Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Werbung erscheint plötzlich Browser, einige Wörter erscheinen als Links zu Werbeseiten

Werbung erscheint plötzlich Browser, einige Wörter erscheinen als Links zu Werbeseiten


Log-Analyse und Auswertung: Werbung erscheint plötzlich Browser, einige Wörter erscheinen als Links zu Werbeseiten

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 16.06.2014, 23:04   #1
seaimager
 
Werbung erscheint plötzlich Browser, einige Wörter erscheinen als Links zu Werbeseiten - Standard

Werbung erscheint plötzlich Browser, einige Wörter erscheinen als Links zu Werbeseiten


Liebe Forumsgemeinde

Seit gestern erscheinen in meinem Browser Werbebanner, entdeckt habe ich es als erstes auf meiner eigenen Homepage.

Zudem sind einige Wörter farbig unterlegt und anklickbar, der Link führt dann wieder auf eine fremde Seite.

Ich habe jetzt wie vorgeschrieben FRST64 heruntergeladen und die Datei FRST.txt und Addition.txt erstellt.

Auch habe ich GMER heruntergeladen. Während der Ausführung dieses Programms hat mein PC einen Neustart durchgeführt und gab mir die Wahl im abgesicherten Modus zu starten. Ich habe allerdings Win 7 ganz normal starten lassen.
Bevor ich GMER gestartet habe, habe ich den PC vom Internet getrennt, den Browser Firefox habe ich allerdings nicht geschlossen, sonst waren keine Programme aktiv.

Ich habe also keine von GMER erzeugte Datei. Ich habe mich nicht getraut GMER nochmals zu starten.

Ich hoffe nun auf Euere geschätzte Hilfe.

beste Grüße
Jürgen

PS Mein System: Windows 7 prof. 64 Bit

Alt 16.06.2014, 23:13   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Werbung erscheint plötzlich Browser, einige Wörter erscheinen als Links zu Werbeseiten - Standard

Werbung erscheint plötzlich Browser, einige Wörter erscheinen als Links zu Werbeseiten


Hallo und

Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden?

Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten!
Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht!



Zudem bitte auch ein Log mit Farbars Tool machen:

Scan mit Farbar's Recovery Scan Tool (FRST)

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)



Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________
Alt 16.06.2014, 23:54   #3
seaimager
 
Werbung erscheint plötzlich Browser, einige Wörter erscheinen als Links zu Werbeseiten - Standard

Werbung erscheint plötzlich Browser, einige Wörter erscheinen als Links zu Werbeseiten


Besten Dank für die Antwort

Ich habe keine weiteren Logfiles und auch keinen Virenscanner auf meinem System.
Die geforderten Dateien habe ich erstellt.

Ich hoffe es hilft

beste Grüße
Jürgen





FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-06-2014
Ran by seaimager (administrator) on JBS_PC_2 on 16-06-2014 23:02:07
Running from C:\Users\seaimager\Desktop
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(Cherished Technololgy LIMITED) C:\ProgramData\IePluginServices\PluginService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files\003\buuoujqmrk64.exe
(REINER SCT) C:\Windows\SysWOW64\cjpcsc.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\nlssrv32.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
() C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
() C:\Program Files (x86)\Safe In Cloud\SafeInCloud.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Dropbox, Inc.) C:\Users\seaimager\AppData\Roaming\Dropbox\bin\Dropbox.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Adobe Systems) C:\Program Files\Adobe\Adobe Photoshop Lightroom 5.3\lightroom.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Photoshop Lightroom 5.3\Support\DynamicLinkSupport\dynamiclink\CS6\dynamiclinkmanager.exe
(Adobe Systems, Incorporated) C:\Program Files\Adobe\Adobe Photoshop Lightroom 5.3\Support\DynamicLinkMediaServer\dynamiclinkmediaserver\1.0\dynamiclinkmediaserver.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Photoshop Lightroom 5.3\Support\DynamicLinkMediaServer\dynamiclinkmediaserver\1.0\32\Adobe QT32 Server.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [403888 2012-08-23] (Acronis)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [402432 2010-07-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-04-23] (Apple Inc.)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1259376 2011-07-29] ()
HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [1823744 2012-01-05] (Dominik Reichl)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073352 2012-06-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41336 2014-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840568 2014-05-08] (Adobe Systems Inc.)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [6049096 2012-08-23] (Acronis)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [943856 2012-07-24] (Acronis)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642808 2012-12-19] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [fst_de_31] => [X]
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-26] (Apple Inc.)
HKU\S-1-5-21-1090653915-3958093925-69300803-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1090653915-3958093925-69300803-1000\...\Run: [AmazonMP3DownloaderHelper] => C:\Users\seaimager\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
HKU\S-1-5-21-1090653915-3958093925-69300803-1000\...\Run: [SafeInCloud] => C:\Program Files (x86)\Safe In Cloud\SafeInCloud.exe [1550848 2013-11-26] ()
HKU\S-1-5-21-1090653915-3958093925-69300803-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-1090653915-3958093925-69300803-1000\...\Run: [moneyplex Alarm] => H:\JBS_STORAGE\moneyplex\mpxalarm
HKU\S-1-5-21-1090653915-3958093925-69300803-1000\...\Run: [Browser Extensions] => C:\Users\seaimager\AppData\Roaming\Browser Extensions\CouponsHelper.exe [961384 2014-03-17] (Spigot, Inc.)
AppInit_DLLs: C:\PROGRA~2\SupTab\SEARCH~2.DLL => C:\Program Files (x86)\SupTab\SearchProtect64.dll [102512 2014-05-08] (Skytech Co., Ltd.)
AppInit_DLLs-x32: C:\PROGRA~2\SupTab\SEARCH~1.DLL => C:\Program Files (x86)\SupTab\SearchProtect32.dll [91248 2014-05-08] (Skytech Co., Ltd.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuatoCalibrationLoader.lnk
ShortcutTarget: QuatoCalibrationLoader.lnk -> C:\Program Files (x86)\Quato\iColorDisplay\QuatoCalibrationLoader.exe (Quato)
Startup: C:\Users\seaimager\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\seaimager\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://istart.webssearches.com/?type=hp&ts=1401992283&from=tugs&uid=WDCXWD15EADS-00P8B0_WD-WMAVU098454584545
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x2E370D624E2ACE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1401992283&from=tugs&uid=WDCXWD15EADS-00P8B0_WD-WMAVU098454584545
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1401992283&from=tugs&uid=WDCXWD15EADS-00P8B0_WD-WMAVU098454584545&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1401992283&from=tugs&uid=WDCXWD15EADS-00P8B0_WD-WMAVU098454584545
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://istart.webssearches.com/?type=hp&ts=1401992283&from=tugs&uid=WDCXWD15EADS-00P8B0_WD-WMAVU098454584545
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1401992283&from=tugs&uid=WDCXWD15EADS-00P8B0_WD-WMAVU098454584545&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1401992283&from=tugs&uid=WDCXWD15EADS-00P8B0_WD-WMAVU098454584545&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1401992283&from=tugs&uid=WDCXWD15EADS-00P8B0_WD-WMAVU098454584545
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://istart.webssearches.com/?type=hp&ts=1401992283&from=tugs&uid=WDCXWD15EADS-00P8B0_WD-WMAVU098454584545
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1401992283&from=tugs&uid=WDCXWD15EADS-00P8B0_WD-WMAVU098454584545&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://istart.webssearches.com/?type=sc&ts=1401992283&from=tugs&uid=WDCXWD15EADS-00P8B0_WD-WMAVU098454584545
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1401992283&from=tugs&uid=WDCXWD15EADS-00P8B0_WD-WMAVU098454584545&q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1401992283&from=tugs&uid=WDCXWD15EADS-00P8B0_WD-WMAVU098454584545&q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1401992283&from=tugs&uid=WDCXWD15EADS-00P8B0_WD-WMAVU098454584545&q={searchTerms}
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1401992283&from=tugs&uid=WDCXWD15EADS-00P8B0_WD-WMAVU098454584545&q={searchTerms}
SearchScopes: HKCU - DefaultScope {96224679-3496-4260-A2C5-4ED4AE735F0A} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=386496&p={searchTerms}
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1401992283&from=tugs&uid=WDCXWD15EADS-00P8B0_WD-WMAVU098454584545&q={searchTerms}
SearchScopes: HKCU - {96224679-3496-4260-A2C5-4ED4AE735F0A} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=386496&p={searchTerms}
BHO: Browser Extensions - {34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5} - C:\Users\seaimager\AppData\Roaming\Browser Extensions\Coupons64.dll (Spigot, Inc.)
BHO-x32: 2rs3 - {10AD2C61-0898-4348-8600-14A342F22AC3} - C:\Program Files (x86)\SupraSavings\2rs3.dll ()
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files (x86)\SupTab\SupTab.dll (Thinknice Co. Limited)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - toolplugin - {DFEFCDEE-CF1A-4FC8-89AF-189327213627} - C:\Users\seaimager\AppData\Roaming\toolplugin\toolbar.dll No File
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837
FF DefaultSearchEngine: webssearches
FF SelectedSearchEngine: webssearches
FF Homepage: hxxp://istart.webssearches.com/?type=hppp&ts=1402844558&from=tugs&uid=WDCXWD15EADS-00P8B0_WD-WMAVU098454584545
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll (Adobe Systems)
FF Plugin: wacom.com/WacomTabletPlugin - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 - C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 - C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 - C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: Adobe Acrobat - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
FF Plugin-x32: wacom.com/WacomTabletPlugin - C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF user.js: detected! => C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\user.js
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\webssearches.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Quick Start - C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\Extensions\quick_start@gmail.com [2014-06-05]
FF Extension: SupraSavings - C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\Extensions\SupraSavings@jetpack [2014-06-05]
FF Extension: Firebug - C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\Extensions\firebug@software.joehewitt.com.xpi [2014-04-07]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-05-13]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2014-05-13]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-02-26]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2012-06-04]
FF HKLM-x32\...\Firefox\Extensions: [quick_start@gmail.com] - C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\quick_start@gmail.com
FF Extension: Quick Start - C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\quick_start@gmail.com [2014-06-05]

==================== Services (Whitelisted) =================

R2 buuoujqmrk64; C:\Program Files\003\buuoujqmrk64.exe [706560 2014-06-05] () [File not signed]
R2 cjpcsc; C:\Windows\SysWOW64\cjpcsc.exe [514128 2012-03-19] (REINER SCT)
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-06-05] (globalUpdate) [File not signed]
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-06-05] (globalUpdate) [File not signed]
R2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe [704112 2014-05-08] (Cherished Technololgy LIMITED)
R2 nlsX86cc; C:\Windows\SysWOW64\nlssrv32.exe [66560 2011-02-15] (Nalpeiron Ltd.) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 UsbClientService; C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [248736 2013-11-14] ()
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [635160 2014-04-22] (Wacom Technology, Corp.)

