Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Radio Canyon "Virus" Windows 8 64bit (https://www.trojaner-board.de/159926-radio-canyon-virus-windows-8-64bit.html)

highflyers 20.10.2014 14:54
Radio Canyon "Virus" Windows 8 64bit
 
Guten Tag Zusammen,

ich habe seit einem neuerlichen Download das "Radio Canyon" Add-On in meinem FireFox Browser. Zu Deinstallieren ist es nicht und desweiteren werden eine Art "HyperLinks" bei bestimmten Inhalten von Webseiten angezeigt.

Im folgenden der frst.log und der Addition.log Defogger habe ich bereits erfolgrech ausgeführt. Gmer startet mit folgenden Hinweis nicht.
C:\Windows\system32\config\system: Der Prosess kann nicht auf die Daten zugreifen, da sie von einem anderen Prozess verwendet werden.

Ich habe jedoch sämtliche andere Programme geschlossen und den Laptop vom Internet getrennt.

frst.log
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 20-10-2014
Ran by Yannic (administrator) on R2D2 on 20-10-2014 15:26:18
Running from C:\Users\Yannic\Downloads
Loaded Profile: Yannic (Available profiles: Yannic)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUS) C:\Program Files\ASUS\P4G\InsOnSrv.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\AsusWSWinService.exe
(Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyConfigTDPService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyCriticalService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmService.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files\ASUS\P4G\InsOnWMI.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Conexant Systems, Inc) C:\Program Files\CONEXANT\SAII\SmartAudio.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmServiceHelper.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\AsusWSPanel.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Office.OneNote_16.0.3030.1024_x64__8wekyb3d8bbwe\onenoteim.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
() C:\Program Files\WindowsApps\Microsoft.BingMaps_2.1.3230.2048_x64__8wekyb3d8bbwe\Map.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [911576 2013-10-30] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\Windows\system32\DptfPolicyLpmServiceHelper.exe [114048 2013-10-18] (Intel Corporation)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3216032 2013-12-13] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\ASUSWSLoader.exe [63296 2013-08-16] ()
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [449168 2012-03-26] (CANON INC.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1282632 2013-07-23] (CANON INC.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Startup: C:\Users\Yannic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.0.3.226\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.0.3.226\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.0.3.226\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.startfenster.de
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB
SearchScopes: HKLM - DefaultScope {F61CC357-9D05-4042-A131-1DECCE2EAC4E} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASJB
SearchScopes: HKLM - {F61CC357-9D05-4042-A131-1DECCE2EAC4E} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASJB
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASJB
SearchScopes: HKCU - DefaultScope {F61CC357-9D05-4042-A131-1DECCE2EAC4E} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {F61CC357-9D05-4042-A131-1DECCE2EAC4E} URL = hxxp://www.sm.de/?q={searchTerms}
BHO: Radio Canyon -> {11111111-1111-1111-1111-110611081104} -> C:\Program Files (x86)\Radio Canyon\Radio Canyon-bho64.dll (Radio Canyon)
BHO-x32: Radio Canyon -> {11111111-1111-1111-1111-110611081104} -> C:\Program Files (x86)\Radio Canyon\Radio Canyon-bho.dll (Radio Canyon)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default
FF SearchEngineOrder.1: SuchMaschine
FF Homepage: www.ecosia.de
FF Keyword.URL: hxxp://www.sm.de/?q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\searchplugins\11-suche.xml
FF SearchPlugin: C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\searchplugins\search_engine.xml
FF SearchPlugin: C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Radio Canyon - C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\Extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com [2014-10-19]
FF Extension: Adblock Plus - C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-08-28]
FF Extension: UITBAutoInstaller - C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\{edd7fc99-d65c-4979-85c2-ddeed30c50c7} [2014-10-11]

Chrome:
=======

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ASUS InstantOn; C:\Program Files\ASUS\P4G\InsOnSrv.exe [277120 2013-08-29] (ASUS)
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\AsusWSWinService.exe [71680 2013-08-16] (ASUS Cloud Corporation) [File not signed]
R2 DptfParticipantProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [117704 2013-10-18] (Intel Corporation)
R2 DptfPolicyConfigTDPService; C:\Windows\system32\DptfPolicyConfigTDPService.exe [116680 2013-10-18] (Intel Corporation)
R2 DptfPolicyCriticalService; C:\Windows\system32\DptfPolicyCriticalService.exe [148160 2013-10-18] (Intel Corporation)
R2 DptfPolicyLpmService; C:\Windows\system32\DptfPolicyLpmService.exe [126952 2013-10-18] (Intel Corporation)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227936 2013-11-09] (WildTangent)
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-10-11] (globalUpdate) [File not signed]
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-10-11] (globalUpdate) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [827392 2013-09-02] (Intel(R) Corporation) [File not signed]
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-10-23] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-10-23] (Intel Corporation)
R3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-22] (Microsoft Corporation)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-03-14] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2013-11-20] ()
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-03-06] (Microsoft Corporation)
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-22] (Microsoft Corporation)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-22] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3674864 2013-11-20] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [70928 2013-12-12] (ASUS Corporation)
S3 AX88772; C:\Windows\system32\DRIVERS\ax88772.sys [113664 2013-12-16] (ASIX Electronics Corp.)
S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
S3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [140600 2013-07-22] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1408824 2013-10-18] (Motorola Solutions, Inc.)
R3 DptfDevDram; C:\Windows\system32\DRIVERS\DptfDevDram.sys [145640 2013-10-18] (Intel Corporation)
R3 DptfDevPch; C:\Windows\system32\DRIVERS\DptfDevPch.sys [116752 2013-10-18] (Intel Corporation)
R3 DptfDevProc; C:\Windows\system32\DRIVERS\DptfDevProc.sys [289744 2013-10-18] (Intel Corporation)
R3 DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [494296 2013-10-18] (Intel Corporation)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [142280 2013-10-18] (Intel Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [17280 2012-08-06] ( )
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-10-23] (Intel Corporation)
R3 NETwNb64; C:\Windows\system32\DRIVERS\NETwbw02.sys [3609568 2013-12-25] (Intel Corporation)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
R2 plctrl; C:\Program Files\ASUS\P4G\plctrl.sys [14136 2013-08-29] (Windows (R) Win 7 DDK provider)
R3 SensorsAlsDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [227840 2014-05-31] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)
U0 msahci; system32\drivers\msahci.sys

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-20 15:21 - 2014-10-20 15:26 - 00031894 _____ () C:\Users\Yannic\Downloads\Addition.txt
2014-10-20 15:20 - 2014-10-20 15:26 - 00017078 _____ () C:\Users\Yannic\Downloads\FRST.txt
2014-10-20 15:19 - 2014-10-20 15:26 - 00000000 ____D () C:\FRST
2014-10-20 15:18 - 2014-10-20 15:19 - 02111488 _____ (Farbar) C:\Users\Yannic\Downloads\FRST64.exe
2014-10-20 15:18 - 2014-10-20 15:18 - 00000474 _____ () C:\Users\Yannic\Downloads\defogger_disable.log
2014-10-20 15:18 - 2014-10-20 15:18 - 00000000 _____ () C:\Users\Yannic\defogger_reenable
2014-10-20 15:17 - 2014-10-20 15:17 - 00050477 _____ () C:\Users\Yannic\Downloads\Defogger.exe
2014-10-19 21:14 - 2014-10-20 15:11 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-10-19 11:09 - 2014-10-10 00:16 - 00678400 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-10-19 11:09 - 2014-10-09 00:09 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-10-19 11:09 - 2014-09-19 03:24 - 00527360 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-10-19 11:09 - 2014-09-04 02:10 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\winbici.dll
2014-10-19 11:09 - 2014-09-04 01:57 - 00921600 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2014-10-19 11:09 - 2014-09-04 01:49 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll
2014-10-19 11:07 - 2014-09-13 08:02 - 02779648 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-19 11:07 - 2014-09-13 07:30 - 03117568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-10-16 15:35 - 2014-09-28 00:25 - 04183040 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-16 15:35 - 2014-09-13 08:29 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-16 15:35 - 2014-09-13 07:49 - 00068608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-16 15:35 - 2014-08-29 03:58 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2014-10-16 15:35 - 2014-08-29 01:56 - 02646016 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-10-16 15:35 - 2014-08-29 01:47 - 02321920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-10-16 15:33 - 2014-09-26 00:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-16 15:33 - 2014-09-26 00:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-16 15:33 - 2014-09-26 00:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-16 15:33 - 2014-09-26 00:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-16 15:33 - 2014-09-26 00:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-16 15:33 - 2014-09-26 00:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-16 15:33 - 2014-09-19 04:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-16 15:33 - 2014-09-19 03:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-16 15:33 - 2014-09-19 03:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-16 15:33 - 2014-09-19 03:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-16 15:33 - 2014-09-19 03:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-16 15:33 - 2014-09-19 03:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-16 15:33 - 2014-09-19 03:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-16 15:33 - 2014-09-19 03:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-16 15:33 - 2014-09-19 03:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-10-16 15:33 - 2014-09-19 03:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-16 15:33 - 2014-09-19 02:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-10-16 15:33 - 2014-09-19 02:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-16 15:33 - 2014-09-19 02:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-16 15:33 - 2014-09-19 02:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-16 15:33 - 2014-09-19 02:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-16 15:33 - 2014-09-19 02:42 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-16 15:33 - 2014-09-19 02:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-16 15:33 - 2014-09-19 02:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-16 15:33 - 2014-09-19 02:20 - 00315904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-10-16 15:33 - 2014-09-19 02:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-16 15:33 - 2014-09-19 01:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-16 15:33 - 2014-09-19 01:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-16 15:33 - 2014-09-19 01:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-16 15:33 - 2014-09-19 01:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-10-16 15:32 - 2014-09-08 05:15 - 00054752 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-10-16 15:32 - 2014-09-08 03:46 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-10-16 15:32 - 2014-09-08 03:46 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-10-16 15:32 - 2014-09-08 02:08 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-10-16 15:32 - 2014-09-08 02:07 - 00137728 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-10-16 15:32 - 2014-09-08 02:05 - 03448320 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-10-16 15:32 - 2014-09-08 02:04 - 00388608 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2014-10-16 15:32 - 2014-09-08 02:04 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-10-16 15:32 - 2014-09-08 02:03 - 01702400 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-10-16 15:32 - 2014-09-08 02:03 - 00839680 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-10-16 15:32 - 2014-09-08 01:59 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-10-16 15:32 - 2014-09-08 01:59 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-10-16 15:32 - 2014-09-08 01:56 - 00672256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-10-16 15:32 - 2014-09-08 01:56 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-10-16 15:32 - 2014-09-04 02:12 - 00590336 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-16 15:32 - 2014-09-04 02:01 - 00514048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-16 15:31 - 2014-08-16 06:08 - 21195616 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-10-16 15:31 - 2014-08-16 06:08 - 01507648 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll
2014-10-16 15:31 - 2014-08-16 06:01 - 01710184 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-10-16 15:31 - 2014-08-16 05:58 - 01112512 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-10-16 15:31 - 2014-08-16 05:57 - 02498880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-10-16 15:31 - 2014-08-16 05:57 - 00428864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-10-16 15:31 - 2014-08-16 05:16 - 18722600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-10-16 15:31 - 2014-08-16 05:16 - 01205976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\propsys.dll
2014-10-16 15:31 - 2014-08-16 05:03 - 01467384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-10-16 15:31 - 2014-08-16 03:31 - 00838144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-10-16 15:31 - 2014-08-16 03:04 - 00359424 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
2014-10-16 15:31 - 2014-08-16 02:58 - 00287744 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2014-10-16 15:31 - 2014-08-16 02:53 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\httpprxm.dll
2014-10-16 15:31 - 2014-08-16 02:46 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\ProximityService.dll
2014-10-16 15:31 - 2014-08-16 02:45 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2014-10-16 15:31 - 2014-08-16 02:43 - 00321024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wldap32.dll
2014-10-16 15:31 - 2014-08-16 02:43 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\adhsvc.dll
2014-10-16 15:31 - 2014-08-16 02:31 - 00914432 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2014-10-16 15:31 - 2014-08-16 02:31 - 00286208 _____ (Microsoft Corporation) C:\Windows\system32\pcsvDevice.dll
2014-10-16 15:31 - 2014-08-16 02:29 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-16 15:31 - 2014-08-16 02:23 - 01106432 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll
2014-10-16 15:31 - 2014-08-16 02:22 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveTelemetry.dll
2014-10-16 15:31 - 2014-08-16 02:22 - 00286208 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveShell.dll
2014-10-16 15:31 - 2014-08-16 02:19 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-16 15:31 - 2014-08-16 02:18 - 04758528 _____ (Microsoft Corporation) C:\Windows\system32\SyncEngine.dll
2014-10-16 15:31 - 2014-08-16 02:17 - 08757760 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll
2014-10-16 15:31 - 2014-08-16 02:14 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SkyDriveShell.dll
2014-10-16 15:31 - 2014-08-16 02:13 - 06649344 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-16 15:31 - 2014-08-16 02:13 - 05902848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll
2014-10-16 15:31 - 2014-08-16 02:13 - 00840192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFolder.dll
2014-10-16 15:31 - 2014-08-16 02:11 - 00920064 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-10-16 15:31 - 2014-08-16 02:10 - 01120768 _____ (Microsoft Corporation) C:\Windows\system32\SkyDrive.exe
2014-10-16 15:31 - 2014-08-16 02:08 - 05777408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-16 15:31 - 2014-08-16 02:07 - 00756224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-10-16 15:31 - 2014-08-01 01:22 - 00388729 _____ () C:\Windows\system32\ApnDatabase.xml
2014-10-11 18:28 - 2014-10-20 15:11 - 00004834 _____ () C:\Windows\Tasks\8b4719f5-890f-46a9-b303-ea53638eab0b-11.job
2014-10-11 18:28 - 2014-10-20 15:11 - 00004488 _____ () C:\Windows\Tasks\8b4719f5-890f-46a9-b303-ea53638eab0b-4.job
2014-10-11 18:28 - 2014-10-20 15:11 - 00003106 _____ () C:\Windows\Tasks\8b4719f5-890f-46a9-b303-ea53638eab0b-1.job
2014-10-11 18:28 - 2014-10-20 15:11 - 00002440 _____ () C:\Windows\Tasks\8b4719f5-890f-46a9-b303-ea53638eab0b-5_user.job
2014-10-11 18:28 - 2014-10-20 15:11 - 00002440 _____ () C:\Windows\Tasks\8b4719f5-890f-46a9-b303-ea53638eab0b-5.job
2014-10-11 18:28 - 2014-10-20 15:11 - 00002104 _____ () C:\Windows\Tasks\8b4719f5-890f-46a9-b303-ea53638eab0b-2.job
2014-10-11 18:28 - 2014-10-20 15:11 - 00000952 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2014-10-11 18:28 - 2014-10-19 18:33 - 00000956 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2014-10-11 18:28 - 2014-10-11 18:28 - 00007838 _____ () C:\Windows\System32\Tasks\8b4719f5-890f-46a9-b303-ea53638eab0b-11
2014-10-11 18:28 - 2014-10-11 18:28 - 00007492 _____ () C:\Windows\System32\Tasks\8b4719f5-890f-46a9-b303-ea53638eab0b-4
2014-10-11 18:28 - 2014-10-11 18:28 - 00006110 _____ () C:\Windows\System32\Tasks\8b4719f5-890f-46a9-b303-ea53638eab0b-1
2014-10-11 18:28 - 2014-10-11 18:28 - 00005444 _____ () C:\Windows\System32\Tasks\8b4719f5-890f-46a9-b303-ea53638eab0b-5
2014-10-11 18:28 - 2014-10-11 18:28 - 00005108 _____ () C:\Windows\System32\Tasks\8b4719f5-890f-46a9-b303-ea53638eab0b-2
2014-10-11 18:28 - 2014-10-11 18:28 - 00003928 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA
2014-10-11 18:28 - 2014-10-11 18:28 - 00003692 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore
2014-10-11 18:28 - 2014-10-11 18:28 - 00000000 __SHD () C:\Users\Yannic\AppData\Local\EmieUserList
2014-10-11 18:28 - 2014-10-11 18:28 - 00000000 __SHD () C:\Users\Yannic\AppData\Local\EmieSiteList
2014-10-11 18:28 - 2014-10-11 18:28 - 00000000 ____D () C:\Users\Yannic\AppData\Local\globalUpdate
2014-10-11 18:28 - 2014-10-11 18:28 - 00000000 ____D () C:\Program Files (x86)\Radio Canyon
2014-10-11 18:28 - 2014-10-11 18:28 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-10-11 18:25 - 2014-10-11 18:25 - 00000000 ____D () C:\Users\Yannic\AppData\Roaming\TuneUp Software
2014-10-11 18:25 - 2014-10-11 18:25 - 00000000 ____D () C:\Users\Yannic\AppData\Local\TuneUp Software
2014-10-11 18:23 - 2014-10-11 18:26 - 00000000 ____D () C:\ProgramData\TuneUp Software
2014-10-11 18:23 - 2014-10-11 18:23 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-10-11 18:21 - 2014-10-11 18:21 - 00000000 ____D () C:\Users\Yannic\AppData\Roaming\RHEng
2014-10-11 18:21 - 2014-10-11 18:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-10-11 18:21 - 2014-10-11 18:21 - 00000000 ____D () C:\Program Files (x86)\WEB.DE MailCheck
2014-10-11 18:21 - 2014-10-11 18:21 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2014-10-11 18:20 - 2014-10-11 18:21 - 00000000 ____D () C:\Users\Yannic\AppData\Roaming\DVDVideoSoft
2014-10-11 18:17 - 2014-10-11 18:20 - 31386984 _____ (DVDVideoSoft Ltd. ) C:\Users\Yannic\Downloads\FreeYouTubeToMP3Converter_3.12.46.923.exe
2014-10-06 14:30 - 2014-09-22 08:42 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-09-26 11:52 - 2014-09-26 11:52 - 00000000 ____D () C:\Users\Yannic\Documents\Studienstiftung
2014-09-24 23:34 - 2014-10-11 18:21 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-24 16:21 - 2014-10-06 10:50 - 00003718 _____ () C:\Windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2014-09-24 16:21 - 2014-09-24 16:21 - 00003476 _____ () C:\Windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-20 15:21 - 2014-06-11 18:16 - 01484641 _____ () C:\Windows\WindowsUpdate.log
2014-10-20 15:18 - 2014-08-20 05:04 - 00000000 ____D () C:\Users\Yannic
2014-10-20 15:14 - 2014-08-20 05:43 - 00003918 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{6757FBCF-9917-461A-B7D5-44844D50589E}
2014-10-20 15:13 - 2014-08-20 05:05 - 00000074 _____ () C:\Users\Yannic\AppData\Roaming\sp_data.sys
2014-10-20 15:12 - 2014-08-20 05:47 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-10-20 15:12 - 2014-08-19 23:39 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-20 15:11 - 2014-08-28 17:29 - 00000000 __RDO () C:\Users\Yannic\OneDrive
2014-10-20 15:10 - 2013-08-22 16:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-20 15:09 - 2013-12-13 05:57 - 00016126 _____ () C:\Windows\PFRO.log
2014-10-20 15:09 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-10-20 15:08 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sru
2014-10-20 15:07 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\MediaViewer
2014-10-20 15:07 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\FileManager
2014-10-20 15:07 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\Camera
2014-10-19 21:30 - 2014-06-11 18:15 - 01264198 _____ () C:\Users\Public\CAFADEBUG.log
2014-10-19 21:10 - 2014-08-20 05:09 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2271421671-2185954834-4090823298-1001
2014-10-19 11:49 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\AppReadiness
2014-10-19 11:14 - 2014-08-31 19:47 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-10-19 11:14 - 2013-08-22 17:20 - 00000000 ____D () C:\Windows\CbsTemp
2014-10-18 20:03 - 2013-08-22 16:44 - 00484280 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-18 19:38 - 2013-08-22 17:36 - 00000000 ___RD () C:\Windows\ToastData
2014-10-18 19:38 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\WinStore
2014-10-17 16:40 - 2014-09-11 21:37 - 00000000 ____D () C:\Users\Yannic\Documents\Studium
2014-10-12 18:55 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\NDF
2014-10-11 18:10 - 2013-12-13 13:27 - 00804838 _____ () C:\Windows\system32\perfh013.dat
2014-10-11 18:10 - 2013-12-13 13:27 - 00164936 _____ () C:\Windows\system32\perfc013.dat
2014-10-11 18:10 - 2013-12-13 13:11 - 00808820 _____ () C:\Windows\system32\perfh00C.dat
2014-10-11 18:10 - 2013-12-13 13:11 - 00161790 _____ () C:\Windows\system32\perfc00C.dat
2014-10-11 18:10 - 2013-12-13 13:04 - 00773008 _____ () C:\Windows\system32\perfh007.dat
2014-10-11 18:10 - 2013-12-13 13:04 - 00162310 _____ () C:\Windows\system32\perfc007.dat
2014-10-11 18:10 - 2013-12-13 06:09 - 03696918 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-11 18:06 - 2013-08-22 16:46 - 00024687 _____ () C:\Windows\setupact.log
2014-10-10 15:25 - 2014-09-14 12:05 - 00073216 ___SH () C:\Users\Yannic\Desktop\Thumbs.db
2014-10-09 21:53 - 2014-08-20 10:36 - 00000000 ____D () C:\Users\Yannic\Scans
2014-10-06 14:31 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-10-06 13:28 - 2014-06-11 18:28 - 00000000 ____D () C:\ProgramData\McAfee
2014-10-06 13:24 - 2013-08-22 17:36 - 00000000 ___HD () C:\Windows\ELAMBKUP
2014-10-06 12:13 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\rescache
2014-09-30 00:45 - 2013-08-22 17:38 - 00706016 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-30 00:45 - 2013-08-22 17:38 - 00105440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-28 14:47 - 2014-08-26 18:14 - 00000000 ____D () C:\Users\Yannic\Documents\Fussball
2014-09-24 16:21 - 2014-06-11 18:12 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2014-09-22 15:48 - 2014-08-20 15:09 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk

Files to move or delete:
====================
C:\ProgramData\SetStretch.exe
C:\ProgramData\SetStretch.VBS


Some content of TEMP:
====================
C:\Users\Yannic\AppData\Local\Temp\DseShExt-x64.dll
C:\Users\Yannic\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\Yannic\AppData\Local\Temp\PrefJsonCpp.exe
C:\Users\Yannic\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\Yannic\AppData\Local\Temp\SDShelEx-x64.dll
C:\Users\Yannic\AppData\Local\Temp\sqlite3.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-10-06 11:11

==================== End Of Log ============================
Addition.log
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-10-2014
Ran by Yannic at 2014-10-20 15:27:19
Running from C:\Users\Yannic\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 20.2.145.43581 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 20.2.145.43581 - Alcor Micro Corp.) Hidden
ASUS Backtracker (HKLM-x32\...\{C15C060C-ED1C-49EB-83B3-F7C0FD1CD661}) (Version: 3.0.4 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.2.7 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 3.0.6 - ASUS)
ASUS Screen Saver (HKLM-x32\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 1.0.2 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 2.2.8 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 2.01.0021 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 3.1.7 - ASUS)
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.12.311 - ASUSTEK)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0031 - ASUS)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - ‪Canon Inc.‬)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version:  - ‪Canon Inc.‬)
Canon MG3200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG3200_series) (Version: 1.02 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.3.0 - Canon Inc.)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.65.23.51 - Conexant)
Free YouTube to MP3 Converter version 3.12.46.923 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.46.923 - DVDVideoSoft Ltd.)
Intel Experience Center - Configuration (x32 Version: 1.7.0.179 - Intel) Hidden
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C) (Version: 7.1.0.2105 - Intel Corporation)
Intel(R) Experience Center Desktop Software (HKLM-x32\...\{3608ec0a-56b4-4d9d-b038-9b3e51d72582}) (Version: 1.7.0.179 - Intel)
Intel(R) Experience Center Driver (Version: 1.7.0.179 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.6.0.1038 - Intel Corporation)
Intel(R) PRO/Wireless Driver (Version: 16.08.0000.1031 - Intel Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3379 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology(patch version 3.0.1342.2) (HKLM\...\{302600C1-6BDF-4FD1-1311-148929CC1385}) (Version: 3.1.1311.0402 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{12914061-EB9B-4AE7-AC7E-0B8A607C7DF4}) (Version: 2.3.1338 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{eff1d9d1-41fa-49ef-a986-082bfe49c293}) (Version: 16.8.0 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (Version: 16.7.0.0297 - Intel Corporation) Hidden
Intel® Trusted Connect Service Client (Version: 1.31.169.1 - Intel Corporation) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 32.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 32.0.3 (x86 de)) (Version: 32.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)
Mozilla Thunderbird 31.2.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.2.0 (x86 de)) (Version: 31.2.0 - Mozilla)
PhotoScape (HKLM-x32\...\PhotoScape) (Version:  - )
Radio Canyon (HKLM-x32\...\Radio Canyon) (Version: 1.35.9.29 - Radio Canyon) <==== ATTENTION
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WEB.DE MailCheck für Mozilla Firefox (HKLM-x32\...\1&1 Mail & Media GmbH Toolbar FF) (Version: 2.10.1.1735 - 1&1 Mail & Media GmbH)
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.0.3.226 - ASUS Cloud Corporation)
WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-asus) (Version: 4.0.10.25 - WildTangent)
Windows Driver Package - ASUS (ATP) Mouse  (11/20/2013 1.0.0.194) (HKLM\...\8BA9C239ED04E09F06755E1497239BEFC08085C2) (Version: 11/20/2013 1.0.0.194 - ASUS)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

