600 _____ (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2015-08-15 23:58 - 2015-07-16 21:31 - 03959808 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2015-08-15 23:58 - 2015-07-16 21:31 - 00856064 _____ (Microsoft Corporation) C:\Windows\System32\jscript.dll
2015-08-15 23:58 - 2015-07-16 21:31 - 00603136 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2015-08-15 23:58 - 2015-07-16 21:30 - 15416320 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2015-08-15 23:58 - 2015-07-16 21:30 - 02657280 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2015-08-15 23:58 - 2015-07-16 21:30 - 00949760 _____ (Microsoft Corporation) C:\Windows\System32\inetcomm.dll
2015-08-15 23:58 - 2015-07-16 20:07 - 01763328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-08-15 23:58 - 2015-07-16 20:07 - 01181696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-08-15 23:58 - 2015-07-16 20:07 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-08-15 23:58 - 2015-07-16 20:06 - 13774848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-08-15 23:58 - 2015-07-16 20:06 - 02865664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-08-15 23:58 - 2015-07-16 20:06 - 02056704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-08-15 23:58 - 2015-07-16 20:06 - 00737280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-08-15 23:58 - 2015-07-16 20:06 - 00690176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-08-15 23:58 - 2015-07-16 20:06 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-08-15 23:58 - 2015-07-16 20:06 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-08-15 23:58 - 2015-07-16 20:06 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-08-15 23:58 - 2015-07-13 22:23 - 01744384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-08-15 23:58 - 2015-07-13 22:23 - 01422336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-08-15 23:58 - 2015-07-13 22:05 - 02340864 _____ (Microsoft Corporation) C:\Windows\System32\msxml6.dll
2015-08-15 23:58 - 2015-07-13 22:05 - 01850880 _____ (Microsoft Corporation) C:\Windows\System32\msxml3.dll
2015-08-15 23:55 - 2015-07-29 15:45 - 01412608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-08-15 23:55 - 2015-07-29 15:45 - 00035328 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-08-15 23:55 - 2015-07-29 14:52 - 01840640 _____ (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2015-08-15 23:55 - 2015-07-29 14:52 - 01280000 _____ (Microsoft Corporation) C:\Windows\System32\FntCache.dll
2015-08-15 23:55 - 2015-07-29 14:52 - 00046080 _____ (Adobe Systems) C:\Windows\System32\atmlib.dll
2015-08-15 23:55 - 2015-07-27 23:42 - 00304128 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-08-15 23:55 - 2015-07-27 23:40 - 04064768 _____ (Microsoft Corporation) C:\Windows\System32\win32k.sys
2015-08-15 23:55 - 2015-07-27 23:40 - 00366592 _____ (Adobe Systems Incorporated) C:\Windows\System32\atmfd.dll
2015-08-15 23:55 - 2015-07-15 17:09 - 06969688 _____ (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2015-08-15 23:55 - 2015-07-15 17:09 - 00095064 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mountmgr.sys
2015-08-15 23:55 - 2015-07-15 17:06 - 01824296 _____ (Microsoft Corporation) C:\Windows\System32\ntdll.dll
2015-08-15 23:55 - 2015-07-15 14:49 - 01410000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-08-15 23:55 - 2015-07-15 14:29 - 01333248 _____ (Microsoft Corporation) C:\Windows\System32\sysmain.dll
2015-08-15 23:55 - 2015-07-09 22:47 - 00243712 _____ (Microsoft Corporation) C:\Windows\System32\notepad.exe
2015-08-15 23:55 - 2015-07-09 22:47 - 00243712 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-08-15 23:55 - 2015-07-09 21:18 - 00233984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2015-08-15 23:55 - 2015-06-09 14:09 - 00411133 _____ C:\Windows\System32\ApnDatabase.xml
2015-08-03 11:12 - 2015-08-03 11:12 - 00045680 ____H (LogMeIn Inc.) C:\Windows\System32\Drivers\Hamdrv.sys