==================== Drivers (Whitelisted) ====================

S3 ASPI; C:\Windows\SysWOW64\DRIVERS\ASPI32.sys [84832 2002-07-17] (Adaptec) [File not signed]
S3 cjusb; C:\Windows\System32\DRIVERS\cjusb.sys [34672 2011-03-29] (REINER SCT)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
R2 Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [145448 2009-09-17] (SafeNet, Inc.)
S3 SNTUSB64; C:\Windows\System32\DRIVERS\SNTUSB64.SYS [63528 2011-05-27] (SafeNet, Inc.)
R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [1093256 2013-01-12] (Acronis)
R0 vidsflt; C:\Windows\System32\DRIVERS\vidsflt.sys [166024 2013-01-12] (Acronis)
S3 X-Rite; C:\Windows\System32\DRIVERS\XrUsb64.sys [33600 2007-01-29] (X-Rite, Inc.)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-16 23:02 - 2014-06-16 23:02 - 00022648 _____ () C:\Users\seaimager\Desktop\FRST.txt
2014-06-16 23:02 - 2014-06-16 23:02 - 00000000 ____D () C:\FRST
2014-06-16 23:00 - 2014-06-16 23:01 - 02081280 _____ (Farbar) C:\Users\seaimager\Desktop\FRST64.exe
2014-06-16 22:31 - 2014-06-16 22:33 - 02736715 _____ () C:\Users\seaimager\Desktop\_2014_Juni_Mohnblumen_iphone_052.m4v
2014-06-16 22:28 - 2014-06-16 22:44 - 104349581 _____ () C:\Users\seaimager\Desktop\_2014_Juni_Mohnblumen_Ausschnitt_054_.mov
2014-06-15 17:33 - 2014-06-15 17:33 - 01315636 _____ () C:\Users\seaimager\Downloads\com_zoo_3.1.6.zip
2014-06-15 13:26 - 2014-06-15 13:26 - 00682480 _____ () C:\Users\seaimager\Downloads\jre-7u51-windows-i586(1).exe
2014-06-15 13:19 - 2014-06-15 13:22 - 00000000 ____D () C:\Users\seaimager\Documents\Java
2014-06-15 13:17 - 2014-06-15 13:17 - 00682480 _____ () C:\Users\seaimager\Downloads\jre-7u51-windows-i586.exe
2014-06-14 11:08 - 2014-06-14 11:08 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-06-14 11:08 - 2014-06-14 11:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-06-14 11:08 - 2012-08-21 13:01 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2014-06-14 11:07 - 2014-06-14 11:08 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-06-14 11:07 - 2014-06-14 11:08 - 00000000 ____D () C:\Program Files\iTunes
2014-06-14 11:07 - 2014-06-14 11:08 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-06-14 11:07 - 2014-06-14 11:07 - 00000000 ____D () C:\Program Files\iPod
2014-06-14 11:07 - 2014-06-14 11:07 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-06-14 11:07 - 2014-06-14 11:07 - 00000000 ____D () C:\Program Files\Bonjour
2014-06-14 11:07 - 2014-06-14 11:07 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-06-14 11:06 - 2014-06-14 11:06 - 112616784 _____ (Apple Inc.) C:\Users\seaimager\Downloads\iTunes64Setup.exe
2014-06-14 10:56 - 2014-06-14 10:56 - 00360028 _____ () C:\Users\seaimager\Desktop\68509_30_5_Full_final_2_16_48000_0.pkf
2014-06-05 22:58 - 2014-06-05 23:06 - 222222222 _____ () C:\Users\seaimager\Downloads\V2B.AFEFCCDGT-SHo.part20.rar
2014-06-05 22:58 - 2014-06-05 23:06 - 222222222 _____ () C:\Users\seaimager\Downloads\V2B.AFEFCCDGT-SHo.part19.rar
2014-06-05 22:58 - 2014-06-05 23:06 - 222222222 _____ () C:\Users\seaimager\Downloads\V2B.AFEFCCDGT-SHo.part18.rar
2014-06-05 22:58 - 2014-06-05 23:06 - 222222222 _____ () C:\Users\seaimager\Downloads\V2B.AFEFCCDGT-SHo.part17.rar
2014-06-05 22:58 - 2014-06-05 23:04 - 129258620 _____ () C:\Users\seaimager\Downloads\V2B.AFEFCCDGT-SHo.part21.rar
2014-06-05 22:57 - 2014-06-05 23:06 - 222222222 _____ () C:\Users\seaimager\Downloads\V2B.AFEFCCDGT-SHo.part16.rar
2014-06-05 22:57 - 2014-06-05 23:06 - 222222222 _____ () C:\Users\seaimager\Downloads\V2B.AFEFCCDGT-SHo.part14.rar
2014-06-05 22:57 - 2014-06-05 23:06 - 222222222 _____ () C:\Users\seaimager\Downloads\V2B.AFEFCCDGT-SHo.part13.rar
2014-06-05 22:57 - 2014-06-05 23:05 - 222222222 _____ () C:\Users\seaimager\Downloads\V2B.AFEFCCDGT-SHo.part15.rar
2014-06-05 22:56 - 2014-06-05 23:06 - 222222222 _____ () C:\Users\seaimager\Downloads\V2B.AFEFCCDGT-SHo.part10.rar
2014-06-05 22:56 - 2014-06-05 23:05 - 222222222 _____ () C:\Users\seaimager\Downloads\V2B.AFEFCCDGT-SHo.part12.rar
2014-06-05 22:56 - 2014-06-05 23:05 - 222222222 _____ () C:\Users\seaimager\Downloads\V2B.AFEFCCDGT-SHo.part11.rar
2014-06-05 22:56 - 2014-06-05 23:04 - 222222222 _____ () C:\Users\seaimager\Downloads\V2B.AFEFCCDGT-SHo.part09.rar
2014-06-05 22:56 - 2014-06-05 23:04 - 222222222 _____ () C:\Users\seaimager\Downloads\V2B.AFEFCCDGT-SHo.part08.rar
2014-06-05 22:55 - 2014-06-05 23:05 - 222222222 _____ () C:\Users\seaimager\Downloads\V2B.AFEFCCDGT-SHo.part07.rar
2014-06-05 22:55 - 2014-06-05 23:04 - 222222222 _____ () C:\Users\seaimager\Downloads\V2B.AFEFCCDGT-SHo.part05.rar
2014-06-05 22:55 - 2014-06-05 23:03 - 222222222 _____ () C:\Users\seaimager\Downloads\V2B.AFEFCCDGT-SHo.part06.rar
2014-06-05 22:55 - 2014-06-05 23:01 - 222222222 _____ () C:\Users\seaimager\Downloads\V2B.AFEFCCDGT-SHo.part04.rar
2014-06-05 22:55 - 2014-06-05 23:01 - 222222222 _____ () C:\Users\seaimager\Downloads\V2B.AFEFCCDGT-SHo.part03.rar
2014-06-05 22:54 - 2014-06-05 22:59 - 222222222 _____ () C:\Users\seaimager\Downloads\V2B.AFEFCCDGT-SHo.part02.rar
2014-06-05 22:54 - 2014-06-05 22:56 - 222222222 _____ () C:\Users\seaimager\Downloads\V2B.AFEFCCDGT-SHo.part01.rar
2014-06-05 21:28 - 2014-06-05 21:28 - 00830792 _____ (Click Me In Limited) C:\Users\seaimager\AppData\Local\nsoCBCB.tmp
2014-06-05 20:50 - 2014-06-05 20:50 - 00000000 ____D () C:\Program Files (x86)\predm
2014-06-05 20:46 - 2014-06-05 20:46 - 00003188 _____ () C:\Windows\System32\Tasks\{801D570B-E4AB-4EC0-BB0A-C3775BBC798E}
2014-06-05 20:42 - 2014-06-05 20:42 - 00000000 ____D () C:\Users\seaimager\AppData\Local\com
2014-06-05 20:23 - 2014-06-05 20:23 - 00000000 ____D () C:\Users\seaimager\Documents\Optimizer Pro
2014-06-05 20:18 - 2014-06-16 21:22 - 00000918 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2014-06-05 20:18 - 2014-06-05 20:54 - 00000922 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2014-06-05 20:18 - 2014-06-05 20:53 - 00000000 ____D () C:\Users\seaimager\AppData\Roaming\Activeris
2014-06-05 20:18 - 2014-06-05 20:52 - 00000000 ____D () C:\Program Files (x86)\Optimizer Pro
2014-06-05 20:18 - 2014-06-05 20:49 - 00003920 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA
2014-06-05 20:18 - 2014-06-05 20:49 - 00003666 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore
2014-06-05 20:18 - 2014-06-05 20:45 - 00000000 ____D () C:\ProgramData\WindowsProtectManger
2014-06-05 20:18 - 2014-06-05 20:18 - 00000000 ____D () C:\Users\seaimager\AppData\Roaming\SupTab
2014-06-05 20:18 - 2014-06-05 20:18 - 00000000 ____D () C:\Users\seaimager\AppData\Local\globalUpdate
2014-06-05 20:18 - 2014-06-05 20:18 - 00000000 ____D () C:\ProgramData\IePluginServices
2014-06-05 20:18 - 2014-06-05 20:18 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-06-05 20:18 - 2014-06-05 20:18 - 00000000 ____D () C:\Program Files (x86)\SupraSavings
2014-06-05 20:18 - 2014-06-05 20:18 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-06-05 20:17 - 2014-06-05 20:32 - 00000000 ____D () C:\Users\seaimager\AppData\Local\Genesis_06051817
2014-06-05 20:17 - 2014-06-05 20:18 - 00000000 ____D () C:\Program Files\003
2014-06-05 20:17 - 2014-06-05 20:18 - 00000000 _____ () C:\END
2014-06-05 20:17 - 2014-06-05 20:17 - 00000000 ____D () C:\Users\seaimager\AppData\Local\SearchProtect
2014-06-03 19:30 - 2014-06-03 19:30 - 00000000 ____D () C:\Users\seaimager\AppData\Roaming\WTablet
2014-06-03 19:30 - 2014-06-03 19:30 - 00000000 ____D () C:\Users\seaimager\.android
2014-06-03 19:27 - 2014-06-03 19:27 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wacom Tablett
2014-06-03 19:27 - 2014-06-03 19:27 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_wacomrouterfilter_01009.Wdf
2014-06-03 19:27 - 2014-06-03 19:27 - 00000000 ____D () C:\Program Files\TabletPlugins
2014-06-03 19:27 - 2014-06-03 19:27 - 00000000 ____D () C:\Program Files (x86)\TabletPlugins
2014-06-03 19:26 - 2014-06-03 19:27 - 00000000 ____D () C:\Program Files\Tablet
2014-06-03 19:26 - 2014-06-03 19:26 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_wachidrouter_01009.Wdf
2014-06-03 19:26 - 2014-04-22 00:30 - 01946904 _____ (Wacom Technology, Corp.) C:\Windows\system32\WacomMT.dll
2014-06-03 19:26 - 2014-04-22 00:30 - 01929496 _____ (Wacom Technology, Corp.) C:\Windows\system32\Wacom_Tablet.dll
2014-06-03 19:26 - 2014-04-22 00:30 - 01922328 _____ (Wacom Technology, Corp.) C:\Windows\system32\Wacom_Touch_Tablet.dll
2014-06-03 19:26 - 2014-04-22 00:30 - 01796888 _____ (Wacom Technology, Corp.) C:\Windows\system32\Wintab32.dll
2014-06-03 19:26 - 2014-04-22 00:30 - 01563416 _____ (Wacom Technology, Corp.) C:\Windows\SysWOW64\Wacom_Tablet.dll
2014-06-03 19:26 - 2014-04-22 00:30 - 01560344 _____ (Wacom Technology, Corp.) C:\Windows\SysWOW64\WacomMT.dll
2014-06-03 19:26 - 2014-04-22 00:30 - 01556760 _____ (Wacom Technology, Corp.) C:\Windows\SysWOW64\Wacom_Touch_Tablet.dll
2014-06-03 19:26 - 2014-04-22 00:30 - 01443096 _____ (Wacom Technology, Corp.) C:\Windows\SysWOW64\Wintab32.dll
2014-06-03 19:26 - 2014-03-17 18:13 - 00095032 _____ (Wacom Technology) C:\Windows\system32\Drivers\wachidrouter.sys
2014-06-03 19:26 - 2014-03-17 18:13 - 00015160 _____ (Wacom Technology) C:\Windows\system32\Drivers\wacomrouterfilter.sys
2014-06-03 19:26 - 2014-03-17 18:13 - 00014136 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\hidkmdf.sys
2014-06-03 19:26 - 2012-12-12 00:12 - 01721576 _____ (Microsoft Corporation) C:\Windows\system32\wdfcoinstaller01009.dll
2014-06-03 19:26 - 2012-12-12 00:12 - 01721576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wdfcoinstaller01009.dll
2014-05-31 10:29 - 2014-05-31 10:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-05-31 10:29 - 2014-05-31 10:29 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-05-31 10:29 - 2014-05-31 10:29 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-05-30 07:58 - 2014-05-30 07:58 - 00000000 ____D () C:\Program Files (x86)\FileZilla FTP Client
2014-05-30 07:55 - 2014-05-30 07:55 - 04968079 _____ (Tim Kosse) C:\Users\seaimager\Desktop\FileZilla_3.8.0_win32-setup.exe
2014-05-29 11:33 - 2014-05-29 14:27 - 16865617 _____ () C:\Users\seaimager\Desktop\Christian und co_2.psd
2014-05-29 11:02 - 2014-05-29 11:02 - 59411236 _____ () C:\Users\seaimager\Desktop\Christian und co.psd
2014-05-21 19:02 - 2014-05-21 19:04 - 154363320 _____ (Online Media Technologies Ltd. ) C:\Users\seaimager\Downloads\AVSVideoEditor.exe
2014-05-21 18:22 - 2014-05-21 18:22 - 00001237 _____ () C:\Users\seaimager\Desktop\AVS Video Converter.lnk
2014-05-21 18:22 - 2014-05-21 18:22 - 00000000 ____D () C:\Users\seaimager\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AVS4YOU
2014-05-21 18:22 - 2014-05-21 18:22 - 00000000 ____D () C:\Users\seaimager\AppData\Roaming\AVS4YOU
2014-05-21 18:22 - 2014-05-21 18:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVS4YOU
2014-05-21 18:22 - 2014-05-21 18:22 - 00000000 ____D () C:\ProgramData\AVS4YOU
2014-05-21 18:22 - 2014-05-21 18:22 - 00000000 ____D () C:\Program Files (x86)\AVS4YOU
2014-05-21 18:22 - 2012-03-23 19:59 - 01700352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2014-05-21 18:22 - 2012-03-23 19:59 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3a.dll
2014-05-21 18:20 - 2014-05-21 18:21 - 63042752 _____ (Online Media Technologies Ltd. ) C:\Users\seaimager\Downloads\AVSVideoConverter.exe
2014-05-21 18:05 - 2014-05-21 18:05 - 00000000 ____D () C:\Users\seaimager\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Handbrake
2014-05-21 18:05 - 2014-05-21 18:05 - 00000000 ____D () C:\Program Files (x86)\Handbrake
2014-05-21 18:04 - 2014-05-21 18:04 - 14298467 _____ () C:\Users\seaimager\Downloads\HandBrake-0.9.9-1_x86_64-Win_GUI.exe
2014-05-17 16:27 - 2014-05-17 16:28 - 03670020 _____ () C:\Users\seaimager\Downloads\ddserver_openwrt-tl-mr3040-v1-squashfs-sysupgrade_0.12.bin
2014-05-17 15:07 - 2014-05-17 15:07 - 00010517 _____ () C:\Users\seaimager\Downloads\ddserver_0.2-12_ar71xx.ipk
2014-05-17 12:19 - 2014-05-17 12:20 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird

==================== One Month Modified Files and Folders =======

2014-06-16 23:02 - 2014-06-16 23:02 - 00022648 _____ () C:\Users\seaimager\Desktop\FRST.txt
2014-06-16 23:02 - 2014-06-16 23:02 - 00000000 ____D () C:\FRST
2014-06-16 23:02 - 2012-02-25 11:07 - 00000000 ____D () C:\Users\seaimager\AppData\Local\Temp
2014-06-16 23:01 - 2014-06-16 23:00 - 02081280 _____ (Farbar) C:\Users\seaimager\Desktop\FRST64.exe
2014-06-16 22:50 - 2012-11-08 20:19 - 00000000 ____D () C:\Users\seaimager\AppData\Roaming\Skype
2014-06-16 22:46 - 2013-04-04 22:52 - 00001116 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-16 22:45 - 2013-01-19 20:13 - 00000000 ___RD () C:\Users\seaimager\Dropbox
2014-06-16 22:45 - 2013-01-19 20:05 - 00000000 ____D () C:\Users\seaimager\AppData\Roaming\Dropbox
2014-06-16 22:44 - 2014-06-16 22:28 - 104349581 _____ () C:\Users\seaimager\Desktop\_2014_Juni_Mohnblumen_Ausschnitt_054_.mov
2014-06-16 22:33 - 2014-06-16 22:31 - 02736715 _____ () C:\Users\seaimager\Desktop\_2014_Juni_Mohnblumen_iphone_052.m4v
2014-06-16 22:11 - 2012-02-25 20:00 - 00000000 ____D () C:\Users\seaimager\AppData\Roaming\PTGui
2014-06-16 21:32 - 2012-02-25 14:26 - 00000000 ____D () C:\Users\seaimager\AppData\Local\Adobe
2014-06-16 21:29 - 2009-07-14 06:45 - 00014640 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-16 21:29 - 2009-07-14 06:45 - 00014640 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-16 21:26 - 2012-10-02 12:59 - 01217367 _____ () C:\Windows\WindowsUpdate.log
2014-06-16 21:26 - 2009-07-14 19:58 - 10429450 _____ () C:\Windows\system32\perfh007.dat
2014-06-16 21:26 - 2009-07-14 19:58 - 03229286 _____ () C:\Windows\system32\perfc007.dat
2014-06-16 21:26 - 2009-07-14 07:13 - 00787956 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-16 21:22 - 2014-06-05 20:18 - 00000918 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2014-06-16 21:22 - 2014-05-03 09:34 - 00000000 ____D () C:\Users\seaimager\AppData\Roaming\DropboxMaster
2014-06-16 21:22 - 2013-04-04 22:52 - 00001112 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-16 21:22 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-16 21:22 - 2009-07-14 06:51 - 00129676 _____ () C:\Windows\setupact.log
2014-06-15 17:33 - 2014-06-15 17:33 - 01315636 _____ () C:\Users\seaimager\Downloads\com_zoo_3.1.6.zip
2014-06-15 13:26 - 2014-06-15 13:26 - 00682480 _____ () C:\Users\seaimager\Downloads\jre-7u51-windows-i586(1).exe
2014-06-15 13:23 - 2013-10-21 21:35 - 00000000 ____D () C:\ProgramData\Oracle
2014-06-15 13:23 - 2012-03-22 22:50 - 00000000 ____D () C:\Program Files (x86)\Java
2014-06-15 13:22 - 2014-06-15 13:19 - 00000000 ____D () C:\Users\seaimager\Documents\Java
2014-06-15 13:17 - 2014-06-15 13:17 - 00682480 _____ () C:\Users\seaimager\Downloads\jre-7u51-windows-i586.exe
2014-06-14 11:16 - 2014-04-13 20:07 - 00508844 _____ () C:\Users\seaimager\AppData\Roaming\PS12_panel.log
2014-06-14 11:08 - 2014-06-14 11:08 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-06-14 11:08 - 2014-06-14 11:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-06-14 11:08 - 2014-06-14 11:07 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-06-14 11:08 - 2014-06-14 11:07 - 00000000 ____D () C:\Program Files\iTunes
2014-06-14 11:08 - 2014-06-14 11:07 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-06-14 11:08 - 2012-02-26 11:20 - 00000000 ____D () C:\Users\seaimager\AppData\Roaming\Apple Computer
2014-06-14 11:08 - 2012-02-25 20:06 - 00000000 ____D () C:\Users\seaimager\AppData\Local\Apple Computer
2014-06-14 11:07 - 2014-06-14 11:07 - 00000000 ____D () C:\Program Files\iPod
2014-06-14 11:07 - 2014-06-14 11:07 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-06-14 11:07 - 2014-06-14 11:07 - 00000000 ____D () C:\Program Files\Bonjour
2014-06-14 11:07 - 2014-06-14 11:07 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-06-14 11:07 - 2012-02-25 20:03 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-06-14 11:07 - 2012-02-25 20:02 - 00000000 ____D () C:\ProgramData\Apple
2014-06-14 11:06 - 2014-06-14 11:06 - 112616784 _____ (Apple Inc.) C:\Users\seaimager\Downloads\iTunes64Setup.exe
2014-06-14 10:56 - 2014-06-14 10:56 - 00360028 _____ () C:\Users\seaimager\Desktop\68509_30_5_Full_final_2_16_48000_0.pkf
2014-06-14 10:48 - 2012-02-25 20:08 - 00000000 ____D () C:\Users\seaimager\AppData\Roaming\vlc
2014-06-07 13:09 - 2012-03-03 10:10 - 00000000 ____D () C:\Users\seaimager\AppData\Roaming\HandBrake
2014-06-07 12:58 - 2012-06-04 19:13 - 00002465 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller X.lnk
2014-06-07 12:58 - 2012-06-04 19:13 - 00002453 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat X Pro.lnk
2014-06-07 12:58 - 2012-06-04 19:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe LiveCycle ES2
2014-06-07 12:57 - 2012-11-08 20:19 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-06-07 12:57 - 2012-11-08 20:19 - 00000000 ____D () C:\ProgramData\Skype
2014-06-05 23:06 - 2014-06-05 22:58 - 222222222 _____ () C:\Users\seaimager\Downloads\V2B.AFEFCCDGT-SHo.part20.rar
2014-06-05 23:06 - 2014-06-05 22:58 - 222222222 _____ () C:\Users\seaimager\Downloads\V2B.AFEFCCDGT-SHo.part19.rar
2014-06-05 23:06 - 2014-06-05 22:58 - 222222222 _____ () C:\Users\seaimager\Downloads\V2B.AFEFCCDGT-SHo.part18.rar
2014-06-05 23:06 - 2014-06-05 22:58 - 222222222 _____ () C:\Users\seaimager\Downloads\V2B.AFEFCCDGT-SHo.part17.rar
2014-06-05 23:06 - 2014-06-05 22:57 - 222222222 _____ () C:\Users\seaimager\Downloads\V2B.AFEFCCDGT-SHo.part16.rar
2014-06-05 23:06 - 2014-06-05 22:57 - 222222222 _____ () C:\Users\seaimager\Downloads\V2B.AFEFCCDGT-SHo.part14.rar
2014-06-05 23:06 - 2014-06-05 22:57 - 222222222 _____ () C:\Users\seaimager\Downloads\V2B.AFEFCCDGT-SHo.part13.rar
2014-06-05 23:06 - 2014-06-05 22:56 - 222222222 _____ () C:\Users\seaimager\Downloads\V2B.AFEFCCDGT-SHo.part10.rar
2014-06-05 23:05 - 2014-06-05 22:57 - 222222222 _____ () C:\Users\seaimager\Downloads\V2B.AFEFCCDGT-SHo.part15.rar
2014-06-05 23:05 - 2014-06-05 22:56 - 222222222 _____ () C:\Users\seaimager\Downloads\V2B.AFEFCCDGT-SHo.part12.rar
2014-06-05 23:05 - 2014-06-05 22:56 - 222222222 _____ () C:\Users\seaimager\Downloads\V2B.AFEFCCDGT-SHo.part11.rar
2014-06-05 23:05 - 2014-06-05 22:55 - 222222222 _____ () C:\Users\seaimager\Downloads\V2B.AFEFCCDGT-SHo.part07.rar
2014-06-05 23:04 - 2014-06-05 22:58 - 129258620 _____ () C:\Users\seaimager\Downloads\V2B.AFEFCCDGT-SHo.part21.rar
2014-06-05 23:04 - 2014-06-05 22:56 - 222222222 _____ () C:\Users\seaimager\Downloads\V2B.AFEFCCDGT-SHo.part09.rar
2014-06-05 23:04 - 2014-06-05 22:56 - 222222222 _____ () C:\Users\seaimager\Downloads\V2B.AFEFCCDGT-SHo.part08.rar
2014-06-05 23:04 - 2014-06-05 22:55 - 222222222 _____ () C:\Users\seaimager\Downloads\V2B.AFEFCCDGT-SHo.part05.rar
2014-06-05 23:03 - 2014-06-05 22:55 - 222222222 _____ () C:\Users\seaimager\Downloads\V2B.AFEFCCDGT-SHo.part06.rar
2014-06-05 23:01 - 2014-06-05 22:55 - 222222222 _____ () C:\Users\seaimager\Downloads\V2B.AFEFCCDGT-SHo.part04.rar
2014-06-05 23:01 - 2014-06-05 22:55 - 222222222 _____ () C:\Users\seaimager\Downloads\V2B.AFEFCCDGT-SHo.part03.rar
2014-06-05 22:59 - 2014-06-05 22:54 - 222222222 _____ () C:\Users\seaimager\Downloads\V2B.AFEFCCDGT-SHo.part02.rar
2014-06-05 22:56 - 2014-06-05 22:54 - 222222222 _____ () C:\Users\seaimager\Downloads\V2B.AFEFCCDGT-SHo.part01.rar
2014-06-05 22:47 - 2012-03-02 20:50 - 00019352 _____ () C:\Windows\PFRO.log
2014-06-05 21:28 - 2014-06-05 21:28 - 00830792 _____ (Click Me In Limited) C:\Users\seaimager\AppData\Local\nsoCBCB.tmp
2014-06-05 20:55 - 2012-02-25 11:08 - 00000000 ___RD () C:\Users\seaimager\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-06-05 20:54 - 2014-06-05 20:18 - 00000922 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2014-06-05 20:53 - 2014-06-05 20:18 - 00000000 ____D () C:\Users\seaimager\AppData\Roaming\Activeris
2014-06-05 20:52 - 2014-06-05 20:18 - 00000000 ____D () C:\Program Files (x86)\Optimizer Pro
2014-06-05 20:50 - 2014-06-05 20:50 - 00000000 ____D () C:\Program Files (x86)\predm
2014-06-05 20:49 - 2014-06-05 20:18 - 00003920 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA
2014-06-05 20:49 - 2014-06-05 20:18 - 00003666 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore
2014-06-05 20:47 - 2012-02-25 14:18 - 00001142 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-06-05 20:47 - 2012-02-25 11:08 - 00001421 _____ () C:\Users\seaimager\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-06-05 20:46 - 2014-06-05 20:46 - 00003188 _____ () C:\Windows\System32\Tasks\{801D570B-E4AB-4EC0-BB0A-C3775BBC798E}
2014-06-05 20:45 - 2014-06-05 20:18 - 00000000 ____D () C:\ProgramData\WindowsProtectManger
2014-06-05 20:42 - 2014-06-05 20:42 - 00000000 ____D () C:\Users\seaimager\AppData\Local\com
2014-06-05 20:32 - 2014-06-05 20:17 - 00000000 ____D () C:\Users\seaimager\AppData\Local\Genesis_06051817
2014-06-05 20:23 - 2014-06-05 20:23 - 00000000 ____D () C:\Users\seaimager\Documents\Optimizer Pro
2014-06-05 20:20 - 2013-02-10 23:37 - 00000000 ____D () C:\Temp
2014-06-05 20:18 - 2014-06-05 20:18 - 00000000 ____D () C:\Users\seaimager\AppData\Roaming\SupTab
2014-06-05 20:18 - 2014-06-05 20:18 - 00000000 ____D () C:\Users\seaimager\AppData\Local\globalUpdate
2014-06-05 20:18 - 2014-06-05 20:18 - 00000000 ____D () C:\ProgramData\IePluginServices
2014-06-05 20:18 - 2014-06-05 20:18 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-06-05 20:18 - 2014-06-05 20:18 - 00000000 ____D () C:\Program Files (x86)\SupraSavings
2014-06-05 20:18 - 2014-06-05 20:18 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-06-05 20:18 - 2014-06-05 20:17 - 00000000 ____D () C:\Program Files\003
2014-06-05 20:18 - 2014-06-05 20:17 - 00000000 _____ () C:\END
2014-06-05 20:17 - 2014-06-05 20:17 - 00000000 ____D () C:\Users\seaimager\AppData\Local\SearchProtect
2014-06-03 21:06 - 2014-05-10 17:57 - 00000000 ____D () C:\Users\seaimager\Desktop\LR Export
2014-06-03 19:30 - 2014-06-03 19:30 - 00000000 ____D () C:\Users\seaimager\AppData\Roaming\WTablet
2014-06-03 19:30 - 2014-06-03 19:30 - 00000000 ____D () C:\Users\seaimager\.android
2014-06-03 19:30 - 2012-02-25 11:07 - 00000000 ____D () C:\Users\seaimager
2014-06-03 19:27 - 2014-06-03 19:27 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wacom Tablett
2014-06-03 19:27 - 2014-06-03 19:27 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_wacomrouterfilter_01009.Wdf
2014-06-03 19:27 - 2014-06-03 19:27 - 00000000 ____D () C:\Program Files\TabletPlugins
2014-06-03 19:27 - 2014-06-03 19:27 - 00000000 ____D () C:\Program Files (x86)\TabletPlugins
2014-06-03 19:27 - 2014-06-03 19:26 - 00000000 ____D () C:\Program Files\Tablet
2014-06-03 19:26 - 2014-06-03 19:26 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_wachidrouter_01009.Wdf
2014-06-01 19:39 - 2012-06-04 22:42 - 00001456 _____ () C:\Users\seaimager\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2014-05-31 10:29 - 2014-05-31 10:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-05-31 10:29 - 2014-05-31 10:29 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-05-31 10:29 - 2014-05-31 10:29 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-05-30 13:46 - 2012-02-25 18:54 - 00000000 ____D () C:\Users\seaimager\AppData\Roaming\FileZilla
2014-05-30 08:00 - 2012-02-25 18:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2014-05-30 07:58 - 2014-05-30 07:58 - 00000000 ____D () C:\Program Files (x86)\FileZilla FTP Client
2014-05-30 07:55 - 2014-05-30 07:55 - 04968079 _____ (Tim Kosse) C:\Users\seaimager\Desktop\FileZilla_3.8.0_win32-setup.exe
2014-05-30 07:47 - 2013-04-04 22:52 - 00000000 ____D () C:\ProgramData\Google
2014-05-29 14:27 - 2014-05-29 11:33 - 16865617 _____ () C:\Users\seaimager\Desktop\Christian und co_2.psd
2014-05-29 11:02 - 2014-05-29 11:02 - 59411236 _____ () C:\Users\seaimager\Desktop\Christian und co.psd
2014-05-29 10:21 - 2013-01-19 20:06 - 00000000 ____D () C:\Users\seaimager\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-05-29 10:20 - 2012-04-05 21:51 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-29 10:20 - 2012-03-22 22:18 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-21 19:04 - 2014-05-21 19:02 - 154363320 _____ (Online Media Technologies Ltd. ) C:\Users\seaimager\Downloads\AVSVideoEditor.exe
2014-05-21 18:22 - 2014-05-21 18:22 - 00001237 _____ () C:\Users\seaimager\Desktop\AVS Video Converter.lnk
2014-05-21 18:22 - 2014-05-21 18:22 - 00000000 ____D () C:\Users\seaimager\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AVS4YOU
2014-05-21 18:22 - 2014-05-21 18:22 - 00000000 ____D () C:\Users\seaimager\AppData\Roaming\AVS4YOU
2014-05-21 18:22 - 2014-05-21 18:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVS4YOU
2014-05-21 18:22 - 2014-05-21 18:22 - 00000000 ____D () C:\ProgramData\AVS4YOU
2014-05-21 18:22 - 2014-05-21 18:22 - 00000000 ____D () C:\Program Files (x86)\AVS4YOU
2014-05-21 18:21 - 2014-05-21 18:20 - 63042752 _____ (Online Media Technologies Ltd. ) C:\Users\seaimager\Downloads\AVSVideoConverter.exe
2014-05-21 18:05 - 2014-05-21 18:05 - 00000000 ____D () C:\Users\seaimager\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Handbrake
2014-05-21 18:05 - 2014-05-21 18:05 - 00000000 ____D () C:\Program Files (x86)\Handbrake
2014-05-21 18:04 - 2014-05-21 18:04 - 14298467 _____ () C:\Users\seaimager\Downloads\HandBrake-0.9.9-1_x86_64-Win_GUI.exe
2014-05-18 09:00 - 2012-06-12 19:20 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-17 16:28 - 2014-05-17 16:27 - 03670020 _____ () C:\Users\seaimager\Downloads\ddserver_openwrt-tl-mr3040-v1-squashfs-sysupgrade_0.12.bin
2014-05-17 15:07 - 2014-05-17 15:07 - 00010517 _____ () C:\Users\seaimager\Downloads\ddserver_0.2-12_ar71xx.ipk
2014-05-17 12:20 - 2014-05-17 12:19 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird

Files to move or delete:
====================
C:\ProgramData\PKP_DLbx.DAT


Some content of TEMP:
====================
C:\Users\seaimager\AppData\Local\Temp\AMDCleanupUtility.exe
C:\Users\seaimager\AppData\Local\Temp\amsetup_activeris_default_010414_installer.exe
C:\Users\seaimager\AppData\Local\Temp\BackupSetup.exe
C:\Users\seaimager\AppData\Local\Temp\Cleanup.dll
C:\Users\seaimager\AppData\Local\Temp\cloud_backup_setup.exe
C:\Users\seaimager\AppData\Local\Temp\difxapi.dll
C:\Users\seaimager\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpzorel0.dll
C:\Users\seaimager\AppData\Local\Temp\f978377c-b7d4-4536-8e10-14ca97b13394.exe
C:\Users\seaimager\AppData\Local\Temp\freesofttoday.exe
C:\Users\seaimager\AppData\Local\Temp\genesisinstaller.exe
C:\Users\seaimager\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\seaimager\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\seaimager\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\seaimager\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\seaimager\AppData\Local\Temp\lly_webssearches.exe
C:\Users\seaimager\AppData\Local\Temp\media.exe
C:\Users\seaimager\AppData\Local\Temp\newvideoplayersetup.exe
C:\Users\seaimager\AppData\Local\Temp\optimizerpro.exe
C:\Users\seaimager\AppData\Local\Temp\SkypeSetup.exe
C:\Users\seaimager\AppData\Local\Temp\spidentifierimpl.exe
C:\Users\seaimager\AppData\Local\Temp\vopackage.exe
C:\Users\seaimager\AppData\Local\Temp\wajam_download.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-06-01 18:46

==================== End Of Log ============================
--- --- ---

--- --- ---




Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-06-2014
Ran by seaimager at 2014-06-16 23:02:31
Running from C:\Users\seaimager\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.10 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 4.0.0.1390 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 4.0.0.1390 - Adobe Systems Incorporated) Hidden
Adobe Creative Suite 5 Production Premium (HKLM-x32\...\{626B3D60-A661-4444-AAF5-6C75E55936E8}) (Version: 5.0 - Adobe Systems Incorporated)
Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\{6E9EF98E-259E-416D-B5F8-0ABDB99942CE}) (Version: 10.1.52.14 - Adobe Systems, Inc.)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Help Manager (x32 Version: 4.0.244 - Adobe Systems Incorporated) Hidden
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Media Player (x32 Version: 1.8 - Adobe Systems Incorporated) Hidden
Adobe Photoshop Lightroom 5.3 64-bit (HKLM\...\{2DD71ACB-552D-402C-9529-7906ACB95C30}) (Version: 5.3.1 - Adobe Systems Incorporated)
Adobe Reader X (10.1.2) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.2 - Adobe Systems Incorporated)
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.)
Adobe Widget Browser (x32 Version: 2.0.348 - Adobe Systems Incorporated.) Hidden
AKVIS NatureArt (HKLM-x32\...\{592B6EFD-B341-4802-B3B4-A808AF6CC805}) (Version: 4.5.1200.8634 - AKVIS)
AMD Accelerated Video Transcoding (Version: 12.5.100.21219 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.1084.4 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{9AB0D5B6-4779-8C4F-CA91-A1FEDB56D7EC}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.71219.1540 - Advanced Micro Devices, Inc.) Hidden
AMP Font Viewer (HKLM-x32\...\AMP Font Viewer) (Version:  - )
Apple Application Support (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AV Stumpfl Wings (HKLM-x32\...\AV Stumpfl Wings (V 5.3.3)) (Version: 5.3.3 - AV Stumpfl)
AVS Video Converter 8.5 (HKLM-x32\...\AVS4YOU Video Converter 7_is1) (Version: 8.5.1.551 - Online Media Technologies Ltd.)
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Browser Extensions (HKCU\...\{3A787631-66A2-4634-B928-A37E73B58FB6}) (Version: 1.4 - Spigot, Inc.) <==== ATTENTION
Canon SELPHY CP740 (HKLM\...\Canon SELPHY CP740) (Version:  - )
Capture One 7.1 (HKLM\...\CaptureOne7_is1) (Version: 7.1.5.17 - Phase One A/S)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center (x32 Version: 2012.1219.1521.27485 - Ihr Firmenname) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
cyberJack Base Components (HKLM-x32\...\{FC338210-F594-11D3-BA24-00001C3AB4DF}) (Version: 6.10.0 - REINER SCT)
Digital Signage with Apps (HKLM-x32\...\SyabasTech-DigitalSignage) (Version: 1.2.2 - UNKNOWN)
Digital Signage with Apps (x32 Version: 1.2.2 - UNKNOWN) Hidden
Digital Signage with Apps Preview (HKLM-x32\...\SyabasTech-DigitalSignage-Preview) (Version: 1.1.1 - UNKNOWN)
Digital Signage with Apps Preview (x32 Version: 1.1.1 - UNKNOWN) Hidden
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.8 - DivX, LLC)
Dropbox (HKCU\...\Dropbox) (Version: 2.8.2 - Dropbox, Inc.)
FileZilla Client 3.8.0 (HKLM-x32\...\FileZilla Client) (Version: 3.8.0 - Tim Kosse)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.0 - Google Inc.) Hidden
HandBrake 0.9.9.1 (HKLM-x32\...\HandBrake) (Version: 0.9.9.1 - )
iColor Display 3.8.5.1 (nur entfernen) (HKCU\...\iColorDisplay) (Version:  - )
iTunes (HKLM\...\{5A68A656-979F-4168-8795-E2E368AA4DC2}) (Version: 11.2.2.3 - Apple Inc.)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051F0}) (Version: 7.0.510 - Oracle)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 37 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216035FF}) (Version: 6.0.370 - Oracle)
KeePass Password Safe 2.18 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version:  - Dominik Reichl)
MediaInfo 0.7.63 (HKLM\...\MediaInfo) (Version: 0.7.63 - MediaArea.net)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Mozilla Firefox 29.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 29.0.1 (x86 de)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mozilla Thunderbird 24.5.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.5.0 (x86 de)) (Version: 24.5.0 - Mozilla)
Nik Collection (HKLM-x32\...\Nik Collection) (Version: 1.2.0.4 - Google)
Pano2VR - Garden Gnome Software (HKLM-x32\...\Pano2VR) (Version:  - )
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
Photo Mechanic 5 (HKLM-x32\...\{DE924CF0-B8BB-42BA-BDA0-14535F79DF3F}) (Version: 5.0 - Camera Bits, Inc)
Photomatix Pro version 4.2.7 (HKLM\...\PhotomatixPro42x64_is1) (Version: 4.2.7 - HDRsoft Ltd)
PTGui Pro 9.1.8 (HKLM-x32\...\PTGui) (Version:  - New House Internet Services B.V.)
PxMergeModule (x32 Version: 1.00.0000 - Your Company Name) Hidden
QNAP Finder (HKLM-x32\...\QNAP_FINDER) (Version: 3.4.3.0523 - QNAP Systems, Inc.)
Qstarz Data Viewer V1.31 (HKLM-x32\...\Qstarz Data Viewer) (Version: V1.31 - )
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
QuoVadis 6 (HKLM-x32\...\QuoVadis 6_is1) (Version: 6 - Flemming Software Development CC)
QuoVadis 7 (HKLM-x32\...\QuoVadis 7_is1) (Version: 7 - Flemming Software Development CC)
Safe In Cloud Password Manager (HKLM-x32\...\{450B8D73-CA79-40B6-B156-DD5B43CAD7B7}) (Version: 2.0 - Safe In Cloud)
Sentinel System Driver Installer 7.5.7 (HKLM-x32\...\{B281C7D1-C088-40E0-86EA-B2D9D7E0810A}) (Version: 7.5.7 - SafeNet, Inc.)
Silicon Laboratories CP210x USB to UART Bridge (Driver Removal) (HKLM-x32\...\SLABCOMM&10C4&EA60) (Version:  - )
Silicon Laboratories CP210x VCP Drivers for Windows 7 (HKLM-x32\...\{FDDE7051-DEBB-41FF-A14C-5A995A290272}) (Version: 5.40.24 - Silicon Laboratories, Inc.)
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Super CAD (HKLM-x32\...\Super CAD) (Version:  - )
SupraSavings (x32 Version: 1.0.0.0 - SupraSavings) Hidden <==== ATTENTION
Synology Assistant (remove only) (HKLM-x32\...\Synology Assistant) (Version:  - )
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.28223 - TeamViewer)
True Image 2013 (HKLM-x32\...\{59F3D2AC-5F1F-4A93-8F23-6FD4F029D9A9}Visible) (Version: 16.0.5551 - Acronis)
True Image 2013 (x32 Version: 16.0.5551 - Acronis) Hidden
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player 2.0.0 (HKLM-x32\...\VLC media player) (Version: 2.0.0 - VideoLAN)
Wacom Tablett (HKLM\...\Wacom Tablet Driver) (Version: 6.3.8-4 - Wacom Technology Corp.)
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
Windows-Treiberpaket - Phase One A/S (WinUSB) USBDevice  (05/30/2013 1.12.0.68182) (HKLM\...\1D6C98F8A5FED93B7C062B26DD383655CE271976) (Version: 05/30/2013 1.12.0.68182 - Phase One A/S)
Wings Platinum 4 (HKLM-x32\...\{BBFF1DB6-55F9-41CA-B4C4-9432EC14AEFB}) (Version: 4.25.2 - AV Stumpfl)
WinZip 17.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240D7}) (Version: 17.0.10283 - WinZip Computing, S.L. )

==================== Restore Points  =========================

26-05-2014 17:37:36 Geplanter Prüfpunkt
30-05-2014 05:47:01 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106
30-05-2014 05:47:08 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106
14-06-2014 09:07:40 Installed iTunes
15-06-2014 11:23:13 Installed Java 7 Update 51