18-09-2014 18:35:35 Windows Update
02-10-2014 14:51:39 Windows Update
11-10-2014 16:27:03 TuneUp Utilities 2014 wird entfernt
17-10-2014 14:47:34 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {07AD637B-CF6C-4E94-AA13-38201297AB48} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {0A914EEE-28E1-49CF-8187-6BAD64098015} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2013-10-07] (ASUS)
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {11F71DC8-7724-4709-95AC-76BBECA5A4BF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-09] (Adobe Systems Incorporated)
Task: {1841161C-1CCB-49FD-B2F1-636F578A6AC7} - System32\Tasks\8b4719f5-890f-46a9-b303-ea53638eab0b-2 => C:\Program Files (x86)\Radio Canyon\8b4719f5-890f-46a9-b303-ea53638eab0b-2.exe [2014-10-11] (Radio Canyon) <==== ATTENTION
Task: {196D6117-B54F-460E-8EC0-1218BFFD6508} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {237EE69D-58F1-40D9-B97D-644DDDB5DF85} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86) [2014-10-20] ()
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {3071C0D8-E148-49DD-A289-92C07C9D4A68} - System32\Tasks\8b4719f5-890f-46a9-b303-ea53638eab0b-5 => C:\Program Files (x86)\Radio Canyon\8b4719f5-890f-46a9-b303-ea53638eab0b-5.exe [2014-10-11] (Radio Canyon) <==== ATTENTION
Task: {30830252-9782-4C71-8653-87EAADBFDB9F} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {33B4FFD5-E2E6-4C3D-B07C-3BF3E2BBD14D} - System32\Tasks\8b4719f5-890f-46a9-b303-ea53638eab0b-4 => C:\Program Files (x86)\Radio Canyon\8b4719f5-890f-46a9-b303-ea53638eab0b-4.exe [2014-10-11] (Radio Canyon) <==== ATTENTION
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {3F3B0098-2C03-423B-88E3-D213E17FCB1F} - System32\Tasks\ASUS Splendid ColorU => C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe [2013-10-07] (ASUSTeK Computer Inc.)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {4E38B0D4-F496-4F06-AA02-F386E421DB1E} - System32\Tasks\8b4719f5-890f-46a9-b303-ea53638eab0b-5_user => C:\Program Files (x86)\Radio Canyon\8b4719f5-890f-46a9-b303-ea53638eab0b-5.exe [2014-10-11] (Radio Canyon) <==== ATTENTION
Task: {58CDC71D-6B03-4231-8A79-23089B9EE3F7} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2013-11-27] ()
Task: {6263E4C0-BEEB-478C-A327-6997FCB777E6} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation)
Task: {6828E220-FBF4-484B-98EB-62AA50935F04} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-09-15] (Microsoft Corporation)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {70B98459-CE84-4CEA-96DF-3A42C2C97A83} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-10-11] (globalUpdate) <==== ATTENTION
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {81820FF7-B657-41DE-95C9-693D91C98EA8} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86) [2014-10-20] ()
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {8FA05446-9296-41BD-9BD2-518C7767A646} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2013-08-29] (ASUSTek Computer Inc.)
Task: {9B67CCD4-0B7C-451E-A0EF-A63A230E45F9} - System32\Tasks\ASUS InstantOn Config => C:\Program Files\ASUS\P4G\InsOnCfg.exe
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {AB267F4D-2F13-45AB-9149-63D8D27B95FD} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe [2013-11-04] ()
Task: {AD232489-900E-4FFF-B9A9-123C488576B8} - System32\Tasks\8b4719f5-890f-46a9-b303-ea53638eab0b-1 => C:\Program Files (x86)\Radio Canyon\Radio Canyon-codedownloader.exe [2014-10-11] (Radio Canyon) <==== ATTENTION
Task: {B4D7E4EE-4D52-4524-919B-82767B08F3B5} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-10-11] (globalUpdate) <==== ATTENTION
Task: {B9411DD6-64CF-4674-8905-7B10C38C5215} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {CB5AAFBC-6363-4150-A6E1-4BBDD3919294} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2013-08-29] (ASUS)
Task: {CDDC5BA9-9EF1-4738-A5AC-FF7E91679D61} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D6475C3F-656F-4D73-B76D-1143DF181C3F} - System32\Tasks\8b4719f5-890f-46a9-b303-ea53638eab0b-11 => C:\Program Files (x86)\Radio Canyon\8b4719f5-890f-46a9-b303-ea53638eab0b-11.exe [2014-10-11] (Radio Canyon) <==== ATTENTION
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {DE37AB28-A4D1-4AD0-BCD8-0C30900635E2} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: {E154A8FD-53B1-4BDA-B714-70E417A2EF20} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {F2339AB7-A41F-43D3-A3A9-B380755EB60C} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2013-12-12] (AsusTek)
Task: C:\Windows\Tasks\8b4719f5-890f-46a9-b303-ea53638eab0b-1.job => C:\Program Files (x86)\Radio Canyon\Radio Canyon-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\8b4719f5-890f-46a9-b303-ea53638eab0b-11.job => C:\Program Files (x86)\Radio Canyon\8b4719f5-890f-46a9-b303-ea53638eab0b-11.exe <==== ATTENTION
Task: C:\Windows\Tasks\8b4719f5-890f-46a9-b303-ea53638eab0b-2.job => C:\Program Files (x86)\Radio Canyon\8b4719f5-890f-46a9-b303-ea53638eab0b-2.exe <==== ATTENTION
Task: C:\Windows\Tasks\8b4719f5-890f-46a9-b303-ea53638eab0b-4.job => C:\Program Files (x86)\Radio Canyon\8b4719f5-890f-46a9-b303-ea53638eab0b-4.exe <==== ATTENTION
Task: C:\Windows\Tasks\8b4719f5-890f-46a9-b303-ea53638eab0b-5.job => C:\Program Files (x86)\Radio Canyon\8b4719f5-890f-46a9-b303-ea53638eab0b-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\8b4719f5-890f-46a9-b303-ea53638eab0b-5_user.job => C:\Program Files (x86)\Radio Canyon\8b4719f5-890f-46a9-b303-ea53638eab0b-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION

==================== Loaded Modules (whitelisted) =============

2013-08-29 17:01 - 2013-08-29 17:01 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2012-03-08 04:27 - 2012-03-08 04:27 - 00016384 _____ () C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\ACVsWin.dll
2014-09-14 12:13 - 2014-09-14 12:14 - 01851392 _____ () C:\Program Files\WindowsApps\Microsoft.BingMaps_2.1.3230.2048_x64__8wekyb3d8bbwe\Map.exe
2014-10-19 11:25 - 2014-10-19 11:25 - 07770112 _____ () C:\Users\Yannic\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\Map\6cd17eb59d72bdcbc0b998aeca37ad7f\Map.ni.exe
2014-10-19 11:25 - 2014-10-19 11:25 - 05185024 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\Windows.UI.Xaml\873b701d9b42e91132f08a6f05c4361a\Windows.UI.Xaml.ni.dll
2014-10-19 11:25 - 2014-10-19 11:25 - 01782784 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\Windows.App640a3541#\3f4dc590466037f015f65bc07d1ea923\Windows.ApplicationModel.ni.dll
2014-10-19 11:25 - 2014-10-19 11:25 - 01124352 _____ () C:\Users\Yannic\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\DataTypes\91c8408d7a6527c381172049784a96ee\DataTypes.ni.dll
2014-10-19 11:25 - 2014-10-19 11:25 - 01495040 _____ () C:\Users\Yannic\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\Bing.Maps\d475fa39290ac96c1227dbdde835040e\Bing.Maps.ni.dll
2014-10-19 11:25 - 2014-10-19 11:25 - 00445440 _____ () C:\Users\Yannic\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\Utilities\a151842d6064dd7e06f33dc35ec45963\Utilities.ni.dll
2014-08-31 21:06 - 2014-08-31 21:06 - 02019840 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\Windows.Devices\0b4b3f23bdebd1d056b32b31e2f746bb\Windows.Devices.ni.dll
2014-10-19 11:25 - 2014-10-19 11:25 - 00363520 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\Windows.Foundation\6382e6f5ad8b7a9db4f5cd4817e70319\Windows.Foundation.ni.dll
2014-10-19 11:25 - 2014-10-19 11:25 - 00207872 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\Windows.System\a4efa88b742703220e527956d8ab4e84\Windows.System.ni.dll
2014-10-19 11:25 - 2014-10-19 11:25 - 01091584 _____ () C:\Users\Yannic\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\Microsoft.Bc95a2f00#\4189e9fc4a0815046ed19942cbbd0c90\Microsoft.Bing.Platform.Logging.ClientWinRT.ni.dll
2014-10-19 11:25 - 2014-10-19 11:25 - 01278464 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\Windows.Storage\f9ac074d298db459c5eff6d3256861c8\Windows.Storage.ni.dll
2014-10-19 11:25 - 2014-10-19 11:25 - 00616960 _____ () C:\Users\Yannic\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\Requests\2abe2a4f4f557d686ba73381b5ff253b\Requests.ni.dll
2014-10-19 11:25 - 2014-10-19 11:25 - 01459712 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\Windows.UI\4bd80968bf666252841ca7792faaff11\Windows.UI.ni.dll
2014-10-19 11:25 - 2014-10-19 11:25 - 00086016 _____ () C:\Users\Yannic\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\ConfigModels\2fdabbc4794c67ad9c13881300195b57\ConfigModels.ni.dll
2014-10-19 11:25 - 2014-10-19 11:25 - 00212992 _____ () C:\Users\Yannic\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\ConfigManager\d1990b5fb962cf0b0c3f6e239394c1e4\ConfigManager.ni.dll
2014-10-19 11:25 - 2014-10-19 11:25 - 00066048 _____ () C:\Users\Yannic\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\Search\77c2e80e58ecbcc91ce13b73e0e4a49f\Search.ni.dll
2014-10-19 11:25 - 2014-10-19 11:25 - 01259520 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\Windows.Networking\8f0dd293f95c402613c49fb2fac85bdd\Windows.Networking.ni.dll
2014-08-31 21:06 - 2014-08-31 21:06 - 00347136 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\Windows.Gloaae92e31#\94e2bc13589233f9d2cc54292717b8cf\Windows.Globalization.ni.dll
2014-10-19 11:25 - 2014-10-19 11:25 - 00632320 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\Windows.Security\c7f6d022c5d5aec4891cb6b3b9934336\Windows.Security.ni.dll
2014-10-19 11:25 - 2014-10-19 11:25 - 00521216 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\Windows.Data\fae2b750f87849ca11806d20b2504bf2\Windows.Data.ni.dll
2014-10-19 11:25 - 2014-10-19 11:25 - 00247808 _____ () C:\Users\Yannic\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\Authentication\6c7aea49b7d5e5149ad278364208c5c0\Authentication.ni.dll
2014-10-19 11:25 - 2014-10-19 11:25 - 00193024 _____ () C:\Users\Yannic\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\Autosuggest\66817e929314edfdfa1bf7da589bb581\Autosuggest.ni.dll
2014-10-19 11:25 - 2014-10-19 11:25 - 00269312 _____ () C:\Users\Yannic\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\MapClientGraph\8e5def4266f0a6d2eeb0d0204c63adea\MapClientGraph.ni.dll
2014-09-15 22:14 - 2014-09-15 22:14 - 00496640 _____ () C:\Users\Yannic\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\Microsoft.B2384b708#\db55843d9e2ec1f1bd517bec4fcfdb54\Microsoft.Bing.Client.Graph.ni.dll
2014-08-31 21:06 - 2014-08-31 21:06 - 00467456 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\Windows.Graphics\ea818a24554fc2db9a73de1e79afb286\Windows.Graphics.ni.dll
2014-08-20 05:49 - 2014-08-20 05:49 - 02364928 _____ () C:\Program Files\WindowsApps\Microsoft.BingMaps_2.1.3230.2048_x64__8wekyb3d8bbwe\Microsoft.Bing.Client.Graph.dll
2014-09-14 12:13 - 2014-09-14 12:14 - 00040960 _____ () C:\Program Files\WindowsApps\Microsoft.BingMaps_2.1.3230.2048_x64__8wekyb3d8bbwe\ActivationUrl.DLL
2013-10-08 21:41 - 2013-10-08 21:41 - 00037968 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
2013-09-09 19:23 - 2013-09-09 19:23 - 00162816 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2014-09-24 23:34 - 2014-09-24 23:34 - 03715184 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-06-11 18:09 - 2013-10-23 14:44 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Yannic\OneDrive:ms-properties
AlternateDataStreams: C:\Users\Yannic\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run32: => "IJNetworkScannerSelectorEX"
HKLM\...\StartupApproved\Run32: => "CanonQuickMenu"

========================= Accounts: ==========================

Administrator (S-1-5-21-2271421671-2185954834-4090823298-500 - Administrator - Disabled)
Gast (S-1-5-21-2271421671-2185954834-4090823298-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2271421671-2185954834-4090823298-1003 - Limited - Enabled)
Yannic (S-1-5-21-2271421671-2185954834-4090823298-1001 - Administrator - Enabled) => C:\Users\Yannic

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (10/19/2014 11:02:37 AM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT-AUTORITÄT)
Description: There was an error with the Windows Location Provider database

Error: (10/17/2014 04:25:35 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (10/16/2014 07:00:40 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (10/16/2014 06:41:24 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: wwahost.exe, Version: 6.3.9600.17031, Zeitstempel: 0x53085904
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.17055, Zeitstempel: 0x532943a3
Ausnahmecode: 0xc0000008
Fehleroffset: 0x00011d4d
ID des fehlerhaften Prozesses: 0x178c
Startzeit der fehlerhaften Anwendung: 0xwwahost.exe0
Pfad der fehlerhaften Anwendung: wwahost.exe1
Pfad des fehlerhaften Moduls: wwahost.exe2
Berichtskennung: wwahost.exe3
Vollständiger Name des fehlerhaften Pakets: wwahost.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: wwahost.exe5

Error: (10/16/2014 06:41:00 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm wwahost.exe, Version 6.3.9600.17031 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: ed0

Startzeit: 01cfe8fb33190f85

Endzeit: 4294967295

Anwendungspfad: C:\Windows\system32\wwahost.exe

Berichts-ID: 9ba45f5c-54ee-11e4-8266-e8683577f517

Vollständiger Name des fehlerhaften Pakets: Microsoft.BingNews_3.0.4.213_x64__8wekyb3d8bbwe

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: AppexNews

Error: (10/16/2014 06:40:52 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: R2D2)
Description: Das Paket „Microsoft.BingNews_3.0.4.213_x64__8wekyb3d8bbwe+AppexNews“ wurde beendet, da das Anhalten zu lange dauerte.

Error: (10/16/2014 06:39:06 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (10/12/2014 07:31:23 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Spotlite.exe, Version 1.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 10f4

Startzeit: 01cfe63f1ea4ac01

Endzeit: 4294967295

Anwendungspfad: C:\Program Files\WindowsApps\49573Spotlite.Spotlite-ListentoSpotify_3.0.0.8_neutral__z5pndgmqb06wp\Spotlite.exe

Berichts-ID: 8e690d44-5235-11e4-8266-e8683577f517

Vollständiger Name des fehlerhaften Pakets: 49573Spotlite.Spotlite-ListentoSpotify_3.0.0.8_neutral__z5pndgmqb06wp

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App

Error: (10/12/2014 07:31:10 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: R2D2)
Description: Das Paket „49573Spotlite.Spotlite-ListentoSpotify_3.0.0.8_neutral__z5pndgmqb06wp+App“ wurde beendet, da das Anhalten zu lange dauerte.

Error: (10/12/2014 07:09:17 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm BackgroundTaskHost.exe, Version 6.3.9600.16384 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 278

Startzeit: 01cfe63e1dc634b2

Endzeit: 4294967295

Anwendungspfad: C:\Windows\System32\BackgroundTaskHost.exe

Berichts-ID: 6aa8d6c3-5232-11e4-8266-e8683577f517

Vollständiger Name des fehlerhaften Pakets: Microsoft.BingSports_3.0.4.212_x64__8wekyb3d8bbwe

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: AppexSports


System errors:
=============
Error: (10/16/2014 06:39:44 AM) (Source: DCOM) (EventID: 10016) (User: R2D2)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}r2d2YannicS-1-5-21-2271421671-2185954834-4090823298-1001LocalHost (unter Verwendung von LRPC)Microsoft.BingNews_3.0.4.213_x64__8wekyb3d8bbweS-1-15-2-508114518-3340871649-811464485-526616082-4258465299-1774086546-1865468257

Error: (10/11/2014 06:06:37 PM) (Source: Microsoft-Windows-DriverFrameworks-UserMode) (EventID: 10101) (User: NT-AUTORITÄT)
Description: Das Treiberpaket konnte nicht installiert werden. Der letzte Status war "258".