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-09-02 19:50 - 2013-11-22 21:24 - 00000366 _____ C:\Windows\Tasks\HP Photo Creations Communicator.job
2015-09-02 19:50 - 2013-09-30 18:24 - 01591265 _____ C:\Windows\WindowsUpdate.log
2015-09-02 19:37 - 2013-09-30 20:01 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-09-02 19:02 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\System32\sru
2015-09-02 19:00 - 2015-06-18 05:45 - 00001290 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-817472733-4082136947-4255886928-1001UA.job
2015-09-02 19:00 - 2013-11-19 20:28 - 00001136 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-09-02 18:20 - 2014-12-27 11:45 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\36A80DEE-1AAD-4F7E-AA6A-4638F785B9B6.aplzod
2015-09-02 14:27 - 2012-07-26 11:27 - 00751892 _____ C:\Windows\System32\perfh007.dat
2015-09-02 14:27 - 2012-07-26 11:27 - 00155620 _____ C:\Windows\System32\perfc007.dat
2015-09-02 14:27 - 2012-07-26 08:28 - 01745416 _____ C:\Windows\System32\PerfStringBackup.INI
2015-09-02 14:25 - 2013-09-30 18:30 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-817472733-4082136947-4255886928-1001
2015-09-02 14:21 - 2015-01-14 22:45 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\LogMeIn Hamachi
2015-09-02 14:21 - 2014-12-27 11:46 - 00000000 ___RD C:\Users\Markus Radosztics\iCloudDrive
2015-09-02 14:21 - 2013-10-13 19:57 - 00000000 ___RD C:\Users\Markus Radosztics\Dropbox
2015-09-02 14:21 - 2013-10-13 19:55 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\Dropbox
2015-09-02 14:20 - 2013-11-19 20:28 - 00001132 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-09-02 14:20 - 2013-10-01 20:22 - 00000000 ____D C:\ProgramData\NVIDIA
2015-09-02 14:20 - 2013-09-30 18:17 - 00298018 _____ C:\Windows\PFRO.log
2015-09-02 14:20 - 2012-07-26 08:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-09-01 10:00 - 2015-06-18 05:45 - 00001238 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-817472733-4082136947-4255886928-1001Core.job
2015-08-31 22:07 - 2015-06-07 19:44 - 00000000 ____D C:\FRST
2015-08-31 21:54 - 2014-06-25 16:28 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-31 21:49 - 2012-07-26 06:26 - 00262144 ___SH C:\Windows\System32\config\BBI
2015-08-31 07:55 - 2013-11-19 20:28 - 00004108 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-08-31 07:55 - 2013-11-19 20:28 - 00003872 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-08-31 07:16 - 2013-10-01 17:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-26 07:46 - 2013-10-02 16:05 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\Skype
2015-08-23 13:35 - 2015-06-07 20:40 - 00001270 _____ C:\Users\Markus Radosztics\Desktop\Revo Uninstaller.lnk
2015-08-23 13:35 - 2015-06-07 20:40 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2015-08-23 11:44 - 2014-02-01 12:30 - 00000000 ____D C:\Program Files (x86)\Java
2015-08-22 14:17 - 2014-08-06 11:17 - 00000000 ____D C:\ProgramData\TuneUp Software
2015-08-22 11:04 - 2015-02-23 19:21 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-08-22 11:04 - 2013-10-02 16:05 - 00000000 ____D C:\ProgramData\Skype
2015-08-22 09:00 - 2015-03-18 17:45 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-08-22 09:00 - 2014-06-17 21:52 - 00005182 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for WAUT0001-Markus Radosztics WAUT0001
2015-08-21 14:10 - 2013-11-25 11:30 - 00000000 ____D C:\Windows\Minidump
2015-08-21 07:52 - 2015-03-20 09:39 - 00507984 _____ C:\Windows\System32\FNTCACHE.DAT
2015-08-20 21:50 - 2013-09-30 18:24 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\VirtualStore
2015-08-20 21:30 - 2013-09-30 18:24 - 00000000 ____D C:\users\Markus Radosztics
2015-08-20 21:10 - 2014-02-01 12:30 - 00000000 ____D C:\ProgramData\Oracle
2015-08-20 21:06 - 2012-07-26 06:26 - 00000269 _____ C:\Windows\win.ini
2015-08-20 20:22 - 2014-11-19 17:47 - 00000000 ____D C:\Program Files (x86)\Samsung
2015-08-20 20:22 - 2013-12-19 12:46 - 00000000 ____D C:\Users\Markus Radosztics\Documents\samsung
2015-08-20 20:22 - 2013-12-19 12:46 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Roaming\Samsung
2015-08-20 20:18 - 2013-09-30 18:32 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-08-20 19:58 - 2013-09-30 19:29 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\Downloaded Installations
2015-08-20 19:27 - 2015-06-03 19:07 - 00000000 ____D C:\Program Files (x86)\A1 Servicecenter
2015-08-20 10:37 - 2013-09-30 20:01 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-08-20 09:43 - 2013-09-30 19:20 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-08-20 09:42 - 2013-09-30 19:20 - 00000000 ____D C:\ProgramData\Apple
2015-08-19 20:47 - 2013-09-30 18:24 - 00000000 ____D C:\Users\Markus Radosztics\AppData\Local\Packages
2015-08-19 20:18 - 2012-07-26 08:59 - 00000000 ____D C:\Windows\CbsTemp
2015-08-19 16:27 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\System32\GroupPolicy
2015-08-16 17:23 - 2015-07-14 20:02 - 00000650 _____ C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2015-08-16 17:22 - 2015-04-17 07:09 - 00000000 ___SD C:\Windows\System32\CompatTel
2015-08-16 17:22 - 2015-04-17 07:09 - 00000000 ____D C:\Windows\System32\appraiser
2015-08-16 17:22 - 2013-09-30 18:57 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-08-16 17:22 - 2013-09-30 18:57 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-08-16 17:22 - 2012-07-26 09:12 - 00000000 ____D C:\Program Files\Windows Defender
2015-08-16 17:22 - 2012-07-26 09:12 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-08-16 09:55 - 2013-09-30 18:52 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-08-16 09:53 - 2013-09-30 21:57 - 00000000 ____D C:\Windows\System32\MRT
2015-08-16 09:51 - 2013-09-30 21:57 - 132483416 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe
2015-08-15 10:11 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\AUInstallAgent
2015-08-08 03:27 - 2012-07-26 09:14 - 00793544 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-08-08 03:27 - 2012-07-26 09:14 - 00177632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