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {094732E7-291E-4A8E-9718-1997CC61ACE1} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-14] (Microsoft Corporation)
Task: {48EC4FFD-02EF-4B88-9EC3-FBCBA0C50E43} - System32\Tasks\AdobeAAMUpdater-1.0-JBs_PC_2-seaimager => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20] (Adobe Systems Incorporated)
Task: {82E79536-3F61-4842-93D0-F7BFB144A93E} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-06-05] (globalUpdate) <==== ATTENTION
Task: {96429E48-7204-4417-AF9C-3648B0DAE097} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-06-05] (globalUpdate) <==== ATTENTION
Task: {BA1F0223-C938-4F0B-BB89-A706C5B4F613} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-04-04] (Google Inc.)
Task: {FE006A67-5C76-4D20-A1F8-645656FCCB98} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {FEBC7433-917F-4A3E-A461-146CAFF70C0B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-04-04] (Google Inc.)
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-06-05 20:18 - 2014-06-05 20:18 - 00706560 _____ () C:\Program Files\003\buuoujqmrk64.exe
2013-11-14 15:28 - 2013-11-14 15:28 - 00248736 _____ () C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
2014-06-03 19:26 - 2014-04-22 00:30 - 01356568 _____ () C:\Program Files\Tablet\Wacom\libxml2.dll
2014-01-21 23:41 - 2013-10-18 16:32 - 00214016 _____ () C:\Program Files\Phase One\Capture One 7\WIC\WIC64\P1.WIC.NativeComWrapper.dll
2014-01-21 23:41 - 2013-10-11 12:41 - 35479552 _____ () C:\Program Files\Phase One\Capture One 7\WIC\WIC64\ImgCoreDll.dll
2014-01-21 23:41 - 2013-10-11 12:41 - 00609792 _____ () C:\Program Files\Phase One\Capture One 7\WIC\WIC64\OpenCoreDll.dll
2013-11-26 17:55 - 2013-11-26 17:55 - 01550848 _____ () C:\Program Files (x86)\Safe In Cloud\SafeInCloud.exe
2011-07-29 01:08 - 2011-07-29 01:08 - 01259376 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2013-12-02 16:58 - 2013-12-02 16:58 - 00727448 _____ () C:\Program Files\Adobe\Adobe Photoshop Lightroom 5.3\AgKernel.dll
2013-12-02 16:59 - 2013-12-02 16:59 - 00332184 _____ () C:\Program Files\Adobe\Adobe Photoshop Lightroom 5.3\WFCore.dll
2013-12-02 16:59 - 2013-12-02 16:59 - 00030104 _____ () C:\Program Files\Adobe\Adobe Photoshop Lightroom 5.3\WFSQLite.dll
2013-12-02 16:59 - 2013-12-02 16:59 - 00081304 _____ () C:\Program Files\Adobe\Adobe Photoshop Lightroom 5.3\WFWeb.dll
2013-12-02 16:59 - 2013-12-02 16:59 - 00713112 _____ () C:\Program Files\Adobe\Adobe Photoshop Lightroom 5.3\WFOzClient.dll
2013-12-02 17:00 - 2013-12-02 17:00 - 00115096 _____ () C:\Program Files\Adobe\Adobe Photoshop Lightroom 5.3\moxplugins\AppManagerLR.mox
2013-12-02 17:00 - 2013-12-02 17:00 - 00246680 _____ () C:\Program Files\Adobe\Adobe Photoshop Lightroom 5.3\moxplugins\wpdmanager.mox
2013-12-02 16:58 - 2013-12-02 16:58 - 03505560 _____ () C:\Program Files\Adobe\Adobe Photoshop Lightroom 5.3\Support\DynamicLinkMediaServer\dynamiclinkmediaserver\1.0\DNxHDCodec.dll
2013-12-02 16:33 - 2013-12-02 16:33 - 00302592 _____ () C:\Program Files\Adobe\Adobe Photoshop Lightroom 5.3\Support\DynamicLinkMediaServer\dynamiclinkmediaserver\1.0\MOG_Framework_2.2.11.dll
2014-04-23 16:05 - 2014-04-23 16:05 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-04-23 16:04 - 2014-04-23 16:04 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-01-06 17:54 - 2007-05-31 08:38 - 00167936 ____N () C:\Windows\SysWOW64\SerialXP.dll
2012-08-23 01:42 - 2012-08-23 01:42 - 00435584 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\ulxmlrpcpp.dll
2014-06-16 21:22 - 2014-06-16 21:22 - 00043008 _____ () C:\Users\seaimager\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpzorel0.dll
2013-08-23 21:01 - 2013-08-23 21:01 - 25100288 _____ () C:\Users\seaimager\AppData\Roaming\Dropbox\bin\libcef.dll
2011-07-29 01:09 - 2011-07-29 01:09 - 00096112 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2014-05-08 13:22 - 2014-05-08 13:22 - 00019968 _____ () C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Locale\de_DE\acrotray.deu
2012-08-23 04:35 - 2012-08-23 04:35 - 13873200 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\ti_managers.dll
2012-08-23 04:31 - 2012-08-23 04:31 - 01590656 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\icudt38.dll
2012-07-24 15:48 - 2012-07-24 15:48 - 00012160 _____ () C:\Program Files (x86)\Common Files\Acronis\TibMounter\icudt38.dll
2014-05-17 12:19 - 2014-05-17 12:19 - 03019888 _____ () C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
2014-05-17 12:19 - 2014-05-17 12:19 - 00158832 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2014-05-17 12:19 - 2014-05-17 12:19 - 00023152 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll
2014-05-13 23:04 - 2014-05-13 23:04 - 03839088 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-05-29 10:20 - 2014-05-29 10:20 - 16361136 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Windows:nlsPreferences
AlternateDataStreams: C:\ProgramData\TEMP:3241321C
AlternateDataStreams: C:\Users\seaimager\AppData\Local\Temp:QxzaNzdeoy5arJs302ramfp7S6

==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========


==================== Faulty Device Manager Devices =============

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: RAID-Controller
Description: RAID-Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: USB (Universal Serial Bus)-Controller
Description: USB (Universal Serial Bus)-Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/16/2014 09:26:23 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3001) (User: NT-AUTORITÄT)
Description: Die Namenszeichenfolgenwert für den Leistungsindikator in der Registrierung ist falsch formatiert. Die falsch formatierte Zeichenfolge ist "124868". Das erste DWORD im Datenbereich enthält den Indexwert für die falsch formatierte Zeichenfolge, während das zweite und dritte DWORD im Datenbereich die letzten gültigen Indexwerte enthalten.

Error: (06/16/2014 09:26:22 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (06/15/2014 05:06:31 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3001) (User: NT-AUTORITÄT)
Description: Die Namenszeichenfolgenwert für den Leistungsindikator in der Registrierung ist falsch formatiert. Die falsch formatierte Zeichenfolge ist "124700". Das erste DWORD im Datenbereich enthält den Indexwert für die falsch formatierte Zeichenfolge, während das zweite und dritte DWORD im Datenbereich die letzten gültigen Indexwerte enthalten.

Error: (06/15/2014 05:06:31 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (06/15/2014 00:23:08 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3001) (User: NT-AUTORITÄT)
Description: Die Namenszeichenfolgenwert für den Leistungsindikator in der Registrierung ist falsch formatiert. Die falsch formatierte Zeichenfolge ist "124532". Das erste DWORD im Datenbereich enthält den Indexwert für die falsch formatierte Zeichenfolge, während das zweite und dritte DWORD im Datenbereich die letzten gültigen Indexwerte enthalten.

Error: (06/15/2014 00:23:08 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (06/15/2014 00:20:12 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3001) (User: NT-AUTORITÄT)
Description: Die Namenszeichenfolgenwert für den Leistungsindikator in der Registrierung ist falsch formatiert. Die falsch formatierte Zeichenfolge ist "124364". Das erste DWORD im Datenbereich enthält den Indexwert für die falsch formatierte Zeichenfolge, während das zweite und dritte DWORD im Datenbereich die letzten gültigen Indexwerte enthalten.

Error: (06/15/2014 00:20:12 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (06/14/2014 10:41:10 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: start.exe_Video2Brain, Version: 2.1.10.0, Zeitstempel: 0x2a425e19
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18229, Zeitstempel: 0x51fb1072
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0003332f
ID des fehlerhaften Prozesses: 0xdc8
Startzeit der fehlerhaften Anwendung: 0xstart.exe_Video2Brain0
Pfad der fehlerhaften Anwendung: start.exe_Video2Brain1
Pfad des fehlerhaften Moduls: start.exe_Video2Brain2
Berichtskennung: start.exe_Video2Brain3

Error: (06/14/2014 10:23:06 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3001) (User: NT-AUTORITÄT)
Description: Die Namenszeichenfolgenwert für den Leistungsindikator in der Registrierung ist falsch formatiert. Die falsch formatierte Zeichenfolge ist "124196". Das erste DWORD im Datenbereich enthält den Indexwert für die falsch formatierte Zeichenfolge, während das zweite und dritte DWORD im Datenbereich die letzten gültigen Indexwerte enthalten.


System errors:
=============
Error: (06/16/2014 09:32:13 PM) (Source: Microsoft-Windows-BitLocker-Driver) (EventID: 24620) (User: NT-AUTORITÄT)
Description: Überprüfung des verschlüsselten Volumes: Die Volumeinformationen auf "" können nicht gelesen werden.

Error: (06/05/2014 08:56:01 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Update ScanTack" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (06/05/2014 08:20:31 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Installer" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
%%1056

Error: (06/05/2014 08:18:31 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Installer" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (06/03/2014 07:46:23 PM) (Source: Microsoft-Windows-BitLocker-Driver) (EventID: 24620) (User: NT-AUTORITÄT)
Description: Überprüfung des verschlüsselten Volumes: Die Volumeinformationen auf "" können nicht gelesen werden.

Error: (06/03/2014 07:34:05 PM) (Source: Microsoft-Windows-BitLocker-Driver) (EventID: 24620) (User: NT-AUTORITÄT)
Description: Überprüfung des verschlüsselten Volumes: Die Volumeinformationen auf "" können nicht gelesen werden.

Error: (05/26/2014 08:42:18 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "FRITZ-NAS",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{02A05241-1FFF-45D0-A3D9-2745997251EE}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (05/23/2014 02:58:03 PM) (Source: Microsoft-Windows-BitLocker-Driver) (EventID: 24620) (User: NT-AUTORITÄT)
Description: Überprüfung des verschlüsselten Volumes: Die Volumeinformationen auf "" können nicht gelesen werden.

Error: (05/18/2014 07:25:17 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

Error: (05/17/2014 04:28:03 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk3\DR4 gefunden.


Microsoft Office Sessions:
=========================
Error: (06/16/2014 09:26:23 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3001) (User: NT-AUTORITÄT)
Description: 12486816C4E70100C2E70100C2E70100B8010000

Error: (06/16/2014 09:26:22 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Performance1637070000C2E701000000000009030000

Error: (06/15/2014 05:06:31 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3001) (User: NT-AUTORITÄT)
Description: 124700161CE701001AE701001AE70100B8010000

Error: (06/15/2014 05:06:31 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Performance16370700001AE701000000000009030000

Error: (06/15/2014 00:23:08 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3001) (User: NT-AUTORITÄT)
Description: 1245321674E6010072E6010072E60100B8010000

Error: (06/15/2014 00:23:08 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Performance163707000072E601000000000009030000

Error: (06/15/2014 00:20:12 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3001) (User: NT-AUTORITÄT)
Description: 12436416CCE50100CAE50100CAE50100B8010000

Error: (06/15/2014 00:20:12 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Performance1637070000CAE501000000000009030000

Error: (06/14/2014 10:41:10 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: start.exe_Video2Brain2.1.10.02a425e19ntdll.dll6.1.7601.1822951fb1072c00000050003332fdc801cf87ac2d3a5767W:\JBS-NAS-SERVER)\Tutorials\Video_Tutorials\Landschaft_Architektur_Pano_V2B\start.exeC:\Windows\SysWOW64\ntdll.dlla1c6f801-f39f-11e3-9a77-90e6ba57a091

Error: (06/14/2014 10:23:06 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3001) (User: NT-AUTORITÄT)
Description: 1241961624E5010022E5010022E50100B8010000


CodeIntegrity Errors:
===================================
  Date: 2013-06-04 17:25:43.778
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-06-04 17:25:43.732
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-06-01 15:45:11.309
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-06-01 15:45:11.278
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-06-01 15:33:55.556
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-06-01 15:33:55.524
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-06-01 15:29:23.956
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-06-01 15:29:23.910
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-06-01 15:27:29.106
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-06-01 15:27:29.075
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Percentage of memory in use: 34%
Total physical RAM: 12279.12 MB
Available physical RAM: 8044.06 MB
Total Pagefile: 24556.42 MB
Available Pagefile: 19935.48 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:238.47 GB) (Free:56.66 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Daten_Disk) (Fixed) (Total:1397.26 GB) (Free:752.53 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (Daten_Disk) (Fixed) (Total:1397.26 GB) (Free:1207.59 GB) NTFS
Drive h: (BILDERTANK) (Fixed) (Total:465.65 GB) (Free:357.55 GB) FAT32
Drive i: (NIKON D3X) (Removable) (Total:59.62 GB) (Free:51.14 GB) FAT32
Drive k: () (Removable) (Total:29.47 GB) (Free:28.08 GB) FAT32
Drive w: (Backup) (Network) (Total:3663.11 GB) (Free:1303.47 GB) NTFS
Drive y: (Download) (Network) (Total:1832.31 GB) (Free:810 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238 GB) (Disk ID: 529D01C9)
Partition 1: (Active) - (Size=238 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1397 GB) (Disk ID: 45131F39)
Partition 1: (Active) - (Size=-698727006208) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 1397 GB) (Disk ID: 13321468)
Partition 1: (Active) - (Size=-698727006208) - (Type=07 NTFS)

========================================================
Disk: 3 (Size: 466 GB) (Disk ID: 2409CEA2)
Partition 1: (Not Active) - (Size=466 GB) - (Type=0C)

========================================================
Disk: 4 (Size: 60 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

========================================================
Disk: 6 (Size: 29 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End Of Log ============================
__________________
Alt 17.06.2014, 11:17   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Werbung erscheint plötzlich Browser, einige Wörter erscheinen als Links zu Werbeseiten - Standard

Werbung erscheint plötzlich Browser, einige Wörter erscheinen als Links zu Werbeseiten


Zitat:
Adobe Creative Suite 5 Production Premium (HKLM-x32\...\{626B3D60-A661-4444-AAF5-6C75E55936E8}) (Version: 5.0 - Adobe Systems Incorporated)
Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated)
ist das ein gewerblich genutztes System?
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 17.06.2014, 11:33   #5
seaimager
 
Werbung erscheint plötzlich Browser, einige Wörter erscheinen als Links zu Werbeseiten - Standard

Werbung erscheint plötzlich Browser, einige Wörter erscheinen als Links zu Werbeseiten


Hallo cosinus

Nein das System wird nicht gewerblich genutzt, ich bin Hobbyfotograf

beste grüße

Jürgen


Alt 17.06.2014, 12:35   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Werbung erscheint plötzlich Browser, einige Wörter erscheinen als Links zu Werbeseiten - Standard

Werbung erscheint plötzlich Browser, einige Wörter erscheinen als Links zu Werbeseiten


Dann haste aber ein teures Hobby, AdobeCS ist nicht gerade billig


Adware/Junkware/Toolbars entfernen

1. Schritt: Malwarebytes

Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.




2. Schritt: adwCleaner

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).



3. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.




4. Schritt: Frisches Log mit FRST

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________
--> Werbung erscheint plötzlich Browser, einige Wörter erscheinen als Links zu Werbeseiten

Alt 17.06.2014, 19:43   #7
seaimager
 
Werbung erscheint plötzlich Browser, einige Wörter erscheinen als Links zu Werbeseiten - Standard

Werbung erscheint plötzlich Browser, einige Wörter erscheinen als Links zu Werbeseiten


Hallo Cosinus

Habe nun alles deinen Anweisungen gemäß erledigt, einzig bei der letzte Sache mit FRST habe ich keine Addition.txt bekommen.

Alle weiteren Log Dateien habe ich als Anhang beigefügt. Ich hoffe ich habe da alles richtig gemacht.

Ich muss schon sagen so einen Service findet man doch heute gar nicht mehr, ich bin sehr erstaunt und sehr dankbar.

beste Grüße
Jürgen






FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-06-2014
Ran by seaimager (administrator) on JBS_PC_2 on 17-06-2014 20:31:51
Running from C:\Users\seaimager\Desktop
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(REINER SCT) C:\Windows\SysWOW64\cjpcsc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\nlssrv32.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
() C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
() C:\Program Files (x86)\Safe In Cloud\SafeInCloud.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Dropbox, Inc.) C:\Users\seaimager\AppData\Roaming\Dropbox\bin\Dropbox.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [403888 2012-08-23] (Acronis)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [402432 2010-07-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-04-23] (Apple Inc.)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1259376 2011-07-29] ()
HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [1823744 2012-01-05] (Dominik Reichl)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073352 2012-06-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41336 2014-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840568 2014-05-08] (Adobe Systems Inc.)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [6049096 2012-08-23] (Acronis)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [943856 2012-07-24] (Acronis)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642808 2012-12-19] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-26] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)
HKU\S-1-5-21-1090653915-3958093925-69300803-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1090653915-3958093925-69300803-1000\...\Run: [AmazonMP3DownloaderHelper] => C:\Users\seaimager\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
HKU\S-1-5-21-1090653915-3958093925-69300803-1000\...\Run: [SafeInCloud] => C:\Program Files (x86)\Safe In Cloud\SafeInCloud.exe [1550848 2013-11-26] ()
HKU\S-1-5-21-1090653915-3958093925-69300803-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-1090653915-3958093925-69300803-1000\...\Run: [moneyplex Alarm] => H:\JBS_STORAGE\moneyplex\mpxalarm
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuatoCalibrationLoader.lnk
ShortcutTarget: QuatoCalibrationLoader.lnk -> C:\Program Files (x86)\Quato\iColorDisplay\QuatoCalibrationLoader.exe (Quato)
Startup: C:\Users\seaimager\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\seaimager\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x2E370D624E2ACE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - {96224679-3496-4260-A2C5-4ED4AE735F0A} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=386496&p={searchTerms}
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll (Adobe Systems)
FF Plugin: wacom.com/WacomTabletPlugin - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 - C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: Adobe Acrobat - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
FF Plugin-x32: wacom.com/WacomTabletPlugin - C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Firebug - C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\Extensions\firebug@software.joehewitt.com.xpi [2014-04-07]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-05-13]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2014-05-13]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-02-26]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2012-06-04]

==================== Services (Whitelisted) =================

R2 cjpcsc; C:\Windows\SysWOW64\cjpcsc.exe [514128 2012-03-19] (REINER SCT)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 nlsX86cc; C:\Windows\SysWOW64\nlssrv32.exe [66560 2011-02-15] (Nalpeiron Ltd.) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 UsbClientService; C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [248736 2013-11-14] ()
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [635160 2014-04-22] (Wacom Technology, Corp.)