Error: (10/11/2014 06:06:07 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows Driver Foundation - Benutzermodus-Treiberframework" wurde mit folgendem Fehler beendet:
%%1450

Error: (10/11/2014 06:06:07 PM) (Source: Microsoft-Windows-DriverFrameworks-UserMode) (EventID: 10101) (User: NT-AUTORITÄT)
Description: Das Treiberpaket konnte nicht installiert werden. Der letzte Status war "258".

Error: (10/11/2014 06:05:37 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows Driver Foundation - Benutzermodus-Treiberframework" wurde mit folgendem Fehler beendet:
%%1450

Error: (10/08/2014 10:04:06 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows Driver Foundation - Benutzermodus-Treiberframework" wurde mit folgendem Fehler beendet:
%%1450

Error: (10/08/2014 10:03:06 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Gerätezuordnungsdienst" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
%%1056

Error: (10/08/2014 10:02:06 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Driver Foundation - Benutzermodus-Treiberframework" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (10/08/2014 10:02:06 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Automatische WLAN-Konfiguration" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (10/08/2014 10:02:06 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Überwachung verteilter Verknüpfungen (Client)" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2014-10-06 14:46:47.671
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-4200U CPU @ 1.60GHz
Percentage of memory in use: 27%
Total physical RAM: 8075.43 MB
Available physical RAM: 5866.46 MB
Total Pagefile: 9355.43 MB
Available Pagefile: 7061.55 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:186.3 GB) (Free:107.69 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Data) (Fixed) (Total:258.35 GB) (Free:258.22 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 2954FC6F)

Partition: GPT Partition Type.

==================== End Of Log ============================
viele Grüße & Danke
highflyers

schrauber 20.10.2014 16:00
hi,

Lade Dir bitte von hier Revo Uninstaller Download Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
  • Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
  • Klicke auf Optionen und wähle als Sprache Deutsch.
  • Suche im Uninstallerfeld nach den Programmen:

    Radio Canyon


  • Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
  • Wähle anschließend den Modus "Moderat" aus.
  • Reste löschen:
    Klicke auf dann auf und dann auf .

 






Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.

highflyers 24.10.2014 19:21
Abend,

Revo Uninstall habe ich erfolgreich ausgeführt.

mbam.txt

Code:
Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlauf Datum: 24.10.2014
Suchlauf-Zeit: 19:07:43
Logdatei: maleware.txt
Administrator: Ja

Version: 2.00.3.1025
Malware Datenbank: v2014.10.24.07
Rootkit Datenbank: v2014.10.22.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: Yannic

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 309877
Verstrichene Zeit: 15 Min, 15 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente erkannt)

Module: 0
(Keine schädliche Elemente erkannt)

Registrierungsschlüssel: 25
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\13641, In Quarantäne, [2166090f7c0060d60ad5ed5e6d96ca36],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\GLOBALUPDATE\UPDATE, In Quarantäne, [d5b2997f621a78be85540828fc07728e],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\INSTALLEDBROWSEREXTENSIONS\13641, In Quarantäne, [c1c6cb4dc1bb0b2b756aff4c2ad94cb4],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLAPLUGINS\@staging.google.com/globalUpdate Update;version=10, In Quarantäne, [cabdb95f8def51e5e9877c152adad42c],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLAPLUGINS\@staging.google.com/globalUpdate Update;version=4, In Quarantäne, [3b4c1afe176550e61160c0d13fc5fd03],
PUP.Optional.RadioCanyon.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Radio Canyon, In Quarantäne, [0186a96f9ede38fe7e592c6809fb0ff1],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2271421671-2185954834-4090823298-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Crossrider, In Quarantäne, [dfa867b1a0dcad89bfe860222adab848],
PUP.Optional.RadioCanyon.A, HKU\S-1-5-21-2271421671-2185954834-4090823298-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Radio Canyon, In Quarantäne, [345365b3cfad26104394d1c39e66f40c],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2271421671-2185954834-4090823298-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\13641, In Quarantäne, [7f08b4647efeac8a564254d0eb185da3],
PUP.Optional.GlobalUpdate.T, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\globalUpdate, In Quarantäne, [177083951b61fc3ad39c43c8768d40c0],
PUP.Optional.GlobalUpdate.T, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\globalUpdatem, In Quarantäne, [177083951b61fc3ad39c43c8768d40c0],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE, In Quarantäne, [177083951b61fc3ad39c43c8768d40c0],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE, In Quarantäne, [177083951b61fc3ad39c43c8768d40c0],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, In Quarantäne, [177083951b61fc3ad39c43c8768d40c0],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\CLASSES\globalUpdate.OneClickCtrl.10, In Quarantäne, [177083951b61fc3ad39c43c8768d40c0],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdate.OneClickCtrl.10, In Quarantäne, [177083951b61fc3ad39c43c8768d40c0],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, In Quarantäne, [177083951b61fc3ad39c43c8768d40c0],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, In Quarantäne, [177083951b61fc3ad39c43c8768d40c0],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}, In Quarantäne, [177083951b61fc3ad39c43c8768d40c0],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\CLASSES\globalUpdate.Update3WebControl.4, In Quarantäne, [177083951b61fc3ad39c43c8768d40c0],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdate.Update3WebControl.4, In Quarantäne, [177083951b61fc3ad39c43c8768d40c0],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}, In Quarantäne, [177083951b61fc3ad39c43c8768d40c0],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}, In Quarantäne, [177083951b61fc3ad39c43c8768d40c0],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}, In Quarantäne, [177083951b61fc3ad39c43c8768d40c0],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}, In Quarantäne, [177083951b61fc3ad39c43c8768d40c0],

Registrierungswerte: 1
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\GLOBALUPDATE\UPDATE|path, C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe, In Quarantäne, [d5b2997f621a78be85540828fc07728e]

Registrierungsdaten: 0
(Keine schädliche Elemente erkannt)

Ordner: 21
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\chrome, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\chrome\content, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\chrome\content\api, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\chrome\content\core, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\defaults, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\defaults\preferences, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\extensionData, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\extensionData\plugins, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\extensionData\userCode, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\locale, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\locale\en-US, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\skin, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update, In Quarantäne, [177083951b61fc3ad39c43c8768d40c0],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0, In Quarantäne, [177083951b61fc3ad39c43c8768d40c0],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Download, In Quarantäne, [177083951b61fc3ad39c43c8768d40c0],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Install, In Quarantäne, [177083951b61fc3ad39c43c8768d40c0],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Offline, In Quarantäne, [177083951b61fc3ad39c43c8768d40c0],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Offline\{499DA868-2E6F-4AC3-9458-D7011F872575}, In Quarantäne, [177083951b61fc3ad39c43c8768d40c0],
PUP.Optional.GlobalUpdate.A, C:\Users\Yannic\AppData\Local\Temp\comh.159844, In Quarantäne, [b2d5c652027aab8b34577f8c0ef55ba5],
PUP.Optional.RadioCanyon.A, C:\Users\Yannic\AppData\LocalLow\Radio Canyon, In Quarantäne, [eb9c090fff7d4beb6f6b73a98380a759],