Einige Dateien in TEMP:
====================
C:\Users\Markus Radosztics\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmplvomw2.dll

==================== Known DLLs (Nicht auf der Ausnahmeliste) =========================


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\System32\winlogon.exe => MD5 ist legitim
C:\Windows\System32\wininit.exe => MD5 ist legitim
C:\Windows\explorer.exe => MD5 ist legitim
C:\Windows\SysWOW64\explorer.exe => MD5 ist legitim
C:\Windows\System32\svchost.exe => MD5 ist legitim
C:\Windows\SysWOW64\svchost.exe => MD5 ist legitim
C:\Windows\System32\services.exe
[2015-05-13 16:31] - [2015-04-13 06:32] - 0417280 ____A (Microsoft Corporation) 590A2B4198DD35AA42893BA04F66FD3F

C:\Windows\System32\User32.dll
[2014-10-16 21:39] - [2014-06-28 07:57] - 1341952 ____A (Microsoft Corporation) FAC7814096952227B0EBB08175D82B40

C:\Windows\SysWOW64\User32.dll
[2014-10-16 21:39] - [2014-06-28 03:23] - 1126400 ____A (Microsoft Corporation) BBC180F529B08A65100536A08724ED58

C:\Windows\System32\userinit.exe => MD5 ist legitim
C:\Windows\SysWOW64\userinit.exe => MD5 ist legitim
C:\Windows\System32\rpcss.dll => MD5 ist legitim
C:\Windows\System32\dnsapi.dll
[2014-12-11 21:27] - [2014-10-09 04:59] - 0623616 ____A (Microsoft Corporation) 7904C03BF9C0C0337563FFAA97D0ACE8

C:\Windows\SysWOW64\dnsapi.dll
[2014-12-11 21:27] - [2014-10-09 04:58] - 0458240 ____A (Microsoft Corporation) 0BE9606A1175C7400ED862991453A847

C:\Windows\System32\Drivers\volsnap.sys
[2014-10-16 21:43] - [2014-07-04 11:52] - 0328000 ____A (Microsoft Corporation) AA37946941ED3805AB3A924965907147


==================== Wiederherstellungspunkte =========================


==================== Speicherinformationen =========================== 

Prozentuale Nutzung des RAM: 10%
Installierter physikalischer RAM: 8143.88 MB
Verfügbarer physikalischer RAM: 7293.14 MB
Summe virtueller Speicher: 8143.88 MB
Verfügbarer virtueller Speicher: 7311 MB

==================== Laufwerke ================================

Drive c: (System) (Fixed) (Total:111.45 GB) (Free:2.23 GB) NTFS
Drive d: (Daten) (Fixed) (Total:931.51 GB) (Free:735.23 GB) NTFS
Drive e: (32_00_00) (Fixed) (Total:298.02 GB) (Free:208.52 GB) FAT32
Drive i: () (Removable) (Total:0.98 GB) (Free:0.98 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (System-reserviert) (Fixed) (Total:0.34 GB) (Free:0.11 GB) NTFS ==>[System mit Startkomponenten (eingeholt von lesen Laufwerk)]

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 2A03BD70)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.4 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 2A03BD6D)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (MBR Code: Windows XP) (Size: 298.1 GB) (Disk ID: 3E1EBD07)
Partition 1: (Active) - (Size=298.1 GB) - (Type=0C)

========================================================
Disk: 4 (Size: 1011 MB) (Disk ID: 0DFF7265)
No partition Table on disk 4.