==================== Drivers (Whitelisted) ====================

S3 ASPI; C:\Windows\SysWOW64\DRIVERS\ASPI32.sys [84832 2002-07-17] (Adaptec) [File not signed]
S3 cjusb; C:\Windows\System32\DRIVERS\cjusb.sys [34672 2011-03-29] (REINER SCT)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-06-17] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
R2 Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [145448 2009-09-17] (SafeNet, Inc.)
S3 SNTUSB64; C:\Windows\System32\DRIVERS\SNTUSB64.SYS [63528 2011-05-27] (SafeNet, Inc.)
R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [1093256 2013-01-12] (Acronis)
R0 vidsflt; C:\Windows\System32\DRIVERS\vidsflt.sys [166024 2013-01-12] (Acronis)
S3 X-Rite; C:\Windows\System32\DRIVERS\XrUsb64.sys [33600 2007-01-29] (X-Rite, Inc.)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-17 20:29 - 2014-06-17 20:29 - 00000778 _____ () C:\Users\seaimager\Desktop\JRT.txt
2014-06-17 20:23 - 2014-06-17 20:23 - 01016261 _____ (Thisisu) C:\Users\seaimager\Desktop\JRT(1).exe
2014-06-17 20:22 - 2014-06-17 20:22 - 00004169 _____ () C:\Users\seaimager\Desktop\AdwCleaner[S0].txt
2014-06-17 20:17 - 2014-06-17 20:18 - 00000000 ____D () C:\AdwCleaner
2014-06-17 20:15 - 2014-06-17 20:15 - 01333465 _____ () C:\Users\seaimager\Desktop\adwcleaner_3.212.exe
2014-06-17 20:15 - 2014-06-17 20:15 - 00083124 _____ () C:\Users\seaimager\Desktop\mbam.txt
2014-06-17 19:37 - 2014-06-17 20:20 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-17 19:37 - 2014-06-17 19:37 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-06-17 19:37 - 2014-06-17 19:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-06-17 19:37 - 2014-06-17 19:37 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-17 19:37 - 2014-06-17 19:37 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-06-17 19:37 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-06-17 19:37 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-06-17 19:37 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-06-17 19:36 - 2014-06-17 19:36 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\seaimager\Downloads\mbam-setup-2.0.2.1012.exe
2014-06-17 00:21 - 2014-06-17 00:21 - 00004471 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_60-b19.log
2014-06-16 23:35 - 2014-06-16 23:35 - 00276128 _____ () C:\Windows\Minidump\061614-14664-01.dmp
2014-06-16 23:18 - 2014-06-16 23:18 - 00380416 _____ () C:\Users\seaimager\Desktop\Gmer-19357.exe
2014-06-16 23:02 - 2014-06-17 20:31 - 00016774 _____ () C:\Users\seaimager\Desktop\FRST.txt
2014-06-16 23:02 - 2014-06-17 20:31 - 00000000 ____D () C:\FRST
2014-06-16 23:02 - 2014-06-16 23:03 - 00040404 _____ () C:\Users\seaimager\Desktop\Addition.txt
2014-06-16 23:00 - 2014-06-16 23:01 - 02081280 _____ (Farbar) C:\Users\seaimager\Desktop\FRST64.exe
2014-06-15 17:33 - 2014-06-15 17:33 - 01315636 _____ () C:\Users\seaimager\Downloads\com_zoo_3.1.6.zip
2014-06-15 13:26 - 2014-06-15 13:26 - 00682480 _____ () C:\Users\seaimager\Downloads\jre-7u51-windows-i586(1).exe
2014-06-15 13:19 - 2014-06-15 13:22 - 00000000 ____D () C:\Users\seaimager\Documents\Java
2014-06-15 13:17 - 2014-06-15 13:17 - 00682480 _____ () C:\Users\seaimager\Downloads\jre-7u51-windows-i586.exe
2014-06-14 11:08 - 2014-06-14 11:08 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-06-14 11:08 - 2014-06-14 11:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-06-14 11:08 - 2012-08-21 13:01 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2014-06-14 11:07 - 2014-06-14 11:08 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-06-14 11:07 - 2014-06-14 11:08 - 00000000 ____D () C:\Program Files\iTunes
2014-06-14 11:07 - 2014-06-14 11:08 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-06-14 11:07 - 2014-06-14 11:07 - 00000000 ____D () C:\Program Files\iPod
2014-06-14 11:07 - 2014-06-14 11:07 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-06-14 11:07 - 2014-06-14 11:07 - 00000000 ____D () C:\Program Files\Bonjour
2014-06-14 11:07 - 2014-06-14 11:07 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-06-14 11:06 - 2014-06-14 11:06 - 112616784 _____ (Apple Inc.) C:\Users\seaimager\Downloads\iTunes64Setup.exe
2014-06-05 21:28 - 2014-06-05 21:28 - 00830792 _____ (Click Me In Limited) C:\Users\seaimager\AppData\Local\nsoCBCB.tmp
2014-06-05 20:46 - 2014-06-05 20:46 - 00003188 _____ () C:\Windows\System32\Tasks\{801D570B-E4AB-4EC0-BB0A-C3775BBC798E}
2014-06-05 20:42 - 2014-06-05 20:42 - 00000000 ____D () C:\Users\seaimager\AppData\Local\com
2014-06-05 20:17 - 2014-06-05 20:32 - 00000000 ____D () C:\Users\seaimager\AppData\Local\Genesis_06051817
2014-06-03 19:30 - 2014-06-03 19:30 - 00000000 ____D () C:\Users\seaimager\AppData\Roaming\WTablet
2014-06-03 19:30 - 2014-06-03 19:30 - 00000000 ____D () C:\Users\seaimager\.android
2014-06-03 19:27 - 2014-06-03 19:27 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wacom Tablett
2014-06-03 19:27 - 2014-06-03 19:27 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_wacomrouterfilter_01009.Wdf
2014-06-03 19:27 - 2014-06-03 19:27 - 00000000 ____D () C:\Program Files\TabletPlugins
2014-06-03 19:27 - 2014-06-03 19:27 - 00000000 ____D () C:\Program Files (x86)\TabletPlugins
2014-06-03 19:26 - 2014-06-03 19:27 - 00000000 ____D () C:\Program Files\Tablet
2014-06-03 19:26 - 2014-06-03 19:26 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_wachidrouter_01009.Wdf
2014-06-03 19:26 - 2014-04-22 00:30 - 01946904 _____ (Wacom Technology, Corp.) C:\Windows\system32\WacomMT.dll
2014-06-03 19:26 - 2014-04-22 00:30 - 01929496 _____ (Wacom Technology, Corp.) C:\Windows\system32\Wacom_Tablet.dll
2014-06-03 19:26 - 2014-04-22 00:30 - 01922328 _____ (Wacom Technology, Corp.) C:\Windows\system32\Wacom_Touch_Tablet.dll
2014-06-03 19:26 - 2014-04-22 00:30 - 01796888 _____ (Wacom Technology, Corp.) C:\Windows\system32\Wintab32.dll
2014-06-03 19:26 - 2014-04-22 00:30 - 01563416 _____ (Wacom Technology, Corp.) C:\Windows\SysWOW64\Wacom_Tablet.dll
2014-06-03 19:26 - 2014-04-22 00:30 - 01560344 _____ (Wacom Technology, Corp.) C:\Windows\SysWOW64\WacomMT.dll
2014-06-03 19:26 - 2014-04-22 00:30 - 01556760 _____ (Wacom Technology, Corp.) C:\Windows\SysWOW64\Wacom_Touch_Tablet.dll
2014-06-03 19:26 - 2014-04-22 00:30 - 01443096 _____ (Wacom Technology, Corp.) C:\Windows\SysWOW64\Wintab32.dll
2014-06-03 19:26 - 2014-03-17 18:13 - 00095032 _____ (Wacom Technology) C:\Windows\system32\Drivers\wachidrouter.sys
2014-06-03 19:26 - 2014-03-17 18:13 - 00015160 _____ (Wacom Technology) C:\Windows\system32\Drivers\wacomrouterfilter.sys
2014-06-03 19:26 - 2014-03-17 18:13 - 00014136 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\hidkmdf.sys
2014-06-03 19:26 - 2012-12-12 00:12 - 01721576 _____ (Microsoft Corporation) C:\Windows\system32\wdfcoinstaller01009.dll
2014-06-03 19:26 - 2012-12-12 00:12 - 01721576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wdfcoinstaller01009.dll
2014-05-31 10:29 - 2014-05-31 10:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-05-31 10:29 - 2014-05-31 10:29 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-05-31 10:29 - 2014-05-31 10:29 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-05-30 07:58 - 2014-05-30 07:58 - 00000000 ____D () C:\Program Files (x86)\FileZilla FTP Client
2014-05-30 07:55 - 2014-05-30 07:55 - 04968079 _____ (Tim Kosse) C:\Users\seaimager\Desktop\FileZilla_3.8.0_win32-setup.exe
2014-05-21 18:22 - 2014-05-21 18:22 - 00001237 _____ () C:\Users\seaimager\Desktop\AVS Video Converter.lnk
2014-05-21 18:22 - 2014-05-21 18:22 - 00000000 ____D () C:\Users\seaimager\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AVS4YOU
2014-05-21 18:22 - 2014-05-21 18:22 - 00000000 ____D () C:\Users\seaimager\AppData\Roaming\AVS4YOU
2014-05-21 18:22 - 2014-05-21 18:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVS4YOU
2014-05-21 18:22 - 2014-05-21 18:22 - 00000000 ____D () C:\ProgramData\AVS4YOU
2014-05-21 18:22 - 2014-05-21 18:22 - 00000000 ____D () C:\Program Files (x86)\AVS4YOU
2014-05-21 18:22 - 2012-03-23 19:59 - 01700352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2014-05-21 18:22 - 2012-03-23 19:59 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3a.dll
2014-05-21 18:05 - 2014-05-21 18:05 - 00000000 ____D () C:\Users\seaimager\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Handbrake
2014-05-21 18:05 - 2014-05-21 18:05 - 00000000 ____D () C:\Program Files (x86)\Handbrake
2014-05-21 18:04 - 2014-05-21 18:04 - 14298467 _____ () C:\Users\seaimager\Downloads\HandBrake-0.9.9-1_x86_64-Win_GUI.exe

==================== One Month Modified Files and Folders =======

2014-06-17 20:31 - 2014-06-16 23:02 - 00016774 _____ () C:\Users\seaimager\Desktop\FRST.txt
2014-06-17 20:31 - 2014-06-16 23:02 - 00000000 ____D () C:\FRST
2014-06-17 20:31 - 2012-02-25 11:07 - 00000000 ____D () C:\Users\seaimager\AppData\Local\Temp
2014-06-17 20:29 - 2014-06-17 20:29 - 00000778 _____ () C:\Users\seaimager\Desktop\JRT.txt
2014-06-17 20:27 - 2009-07-14 06:45 - 00014640 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-17 20:27 - 2009-07-14 06:45 - 00014640 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-17 20:26 - 2009-07-14 19:58 - 10488290 _____ () C:\Windows\system32\perfh007.dat
2014-06-17 20:26 - 2009-07-14 19:58 - 03248030 _____ () C:\Windows\system32\perfc007.dat
2014-06-17 20:26 - 2009-07-14 07:13 - 00787956 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-17 20:23 - 2014-06-17 20:23 - 01016261 _____ (Thisisu) C:\Users\seaimager\Desktop\JRT(1).exe
2014-06-17 20:22 - 2014-06-17 20:22 - 00004169 _____ () C:\Users\seaimager\Desktop\AdwCleaner[S0].txt
2014-06-17 20:21 - 2012-11-08 20:19 - 00000000 ____D () C:\Users\seaimager\AppData\Roaming\Skype
2014-06-17 20:20 - 2014-06-17 19:37 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-17 20:20 - 2014-05-03 09:34 - 00000000 ____D () C:\Users\seaimager\AppData\Roaming\DropboxMaster
2014-06-17 20:20 - 2013-04-04 22:52 - 00001112 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-17 20:20 - 2013-01-19 20:13 - 00000000 ___RD () C:\Users\seaimager\Dropbox
2014-06-17 20:20 - 2013-01-19 20:05 - 00000000 ____D () C:\Users\seaimager\AppData\Roaming\Dropbox
2014-06-17 20:20 - 2012-03-02 20:50 - 00149474 _____ () C:\Windows\PFRO.log
2014-06-17 20:20 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-17 20:20 - 2009-07-14 06:51 - 00129900 _____ () C:\Windows\setupact.log
2014-06-17 20:18 - 2014-06-17 20:17 - 00000000 ____D () C:\AdwCleaner
2014-06-17 20:18 - 2012-10-02 12:59 - 01318596 _____ () C:\Windows\WindowsUpdate.log
2014-06-17 20:15 - 2014-06-17 20:15 - 01333465 _____ () C:\Users\seaimager\Desktop\adwcleaner_3.212.exe
2014-06-17 20:15 - 2014-06-17 20:15 - 00083124 _____ () C:\Users\seaimager\Desktop\mbam.txt
2014-06-17 19:47 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system
2014-06-17 19:46 - 2013-04-04 22:52 - 00001116 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-17 19:45 - 2014-03-30 19:26 - 00000000 ____D () C:\Users\seaimager\AppData\Roaming\Browser Extensions
2014-06-17 19:45 - 2013-02-10 23:37 - 00000000 ____D () C:\Temp
2014-06-17 19:37 - 2014-06-17 19:37 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-06-17 19:37 - 2014-06-17 19:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-06-17 19:37 - 2014-06-17 19:37 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-17 19:37 - 2014-06-17 19:37 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-06-17 19:36 - 2014-06-17 19:36 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\seaimager\Downloads\mbam-setup-2.0.2.1012.exe
2014-06-17 19:28 - 2012-02-25 20:08 - 00000000 ____D () C:\Users\seaimager\AppData\Roaming\vlc
2014-06-17 19:09 - 2013-04-04 22:52 - 00000000 ____D () C:\Users\seaimager\AppData\Local\Google
2014-06-17 18:39 - 2012-02-25 14:26 - 00000000 ____D () C:\Users\seaimager\AppData\Local\Adobe
2014-06-17 00:22 - 2013-10-21 21:35 - 00000000 ____D () C:\ProgramData\Oracle
2014-06-17 00:21 - 2014-06-17 00:21 - 00004471 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_60-b19.log
2014-06-17 00:21 - 2012-03-22 22:50 - 00000000 ____D () C:\Program Files (x86)\Java
2014-06-16 23:35 - 2014-06-16 23:35 - 00276128 _____ () C:\Windows\Minidump\061614-14664-01.dmp
2014-06-16 23:35 - 2013-06-01 01:43 - 755909730 _____ () C:\Windows\MEMORY.DMP
2014-06-16 23:35 - 2013-06-01 01:43 - 00000000 ____D () C:\Windows\Minidump
2014-06-16 23:18 - 2014-06-16 23:18 - 00380416 _____ () C:\Users\seaimager\Desktop\Gmer-19357.exe
2014-06-16 23:03 - 2014-06-16 23:02 - 00040404 _____ () C:\Users\seaimager\Desktop\Addition.txt
2014-06-16 23:01 - 2014-06-16 23:00 - 02081280 _____ (Farbar) C:\Users\seaimager\Desktop\FRST64.exe
2014-06-16 22:11 - 2012-02-25 20:00 - 00000000 ____D () C:\Users\seaimager\AppData\Roaming\PTGui
2014-06-15 17:33 - 2014-06-15 17:33 - 01315636 _____ () C:\Users\seaimager\Downloads\com_zoo_3.1.6.zip
2014-06-15 13:26 - 2014-06-15 13:26 - 00682480 _____ () C:\Users\seaimager\Downloads\jre-7u51-windows-i586(1).exe
2014-06-15 13:22 - 2014-06-15 13:19 - 00000000 ____D () C:\Users\seaimager\Documents\Java
2014-06-15 13:17 - 2014-06-15 13:17 - 00682480 _____ () C:\Users\seaimager\Downloads\jre-7u51-windows-i586.exe
2014-06-14 11:16 - 2014-04-13 20:07 - 00508844 _____ () C:\Users\seaimager\AppData\Roaming\PS12_panel.log
2014-06-14 11:08 - 2014-06-14 11:08 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-06-14 11:08 - 2014-06-14 11:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-06-14 11:08 - 2014-06-14 11:07 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-06-14 11:08 - 2014-06-14 11:07 - 00000000 ____D () C:\Program Files\iTunes
2014-06-14 11:08 - 2014-06-14 11:07 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-06-14 11:08 - 2012-02-26 11:20 - 00000000 ____D () C:\Users\seaimager\AppData\Roaming\Apple Computer
2014-06-14 11:08 - 2012-02-25 20:06 - 00000000 ____D () C:\Users\seaimager\AppData\Local\Apple Computer
2014-06-14 11:07 - 2014-06-14 11:07 - 00000000 ____D () C:\Program Files\iPod
2014-06-14 11:07 - 2014-06-14 11:07 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-06-14 11:07 - 2014-06-14 11:07 - 00000000 ____D () C:\Program Files\Bonjour
2014-06-14 11:07 - 2014-06-14 11:07 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-06-14 11:07 - 2012-02-25 20:03 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-06-14 11:07 - 2012-02-25 20:02 - 00000000 ____D () C:\ProgramData\Apple
2014-06-14 11:06 - 2014-06-14 11:06 - 112616784 _____ (Apple Inc.) C:\Users\seaimager\Downloads\iTunes64Setup.exe
2014-06-07 13:09 - 2012-03-03 10:10 - 00000000 ____D () C:\Users\seaimager\AppData\Roaming\HandBrake
2014-06-07 12:58 - 2012-06-04 19:13 - 00002465 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller X.lnk
2014-06-07 12:58 - 2012-06-04 19:13 - 00002453 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat X Pro.lnk
2014-06-07 12:58 - 2012-06-04 19:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe LiveCycle ES2
2014-06-07 12:57 - 2012-11-08 20:19 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-06-07 12:57 - 2012-11-08 20:19 - 00000000 ____D () C:\ProgramData\Skype
2014-06-05 21:28 - 2014-06-05 21:28 - 00830792 _____ (Click Me In Limited) C:\Users\seaimager\AppData\Local\nsoCBCB.tmp
2014-06-05 20:55 - 2012-02-25 11:08 - 00000000 ___RD () C:\Users\seaimager\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-06-05 20:47 - 2012-02-25 14:18 - 00001142 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-06-05 20:47 - 2012-02-25 11:08 - 00001421 _____ () C:\Users\seaimager\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-06-05 20:46 - 2014-06-05 20:46 - 00003188 _____ () C:\Windows\System32\Tasks\{801D570B-E4AB-4EC0-BB0A-C3775BBC798E}
2014-06-05 20:42 - 2014-06-05 20:42 - 00000000 ____D () C:\Users\seaimager\AppData\Local\com
2014-06-05 20:32 - 2014-06-05 20:17 - 00000000 ____D () C:\Users\seaimager\AppData\Local\Genesis_06051817
2014-06-03 21:06 - 2014-05-10 17:57 - 00000000 ____D () C:\Users\seaimager\Desktop\LR Export
2014-06-03 19:30 - 2014-06-03 19:30 - 00000000 ____D () C:\Users\seaimager\AppData\Roaming\WTablet
2014-06-03 19:30 - 2014-06-03 19:30 - 00000000 ____D () C:\Users\seaimager\.android
2014-06-03 19:30 - 2012-02-25 11:07 - 00000000 ____D () C:\Users\seaimager
2014-06-03 19:27 - 2014-06-03 19:27 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wacom Tablett
2014-06-03 19:27 - 2014-06-03 19:27 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_wacomrouterfilter_01009.Wdf
2014-06-03 19:27 - 2014-06-03 19:27 - 00000000 ____D () C:\Program Files\TabletPlugins
2014-06-03 19:27 - 2014-06-03 19:27 - 00000000 ____D () C:\Program Files (x86)\TabletPlugins
2014-06-03 19:27 - 2014-06-03 19:26 - 00000000 ____D () C:\Program Files\Tablet
2014-06-03 19:26 - 2014-06-03 19:26 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_wachidrouter_01009.Wdf
2014-06-01 19:39 - 2012-06-04 22:42 - 00001456 _____ () C:\Users\seaimager\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2014-05-31 10:29 - 2014-05-31 10:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-05-31 10:29 - 2014-05-31 10:29 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-05-31 10:29 - 2014-05-31 10:29 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-05-30 13:46 - 2012-02-25 18:54 - 00000000 ____D () C:\Users\seaimager\AppData\Roaming\FileZilla
2014-05-30 08:00 - 2012-02-25 18:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2014-05-30 07:58 - 2014-05-30 07:58 - 00000000 ____D () C:\Program Files (x86)\FileZilla FTP Client
2014-05-30 07:55 - 2014-05-30 07:55 - 04968079 _____ (Tim Kosse) C:\Users\seaimager\Desktop\FileZilla_3.8.0_win32-setup.exe
2014-05-30 07:47 - 2013-04-04 22:52 - 00000000 ____D () C:\ProgramData\Google
2014-05-29 10:21 - 2013-01-19 20:06 - 00000000 ____D () C:\Users\seaimager\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-05-29 10:20 - 2012-04-05 21:51 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-29 10:20 - 2012-03-22 22:18 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-21 18:22 - 2014-05-21 18:22 - 00001237 _____ () C:\Users\seaimager\Desktop\AVS Video Converter.lnk
2014-05-21 18:22 - 2014-05-21 18:22 - 00000000 ____D () C:\Users\seaimager\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AVS4YOU
2014-05-21 18:22 - 2014-05-21 18:22 - 00000000 ____D () C:\Users\seaimager\AppData\Roaming\AVS4YOU
2014-05-21 18:22 - 2014-05-21 18:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVS4YOU
2014-05-21 18:22 - 2014-05-21 18:22 - 00000000 ____D () C:\ProgramData\AVS4YOU
2014-05-21 18:22 - 2014-05-21 18:22 - 00000000 ____D () C:\Program Files (x86)\AVS4YOU
2014-05-21 18:05 - 2014-05-21 18:05 - 00000000 ____D () C:\Users\seaimager\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Handbrake
2014-05-21 18:05 - 2014-05-21 18:05 - 00000000 ____D () C:\Program Files (x86)\Handbrake
2014-05-21 18:04 - 2014-05-21 18:04 - 14298467 _____ () C:\Users\seaimager\Downloads\HandBrake-0.9.9-1_x86_64-Win_GUI.exe
2014-05-18 09:00 - 2012-06-12 19:20 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service