Dateien: 163
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\RHEng\5B665748B7B846948EC07F87C525C1F5\setup.exe, In Quarantäne, [7d0afa1ecfad3303833ec7046899ac54],
PUP.Optional.RadioCanyon.A, C:\$Recycle.Bin\S-1-5-21-2271421671-2185954834-4090823298-1001\$RYOZ128\8b4719f5-890f-46a9-b303-ea53638eab0b-11.exe, In Quarantäne, [bfc8140479038da92a582196778ac23e],
PUP.Optional.RadioCanyon.A, C:\$Recycle.Bin\S-1-5-21-2271421671-2185954834-4090823298-1001\$RYOZ128\8b4719f5-890f-46a9-b303-ea53638eab0b-2.exe, In Quarantäne, [0a7d40d83c4061d5087ab2050100d52b],
PUP.Optional.RadioCanyon.A, C:\$Recycle.Bin\S-1-5-21-2271421671-2185954834-4090823298-1001\$RYOZ128\8b4719f5-890f-46a9-b303-ea53638eab0b-4.exe, In Quarantäne, [5d2a9c7c403cf1458bf7694ebc4559a7],
PUP.Optional.RadioCanyon.A, C:\$Recycle.Bin\S-1-5-21-2271421671-2185954834-4090823298-1001\$RYOZ128\8b4719f5-890f-46a9-b303-ea53638eab0b-5.exe, In Quarantäne, [8bfccb4d314b79bd7b0705b2de236a96],
PUP.Optional.RadioCanyon.A, C:\$Recycle.Bin\S-1-5-21-2271421671-2185954834-4090823298-1001\$RYOZ128\Radio Canyon-bg.exe, In Quarantäne, [3750c15792eae74fc0c2cbece91801ff],
PUP.Optional.RadioCanyon.A, C:\$Recycle.Bin\S-1-5-21-2271421671-2185954834-4090823298-1001\$RYOZ128\Radio Canyon-bho.dll, In Quarantäne, [8afd5abe295374c2a3df397e9b6655ab],
PUP.Optional.RadioCanyon.A, C:\$Recycle.Bin\S-1-5-21-2271421671-2185954834-4090823298-1001\$RYOZ128\Radio Canyon-bho64.dll, In Quarantäne, [9fe8a276bfbdd561d7ab71469968cf31],
PUP.Optional.RadioCanyon.A, C:\$Recycle.Bin\S-1-5-21-2271421671-2185954834-4090823298-1001\$RYOZ128\Radio Canyon-buttonutil.exe, In Quarantäne, [70171800adcf61d58bf76f48be43956b],
PUP.Optional.RadioCanyon.A, C:\$Recycle.Bin\S-1-5-21-2271421671-2185954834-4090823298-1001\$RYOZ128\Radio Canyon-buttonutil64.exe, In Quarantäne, [cbbcbc5cd9a356e05230239404fd9d63],
PUP.Optional.RadioCanyon.A, C:\$Recycle.Bin\S-1-5-21-2271421671-2185954834-4090823298-1001\$RYOZ128\Radio Canyon-codedownloader.exe, In Quarantäne, [61268f896517f6406919c6f16a97f010],
PUP.Optional.CrossRider.A, C:\$Recycle.Bin\S-1-5-21-2271421671-2185954834-4090823298-1001\$RYOZ128\utils.exe, In Quarantäne, [721550c8b3c994a259f893c14bb5758b],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Local\Temp\~nsu.tmp\Au_.exe, In Quarantäne, [5c2bff195626d561460b173d619f9e62],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\8b4719f5-890f-46a9-b303-ea53638eab0b-1, In Quarantäne, [dfa80f090c70db5b01d327093dc62dd3],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\8b4719f5-890f-46a9-b303-ea53638eab0b-11, In Quarantäne, [3651cc4c96e661d5864e46eaf50ef50b],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\8b4719f5-890f-46a9-b303-ea53638eab0b-2, In Quarantäne, [f3947b9d512b77bfb42028087a892fd1],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\8b4719f5-890f-46a9-b303-ea53638eab0b-4, In Quarantäne, [b5d2988090ec43f3775dfe321ee5f709],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\8b4719f5-890f-46a9-b303-ea53638eab0b-5, In Quarantäne, [5f2824f4522aa98dba1aee4222e118e8],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\8b4719f5-890f-46a9-b303-ea53638eab0b-5_user, In Quarantäne, [1077c35565179a9ce3f182aec04312ee],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\8b4719f5-890f-46a9-b303-ea53638eab0b-1.job, In Quarantäne, [f295e4344537290dab5be1ae9b699769],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\8b4719f5-890f-46a9-b303-ea53638eab0b-11.job, In Quarantäne, [e7a027f1037992a444c2f29d4bb9966a],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\8b4719f5-890f-46a9-b303-ea53638eab0b-2.job, In Quarantäne, [3156fc1ca9d31f17b254325da55f9967],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\8b4719f5-890f-46a9-b303-ea53638eab0b-4.job, In Quarantäne, [a6e1d7419ce0bd79fe08325d709450b0],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\8b4719f5-890f-46a9-b303-ea53638eab0b-5.job, In Quarantäne, [fd8ae5336d0fff37ec1adab5ea1ada26],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\8b4719f5-890f-46a9-b303-ea53638eab0b-5_user.job, In Quarantäne, [1d6a0117bebedb5bb5515d326c98e11f],
PUP.Optional.GlobalUpdate.A, C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job, In Quarantäne, [1077d444087445f16fad701fb2525da3],
PUP.Optional.GlobalUpdate.A, C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore, In Quarantäne, [93f4dc3c6814a09655c8d4bbe71d659b],
PUP.Optional.GlobalUpdate.A, C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job, In Quarantäne, [f88f9385b2cabe78b46aeea1e91bff01],
PUP.Optional.GlobalUpdate.A, C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA, In Quarantäne, [5b2c25f357257abc32ed69261aeae818],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\chrome.manifest, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\install.rdf, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\chrome\content\3d227d28eff54ec217a6a015f5c81ef6.js, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\chrome\content\537ab9cff4e0d385ec10b650909e75a5.js, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\chrome\content\8e23d3dda6139ef87794c1f4500af804.js, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\chrome\content\b451000e362ee3e6369164a6ac986caf.js, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\chrome\content\background.html, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\chrome\content\browser.xul, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\chrome\content\c164886c11124fa7d0b52df730733701.js, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\chrome\content\dialog.js, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\chrome\content\e0d3da65bc0ecb715a51f89f71c0d833.js, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\chrome\content\ffCoreFilesIndex.txt, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\chrome\content\options.js, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\chrome\content\options.xul, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\chrome\content\search_dialog.xul, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\chrome\content\api\88c24e94cae6e777e5d2a10f04ba5dcc.js, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\chrome\content\api\26f1106e42a29add8b4a8976cf226714.js, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\chrome\content\api\29ef6b3d78a4b49ad46f1d2bae2cdc1b.js, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\chrome\content\api\3675067cd24ba1e1e682e9a487c57f36.js, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\chrome\content\api\4155f3b771a0628b79dbfa29b8e97b12.js, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\chrome\content\api\4b7a3759b30f0f46ed7e8e725428f78e.js, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\chrome\content\api\6485d83ff34436e1724b763a27f336fc.js, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\chrome\content\api\7371bfe0df23879fd91ec5bacbf1a978.js, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\chrome\content\api\78c62ae7896b34ea1e0ac6d43ced9f9c.js, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\chrome\content\api\8aacdb7c5a0cc678a1571dbf88e36d93.js, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\chrome\content\api\97476e3fdb8d89545a5e1170dd09c2d7.js, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\chrome\content\api\9d02bfdbc722836f11339c0a973dd559.js, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\chrome\content\api\a70f8f72cf455b66dab80afa0ea4cfe4.js, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\chrome\content\api\b417c732c1b5ca9e04e787b2dca9aef3.js, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\chrome\content\api\e98fb1d44d0c91bb73d515ad5d841b22.js, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\chrome\content\api\f51be12fcaa7ec70f6c87e61c930ad24.js, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\chrome\content\core\0972a300318e07dc5cb528aeb43e5b4f.js, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\chrome\content\core\1e59b18e6eb5c500f129ed50de75e78e.js, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\chrome\content\core\3734dc51c471fb3b06029723d4528290.js, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\chrome\content\core\3d2243ee70be25bc09218afc467f0fac.js, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\chrome\content\core\4dbf038ab5adcc9338090d8a07453cb2.js, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\chrome\content\core\4e59afa7344ec9e589443cf0dca29dd2.js, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\chrome\content\core\64d3c4bd7ca6e331f1d047cd25f7d3e6.js, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\chrome\content\core\68cbd97ab23a0dd00619c745821a3fed.js, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\chrome\content\core\781d21ad75aeeea80d0e792cd420cc00.js, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\chrome\content\core\c9a871b339b0e20f7e28a508e5433f64.js, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\chrome\content\core\ccc30a0d747e7d7b895f4be874199a86.js, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\chrome\content\core\cdc44fcce991caea898dc6fd497e132a.js, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\chrome\content\core\cfc6d6590ce90afadb0e37c4d0337490.js, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\chrome\content\core\d2820ccfdedccbe96af292278489a5dd.js, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\chrome\content\core\df2023ad9b52530a4bf8677c2710e722.js, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\chrome\content\core\eb1ed11a0e73f554138b4463ed64977d.js, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\chrome\content\core\f15e88e96392a016c57761a4baf189d0.js, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\chrome\content\core\f8176f052518c877ee7189bac2815dd3.js, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\chrome\content\core\fa6c34367769940a5038f603933d5520.js, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\chrome\content\core\fb2f145827182b45550ea8b10f1744a1.js, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\chrome\content\core\installer.js, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\defaults\preferences\prefs.js, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\extensionData\manifest.xml, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\extensionData\plugins.json, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\extensionData\plugins\1.js, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\extensionData\plugins\102.js, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\extensionData\plugins\104.js, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\extensionData\plugins\13.js, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\extensionData\plugins\14.js, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\extensionData\plugins\16.js, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\extensionData\plugins\17.js, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\extensionData\plugins\177.js, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\extensionData\plugins\180.js, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\extensionData\plugins\182.js, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\extensionData\plugins\183.js, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\extensionData\plugins\192.js, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\extensionData\plugins\195.js, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\extensionData\plugins\200.js, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\extensionData\plugins\207.js, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\extensionData\plugins\21.js, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\extensionData\plugins\22.js, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\extensionData\plugins\220.js, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\extensionData\plugins\221.js, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\extensionData\plugins\223.js, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\extensionData\plugins\226.js, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\extensionData\plugins\234.js, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\extensionData\plugins\246.js, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\extensionData\plugins\262.js, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\extensionData\plugins\263.js, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\extensionData\plugins\268.js, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\extensionData\plugins\273.js, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\extensionData\plugins\28.js, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\extensionData\plugins\281.js, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\extensionData\plugins\300.js, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\extensionData\plugins\4.js, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\extensionData\plugins\47.js, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\extensionData\plugins\64.js, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\extensionData\plugins\7.js, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\extensionData\plugins\72.js, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\extensionData\plugins\78.js, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\extensionData\plugins\9.js, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\extensionData\plugins\91.js, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\extensionData\plugins\93.js, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\extensionData\plugins\98.js, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\extensionData\userCode\background.js, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\extensionData\userCode\extension.js, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\locale\en-US\translations.dtd, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\skin\button1.png, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\skin\button2.png, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\skin\button3.png, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\skin\button4.png, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\skin\button5.png, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\skin\crossrider_statusbar.png, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\skin\icon128.png, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\skin\icon16.png, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\skin\icon24.png, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\skin\icon48.png, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\skin\panelarrow-up.png, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\skin\popup.html, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\skin\skin.css, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com\skin\update.css, In Quarantäne, [1f684fc9522ad75fc24a896e27db26da],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe, In Quarantäne, [177083951b61fc3ad39c43c8768d40c0],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleCrashHandler.exe, In Quarantäne, [177083951b61fc3ad39c43c8768d40c0],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdate.exe, In Quarantäne, [177083951b61fc3ad39c43c8768d40c0],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdateBroker.exe, In Quarantäne, [177083951b61fc3ad39c43c8768d40c0],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdateHelper.msi, In Quarantäne, [177083951b61fc3ad39c43c8768d40c0],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdateOnDemand.exe, In Quarantäne, [177083951b61fc3ad39c43c8768d40c0],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\goopdate.dll, In Quarantäne, [177083951b61fc3ad39c43c8768d40c0],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\goopdateres_en.dll, In Quarantäne, [177083951b61fc3ad39c43c8768d40c0],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll, In Quarantäne, [177083951b61fc3ad39c43c8768d40c0],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\psmachine.dll, In Quarantäne, [177083951b61fc3ad39c43c8768d40c0],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\psuser.dll, In Quarantäne, [177083951b61fc3ad39c43c8768d40c0],
PUP.Optional.GlobalUpdate.A, C:\Users\Yannic\AppData\Local\Temp\comh.159844\GoogleCrashHandler.exe, In Quarantäne, [b2d5c652027aab8b34577f8c0ef55ba5],
PUP.Optional.GlobalUpdate.A, C:\Users\Yannic\AppData\Local\Temp\comh.159844\GoogleUpdate.exe, In Quarantäne, [b2d5c652027aab8b34577f8c0ef55ba5],
PUP.Optional.GlobalUpdate.A, C:\Users\Yannic\AppData\Local\Temp\comh.159844\GoogleUpdateBroker.exe, In Quarantäne, [b2d5c652027aab8b34577f8c0ef55ba5],
PUP.Optional.GlobalUpdate.A, C:\Users\Yannic\AppData\Local\Temp\comh.159844\GoogleUpdateHelper.msi, In Quarantäne, [b2d5c652027aab8b34577f8c0ef55ba5],
PUP.Optional.GlobalUpdate.A, C:\Users\Yannic\AppData\Local\Temp\comh.159844\GoogleUpdateOnDemand.exe, In Quarantäne, [b2d5c652027aab8b34577f8c0ef55ba5],
PUP.Optional.GlobalUpdate.A, C:\Users\Yannic\AppData\Local\Temp\comh.159844\goopdate.dll, In Quarantäne, [b2d5c652027aab8b34577f8c0ef55ba5],
PUP.Optional.GlobalUpdate.A, C:\Users\Yannic\AppData\Local\Temp\comh.159844\goopdateres_en.dll, In Quarantäne, [b2d5c652027aab8b34577f8c0ef55ba5],
PUP.Optional.GlobalUpdate.A, C:\Users\Yannic\AppData\Local\Temp\comh.159844\npGoogleUpdate4.dll, In Quarantäne, [b2d5c652027aab8b34577f8c0ef55ba5],
PUP.Optional.GlobalUpdate.A, C:\Users\Yannic\AppData\Local\Temp\comh.159844\psmachine.dll, In Quarantäne, [b2d5c652027aab8b34577f8c0ef55ba5],
PUP.Optional.GlobalUpdate.A, C:\Users\Yannic\AppData\Local\Temp\comh.159844\psuser.dll, In Quarantäne, [b2d5c652027aab8b34577f8c0ef55ba5],
PUP.Optional.CrossRider.A, C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.crossrider.bic", "14903d36ca7c55e83fbcfa731cc09ed4");), Ersetzt,[c8bf22f6cdaf8aaccf169fc111f43bc5]

Physische Sektoren: 0
(Keine schädliche Elemente erkannt)


(end)
AdwCleaner.txt

Code:
# AdwCleaner v4.001 - Bericht erstellt am 24/10/2014 um 20:04:25
# Aktualisiert 20/10/2014 von Xplode
# Datenbank : 2014-10-23.2
# Betriebssystem : Windows 8.1  (64 bits)
# Benutzername : Yannic - R2D2
# Gestartet von : C:\Users\Yannic\Downloads\AdwCleaner_4.001.exe
# Option : Suchen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Datei Gefunden : C:\Users\Yannic\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Startfenster.lnk
Datei Gefunden : C:\Users\Yannic\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Startfenster.lnk
Datei Gefunden : C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\searchplugins\11-suche.xml
Datei Gefunden : C:\Users\Yannic\Favorites\Startfenster.lnk
Ordner Gefunden : C:\Program Files (x86)\globalUpdate
Ordner Gefunden : C:\Users\Yannic\AppData\Local\globalUpdate
Ordner Gefunden : C:\Users\Yannic\AppData\Roaming\RHEng

***** [ Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gefunden : HKCU\Software\GlobalUpdate
Schlüssel Gefunden : HKCU\Software\InstalledBrowserExtensions
Schlüssel Gefunden : HKCU\Software\OCS
Schlüssel Gefunden : [x64] HKCU\Software\GlobalUpdate
Schlüssel Gefunden : [x64] HKCU\Software\InstalledBrowserExtensions
Schlüssel Gefunden : [x64] HKCU\Software\OCS
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Schlüssel Gefunden : HKLM\SOFTWARE\GlobalUpdate
Schlüssel Gefunden : HKLM\SOFTWARE\InstalledBrowserExtensions
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{06E58E5E-F8CB-4049-991E-A41C03BD419E}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{100EB1FD-D03E-47FD-81F3-EE91287F9465}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{258C9770-1713-4021-8D7E-1F184A2BD754}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{31CF9EBE-5755-4A1D-AC25-2834D952D9B4}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{43D9E6F0-1776-4897-AE14-ECEDECBAFEC0}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{5A074B29-F830-49DE-A31B-5BB9D7F6B407}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{5AA2BA46-9913-4DC7-9620-69AB0FA17AE7}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{77FEF28E-EB96-44FF-B511-3185DEA48697}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{B580CF65-E151-49C3-B73F-70B13FCA8E86}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{BDEA95CF-F0E6-41E0-BD3D-B00F39A4E939}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{C451C08A-EC37-45DF-AAAD-18B51AB5E837}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{DCC70A83-E184-40A3-906B-779AF5E941C4}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{06E58E5E-F8CB-4049-991E-A41C03BD419E}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{100EB1FD-D03E-47FD-81F3-EE91287F9465}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{258C9770-1713-4021-8D7E-1F184A2BD754}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{31CF9EBE-5755-4A1D-AC25-2834D952D9B4}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{43D9E6F0-1776-4897-AE14-ECEDECBAFEC0}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{5A074B29-F830-49DE-A31B-5BB9D7F6B407}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{5AA2BA46-9913-4DC7-9620-69AB0FA17AE7}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{77FEF28E-EB96-44FF-B511-3185DEA48697}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{B580CF65-E151-49C3-B73F-70B13FCA8E86}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{BDEA95CF-F0E6-41E0-BD3D-B00F39A4E939}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{C451C08A-EC37-45DF-AAAD-18B51AB5E837}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{DCC70A83-E184-40A3-906B-779AF5E941C4}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{EF99BD32-C1FB-11D2-892F-0090271D4F88}

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17344

Einstellung Gefunden : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.startfenster.de

-\\ Mozilla Firefox v32.0.3 (x86 de)


*************************

AdwCleaner[R0].txt - [10686 octets] - [24/10/2014 20:04:25]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [10747 octets] ##########
JRT.txt

Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.3 (10.21.2014:1)
OS: Windows 8.1 x64
Ran by Yannic on 24.10.2014 at 20:11:24,81
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files

Successfully deleted: [File] "C:\Users\Yannic\favorites\links\startfenster.lnk"



~~~ Folders



~~~ FireFox

Successfully deleted the following from C:\Users\Yannic\AppData\Roaming\mozilla\firefox\profiles\dihxil7q.default\prefs.js

user_pref("extensions.a1853a82ece444a8ca6fe9bcf74a655754b6b1c165f0a4ef0866fb063e235ef97com60804.60804.internaldb.Resources_meta.value", "%7B%22popup.html%22%3A%7B%22id%22%3A82
user_pref("extensions.a1853a82ece444a8ca6fe9bcf74a655754b6b1c165f0a4ef0866fb063e235ef97com60804.60804.internaldb.Resources_resource_824814.value", "%22%3C%21DOCTYPE%20html%3E%
user_pref("extensions.a1853a82ece444a8ca6fe9bcf74a655754b6b1c165f0a4ef0866fb063e235ef97com60804.60804.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A
user_pref("extensions.crossrider.bic", "14903d36ca7c55e83fbcfa731cc09ed4");
Emptied folder: C:\Users\Yannic\AppData\Roaming\mozilla\firefox\profiles\dihxil7q.default\minidumps [11 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 24.10.2014 at 20:16:09,99
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST.txt


FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-10-2014
Ran by Yannic (administrator) on R2D2 on 24-10-2014 20:17:01
Running from C:\Users\Yannic\Downloads
Loaded Profile: Yannic (Available profiles: Yannic)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUS) C:\Program Files\ASUS\P4G\InsOnSrv.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\AsusWSWinService.exe
(Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyConfigTDPService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyCriticalService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmService.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files\ASUS\P4G\InsOnWMI.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmServiceHelper.exe
(Conexant Systems, Inc) C:\Program Files\CONEXANT\SAII\SmartAudio.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\AsusWSPanel.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [911576 2013-10-30] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\Windows\system32\DptfPolicyLpmServiceHelper.exe [114048 2013-10-18] (Intel Corporation)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3216032 2013-12-13] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\ASUSWSLoader.exe [63296 2013-08-16] ()
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [449168 2012-03-26] (CANON INC.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1282632 2013-07-23] (CANON INC.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Startup: C:\Users\Yannic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.0.3.226\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.0.3.226\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.0.3.226\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB
SearchScopes: HKLM - {F61CC357-9D05-4042-A131-1DECCE2EAC4E} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKCU - {F61CC357-9D05-4042-A131-1DECCE2EAC4E} URL = hxxp://www.sm.de/?q={searchTerms}
BHO: Radio Canyon -> {11111111-1111-1111-1111-110611081104} -> C:\Program Files (x86)\Radio Canyon\Radio Canyon-bho64.dll No File
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default
FF SearchEngineOrder.1: SuchMaschine
FF Homepage: www.ecosia.de
FF Keyword.URL: hxxp://www.sm.de/?q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\searchplugins\search_engine.xml
FF SearchPlugin: C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Adblock Plus - C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-08-28]
FF Extension: UITBAutoInstaller - C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\{edd7fc99-d65c-4979-85c2-ddeed30c50c7} [2014-10-11]