LastRegBack: 2015-08-27 17:43

==================== Ende von Ergebnis ============================
lg Don Camillo

Alt 03.09.2015, 18:03   #30
schrauber
/// the machine
/// TB-Ausbilder
 
Ständig öffnen sich neue Internet-Fenster - Standard

Ständig öffnen sich neue Internet-Fenster


Drücke bitte die + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
HKLM\...\Run: [gpuminer] => C:\Users\Markus Radosztics\AppData\Roaming\cpuminer\sgminer\sgminer.cmd [218 2015-08-17] ()
C:\Users\Markus Radosztics\AppData\Roaming\cpuminer
HKU\Markus Radosztics\...\Run: [Shop-wit] => C:\Program Files (x86)\shopwit\shopwit\1.4.0.7\shopwit.exe
HKU\Markus Radosztics\...\Run: [apphide] => C:\Program Files (x86)\baidu\pps.exe
C:\Program Files (x86)\shopwit
C:\Program Files (x86)\baidu
AppInit_DLLs: C:\ProgramData\Saophase\StrongDubflex.dll => C:\ProgramData\Saophase\StrongDubflex.dll [212992 2015-08-27] ()
AppInit_DLLs-x32: C:\ProgramData\Saophase\Alphawarm.dll => C:\ProgramData\Saophase\Alphawarm.dll [194560 2015-08-27] ()
C:\ProgramData\Saophase
S2 dojoluri; C:\Program Files (x86)\00000000-1440101150-0000-0000-448A5BA07B78\knsb4C96.tmp [X]
S2 eproduct; C:\Users\Markus Radosztics\AppData\Local\Salttex.exe uydate eproduct [X]
S2 ExtTag; C:\ProgramData\ExtTag\ExtTag.exe [X]
S2 hyverumu; C:\Program Files (x86)\00000000-1440101150-0000-0000-448A5BA07B78\jnsiE347.tmp [X]
S2 igfx32; "C:\Program Files\igfx32\igfx32.exe" /s iid=2679535 did=Missing sid= ref= id=047e6a478a9cd5449350448a9fe4f569a5544d0a771fdc73cd2034f9b95a9549 [X]
S2 kefowydy; C:\Program Files (x86)\00000000-1440101150-0000-0000-448A5BA07B78\hnsf344.tmp [X]
S2 Saophase; C:\ProgramData\Saophase\Saophase.exe [X]
S2 Service Mgr GreatFind; "C:\ProgramData\d64c6aa4-9b30-4b06-8859-0cfa31bd50dc\plugincontainer.exe" [X]
S2 Update Mgr GreatFind; "C:\Program Files (x86)\Common Files\d64c6aa4-9b30-4b06-8859-0cfa31bd50dc\updater.exe" [X]
S2 WindowsMangerProtect; C:\ProgramData\WWinManProW\ProtectWindowsManager.exe -service [X] <==== ACHTUNG
S1 {092386fb-9faf-4d52-817c-d4095ab6e5cd}Gw64; C:\Windows\System32\drivers\{092386fb-9faf-4d52-817c-d4095ab6e5cd}Gw64.sys [48784 2015-08-19] (StdLib)
S1 {8b8ff336-6f1d-48e8-bf3a-a8cbaafdd963}Gw64; C:\Windows\System32\drivers\{8b8ff336-6f1d-48e8-bf3a-a8cbaafdd963}Gw64.sys [48784 2015-08-20] (StdLib)
S1 {987371d1-e860-4e27-ba6a-35575fd33b7c}Gw64; C:\Windows\System32\drivers\{987371d1-e860-4e27-ba6a-35575fd33b7c}Gw64.sys [48784 2015-08-20] (StdLib)
Speichere diese bitte als Fixlist.txt auf deinem USB Stick.
  • Starte deinen Rechner erneut in die Reparaturoptionen
  • Starte nun die FRST.exe erneut und klicke den Entfernen Button.