Files to move or delete:
====================
C:\ProgramData\PKP_DLbx.DAT


Some content of TEMP:
====================
C:\Users\seaimager\AppData\Local\Temp\AMDCleanupUtility.exe
C:\Users\seaimager\AppData\Local\Temp\amsetup_activeris_default_010414_installer.exe
C:\Users\seaimager\AppData\Local\Temp\BackupSetup.exe
C:\Users\seaimager\AppData\Local\Temp\Cleanup.dll
C:\Users\seaimager\AppData\Local\Temp\cloud_backup_setup.exe
C:\Users\seaimager\AppData\Local\Temp\difxapi.dll
C:\Users\seaimager\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpgdcdqn.dll
C:\Users\seaimager\AppData\Local\Temp\genesisinstaller.exe
C:\Users\seaimager\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\seaimager\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\seaimager\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\seaimager\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\seaimager\AppData\Local\Temp\lly_webssearches.exe
C:\Users\seaimager\AppData\Local\Temp\optimizerpro.exe
C:\Users\seaimager\AppData\Local\Temp\Quarantine.exe
C:\Users\seaimager\AppData\Local\Temp\SkypeSetup.exe
C:\Users\seaimager\AppData\Local\Temp\vopackage.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-06-01 18:46

==================== End Of Log ============================
--- --- ---

--- --- ---

Alt 17.06.2014, 21:04   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Werbung erscheint plötzlich Browser, einige Wörter erscheinen als Links zu Werbeseiten - Standard

Werbung erscheint plötzlich Browser, einige Wörter erscheinen als Links zu Werbeseiten


Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.



Bitte auch ne neue Addition.txt erstellen, dazu FRST starten und einen Haken setzen bei Addition.txt, dann auf Scan klicken.

__________________
Logfiles bitte immer in CODE-Tags posten

Alt 17.06.2014, 23:24   #9
seaimager
 
Werbung erscheint plötzlich Browser, einige Wörter erscheinen als Links zu Werbeseiten - Standard

Werbung erscheint plötzlich Browser, einige Wörter erscheinen als Links zu Werbeseiten


FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-06-2014
Ran by seaimager (administrator) on JBS_PC_2 on 17-06-2014 22:17:22
Running from C:\Users\seaimager\Desktop
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(REINER SCT) C:\Windows\SysWOW64\cjpcsc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\nlssrv32.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
() C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
() C:\Program Files (x86)\Safe In Cloud\SafeInCloud.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Dropbox, Inc.) C:\Users\seaimager\AppData\Roaming\Dropbox\bin\Dropbox.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [403888 2012-08-23] (Acronis)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [402432 2010-07-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-04-23] (Apple Inc.)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1259376 2011-07-29] ()
HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [1823744 2012-01-05] (Dominik Reichl)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073352 2012-06-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41336 2014-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840568 2014-05-08] (Adobe Systems Inc.)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [6049096 2012-08-23] (Acronis)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [943856 2012-07-24] (Acronis)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642808 2012-12-19] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-26] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)
HKU\S-1-5-21-1090653915-3958093925-69300803-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1090653915-3958093925-69300803-1000\...\Run: [AmazonMP3DownloaderHelper] => C:\Users\seaimager\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
HKU\S-1-5-21-1090653915-3958093925-69300803-1000\...\Run: [SafeInCloud] => C:\Program Files (x86)\Safe In Cloud\SafeInCloud.exe [1550848 2013-11-26] ()
HKU\S-1-5-21-1090653915-3958093925-69300803-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-1090653915-3958093925-69300803-1000\...\Run: [moneyplex Alarm] => H:\JBS_STORAGE\moneyplex\mpxalarm
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuatoCalibrationLoader.lnk
ShortcutTarget: QuatoCalibrationLoader.lnk -> C:\Program Files (x86)\Quato\iColorDisplay\QuatoCalibrationLoader.exe (Quato)
Startup: C:\Users\seaimager\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\seaimager\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x2E370D624E2ACE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - {96224679-3496-4260-A2C5-4ED4AE735F0A} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=386496&p={searchTerms}
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll (Adobe Systems)
FF Plugin: wacom.com/WacomTabletPlugin - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 - C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: Adobe Acrobat - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
FF Plugin-x32: wacom.com/WacomTabletPlugin - C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Firebug - C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\Extensions\firebug@software.joehewitt.com.xpi [2014-04-07]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-05-13]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2014-05-13]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-02-26]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2012-06-04]

==================== Services (Whitelisted) =================

R2 cjpcsc; C:\Windows\SysWOW64\cjpcsc.exe [514128 2012-03-19] (REINER SCT)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 nlsX86cc; C:\Windows\SysWOW64\nlssrv32.exe [66560 2011-02-15] (Nalpeiron Ltd.) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 UsbClientService; C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [248736 2013-11-14] ()
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [635160 2014-04-22] (Wacom Technology, Corp.)

==================== Drivers (Whitelisted) ====================

S3 ASPI; C:\Windows\SysWOW64\DRIVERS\ASPI32.sys [84832 2002-07-17] (Adaptec) [File not signed]
S3 cjusb; C:\Windows\System32\DRIVERS\cjusb.sys [34672 2011-03-29] (REINER SCT)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-06-17] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
R2 Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [145448 2009-09-17] (SafeNet, Inc.)
S3 SNTUSB64; C:\Windows\System32\DRIVERS\SNTUSB64.SYS [63528 2011-05-27] (SafeNet, Inc.)
R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [1093256 2013-01-12] (Acronis)
R0 vidsflt; C:\Windows\System32\DRIVERS\vidsflt.sys [166024 2013-01-12] (Acronis)
S3 X-Rite; C:\Windows\System32\DRIVERS\XrUsb64.sys [33600 2007-01-29] (X-Rite, Inc.)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-17 22:16 - 2014-06-17 22:17 - 00016913 _____ () C:\Users\seaimager\Desktop\FRST.txt
2014-06-17 20:49 - 2014-06-17 20:49 - 00001027 _____ () C:\Users\Public\Desktop\MozBackup.lnk
2014-06-17 20:49 - 2014-06-17 20:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MozBackup
2014-06-17 20:49 - 2014-06-17 20:49 - 00000000 ____D () C:\Program Files (x86)\MozBackup
2014-06-17 20:48 - 2014-06-17 20:48 - 01035926 _____ () C:\Users\seaimager\Downloads\MozBackup-1.5.1-EN.exe
2014-06-17 20:35 - 2014-06-17 20:35 - 00000000 ____D () C:\Users\seaimager\Desktop\Neuer Ordner
2014-06-17 20:29 - 2014-06-17 20:29 - 00000778 _____ () C:\Users\seaimager\Desktop\JRT.txt
2014-06-17 20:23 - 2014-06-17 20:23 - 01016261 _____ (Thisisu) C:\Users\seaimager\Desktop\JRT(1).exe
2014-06-17 20:22 - 2014-06-17 20:22 - 00004169 _____ () C:\Users\seaimager\Desktop\AdwCleaner[S0].txt
2014-06-17 20:17 - 2014-06-17 20:18 - 00000000 ____D () C:\AdwCleaner
2014-06-17 20:15 - 2014-06-17 20:15 - 01333465 _____ () C:\Users\seaimager\Desktop\adwcleaner_3.212.exe
2014-06-17 20:15 - 2014-06-17 20:15 - 00083124 _____ () C:\Users\seaimager\Desktop\mbam.txt
2014-06-17 19:37 - 2014-06-17 21:20 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-17 19:37 - 2014-06-17 19:37 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-06-17 19:37 - 2014-06-17 19:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-06-17 19:37 - 2014-06-17 19:37 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-17 19:37 - 2014-06-17 19:37 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-06-17 19:37 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-06-17 19:37 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-06-17 19:37 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-06-17 19:36 - 2014-06-17 19:36 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\seaimager\Downloads\mbam-setup-2.0.2.1012.exe
2014-06-17 00:21 - 2014-06-17 00:21 - 00004471 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_60-b19.log
2014-06-16 23:35 - 2014-06-16 23:35 - 00276128 _____ () C:\Windows\Minidump\061614-14664-01.dmp
2014-06-16 23:18 - 2014-06-16 23:18 - 00380416 _____ () C:\Users\seaimager\Desktop\Gmer-19357.exe
2014-06-16 23:02 - 2014-06-17 22:17 - 00000000 ____D () C:\FRST
2014-06-16 23:00 - 2014-06-16 23:01 - 02081280 _____ (Farbar) C:\Users\seaimager\Desktop\FRST64.exe
2014-06-15 17:33 - 2014-06-15 17:33 - 01315636 _____ () C:\Users\seaimager\Downloads\com_zoo_3.1.6.zip
2014-06-15 13:26 - 2014-06-15 13:26 - 00682480 _____ () C:\Users\seaimager\Downloads\jre-7u51-windows-i586(1).exe
2014-06-15 13:19 - 2014-06-15 13:22 - 00000000 ____D () C:\Users\seaimager\Documents\Java
2014-06-15 13:17 - 2014-06-15 13:17 - 00682480 _____ () C:\Users\seaimager\Downloads\jre-7u51-windows-i586.exe
2014-06-14 11:08 - 2014-06-14 11:08 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-06-14 11:08 - 2014-06-14 11:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-06-14 11:08 - 2012-08-21 13:01 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2014-06-14 11:07 - 2014-06-14 11:08 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-06-14 11:07 - 2014-06-14 11:08 - 00000000 ____D () C:\Program Files\iTunes
2014-06-14 11:07 - 2014-06-14 11:08 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-06-14 11:07 - 2014-06-14 11:07 - 00000000 ____D () C:\Program Files\iPod
2014-06-14 11:07 - 2014-06-14 11:07 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-06-14 11:07 - 2014-06-14 11:07 - 00000000 ____D () C:\Program Files\Bonjour
2014-06-14 11:07 - 2014-06-14 11:07 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-06-14 11:06 - 2014-06-14 11:06 - 112616784 _____ (Apple Inc.) C:\Users\seaimager\Downloads\iTunes64Setup.exe
2014-06-05 21:28 - 2014-06-05 21:28 - 00830792 _____ (Click Me In Limited) C:\Users\seaimager\AppData\Local\nsoCBCB.tmp
2014-06-05 20:46 - 2014-06-05 20:46 - 00003188 _____ () C:\Windows\System32\Tasks\{801D570B-E4AB-4EC0-BB0A-C3775BBC798E}
2014-06-05 20:42 - 2014-06-05 20:42 - 00000000 ____D () C:\Users\seaimager\AppData\Local\com
2014-06-05 20:17 - 2014-06-05 20:32 - 00000000 ____D () C:\Users\seaimager\AppData\Local\Genesis_06051817
2014-06-03 19:30 - 2014-06-03 19:30 - 00000000 ____D () C:\Users\seaimager\AppData\Roaming\WTablet
2014-06-03 19:30 - 2014-06-03 19:30 - 00000000 ____D () C:\Users\seaimager\.android
2014-06-03 19:27 - 2014-06-03 19:27 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wacom Tablett
2014-06-03 19:27 - 2014-06-03 19:27 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_wacomrouterfilter_01009.Wdf
2014-06-03 19:27 - 2014-06-03 19:27 - 00000000 ____D () C:\Program Files\TabletPlugins
2014-06-03 19:27 - 2014-06-03 19:27 - 00000000 ____D () C:\Program Files (x86)\TabletPlugins
2014-06-03 19:26 - 2014-06-03 19:27 - 00000000 ____D () C:\Program Files\Tablet
2014-06-03 19:26 - 2014-06-03 19:26 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_wachidrouter_01009.Wdf
2014-06-03 19:26 - 2014-04-22 00:30 - 01946904 _____ (Wacom Technology, Corp.) C:\Windows\system32\WacomMT.dll
2014-06-03 19:26 - 2014-04-22 00:30 - 01929496 _____ (Wacom Technology, Corp.) C:\Windows\system32\Wacom_Tablet.dll
2014-06-03 19:26 - 2014-04-22 00:30 - 01922328 _____ (Wacom Technology, Corp.) C:\Windows\system32\Wacom_Touch_Tablet.dll
2014-06-03 19:26 - 2014-04-22 00:30 - 01796888 _____ (Wacom Technology, Corp.) C:\Windows\system32\Wintab32.dll
2014-06-03 19:26 - 2014-04-22 00:30 - 01563416 _____ (Wacom Technology, Corp.) C:\Windows\SysWOW64\Wacom_Tablet.dll
2014-06-03 19:26 - 2014-04-22 00:30 - 01560344 _____ (Wacom Technology, Corp.) C:\Windows\SysWOW64\WacomMT.dll
2014-06-03 19:26 - 2014-04-22 00:30 - 01556760 _____ (Wacom Technology, Corp.) C:\Windows\SysWOW64\Wacom_Touch_Tablet.dll
2014-06-03 19:26 - 2014-04-22 00:30 - 01443096 _____ (Wacom Technology, Corp.) C:\Windows\SysWOW64\Wintab32.dll
2014-06-03 19:26 - 2014-03-17 18:13 - 00095032 _____ (Wacom Technology) C:\Windows\system32\Drivers\wachidrouter.sys
2014-06-03 19:26 - 2014-03-17 18:13 - 00015160 _____ (Wacom Technology) C:\Windows\system32\Drivers\wacomrouterfilter.sys
2014-06-03 19:26 - 2014-03-17 18:13 - 00014136 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\hidkmdf.sys
2014-06-03 19:26 - 2012-12-12 00:12 - 01721576 _____ (Microsoft Corporation) C:\Windows\system32\wdfcoinstaller01009.dll
2014-06-03 19:26 - 2012-12-12 00:12 - 01721576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wdfcoinstaller01009.dll
2014-05-31 10:29 - 2014-05-31 10:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-05-31 10:29 - 2014-05-31 10:29 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-05-31 10:29 - 2014-05-31 10:29 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-05-30 07:58 - 2014-05-30 07:58 - 00000000 ____D () C:\Program Files (x86)\FileZilla FTP Client
2014-05-30 07:55 - 2014-05-30 07:55 - 04968079 _____ (Tim Kosse) C:\Users\seaimager\Desktop\FileZilla_3.8.0_win32-setup.exe
2014-05-21 18:22 - 2014-05-21 18:22 - 00001237 _____ () C:\Users\seaimager\Desktop\AVS Video Converter.lnk
2014-05-21 18:22 - 2014-05-21 18:22 - 00000000 ____D () C:\Users\seaimager\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AVS4YOU
2014-05-21 18:22 - 2014-05-21 18:22 - 00000000 ____D () C:\Users\seaimager\AppData\Roaming\AVS4YOU
2014-05-21 18:22 - 2014-05-21 18:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVS4YOU
2014-05-21 18:22 - 2014-05-21 18:22 - 00000000 ____D () C:\ProgramData\AVS4YOU
2014-05-21 18:22 - 2014-05-21 18:22 - 00000000 ____D () C:\Program Files (x86)\AVS4YOU
2014-05-21 18:22 - 2012-03-23 19:59 - 01700352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2014-05-21 18:22 - 2012-03-23 19:59 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3a.dll
2014-05-21 18:05 - 2014-05-21 18:05 - 00000000 ____D () C:\Users\seaimager\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Handbrake
2014-05-21 18:05 - 2014-05-21 18:05 - 00000000 ____D () C:\Program Files (x86)\Handbrake
2014-05-21 18:04 - 2014-05-21 18:04 - 14298467 _____ () C:\Users\seaimager\Downloads\HandBrake-0.9.9-1_x86_64-Win_GUI.exe