Chrome:
=======

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ASUS InstantOn; C:\Program Files\ASUS\P4G\InsOnSrv.exe [277120 2013-08-29] (ASUS)
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\AsusWSWinService.exe [71680 2013-08-16] (ASUS Cloud Corporation) [File not signed]
R2 DptfParticipantProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [117704 2013-10-18] (Intel Corporation)
R2 DptfPolicyConfigTDPService; C:\Windows\system32\DptfPolicyConfigTDPService.exe [116680 2013-10-18] (Intel Corporation)
R2 DptfPolicyCriticalService; C:\Windows\system32\DptfPolicyCriticalService.exe [148160 2013-10-18] (Intel Corporation)
R2 DptfPolicyLpmService; C:\Windows\system32\DptfPolicyLpmService.exe [126952 2013-10-18] (Intel Corporation)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227936 2013-11-09] (WildTangent)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [827392 2013-09-02] (Intel(R) Corporation) [File not signed]
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-10-23] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-10-23] (Intel Corporation)
R3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-22] (Microsoft Corporation)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-03-14] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2013-11-20] ()
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-03-06] (Microsoft Corporation)
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-22] (Microsoft Corporation)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-22] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3674864 2013-11-20] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [70928 2013-12-12] (ASUS Corporation)
S3 AX88772; C:\Windows\system32\DRIVERS\ax88772.sys [113664 2013-12-16] (ASIX Electronics Corp.)
S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
S3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [140600 2013-07-22] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1408824 2013-10-18] (Motorola Solutions, Inc.)
R3 DptfDevDram; C:\Windows\system32\DRIVERS\DptfDevDram.sys [145640 2013-10-18] (Intel Corporation)
R3 DptfDevPch; C:\Windows\system32\DRIVERS\DptfDevPch.sys [116752 2013-10-18] (Intel Corporation)
R3 DptfDevProc; C:\Windows\system32\DRIVERS\DptfDevProc.sys [289744 2013-10-18] (Intel Corporation)
R3 DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [494296 2013-10-18] (Intel Corporation)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [142280 2013-10-18] (Intel Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [17280 2012-08-06] ( )
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-10-23] (Intel Corporation)
R3 NETwNb64; C:\Windows\system32\DRIVERS\NETwbw02.sys [3609568 2013-12-25] (Intel Corporation)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
R2 plctrl; C:\Program Files\ASUS\P4G\plctrl.sys [14136 2013-08-29] (Windows (R) Win 7 DDK provider)
R3 SensorsAlsDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [227840 2014-05-31] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)
U0 msahci; system32\drivers\msahci.sys

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-24 20:16 - 2014-10-24 20:16 - 00001565 _____ () C:\Users\Yannic\Desktop\JRT.txt
2014-10-24 20:16 - 2014-10-24 20:16 - 00000000 ____D () C:\Users\Yannic\Downloads\FRST-OlderVersion
2014-10-24 20:11 - 2014-10-24 20:11 - 00000000 ____D () C:\Windows\ERUNT
2014-10-24 20:10 - 2014-10-24 20:10 - 01706144 _____ (Thisisu) C:\Users\Yannic\Downloads\JRT(1).exe
2014-10-24 20:07 - 2014-10-24 20:07 - 00010924 _____ () C:\Users\Yannic\Desktop\AdwCleaner[R0].txt
2014-10-24 20:04 - 2014-10-24 20:07 - 00000000 ____D () C:\AdwCleaner
2014-10-24 20:03 - 2014-10-24 20:03 - 00049424 _____ () C:\Users\Yannic\Desktop\maleware.txt
2014-10-24 19:08 - 2014-10-24 19:09 - 01706144 _____ (Thisisu) C:\Users\Yannic\Downloads\JRT.exe
2014-10-24 19:08 - 2014-10-24 19:08 - 01962496 _____ () C:\Users\Yannic\Downloads\AdwCleaner_4.001.exe
2014-10-24 19:07 - 2014-10-24 20:02 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-24 19:07 - 2014-10-24 19:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-10-24 19:06 - 2014-10-24 19:07 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-10-24 19:06 - 2014-10-24 19:06 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-10-24 19:06 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-10-24 19:06 - 2014-10-01 11:11 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-10-24 19:06 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-10-24 19:05 - 2014-10-24 19:06 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\Yannic\Downloads\mbam-setup-2.0.3.1025.exe
2014-10-24 19:04 - 2014-10-24 19:04 - 00001286 _____ () C:\Users\Yannic\Desktop\Revo Uninstaller.lnk
2014-10-24 19:04 - 2014-10-24 19:04 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-10-24 19:03 - 2014-10-24 19:04 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Yannic\Downloads\revosetup95.exe
2014-10-23 12:18 - 2014-10-23 12:18 - 00541986 _____ () C:\Users\Yannic\Downloads\eduroam-w8-RAU(2).exe
2014-10-23 12:08 - 2014-10-23 12:08 - 00541986 _____ () C:\Users\Yannic\Downloads\eduroam-w8-RAU(1).exe
2014-10-23 12:07 - 2014-10-23 12:07 - 00541986 _____ () C:\Users\Yannic\Downloads\eduroam-w8-RAU.exe
2014-10-20 15:44 - 2014-10-20 15:44 - 00380416 _____ () C:\Users\Yannic\Downloads\Gmer-19357(1).exe
2014-10-20 15:35 - 2014-10-20 15:35 - 00380416 _____ () C:\Users\Yannic\Downloads\Gmer-19357.exe
2014-10-20 15:21 - 2014-10-20 15:28 - 00031894 _____ () C:\Users\Yannic\Downloads\Addition.txt
2014-10-20 15:20 - 2014-10-24 20:17 - 00014526 _____ () C:\Users\Yannic\Downloads\FRST.txt
2014-10-20 15:19 - 2014-10-24 20:17 - 00000000 ____D () C:\FRST
2014-10-20 15:18 - 2014-10-24 20:16 - 02112000 _____ (Farbar) C:\Users\Yannic\Downloads\FRST64.exe
2014-10-20 15:18 - 2014-10-20 15:18 - 00000474 _____ () C:\Users\Yannic\Downloads\defogger_disable.log
2014-10-20 15:18 - 2014-10-20 15:18 - 00000000 _____ () C:\Users\Yannic\defogger_reenable
2014-10-20 15:17 - 2014-10-20 15:17 - 00050477 _____ () C:\Users\Yannic\Downloads\Defogger.exe
2014-10-19 21:14 - 2014-10-20 15:11 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-10-19 11:09 - 2014-10-10 00:16 - 00678400 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-10-19 11:09 - 2014-10-09 00:09 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-10-19 11:09 - 2014-09-19 03:24 - 00527360 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-10-19 11:09 - 2014-09-04 02:10 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\winbici.dll
2014-10-19 11:09 - 2014-09-04 01:57 - 00921600 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2014-10-19 11:09 - 2014-09-04 01:49 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll
2014-10-19 11:07 - 2014-09-13 08:02 - 02779648 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-19 11:07 - 2014-09-13 07:30 - 03117568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-10-16 15:35 - 2014-09-28 00:25 - 04183040 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-16 15:35 - 2014-09-13 08:29 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-16 15:35 - 2014-09-13 07:49 - 00068608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-16 15:35 - 2014-08-29 03:58 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2014-10-16 15:35 - 2014-08-29 01:56 - 02646016 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-10-16 15:35 - 2014-08-29 01:47 - 02321920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-10-16 15:33 - 2014-09-26 00:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-16 15:33 - 2014-09-26 00:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-16 15:33 - 2014-09-26 00:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-16 15:33 - 2014-09-26 00:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-16 15:33 - 2014-09-26 00:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-16 15:33 - 2014-09-26 00:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-16 15:33 - 2014-09-19 04:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-16 15:33 - 2014-09-19 03:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-16 15:33 - 2014-09-19 03:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-16 15:33 - 2014-09-19 03:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-16 15:33 - 2014-09-19 03:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-16 15:33 - 2014-09-19 03:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-16 15:33 - 2014-09-19 03:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-16 15:33 - 2014-09-19 03:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-16 15:33 - 2014-09-19 03:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-10-16 15:33 - 2014-09-19 03:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-16 15:33 - 2014-09-19 02:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-10-16 15:33 - 2014-09-19 02:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-16 15:33 - 2014-09-19 02:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-16 15:33 - 2014-09-19 02:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-16 15:33 - 2014-09-19 02:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-16 15:33 - 2014-09-19 02:42 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-16 15:33 - 2014-09-19 02:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-16 15:33 - 2014-09-19 02:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-16 15:33 - 2014-09-19 02:20 - 00315904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-10-16 15:33 - 2014-09-19 02:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-16 15:33 - 2014-09-19 01:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-16 15:33 - 2014-09-19 01:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-16 15:33 - 2014-09-19 01:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-16 15:33 - 2014-09-19 01:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-10-16 15:32 - 2014-09-08 05:15 - 00054752 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-10-16 15:32 - 2014-09-08 03:46 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-10-16 15:32 - 2014-09-08 03:46 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-10-16 15:32 - 2014-09-08 02:08 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-10-16 15:32 - 2014-09-08 02:07 - 00137728 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-10-16 15:32 - 2014-09-08 02:05 - 03448320 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-10-16 15:32 - 2014-09-08 02:04 - 00388608 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2014-10-16 15:32 - 2014-09-08 02:04 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-10-16 15:32 - 2014-09-08 02:03 - 01702400 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-10-16 15:32 - 2014-09-08 02:03 - 00839680 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-10-16 15:32 - 2014-09-08 01:59 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-10-16 15:32 - 2014-09-08 01:59 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-10-16 15:32 - 2014-09-08 01:56 - 00672256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-10-16 15:32 - 2014-09-08 01:56 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-10-16 15:32 - 2014-09-04 02:12 - 00590336 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-16 15:32 - 2014-09-04 02:01 - 00514048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-16 15:31 - 2014-08-16 06:08 - 21195616 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-10-16 15:31 - 2014-08-16 06:08 - 01507648 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll
2014-10-16 15:31 - 2014-08-16 06:01 - 01710184 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-10-16 15:31 - 2014-08-16 05:58 - 01112512 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-10-16 15:31 - 2014-08-16 05:57 - 02498880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-10-16 15:31 - 2014-08-16 05:57 - 00428864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-10-16 15:31 - 2014-08-16 05:16 - 18722600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-10-16 15:31 - 2014-08-16 05:16 - 01205976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\propsys.dll
2014-10-16 15:31 - 2014-08-16 05:03 - 01467384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-10-16 15:31 - 2014-08-16 03:31 - 00838144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-10-16 15:31 - 2014-08-16 03:04 - 00359424 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
2014-10-16 15:31 - 2014-08-16 02:58 - 00287744 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2014-10-16 15:31 - 2014-08-16 02:53 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\httpprxm.dll
2014-10-16 15:31 - 2014-08-16 02:46 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\ProximityService.dll
2014-10-16 15:31 - 2014-08-16 02:45 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2014-10-16 15:31 - 2014-08-16 02:43 - 00321024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wldap32.dll
2014-10-16 15:31 - 2014-08-16 02:43 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\adhsvc.dll
2014-10-16 15:31 - 2014-08-16 02:31 - 00914432 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2014-10-16 15:31 - 2014-08-16 02:31 - 00286208 _____ (Microsoft Corporation) C:\Windows\system32\pcsvDevice.dll
2014-10-16 15:31 - 2014-08-16 02:29 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-16 15:31 - 2014-08-16 02:23 - 01106432 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll
2014-10-16 15:31 - 2014-08-16 02:22 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveTelemetry.dll
2014-10-16 15:31 - 2014-08-16 02:22 - 00286208 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveShell.dll
2014-10-16 15:31 - 2014-08-16 02:19 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-16 15:31 - 2014-08-16 02:18 - 04758528 _____ (Microsoft Corporation) C:\Windows\system32\SyncEngine.dll
2014-10-16 15:31 - 2014-08-16 02:17 - 08757760 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll
2014-10-16 15:31 - 2014-08-16 02:14 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SkyDriveShell.dll
2014-10-16 15:31 - 2014-08-16 02:13 - 06649344 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-16 15:31 - 2014-08-16 02:13 - 05902848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll
2014-10-16 15:31 - 2014-08-16 02:13 - 00840192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFolder.dll
2014-10-16 15:31 - 2014-08-16 02:11 - 00920064 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-10-16 15:31 - 2014-08-16 02:10 - 01120768 _____ (Microsoft Corporation) C:\Windows\system32\SkyDrive.exe
2014-10-16 15:31 - 2014-08-16 02:08 - 05777408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-16 15:31 - 2014-08-16 02:07 - 00756224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-10-16 15:31 - 2014-08-01 01:22 - 00388729 _____ () C:\Windows\system32\ApnDatabase.xml
2014-10-11 18:28 - 2014-10-11 18:28 - 00000000 __SHD () C:\Users\Yannic\AppData\Local\EmieUserList
2014-10-11 18:28 - 2014-10-11 18:28 - 00000000 __SHD () C:\Users\Yannic\AppData\Local\EmieSiteList
2014-10-11 18:25 - 2014-10-11 18:25 - 00000000 ____D () C:\Users\Yannic\AppData\Roaming\TuneUp Software
2014-10-11 18:25 - 2014-10-11 18:25 - 00000000 ____D () C:\Users\Yannic\AppData\Local\TuneUp Software
2014-10-11 18:23 - 2014-10-11 18:26 - 00000000 ____D () C:\ProgramData\TuneUp Software
2014-10-11 18:23 - 2014-10-11 18:23 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-10-11 18:21 - 2014-10-11 18:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-10-11 18:21 - 2014-10-11 18:21 - 00000000 ____D () C:\Program Files (x86)\WEB.DE MailCheck
2014-10-11 18:21 - 2014-10-11 18:21 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2014-10-11 18:20 - 2014-10-11 18:21 - 00000000 ____D () C:\Users\Yannic\AppData\Roaming\DVDVideoSoft
2014-10-11 18:17 - 2014-10-11 18:20 - 31386984 _____ (DVDVideoSoft Ltd. ) C:\Users\Yannic\Downloads\FreeYouTubeToMP3Converter_3.12.46.923.exe
2014-10-06 14:30 - 2014-09-22 08:42 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-09-26 11:52 - 2014-09-26 11:52 - 00000000 ____D () C:\Users\Yannic\Documents\Studienstiftung
2014-09-24 23:34 - 2014-10-11 18:21 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-24 16:21 - 2014-10-06 10:50 - 00003718 _____ () C:\Windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2014-09-24 16:21 - 2014-09-24 16:21 - 00003476 _____ () C:\Windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-24 20:18 - 2014-08-20 05:09 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2271421671-2185954834-4090823298-1001
2014-10-24 20:12 - 2014-08-19 23:39 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-24 20:11 - 2014-08-20 05:05 - 00000074 _____ () C:\Users\Yannic\AppData\Roaming\sp_data.sys
2014-10-24 20:09 - 2014-08-28 17:29 - 00000000 __RDO () C:\Users\Yannic\OneDrive
2014-10-24 20:08 - 2013-12-13 05:57 - 00050970 _____ () C:\Windows\PFRO.log
2014-10-24 20:08 - 2013-08-22 16:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-24 20:08 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-10-24 20:07 - 2014-06-11 18:15 - 01343454 _____ () C:\Users\Public\CAFADEBUG.log
2014-10-24 20:00 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sru
2014-10-24 19:58 - 2014-08-20 05:47 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-10-24 19:26 - 2014-06-11 18:16 - 01780928 _____ () C:\Windows\WindowsUpdate.log
2014-10-24 17:45 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\AppReadiness
2014-10-24 17:38 - 2014-08-20 05:43 - 00003918 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{6757FBCF-9917-461A-B7D5-44844D50589E}
2014-10-23 16:39 - 2014-08-20 05:04 - 00000000 ____D () C:\Users\Yannic
2014-10-23 12:16 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\NDF
2014-10-20 15:07 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\MediaViewer
2014-10-20 15:07 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\FileManager
2014-10-20 15:07 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\Camera
2014-10-19 11:14 - 2014-08-31 19:47 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-10-19 11:14 - 2013-08-22 17:20 - 00000000 ____D () C:\Windows\CbsTemp
2014-10-18 20:03 - 2013-08-22 16:44 - 00484280 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-18 19:38 - 2013-08-22 17:36 - 00000000 ___RD () C:\Windows\ToastData
2014-10-18 19:38 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\WinStore
2014-10-17 16:40 - 2014-09-11 21:37 - 00000000 ____D () C:\Users\Yannic\Documents\Studium
2014-10-11 18:10 - 2013-12-13 13:27 - 00804838 _____ () C:\Windows\system32\perfh013.dat
2014-10-11 18:10 - 2013-12-13 13:27 - 00164936 _____ () C:\Windows\system32\perfc013.dat
2014-10-11 18:10 - 2013-12-13 13:11 - 00808820 _____ () C:\Windows\system32\perfh00C.dat
2014-10-11 18:10 - 2013-12-13 13:11 - 00161790 _____ () C:\Windows\system32\perfc00C.dat
2014-10-11 18:10 - 2013-12-13 13:04 - 00773008 _____ () C:\Windows\system32\perfh007.dat
2014-10-11 18:10 - 2013-12-13 13:04 - 00162310 _____ () C:\Windows\system32\perfc007.dat
2014-10-11 18:10 - 2013-12-13 06:09 - 03696918 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-11 18:06 - 2013-08-22 16:46 - 00024687 _____ () C:\Windows\setupact.log
2014-10-10 15:25 - 2014-09-14 12:05 - 00073216 ___SH () C:\Users\Yannic\Desktop\Thumbs.db
2014-10-09 21:53 - 2014-08-20 10:36 - 00000000 ____D () C:\Users\Yannic\Scans
2014-10-06 14:31 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-10-06 13:28 - 2014-06-11 18:28 - 00000000 ____D () C:\ProgramData\McAfee
2014-10-06 13:24 - 2013-08-22 17:36 - 00000000 ___HD () C:\Windows\ELAMBKUP
2014-10-06 12:13 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\rescache
2014-09-30 00:45 - 2013-08-22 17:38 - 00706016 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-30 00:45 - 2013-08-22 17:38 - 00105440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-28 14:47 - 2014-08-26 18:14 - 00000000 ____D () C:\Users\Yannic\Documents\Fussball
2014-09-24 16:21 - 2014-06-11 18:12 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel

Files to move or delete:
====================
C:\ProgramData\SetStretch.exe
C:\ProgramData\SetStretch.VBS


Some content of TEMP:
====================
C:\Users\Yannic\AppData\Local\Temp\DseShExt-x64.dll
C:\Users\Yannic\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\Yannic\AppData\Local\Temp\PrefJsonCpp.exe
C:\Users\Yannic\AppData\Local\Temp\Quarantine.exe
C:\Users\Yannic\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\Yannic\AppData\Local\Temp\SDShelEx-x64.dll
C:\Users\Yannic\AppData\Local\Temp\sqlite3.dll
C:\Users\Yannic\AppData\Local\Temp\sqlite3.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-10-06 11:11

==================== End Of Log ============================
--- --- ---


vielen Dank
highflyers

schrauber 25.10.2014 14:55
AdwCleaner auch löschen lassen!



ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme? :)

highflyers 29.10.2014 10:15
Guten Morgen,

hier der ESET log

Code:
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=a5af1799c439fc4fbdf768af61190cb5
# engine=20828
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-10-29 09:06:15
# local_time=2014-10-29 10:06:15 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 138177 18957096 0 0
# scanned=224598
# found=1
# cleaned=0
# scan_time=4700
sh=4F91317525B6B215AB26586CB19B4F1471F85BF8 ft=1 fh=9670bfc95fd4bcf1 vn="Variante von Win32/Toolbar.CrossRider.BM evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Yannic\AppData\Local\Microsoft\Windows\INetCache\IE\19VJU7AZ\setup[1].exe"
SecurityCheck log