Das Tool erstellt eine Fixlog.txt auf deinem USB Stick. Poste den Inhalt bitte hier.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort
Seite 2 von 4 1 2 34

Themen zu Ständig öffnen sich neue Internet-Fenster
feedback, hotspot, im internet öffnen sich ständig neue fenster, newtab, officejet, pup.optional.conduit.a, pup.optional.iepluginservice.a, pup.optional.iepluginservices.a, pup.optional.installcore.a, pup.optional.megabrowse.a, pup.optional.mixvideoplayer.a, pup.optional.mysearchdial.a, pup.optional.opencandy, pup.optional.optimizerpro.a, pup.optional.qone8, pup.optional.safefinder.a, pup.optional.savesence.a, pup.optional.savesense, pup.optional.savesense.a, pup.optional.searchprotect, pup.optional.searchprotect.a, pup.optional.smartbar, pup.optional.snapdo.t, pup.optional.suptab.a, pup.optional.sweetpage.a, pup.optional.trovi.a, pup.optional.trovi.c, pup.optional.wajam.a, rogue.multiple, super, windowsapps


« Telebanking-Trojaner | Steam wurde gehackt. Antivir hat BDS/DarkKomet.GR gefunden »


Ähnliche Themen: Ständig öffnen sich neue Internet-Fenster


  1. Internet Explorer und Firefox öffnen ständig neue Fenster und Tabs.
    Log-Analyse und Auswertung - 21.06.2015 (47)
  2. Windows 7: Ständig neue Werbeanzeigen sowie neue Fenster öffnen sich in Chrome
    Plagegeister aller Art und deren Bekämpfung - 12.03.2015 (15)
  3. Chrome und Internet Explorer öffnen ständig neue Seiten
    Plagegeister aller Art und deren Bekämpfung - 17.01.2015 (5)
  4. Windows 7: Ständig neue Werbeanzeigen sowie neue Fenster öffnen sich in Chrome.
    Plagegeister aller Art und deren Bekämpfung - 13.01.2015 (10)
  5. windows 7 es öffnen sich ständig neue fenster rechner ist sehr langsam, ist auch schon mit blue screen abgestürtzt
    Log-Analyse und Auswertung - 09.09.2014 (1)
  6. neue Fenster, die sich sekundenweise beim surfen öffnen
    Plagegeister aller Art und deren Bekämpfung - 02.08.2014 (15)
  7. Windows 8 / Mozilla Firefox : Ständig öffnen sich neue Fenster und Tabs mit Werbung und Warnhinweisen
    Log-Analyse und Auswertung - 28.05.2014 (7)
  8. Unter Firefox öffnen sich ständig neue Fenster.
    Log-Analyse und Auswertung - 22.04.2014 (3)
  9. Es öffnen sich ständig neue Fenster und Tabs
    Plagegeister aller Art und deren Bekämpfung - 17.03.2014 (4)
  10. Internet-Browser öffnet ständig neue Fenster
    Log-Analyse und Auswertung - 23.08.2011 (23)
  11. Internet Explorer Werbung-Fenster öffnen sich ständig
    Plagegeister aller Art und deren Bekämpfung - 05.05.2011 (1)
  12. Internet Explorer öffnet ständig neue Fenster
    Plagegeister aller Art und deren Bekämpfung - 04.07.2010 (28)
  13. Firefox öffnet ständig neue Fenster und Internet Explorer dreht auch durch
    Log-Analyse und Auswertung - 08.01.2010 (13)
  14. Ständig öffnen sich unerwünscht neue Fenster/Internet-Seiten
    Log-Analyse und Auswertung - 05.12.2009 (5)
  15. ff und ie öffnen ständig neue fenster
    Log-Analyse und Auswertung - 22.01.2009 (11)
  16. internet explorer öffnet ständig neue fenster! virus ?
    Log-Analyse und Auswertung - 16.01.2009 (35)
  17. fenster öffnen sich ständig...
    Plagegeister aller Art und deren Bekämpfung - 01.12.2006 (1)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Ständig öffnen sich neue Internet-Fenster - Dann müssen wir wohl von aussen ran: Scan mit Farbar's Recovery Scan Tool (Recovery Mode - Windows Vista, 7, 8) Hinweise für Windows 8-Nutzer: Anleitung 1 (FRST-Variante) und Anleitung 2 - Ständig öffnen sich neue Internet-Fenster...
Archiv
Du betrachtest: Ständig öffnen sich neue Internet-Fenster auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129