==================== One Month Modified Files and Folders =======

2014-06-17 22:17 - 2014-06-17 22:16 - 00016913 _____ () C:\Users\seaimager\Desktop\FRST.txt
2014-06-17 22:17 - 2014-06-16 23:02 - 00000000 ____D () C:\FRST
2014-06-17 22:17 - 2012-02-25 11:07 - 00000000 ____D () C:\Users\seaimager\AppData\Local\Temp
2014-06-17 22:06 - 2012-11-08 20:19 - 00000000 ____D () C:\Users\seaimager\AppData\Roaming\Skype
2014-06-17 21:46 - 2013-04-04 22:52 - 00001116 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-17 21:25 - 2012-10-02 12:59 - 01318691 _____ () C:\Windows\WindowsUpdate.log
2014-06-17 21:20 - 2014-06-17 19:37 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-17 20:49 - 2014-06-17 20:49 - 00001027 _____ () C:\Users\Public\Desktop\MozBackup.lnk
2014-06-17 20:49 - 2014-06-17 20:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MozBackup
2014-06-17 20:49 - 2014-06-17 20:49 - 00000000 ____D () C:\Program Files (x86)\MozBackup
2014-06-17 20:48 - 2014-06-17 20:48 - 01035926 _____ () C:\Users\seaimager\Downloads\MozBackup-1.5.1-EN.exe
2014-06-17 20:35 - 2014-06-17 20:35 - 00000000 ____D () C:\Users\seaimager\Desktop\Neuer Ordner
2014-06-17 20:29 - 2014-06-17 20:29 - 00000778 _____ () C:\Users\seaimager\Desktop\JRT.txt
2014-06-17 20:27 - 2009-07-14 06:45 - 00014640 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-17 20:27 - 2009-07-14 06:45 - 00014640 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-17 20:26 - 2009-07-14 19:58 - 10488290 _____ () C:\Windows\system32\perfh007.dat
2014-06-17 20:26 - 2009-07-14 19:58 - 03248030 _____ () C:\Windows\system32\perfc007.dat
2014-06-17 20:26 - 2009-07-14 07:13 - 00787956 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-17 20:23 - 2014-06-17 20:23 - 01016261 _____ (Thisisu) C:\Users\seaimager\Desktop\JRT(1).exe
2014-06-17 20:22 - 2014-06-17 20:22 - 00004169 _____ () C:\Users\seaimager\Desktop\AdwCleaner[S0].txt
2014-06-17 20:20 - 2014-05-03 09:34 - 00000000 ____D () C:\Users\seaimager\AppData\Roaming\DropboxMaster
2014-06-17 20:20 - 2013-04-04 22:52 - 00001112 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-17 20:20 - 2013-01-19 20:13 - 00000000 ___RD () C:\Users\seaimager\Dropbox
2014-06-17 20:20 - 2013-01-19 20:05 - 00000000 ____D () C:\Users\seaimager\AppData\Roaming\Dropbox
2014-06-17 20:20 - 2012-03-02 20:50 - 00149474 _____ () C:\Windows\PFRO.log
2014-06-17 20:20 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-17 20:20 - 2009-07-14 06:51 - 00129900 _____ () C:\Windows\setupact.log
2014-06-17 20:18 - 2014-06-17 20:17 - 00000000 ____D () C:\AdwCleaner
2014-06-17 20:15 - 2014-06-17 20:15 - 01333465 _____ () C:\Users\seaimager\Desktop\adwcleaner_3.212.exe
2014-06-17 20:15 - 2014-06-17 20:15 - 00083124 _____ () C:\Users\seaimager\Desktop\mbam.txt
2014-06-17 19:47 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system
2014-06-17 19:45 - 2014-03-30 19:26 - 00000000 ____D () C:\Users\seaimager\AppData\Roaming\Browser Extensions
2014-06-17 19:45 - 2013-02-10 23:37 - 00000000 ____D () C:\Temp
2014-06-17 19:37 - 2014-06-17 19:37 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-06-17 19:37 - 2014-06-17 19:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-06-17 19:37 - 2014-06-17 19:37 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-17 19:37 - 2014-06-17 19:37 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-06-17 19:36 - 2014-06-17 19:36 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\seaimager\Downloads\mbam-setup-2.0.2.1012.exe
2014-06-17 19:28 - 2012-02-25 20:08 - 00000000 ____D () C:\Users\seaimager\AppData\Roaming\vlc
2014-06-17 19:09 - 2013-04-04 22:52 - 00000000 ____D () C:\Users\seaimager\AppData\Local\Google
2014-06-17 18:39 - 2012-02-25 14:26 - 00000000 ____D () C:\Users\seaimager\AppData\Local\Adobe
2014-06-17 00:22 - 2013-10-21 21:35 - 00000000 ____D () C:\ProgramData\Oracle
2014-06-17 00:21 - 2014-06-17 00:21 - 00004471 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_60-b19.log
2014-06-17 00:21 - 2012-03-22 22:50 - 00000000 ____D () C:\Program Files (x86)\Java
2014-06-16 23:35 - 2014-06-16 23:35 - 00276128 _____ () C:\Windows\Minidump\061614-14664-01.dmp
2014-06-16 23:35 - 2013-06-01 01:43 - 755909730 _____ () C:\Windows\MEMORY.DMP
2014-06-16 23:35 - 2013-06-01 01:43 - 00000000 ____D () C:\Windows\Minidump
2014-06-16 23:18 - 2014-06-16 23:18 - 00380416 _____ () C:\Users\seaimager\Desktop\Gmer-19357.exe
2014-06-16 23:01 - 2014-06-16 23:00 - 02081280 _____ (Farbar) C:\Users\seaimager\Desktop\FRST64.exe
2014-06-16 22:11 - 2012-02-25 20:00 - 00000000 ____D () C:\Users\seaimager\AppData\Roaming\PTGui
2014-06-15 17:33 - 2014-06-15 17:33 - 01315636 _____ () C:\Users\seaimager\Downloads\com_zoo_3.1.6.zip
2014-06-15 13:26 - 2014-06-15 13:26 - 00682480 _____ () C:\Users\seaimager\Downloads\jre-7u51-windows-i586(1).exe
2014-06-15 13:22 - 2014-06-15 13:19 - 00000000 ____D () C:\Users\seaimager\Documents\Java
2014-06-15 13:17 - 2014-06-15 13:17 - 00682480 _____ () C:\Users\seaimager\Downloads\jre-7u51-windows-i586.exe
2014-06-14 11:16 - 2014-04-13 20:07 - 00508844 _____ () C:\Users\seaimager\AppData\Roaming\PS12_panel.log
2014-06-14 11:08 - 2014-06-14 11:08 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-06-14 11:08 - 2014-06-14 11:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-06-14 11:08 - 2014-06-14 11:07 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-06-14 11:08 - 2014-06-14 11:07 - 00000000 ____D () C:\Program Files\iTunes
2014-06-14 11:08 - 2014-06-14 11:07 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-06-14 11:08 - 2012-02-26 11:20 - 00000000 ____D () C:\Users\seaimager\AppData\Roaming\Apple Computer
2014-06-14 11:08 - 2012-02-25 20:06 - 00000000 ____D () C:\Users\seaimager\AppData\Local\Apple Computer
2014-06-14 11:07 - 2014-06-14 11:07 - 00000000 ____D () C:\Program Files\iPod
2014-06-14 11:07 - 2014-06-14 11:07 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-06-14 11:07 - 2014-06-14 11:07 - 00000000 ____D () C:\Program Files\Bonjour
2014-06-14 11:07 - 2014-06-14 11:07 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-06-14 11:07 - 2012-02-25 20:03 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-06-14 11:07 - 2012-02-25 20:02 - 00000000 ____D () C:\ProgramData\Apple
2014-06-14 11:06 - 2014-06-14 11:06 - 112616784 _____ (Apple Inc.) C:\Users\seaimager\Downloads\iTunes64Setup.exe
2014-06-07 13:09 - 2012-03-03 10:10 - 00000000 ____D () C:\Users\seaimager\AppData\Roaming\HandBrake
2014-06-07 12:58 - 2012-06-04 19:13 - 00002465 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller X.lnk
2014-06-07 12:58 - 2012-06-04 19:13 - 00002453 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat X Pro.lnk
2014-06-07 12:58 - 2012-06-04 19:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe LiveCycle ES2
2014-06-07 12:57 - 2012-11-08 20:19 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-06-07 12:57 - 2012-11-08 20:19 - 00000000 ____D () C:\ProgramData\Skype
2014-06-05 21:28 - 2014-06-05 21:28 - 00830792 _____ (Click Me In Limited) C:\Users\seaimager\AppData\Local\nsoCBCB.tmp
2014-06-05 20:55 - 2012-02-25 11:08 - 00000000 ___RD () C:\Users\seaimager\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-06-05 20:47 - 2012-02-25 14:18 - 00001142 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-06-05 20:47 - 2012-02-25 11:08 - 00001421 _____ () C:\Users\seaimager\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-06-05 20:46 - 2014-06-05 20:46 - 00003188 _____ () C:\Windows\System32\Tasks\{801D570B-E4AB-4EC0-BB0A-C3775BBC798E}
2014-06-05 20:42 - 2014-06-05 20:42 - 00000000 ____D () C:\Users\seaimager\AppData\Local\com
2014-06-05 20:32 - 2014-06-05 20:17 - 00000000 ____D () C:\Users\seaimager\AppData\Local\Genesis_06051817
2014-06-03 21:06 - 2014-05-10 17:57 - 00000000 ____D () C:\Users\seaimager\Desktop\LR Export
2014-06-03 19:30 - 2014-06-03 19:30 - 00000000 ____D () C:\Users\seaimager\AppData\Roaming\WTablet
2014-06-03 19:30 - 2014-06-03 19:30 - 00000000 ____D () C:\Users\seaimager\.android
2014-06-03 19:30 - 2012-02-25 11:07 - 00000000 ____D () C:\Users\seaimager
2014-06-03 19:27 - 2014-06-03 19:27 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wacom Tablett
2014-06-03 19:27 - 2014-06-03 19:27 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_wacomrouterfilter_01009.Wdf
2014-06-03 19:27 - 2014-06-03 19:27 - 00000000 ____D () C:\Program Files\TabletPlugins
2014-06-03 19:27 - 2014-06-03 19:27 - 00000000 ____D () C:\Program Files (x86)\TabletPlugins
2014-06-03 19:27 - 2014-06-03 19:26 - 00000000 ____D () C:\Program Files\Tablet
2014-06-03 19:26 - 2014-06-03 19:26 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_wachidrouter_01009.Wdf
2014-06-01 19:39 - 2012-06-04 22:42 - 00001456 _____ () C:\Users\seaimager\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2014-05-31 10:29 - 2014-05-31 10:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-05-31 10:29 - 2014-05-31 10:29 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-05-31 10:29 - 2014-05-31 10:29 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-05-30 13:46 - 2012-02-25 18:54 - 00000000 ____D () C:\Users\seaimager\AppData\Roaming\FileZilla
2014-05-30 08:00 - 2012-02-25 18:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2014-05-30 07:58 - 2014-05-30 07:58 - 00000000 ____D () C:\Program Files (x86)\FileZilla FTP Client
2014-05-30 07:55 - 2014-05-30 07:55 - 04968079 _____ (Tim Kosse) C:\Users\seaimager\Desktop\FileZilla_3.8.0_win32-setup.exe
2014-05-30 07:47 - 2013-04-04 22:52 - 00000000 ____D () C:\ProgramData\Google
2014-05-29 10:21 - 2013-01-19 20:06 - 00000000 ____D () C:\Users\seaimager\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-05-29 10:20 - 2012-04-05 21:51 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-29 10:20 - 2012-03-22 22:18 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-21 18:22 - 2014-05-21 18:22 - 00001237 _____ () C:\Users\seaimager\Desktop\AVS Video Converter.lnk
2014-05-21 18:22 - 2014-05-21 18:22 - 00000000 ____D () C:\Users\seaimager\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AVS4YOU
2014-05-21 18:22 - 2014-05-21 18:22 - 00000000 ____D () C:\Users\seaimager\AppData\Roaming\AVS4YOU
2014-05-21 18:22 - 2014-05-21 18:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVS4YOU
2014-05-21 18:22 - 2014-05-21 18:22 - 00000000 ____D () C:\ProgramData\AVS4YOU
2014-05-21 18:22 - 2014-05-21 18:22 - 00000000 ____D () C:\Program Files (x86)\AVS4YOU
2014-05-21 18:05 - 2014-05-21 18:05 - 00000000 ____D () C:\Users\seaimager\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Handbrake
2014-05-21 18:05 - 2014-05-21 18:05 - 00000000 ____D () C:\Program Files (x86)\Handbrake
2014-05-21 18:04 - 2014-05-21 18:04 - 14298467 _____ () C:\Users\seaimager\Downloads\HandBrake-0.9.9-1_x86_64-Win_GUI.exe
2014-05-18 09:00 - 2012-06-12 19:20 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service

Files to move or delete:
====================
C:\ProgramData\PKP_DLbx.DAT


Some content of TEMP:
====================
C:\Users\seaimager\AppData\Local\Temp\AMDCleanupUtility.exe
C:\Users\seaimager\AppData\Local\Temp\amsetup_activeris_default_010414_installer.exe
C:\Users\seaimager\AppData\Local\Temp\BackupSetup.exe
C:\Users\seaimager\AppData\Local\Temp\Cleanup.dll
C:\Users\seaimager\AppData\Local\Temp\cloud_backup_setup.exe
C:\Users\seaimager\AppData\Local\Temp\difxapi.dll
C:\Users\seaimager\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpgdcdqn.dll
C:\Users\seaimager\AppData\Local\Temp\genesisinstaller.exe
C:\Users\seaimager\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\seaimager\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\seaimager\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\seaimager\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\seaimager\AppData\Local\Temp\lly_webssearches.exe
C:\Users\seaimager\AppData\Local\Temp\optimizerpro.exe
C:\Users\seaimager\AppData\Local\Temp\Quarantine.exe
C:\Users\seaimager\AppData\Local\Temp\SkypeSetup.exe
C:\Users\seaimager\AppData\Local\Temp\vopackage.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-06-01 18:46