Code:
Results of screen317's Security Check version 0.99.89 
  x64 (UAC is enabled) 
 Internet Explorer 11 
``````````````Antivirus/Firewall Check:``````````````
Windows Defender 
 WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
 Adobe Flash Player        15.0.0.152 
 Adobe Reader XI 
 Mozilla Firefox 32.0.3 Firefox out of Date! 
 Mozilla Thunderbird (31.2.0)
````````Process Check: objlist.exe by Laurent```````` 
 Windows Defender MSMpEng.exe
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:  %
````````````````````End of Log``````````````````````
und ein frischer frst log


FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-10-2014 01
Ran by Yannic (administrator) on R2D2 on 29-10-2014 10:13:03
Running from C:\Users\Yannic\Downloads
Loaded Profile: Yannic (Available profiles: Yannic)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUS) C:\Program Files\ASUS\P4G\InsOnSrv.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\AsusWSWinService.exe
(Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyConfigTDPService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyCriticalService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmService.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files\ASUS\P4G\InsOnWMI.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Conexant Systems, Inc) C:\Program Files\CONEXANT\SAII\SmartAudio.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmServiceHelper.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Office.OneNote_16.0.3030.1024_x64__8wekyb3d8bbwe\onenoteim.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
() C:\Program Files\WindowsApps\Microsoft.BingMaps_2.1.3230.2048_x64__8wekyb3d8bbwe\Map.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\AsusWSPanel.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [911576 2013-10-30] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\Windows\system32\DptfPolicyLpmServiceHelper.exe [114048 2013-10-18] (Intel Corporation)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3216032 2013-12-13] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\ASUSWSLoader.exe [63296 2013-08-16] ()
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [449168 2012-03-26] (CANON INC.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1282632 2013-07-23] (CANON INC.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-26] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Startup: C:\Users\Yannic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.0.3.226\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.0.3.226\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.0.3.226\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB
SearchScopes: HKLM - {F61CC357-9D05-4042-A131-1DECCE2EAC4E} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKCU - {F61CC357-9D05-4042-A131-1DECCE2EAC4E} URL = hxxp://www.sm.de/?q={searchTerms}
BHO: Radio Canyon -> {11111111-1111-1111-1111-110611081104} -> C:\Program Files (x86)\Radio Canyon\Radio Canyon-bho64.dll No File
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default
FF SearchEngineOrder.1: SuchMaschine
FF Homepage: www.ecosia.de
FF Keyword.URL: hxxp://www.sm.de/?q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\searchplugins\search_engine.xml
FF SearchPlugin: C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Adblock Plus - C:\Users\Yannic\AppData\Roaming\Mozilla\Firefox\Profiles\dihxil7q.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-08-28]
FF Extension: UITBAutoInstaller - C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\{edd7fc99-d65c-4979-85c2-ddeed30c50c7} [2014-10-11]

Chrome:
=======

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ASUS InstantOn; C:\Program Files\ASUS\P4G\InsOnSrv.exe [277120 2013-08-29] (ASUS)
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\AsusWSWinService.exe [71680 2013-08-16] (ASUS Cloud Corporation) [File not signed]
R2 DptfParticipantProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [117704 2013-10-18] (Intel Corporation)
R2 DptfPolicyConfigTDPService; C:\Windows\system32\DptfPolicyConfigTDPService.exe [116680 2013-10-18] (Intel Corporation)
R2 DptfPolicyCriticalService; C:\Windows\system32\DptfPolicyCriticalService.exe [148160 2013-10-18] (Intel Corporation)
R2 DptfPolicyLpmService; C:\Windows\system32\DptfPolicyLpmService.exe [126952 2013-10-18] (Intel Corporation)
S2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227936 2013-11-09] (WildTangent)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [827392 2013-09-02] (Intel(R) Corporation) [File not signed]
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-10-23] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-10-23] (Intel Corporation)
R3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-22] (Microsoft Corporation)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-03-14] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2013-11-20] ()
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-03-06] (Microsoft Corporation)
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-22] (Microsoft Corporation)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-22] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3674864 2013-11-20] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [70928 2013-12-12] (ASUS Corporation)
S3 AX88772; C:\Windows\system32\DRIVERS\ax88772.sys [113664 2013-12-16] (ASIX Electronics Corp.)
S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
S3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [140600 2013-07-22] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1408824 2013-10-18] (Motorola Solutions, Inc.)
R3 DptfDevDram; C:\Windows\system32\DRIVERS\DptfDevDram.sys [145640 2013-10-18] (Intel Corporation)
R3 DptfDevPch; C:\Windows\system32\DRIVERS\DptfDevPch.sys [116752 2013-10-18] (Intel Corporation)
R3 DptfDevProc; C:\Windows\system32\DRIVERS\DptfDevProc.sys [289744 2013-10-18] (Intel Corporation)
R3 DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [494296 2013-10-18] (Intel Corporation)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [142280 2013-10-18] (Intel Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [17280 2012-08-06] ( )
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-10-23] (Intel Corporation)
R3 NETwNb64; C:\Windows\system32\DRIVERS\NETwbw02.sys [3609568 2013-12-25] (Intel Corporation)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
R2 plctrl; C:\Program Files\ASUS\P4G\plctrl.sys [14136 2013-08-29] (Windows (R) Win 7 DDK provider)
R3 SensorsAlsDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [227840 2014-05-31] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)
U0 msahci; system32\drivers\msahci.sys

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-29 10:12 - 2014-10-29 10:12 - 00000798 _____ () C:\Users\Yannic\Desktop\checkup.txt
2014-10-29 10:11 - 2014-10-29 10:11 - 00854448 _____ () C:\Users\Yannic\Downloads\SecurityCheck.exe
2014-10-29 08:44 - 2014-10-29 08:44 - 02347384 _____ (ESET) C:\Users\Yannic\Downloads\esetsmartinstaller_deu.exe
2014-10-29 08:44 - 2014-10-29 08:44 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-10-24 19:16 - 2014-10-29 10:13 - 00000000 ____D () C:\Users\Yannic\Downloads\FRST-OlderVersion
2014-10-24 19:11 - 2014-10-24 19:11 - 00000000 ____D () C:\Windows\ERUNT
2014-10-24 19:10 - 2014-10-24 19:10 - 01706144 _____ (Thisisu) C:\Users\Yannic\Downloads\JRT(1).exe
2014-10-24 19:04 - 2014-10-24 19:07 - 00000000 ____D () C:\AdwCleaner
2014-10-24 18:08 - 2014-10-24 18:09 - 01706144 _____ (Thisisu) C:\Users\Yannic\Downloads\JRT.exe
2014-10-24 18:07 - 2014-10-24 19:02 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-24 18:07 - 2014-10-24 18:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-10-24 18:06 - 2014-10-24 18:07 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-10-24 18:06 - 2014-10-24 18:06 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-10-24 18:06 - 2014-10-01 10:11 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-10-24 18:06 - 2014-10-01 10:11 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-10-24 18:06 - 2014-10-01 10:11 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-10-24 18:05 - 2014-10-24 18:06 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\Yannic\Downloads\mbam-setup-2.0.3.1025.exe
2014-10-24 18:04 - 2014-10-24 18:04 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-10-24 18:03 - 2014-10-24 18:04 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Yannic\Downloads\revosetup95.exe
2014-10-23 11:18 - 2014-10-23 11:18 - 00541986 _____ () C:\Users\Yannic\Downloads\eduroam-w8-RAU(2).exe
2014-10-23 11:08 - 2014-10-23 11:08 - 00541986 _____ () C:\Users\Yannic\Downloads\eduroam-w8-RAU(1).exe
2014-10-23 11:07 - 2014-10-23 11:07 - 00541986 _____ () C:\Users\Yannic\Downloads\eduroam-w8-RAU.exe
2014-10-20 14:44 - 2014-10-20 14:44 - 00380416 _____ () C:\Users\Yannic\Downloads\Gmer-19357(1).exe
2014-10-20 14:35 - 2014-10-20 14:35 - 00380416 _____ () C:\Users\Yannic\Downloads\Gmer-19357.exe
2014-10-20 14:21 - 2014-10-20 14:28 - 00031894 _____ () C:\Users\Yannic\Downloads\Addition.txt
2014-10-20 14:20 - 2014-10-29 10:13 - 00014944 _____ () C:\Users\Yannic\Downloads\FRST.txt
2014-10-20 14:19 - 2014-10-29 10:13 - 00000000 ____D () C:\FRST
2014-10-20 14:18 - 2014-10-29 10:13 - 02113024 _____ (Farbar) C:\Users\Yannic\Downloads\FRST64.exe
2014-10-20 14:18 - 2014-10-20 14:18 - 00000474 _____ () C:\Users\Yannic\Downloads\defogger_disable.log
2014-10-20 14:18 - 2014-10-20 14:18 - 00000000 _____ () C:\Users\Yannic\defogger_reenable
2014-10-20 14:17 - 2014-10-20 14:17 - 00050477 _____ () C:\Users\Yannic\Downloads\Defogger.exe
2014-10-19 20:14 - 2014-10-20 14:11 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-10-19 10:09 - 2014-10-09 23:16 - 00678400 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-10-19 10:09 - 2014-10-08 23:09 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-10-19 10:09 - 2014-09-19 02:24 - 00527360 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-10-19 10:09 - 2014-09-04 01:10 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\winbici.dll
2014-10-19 10:09 - 2014-09-04 00:57 - 00921600 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2014-10-19 10:09 - 2014-09-04 00:49 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll
2014-10-19 10:07 - 2014-09-13 07:02 - 02779648 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-19 10:07 - 2014-09-13 06:30 - 03117568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-10-16 14:35 - 2014-09-27 23:25 - 04183040 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-16 14:35 - 2014-09-13 07:29 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-16 14:35 - 2014-09-13 06:49 - 00068608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-16 14:35 - 2014-08-29 02:58 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2014-10-16 14:35 - 2014-08-29 00:56 - 02646016 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-10-16 14:35 - 2014-08-29 00:47 - 02321920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-10-16 14:33 - 2014-09-25 23:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-16 14:33 - 2014-09-25 23:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-16 14:33 - 2014-09-25 23:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-16 14:33 - 2014-09-25 23:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-16 14:33 - 2014-09-25 23:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-16 14:33 - 2014-09-25 23:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-16 14:33 - 2014-09-19 03:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-16 14:33 - 2014-09-19 02:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-16 14:33 - 2014-09-19 02:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-16 14:33 - 2014-09-19 02:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-16 14:33 - 2014-09-19 02:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-16 14:33 - 2014-09-19 02:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-16 14:33 - 2014-09-19 02:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-16 14:33 - 2014-09-19 02:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-16 14:33 - 2014-09-19 02:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-10-16 14:33 - 2014-09-19 02:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-16 14:33 - 2014-09-19 01:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-10-16 14:33 - 2014-09-19 01:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-16 14:33 - 2014-09-19 01:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-16 14:33 - 2014-09-19 01:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-16 14:33 - 2014-09-19 01:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-16 14:33 - 2014-09-19 01:42 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-16 14:33 - 2014-09-19 01:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-16 14:33 - 2014-09-19 01:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-16 14:33 - 2014-09-19 01:20 - 00315904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-10-16 14:33 - 2014-09-19 01:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-16 14:33 - 2014-09-19 00:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-16 14:33 - 2014-09-19 00:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-16 14:33 - 2014-09-19 00:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-16 14:33 - 2014-09-19 00:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-10-16 14:32 - 2014-09-08 04:15 - 00054752 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-10-16 14:32 - 2014-09-08 02:46 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-10-16 14:32 - 2014-09-08 02:46 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-10-16 14:32 - 2014-09-08 01:08 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-10-16 14:32 - 2014-09-08 01:07 - 00137728 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-10-16 14:32 - 2014-09-08 01:05 - 03448320 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-10-16 14:32 - 2014-09-08 01:04 - 00388608 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2014-10-16 14:32 - 2014-09-08 01:04 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-10-16 14:32 - 2014-09-08 01:03 - 01702400 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-10-16 14:32 - 2014-09-08 01:03 - 00839680 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-10-16 14:32 - 2014-09-08 00:59 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-10-16 14:32 - 2014-09-08 00:59 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-10-16 14:32 - 2014-09-08 00:56 - 00672256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-10-16 14:32 - 2014-09-08 00:56 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-10-16 14:32 - 2014-09-04 01:12 - 00590336 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-16 14:32 - 2014-09-04 01:01 - 00514048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-16 14:31 - 2014-08-16 05:08 - 21195616 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-10-16 14:31 - 2014-08-16 05:08 - 01507648 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll
2014-10-16 14:31 - 2014-08-16 05:01 - 01710184 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-10-16 14:31 - 2014-08-16 04:58 - 01112512 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-10-16 14:31 - 2014-08-16 04:57 - 02498880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-10-16 14:31 - 2014-08-16 04:57 - 00428864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-10-16 14:31 - 2014-08-16 04:16 - 18722600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-10-16 14:31 - 2014-08-16 04:16 - 01205976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\propsys.dll
2014-10-16 14:31 - 2014-08-16 04:03 - 01467384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-10-16 14:31 - 2014-08-16 02:31 - 00838144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-10-16 14:31 - 2014-08-16 02:04 - 00359424 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
2014-10-16 14:31 - 2014-08-16 01:58 - 00287744 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2014-10-16 14:31 - 2014-08-16 01:53 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\httpprxm.dll
2014-10-16 14:31 - 2014-08-16 01:46 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\ProximityService.dll
2014-10-16 14:31 - 2014-08-16 01:45 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2014-10-16 14:31 - 2014-08-16 01:43 - 00321024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wldap32.dll
2014-10-16 14:31 - 2014-08-16 01:43 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\adhsvc.dll
2014-10-16 14:31 - 2014-08-16 01:31 - 00914432 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2014-10-16 14:31 - 2014-08-16 01:31 - 00286208 _____ (Microsoft Corporation) C:\Windows\system32\pcsvDevice.dll
2014-10-16 14:31 - 2014-08-16 01:29 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-16 14:31 - 2014-08-16 01:23 - 01106432 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll
2014-10-16 14:31 - 2014-08-16 01:22 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveTelemetry.dll
2014-10-16 14:31 - 2014-08-16 01:22 - 00286208 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveShell.dll
2014-10-16 14:31 - 2014-08-16 01:19 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-16 14:31 - 2014-08-16 01:18 - 04758528 _____ (Microsoft Corporation) C:\Windows\system32\SyncEngine.dll
2014-10-16 14:31 - 2014-08-16 01:17 - 08757760 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll
2014-10-16 14:31 - 2014-08-16 01:14 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SkyDriveShell.dll
2014-10-16 14:31 - 2014-08-16 01:13 - 06649344 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-16 14:31 - 2014-08-16 01:13 - 05902848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll
2014-10-16 14:31 - 2014-08-16 01:13 - 00840192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFolder.dll
2014-10-16 14:31 - 2014-08-16 01:11 - 00920064 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-10-16 14:31 - 2014-08-16 01:10 - 01120768 _____ (Microsoft Corporation) C:\Windows\system32\SkyDrive.exe
2014-10-16 14:31 - 2014-08-16 01:08 - 05777408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-16 14:31 - 2014-08-16 01:07 - 00756224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-10-16 14:31 - 2014-08-01 00:22 - 00388729 _____ () C:\Windows\system32\ApnDatabase.xml
2014-10-11 17:28 - 2014-10-11 17:28 - 00000000 __SHD () C:\Users\Yannic\AppData\Local\EmieUserList
2014-10-11 17:28 - 2014-10-11 17:28 - 00000000 __SHD () C:\Users\Yannic\AppData\Local\EmieSiteList
2014-10-11 17:25 - 2014-10-11 17:25 - 00000000 ____D () C:\Users\Yannic\AppData\Roaming\TuneUp Software
2014-10-11 17:25 - 2014-10-11 17:25 - 00000000 ____D () C:\Users\Yannic\AppData\Local\TuneUp Software
2014-10-11 17:23 - 2014-10-11 17:26 - 00000000 ____D () C:\ProgramData\TuneUp Software
2014-10-11 17:23 - 2014-10-11 17:23 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-10-11 17:21 - 2014-10-11 17:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-10-11 17:21 - 2014-10-11 17:21 - 00000000 ____D () C:\Program Files (x86)\WEB.DE MailCheck
2014-10-11 17:21 - 2014-10-11 17:21 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2014-10-11 17:20 - 2014-10-11 17:21 - 00000000 ____D () C:\Users\Yannic\AppData\Roaming\DVDVideoSoft
2014-10-11 17:17 - 2014-10-11 17:20 - 31386984 _____ (DVDVideoSoft Ltd. ) C:\Users\Yannic\Downloads\FreeYouTubeToMP3Converter_3.12.46.923.exe
2014-10-06 13:30 - 2014-09-22 07:42 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-29 10:12 - 2014-08-19 22:39 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-29 10:12 - 2014-06-11 17:16 - 01052608 _____ () C:\Windows\WindowsUpdate.log
2014-10-29 10:00 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sru
2014-10-29 08:52 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\AppReadiness
2014-10-29 08:41 - 2014-08-20 04:43 - 00003918 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{6757FBCF-9917-461A-B7D5-44844D50589E}
2014-10-29 08:40 - 2014-08-20 04:05 - 00000074 _____ () C:\Users\Yannic\AppData\Roaming\sp_data.sys
2014-10-29 08:38 - 2014-08-28 16:29 - 00000000 __RDO () C:\Users\Yannic\OneDrive
2014-10-28 18:41 - 2014-06-11 17:15 - 01417230 _____ () C:\Users\Public\CAFADEBUG.log
2014-10-26 16:44 - 2014-08-20 09:36 - 00000000 ____D () C:\Users\Yannic\Scans
2014-10-25 11:19 - 2014-08-24 20:41 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-10-25 11:19 - 2014-08-24 20:41 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-24 20:59 - 2014-08-20 04:09 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2271421671-2185954834-4090823298-1001
2014-10-24 20:12 - 2014-09-14 11:05 - 00080896 ___SH () C:\Users\Yannic\Desktop\Thumbs.db
2014-10-24 19:08 - 2013-12-13 04:57 - 00050970 _____ () C:\Windows\PFRO.log
2014-10-24 19:08 - 2013-08-22 15:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-24 19:08 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-10-24 18:58 - 2014-08-20 04:47 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-10-23 15:39 - 2014-08-20 04:04 - 00000000 ____D () C:\Users\Yannic
2014-10-23 11:16 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\NDF
2014-10-20 14:07 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\MediaViewer
2014-10-20 14:07 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\FileManager
2014-10-20 14:07 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\Camera
2014-10-19 10:14 - 2014-08-31 18:47 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-10-19 10:14 - 2013-08-22 16:20 - 00000000 ____D () C:\Windows\CbsTemp
2014-10-18 19:03 - 2013-08-22 15:44 - 00484280 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-18 18:38 - 2013-08-22 16:36 - 00000000 ___RD () C:\Windows\ToastData
2014-10-18 18:38 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\WinStore
2014-10-17 15:40 - 2014-09-11 20:37 - 00000000 ____D () C:\Users\Yannic\Documents\Studium
2014-10-11 17:21 - 2014-09-24 22:34 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-10-11 17:10 - 2013-12-13 12:27 - 00804838 _____ () C:\Windows\system32\perfh013.dat
2014-10-11 17:10 - 2013-12-13 12:27 - 00164936 _____ () C:\Windows\system32\perfc013.dat
2014-10-11 17:10 - 2013-12-13 12:11 - 00808820 _____ () C:\Windows\system32\perfh00C.dat
2014-10-11 17:10 - 2013-12-13 12:11 - 00161790 _____ () C:\Windows\system32\perfc00C.dat
2014-10-11 17:10 - 2013-12-13 12:04 - 00773008 _____ () C:\Windows\system32\perfh007.dat
2014-10-11 17:10 - 2013-12-13 12:04 - 00162310 _____ () C:\Windows\system32\perfc007.dat
2014-10-11 17:10 - 2013-12-13 05:09 - 03696918 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-11 17:06 - 2013-08-22 15:46 - 00024687 _____ () C:\Windows\setupact.log
2014-10-06 13:31 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-10-06 12:28 - 2014-06-11 17:28 - 00000000 ____D () C:\ProgramData\McAfee
2014-10-06 12:24 - 2013-08-22 16:36 - 00000000 ___HD () C:\Windows\ELAMBKUP
2014-10-06 11:13 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\rescache
2014-10-06 09:50 - 2014-09-24 15:21 - 00003718 _____ () C:\Windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2014-09-29 23:45 - 2013-08-22 16:38 - 00706016 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-29 23:45 - 2013-08-22 16:38 - 00105440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

Files to move or delete:
====================
C:\ProgramData\SetStretch.exe
C:\ProgramData\SetStretch.VBS


Some content of TEMP:
====================
C:\Users\Yannic\AppData\Local\Temp\DseShExt-x64.dll
C:\Users\Yannic\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\Yannic\AppData\Local\Temp\PrefJsonCpp.exe
C:\Users\Yannic\AppData\Local\Temp\Quarantine.exe
C:\Users\Yannic\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\Yannic\AppData\Local\Temp\SDShelEx-x64.dll
C:\Users\Yannic\AppData\Local\Temp\sqlite3.dll
C:\Users\Yannic\AppData\Local\Temp\sqlite3.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-10-06 10:11

==================== End Of Log ============================
--- --- ---


Offensichtlich habe ich keine Probleme mehr :)

vg & Danke
highflyers

schrauber 29.10.2014 20:32
Firefox updaten.

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
C:\ProgramData\SetStretch.exe
C:\ProgramData\SetStretch.VBS

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.





Fertig :)

Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.



Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun :)

Hier noch ein paar Tipps zur Absicherung deines Systems.


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti- Viren Software
  • Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.


Zusätzlicher Schutz
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
    Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • WinPatrol
    Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.


Sicheres Browsen
  • SpywareBlaster
    Eine kurze Einführung findest du Hier
  • MVPs hosts file
    Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
  • WOT (Web of trust)
    Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.


Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )



Don'ts
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.


Alle Zeitangaben in WEZ +1. Es ist jetzt 03:48 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132