==================== End Of Log ============================
--- --- ---

--- --- ---

--- --- ---



Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-06-2014
Ran by seaimager at 2014-06-17 22:17:38
Running from C:\Users\seaimager\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.10 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 4.0.0.1390 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 4.0.0.1390 - Adobe Systems Incorporated) Hidden
Adobe Creative Suite 5 Production Premium (HKLM-x32\...\{626B3D60-A661-4444-AAF5-6C75E55936E8}) (Version: 5.0 - Adobe Systems Incorporated)
Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\{6E9EF98E-259E-416D-B5F8-0ABDB99942CE}) (Version: 10.1.52.14 - Adobe Systems, Inc.)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Help Manager (x32 Version: 4.0.244 - Adobe Systems Incorporated) Hidden
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Media Player (x32 Version: 1.8 - Adobe Systems Incorporated) Hidden
Adobe Photoshop Lightroom 5.3 64-bit (HKLM\...\{2DD71ACB-552D-402C-9529-7906ACB95C30}) (Version: 5.3.1 - Adobe Systems Incorporated)
Adobe Reader X (10.1.2) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.2 - Adobe Systems Incorporated)
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.)
Adobe Widget Browser (x32 Version: 2.0.348 - Adobe Systems Incorporated.) Hidden
AKVIS NatureArt (HKLM-x32\...\{592B6EFD-B341-4802-B3B4-A808AF6CC805}) (Version: 4.5.1200.8634 - AKVIS)
AMD Accelerated Video Transcoding (Version: 12.5.100.21219 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.1084.4 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{9AB0D5B6-4779-8C4F-CA91-A1FEDB56D7EC}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.71219.1540 - Advanced Micro Devices, Inc.) Hidden
AMP Font Viewer (HKLM-x32\...\AMP Font Viewer) (Version:  - )
Apple Application Support (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AV Stumpfl Wings (HKLM-x32\...\AV Stumpfl Wings (V 5.3.3)) (Version: 5.3.3 - AV Stumpfl)
AVS Video Converter 8.5 (HKLM-x32\...\AVS4YOU Video Converter 7_is1) (Version: 8.5.1.551 - Online Media Technologies Ltd.)
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon SELPHY CP740 (HKLM\...\Canon SELPHY CP740) (Version:  - )
Capture One 7.1 (HKLM\...\CaptureOne7_is1) (Version: 7.1.5.17 - Phase One A/S)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center (x32 Version: 2012.1219.1521.27485 - Ihr Firmenname) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
cyberJack Base Components (HKLM-x32\...\{FC338210-F594-11D3-BA24-00001C3AB4DF}) (Version: 6.10.0 - REINER SCT)
Digital Signage with Apps (HKLM-x32\...\SyabasTech-DigitalSignage) (Version: 1.2.2 - UNKNOWN)
Digital Signage with Apps (x32 Version: 1.2.2 - UNKNOWN) Hidden
Digital Signage with Apps Preview (HKLM-x32\...\SyabasTech-DigitalSignage-Preview) (Version: 1.1.1 - UNKNOWN)
Digital Signage with Apps Preview (x32 Version: 1.1.1 - UNKNOWN) Hidden
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.8 - DivX, LLC)
Dropbox (HKCU\...\Dropbox) (Version: 2.8.2 - Dropbox, Inc.)
FileZilla Client 3.8.0 (HKLM-x32\...\FileZilla Client) (Version: 3.8.0 - Tim Kosse)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.0 - Google Inc.) Hidden
HandBrake 0.9.9.1 (HKLM-x32\...\HandBrake) (Version: 0.9.9.1 - )
iColor Display 3.8.5.1 (nur entfernen) (HKCU\...\iColorDisplay) (Version:  - )
iTunes (HKLM\...\{5A68A656-979F-4168-8795-E2E368AA4DC2}) (Version: 11.2.2.3 - Apple Inc.)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051F0}) (Version: 7.0.510 - Oracle)
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.600 - Oracle)
Java Auto Updater (x32 Version: 2.1.60.19 - Oracle, Inc.) Hidden
Java(TM) 6 Update 37 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216035FF}) (Version: 6.0.370 - Oracle)
KeePass Password Safe 2.18 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version:  - Dominik Reichl)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
MediaInfo 0.7.63 (HKLM\...\MediaInfo) (Version: 0.7.63 - MediaArea.net)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version:  - Pavel Cvrcek)
Mozilla Firefox 29.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 29.0.1 (x86 de)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mozilla Thunderbird 24.5.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.5.0 (x86 de)) (Version: 24.5.0 - Mozilla)
Nik Collection (HKLM-x32\...\Nik Collection) (Version: 1.2.0.4 - Google)
Pano2VR - Garden Gnome Software (HKLM-x32\...\Pano2VR) (Version:  - )
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
Photo Mechanic 5 (HKLM-x32\...\{DE924CF0-B8BB-42BA-BDA0-14535F79DF3F}) (Version: 5.0 - Camera Bits, Inc)
Photomatix Pro version 4.2.7 (HKLM\...\PhotomatixPro42x64_is1) (Version: 4.2.7 - HDRsoft Ltd)
PTGui Pro 9.1.8 (HKLM-x32\...\PTGui) (Version:  - New House Internet Services B.V.)
PxMergeModule (x32 Version: 1.00.0000 - Your Company Name) Hidden
QNAP Finder (HKLM-x32\...\QNAP_FINDER) (Version: 3.4.3.0523 - QNAP Systems, Inc.)
Qstarz Data Viewer V1.31 (HKLM-x32\...\Qstarz Data Viewer) (Version: V1.31 - )
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
QuoVadis 6 (HKLM-x32\...\QuoVadis 6_is1) (Version: 6 - Flemming Software Development CC)
QuoVadis 7 (HKLM-x32\...\QuoVadis 7_is1) (Version: 7 - Flemming Software Development CC)
Safe In Cloud Password Manager (HKLM-x32\...\{450B8D73-CA79-40B6-B156-DD5B43CAD7B7}) (Version: 2.0 - Safe In Cloud)
Sentinel System Driver Installer 7.5.7 (HKLM-x32\...\{B281C7D1-C088-40E0-86EA-B2D9D7E0810A}) (Version: 7.5.7 - SafeNet, Inc.)
Silicon Laboratories CP210x USB to UART Bridge (Driver Removal) (HKLM-x32\...\SLABCOMM&10C4&EA60) (Version:  - )
Silicon Laboratories CP210x VCP Drivers for Windows 7 (HKLM-x32\...\{FDDE7051-DEBB-41FF-A14C-5A995A290272}) (Version: 5.40.24 - Silicon Laboratories, Inc.)
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Super CAD (HKLM-x32\...\Super CAD) (Version:  - )
Synology Assistant (remove only) (HKLM-x32\...\Synology Assistant) (Version:  - )
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.28223 - TeamViewer)
True Image 2013 (HKLM-x32\...\{59F3D2AC-5F1F-4A93-8F23-6FD4F029D9A9}Visible) (Version: 16.0.5551 - Acronis)
True Image 2013 (x32 Version: 16.0.5551 - Acronis) Hidden
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player 2.0.0 (HKLM-x32\...\VLC media player) (Version: 2.0.0 - VideoLAN)
Wacom Tablett (HKLM\...\Wacom Tablet Driver) (Version: 6.3.8-4 - Wacom Technology Corp.)
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
Windows-Treiberpaket - Phase One A/S (WinUSB) USBDevice  (05/30/2013 1.12.0.68182) (HKLM\...\1D6C98F8A5FED93B7C062B26DD383655CE271976) (Version: 05/30/2013 1.12.0.68182 - Phase One A/S)
Wings Platinum 4 (HKLM-x32\...\{BBFF1DB6-55F9-41CA-B4C4-9432EC14AEFB}) (Version: 4.25.2 - AV Stumpfl)
WinZip 17.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240D7}) (Version: 17.0.10283 - WinZip Computing, S.L. )

==================== Restore Points  =========================

26-05-2014 17:37:36 Geplanter Prüfpunkt
30-05-2014 05:47:01 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106
30-05-2014 05:47:08 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106
14-06-2014 09:07:40 Installed iTunes
15-06-2014 11:23:13 Installed Java 7 Update 51
16-06-2014 22:21:39 Installed Java 7 Update 60
17-06-2014 17:08:13 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106
17-06-2014 17:08:25 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {094732E7-291E-4A8E-9718-1997CC61ACE1} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-14] (Microsoft Corporation)
Task: {48EC4FFD-02EF-4B88-9EC3-FBCBA0C50E43} - System32\Tasks\AdobeAAMUpdater-1.0-JBs_PC_2-seaimager => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20] (Adobe Systems Incorporated)
Task: {82E79536-3F61-4842-93D0-F7BFB144A93E} - \globalUpdateUpdateTaskMachineCore No Task File <==== ATTENTION
Task: {96429E48-7204-4417-AF9C-3648B0DAE097} - \globalUpdateUpdateTaskMachineUA No Task File <==== ATTENTION
Task: {BA1F0223-C938-4F0B-BB89-A706C5B4F613} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-04-04] (Google Inc.)
Task: {FE006A67-5C76-4D20-A1F8-645656FCCB98} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {FEBC7433-917F-4A3E-A461-146CAFF70C0B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-04-04] (Google Inc.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-11-14 15:28 - 2013-11-14 15:28 - 00248736 _____ () C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
2013-11-26 17:55 - 2013-11-26 17:55 - 01550848 _____ () C:\Program Files (x86)\Safe In Cloud\SafeInCloud.exe
2011-07-29 01:08 - 2011-07-29 01:08 - 01259376 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2014-06-03 19:26 - 2014-04-22 00:30 - 01356568 _____ () C:\Program Files\Tablet\Wacom\libxml2.dll
2014-04-23 16:05 - 2014-04-23 16:05 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-04-23 16:04 - 2014-04-23 16:04 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-01-06 17:54 - 2007-05-31 08:38 - 00167936 ____N () C:\Windows\SysWOW64\SerialXP.dll
2012-08-23 01:42 - 2012-08-23 01:42 - 00435584 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\ulxmlrpcpp.dll
2014-06-17 20:20 - 2014-06-17 20:20 - 00043008 _____ () C:\Users\seaimager\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpgdcdqn.dll
2013-08-23 21:01 - 2013-08-23 21:01 - 25100288 _____ () C:\Users\seaimager\AppData\Roaming\Dropbox\bin\libcef.dll
2011-07-29 01:09 - 2011-07-29 01:09 - 00096112 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2014-05-08 13:22 - 2014-05-08 13:22 - 00019968 _____ () C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Locale\de_DE\acrotray.deu
2012-08-23 04:35 - 2012-08-23 04:35 - 13873200 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\ti_managers.dll
2012-08-23 04:31 - 2012-08-23 04:31 - 01590656 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\icudt38.dll
2012-07-24 15:48 - 2012-07-24 15:48 - 00012160 _____ () C:\Program Files (x86)\Common Files\Acronis\TibMounter\icudt38.dll
2014-05-13 23:04 - 2014-05-13 23:04 - 03839088 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-05-29 10:20 - 2014-05-29 10:20 - 16361136 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll
2014-05-17 12:19 - 2014-05-17 12:19 - 03019888 _____ () C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
2014-05-17 12:19 - 2014-05-17 12:19 - 00158832 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2014-05-17 12:19 - 2014-05-17 12:19 - 00023152 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll
2012-08-23 02:12 - 2012-08-23 02:12 - 00019840 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\ti_managers_proxy_stub.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Windows:nlsPreferences
AlternateDataStreams: C:\ProgramData\TEMP:3241321C
AlternateDataStreams: C:\Users\seaimager\AppData\Local\Temp:QxzaNzdeoy5arJs302ramfp7S6

==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========


==================== Faulty Device Manager Devices =============

Name: RAID-Controller
Description: RAID-Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: USB (Universal Serial Bus)-Controller
Description: USB (Universal Serial Bus)-Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============

Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2013-06-04 17:25:43.778
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-06-04 17:25:43.732
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-06-01 15:45:11.309
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-06-01 15:45:11.278
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-06-01 15:33:55.556
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-06-01 15:33:55.524
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-06-01 15:29:23.956
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-06-01 15:29:23.910
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-06-01 15:27:29.106
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-06-01 15:27:29.075
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Percentage of memory in use: 23%
Total physical RAM: 12279.12 MB
Available physical RAM: 9448.51 MB
Total Pagefile: 24556.42 MB
Available Pagefile: 21514.29 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:238.47 GB) (Free:60.81 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Daten_Disk) (Fixed) (Total:1397.26 GB) (Free:752.53 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (Daten_Disk) (Fixed) (Total:1397.26 GB) (Free:1207.59 GB) NTFS
Drive h: (BILDERTANK) (Fixed) (Total:465.65 GB) (Free:352.28 GB) FAT32
Drive i: (NIKON D3X) (Removable) (Total:59.62 GB) (Free:51.14 GB) FAT32
Drive k: () (Removable) (Total:29.47 GB) (Free:28.08 GB) FAT32
Drive w: (Backup) (Network) (Total:3663.11 GB) (Free:1321.57 GB) NTFS
Drive y: (Download) (Network) (Total:1832.31 GB) (Free:810 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1397 GB) (Disk ID: 45131F39)
Partition 1: (Active) - (Size=-698727006208) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 238 GB) (Disk ID: 529D01C9)
Partition 1: (Active) - (Size=238 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 1397 GB) (Disk ID: 13321468)
Partition 1: (Active) - (Size=-698727006208) - (Type=07 NTFS)

========================================================
Disk: 3 (Size: 466 GB) (Disk ID: 2409CEA2)
Partition 1: (Not Active) - (Size=466 GB) - (Type=0C)

========================================================
Disk: 4 (Size: 60 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

========================================================
Disk: 6 (Size: 29 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End Of Log ============================
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Professional x64
Ran by seaimager on 17.06.2014 at 20:24:23,45
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\seaimager\AppData\Roaming\mozilla\firefox\profiles\yanl13x8.default-1396898604837\minidumps [6 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 17.06.2014 at 20:29:24,51
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



Code:
ATTFilter
# AdwCleaner v3.212 - Bericht erstellt am 17/06/2014 um 20:18:37
# Aktualisiert 05/06/2014 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzername : seaimager - JBS_PC_2
# Gestartet von : C:\Users\seaimager\Desktop\adwcleaner_3.212.exe
# Option : Löschen

***** [ Dienste ] *****

[#] Dienst Gelöscht : globalUpdate
[#] Dienst Gelöscht : globalUpdatem

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\WindowsProtectManger
Ordner Gelöscht : C:\Program Files (x86)\globalUpdate
Ordner Gelöscht : C:\Program Files (x86)\Optimizer Pro
Ordner Gelöscht : C:\Program Files (x86)\predm
Ordner Gelöscht : C:\Program Files\003
Ordner Gelöscht : C:\Users\seaimager\AppData\Local\globalUpdate
Ordner Gelöscht : C:\Users\seaimager\AppData\Roaming\Activeris
Ordner Gelöscht : C:\Users\seaimager\AppData\Roaming\SupTab
Ordner Gelöscht : C:\Users\seaimager\Documents\Optimizer Pro
Datei Gelöscht : C:\END
Datei Gelöscht : C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\user.js
Datei Gelöscht : C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
Datei Gelöscht : C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore
Datei Gelöscht : C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
Datei Gelöscht : C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ActiverisAntiMalware_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ActiverisAntiMalware_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\NewPlayer_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\NewPlayer_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\WajamInternetEnhancer_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\WajamInternetEnhancer_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Schlüssel Gelöscht : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{DFEFCDEE-CF1A-4FC8-89AF-189327213627}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A1CCCE0D-AE21-42A2-BE58-8E6109410995}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DFEFCDEE-CF1A-4FC8-89AF-189327213627}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{DFEFCDEE-CF1A-4FC8-89AF-189327213627}]
Wert Gelöscht : HKLM\SOFTWARE\Policies\Google\Chrome\ExtensionInstallForcelist [1]
Schlüssel Gelöscht : HKCU\Software\AnyProtect
Schlüssel Gelöscht : HKCU\Software\genesis
Schlüssel Gelöscht : HKCU\Software\TutoTag
Schlüssel Gelöscht : HKLM\Software\SupDp
Schlüssel Gelöscht : HKLM\Software\SupTab
Schlüssel Gelöscht : HKLM\Software\Tutorials
Schlüssel Gelöscht : HKLM\Software\Wpm
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\LevelQualityWatcher

***** [ Browser ] *****

-\\ Internet Explorer v10.0.9200.16686

Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Mozilla Firefox v29.0.1 (de)

[ Datei : C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\prefs.js ]

Zeile gelöscht : user_pref("browser.search.defaultenginename", "webssearches");
Zeile gelöscht : user_pref("browser.search.selectedEngine", "webssearches");
Zeile gelöscht : user_pref("browser.startup.homepage", "hxxp://istart.webssearches.com/?type=hppp&ts=1402844558&from=tugs&uid=WDCXWD15EADS-00P8B0_WD-WMAVU098454584545");
Zeile gelöscht : user_pref("extensions.crossrider.bic", "1466d416dde428ac86f314384aefa167");

*************************

AdwCleaner[R0].txt - [4497 octets] - [17/06/2014 20:17:48]
AdwCleaner[S0].txt - [4021 octets] - [17/06/2014 20:18:37]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4081 octets] ##########

Alt 17.06.2014, 23:32   #10
seaimager
 
Werbung erscheint plötzlich Browser, einige Wörter erscheinen als Links zu Werbeseiten - Standard

Werbung erscheint plötzlich Browser, einige Wörter erscheinen als Links zu Werbeseiten


Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 17.06.2014
Suchlauf-Zeit: 19:39:47
Logdatei: mbam.txt
Administrator: Ja

Version: 2.00.2.1012
Malware Datenbank: v2014.06.17.08
Rootkit Datenbank: v2014.06.02.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Self-protection: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: seaimager

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 277160
Verstrichene Zeit: 4 Min, 38 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 3
PUP.Optional.IePluginService.A, C:\ProgramData\IePluginServices\PluginService.exe, 1684, Löschen bei Neustart, [256780f96e0dab8b2bb0bd9c1ae7a45c]
Adware.Adpeak, C:\Program Files\003\buuoujqmrk64.exe, 2792, Löschen bei Neustart, [1874b3c6a4d7c57118d85a0ce81cf808]
PUP.Optional.SupraSavings.A, C:\Program Files\003\buuoujqmrk64.exe, 2792, Löschen bei Neustart, [d2baf7826c0ffa3c811fa20e0ff37b85]

Module: 1
PUP.Optional.Skytech.A, C:\Program Files (x86)\SupTab\DpInterface32.dll, Löschen bei Neustart, [810bc6b353281d19f1ed0682e61b02fe], 

Registrierungsschlüssel: 32
PUP.Optional.IePluginService.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\IePluginServices, In Quarantäne, [256780f96e0dab8b2bb0bd9c1ae7a45c], 
Adware.Adpeak, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\buuoujqmrk64, In Quarantäne, [1874b3c6a4d7c57118d85a0ce81cf808], 
PUP.Optional.Spigot, HKLM\SOFTWARE\CLASSES\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}, In Quarantäne, [a6e6a8d1f5868da976d155f091718779], 
PUP.Optional.Spigot, HKLM\SOFTWARE\CLASSES\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}\INPROCSERVER32, In Quarantäne, [a6e6a8d1f5868da976d155f091718779], 
PUP.Optional.Spigot, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}, In Quarantäne, [a6e6a8d1f5868da976d155f091718779], 
PUP.Optional.CouponDownloader.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{10AD2C61-0898-4348-8600-14A342F22AC3}, In Quarantäne, [c4c855240c6faf875786310e7c8636ca], 
PUP.Optional.CouponDownloader.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{10AD2C61-0898-4348-8600-14A342F22AC3}, In Quarantäne, [c4c855240c6faf875786310e7c8636ca], 
PUP.Optional.CouponDownloader.A, HKU\S-1-5-21-1090653915-3958093925-69300803-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{10AD2C61-0898-4348-8600-14A342F22AC3}, In Quarantäne, [c4c855240c6faf875786310e7c8636ca], 
PUP.Optional.CouponDownloader.A, HKU\S-1-5-21-1090653915-3958093925-69300803-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{10AD2C61-0898-4348-8600-14A342F22AC3}, In Quarantäne, [c4c855240c6faf875786310e7c8636ca], 
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, In Quarantäne, [35575029f685fb3bf105f151738f718f], 
PUP.Optional.SupTab.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}, In Quarantäne, [35575029f685fb3bf105f151738f718f], 
PUP.Optional.SupTab.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{917CAAE9-DD47-4025-936E-1414F07DF5B8}, In Quarantäne, [35575029f685fb3bf105f151738f718f], 
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{917CAAE9-DD47-4025-936E-1414F07DF5B8}, In Quarantäne, [35575029f685fb3bf105f151738f718f], 
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}, In Quarantäne, [35575029f685fb3bf105f151738f718f], 
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, In Quarantäne, [35575029f685fb3bf105f151738f718f], 
PUP.Optional.SupTab.A, HKU\S-1-5-21-1090653915-3958093925-69300803-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, In Quarantäne, [35575029f685fb3bf105f151738f718f], 
PUP.Optional.SupTab.A, HKU\S-1-5-21-1090653915-3958093925-69300803-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, In Quarantäne, [35575029f685fb3bf105f151738f718f], 
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, In Quarantäne, [35575029f685fb3bf105f151738f718f], 
PUP.Optional.Spigot.A, HKU\S-1-5-21-1090653915-3958093925-69300803-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{3A787631-66A2-4634-B928-A37E73B58FB6}, In Quarantäne, [94f83f3a7efd8fa7ca456cd0a15fd32d], 
PUP.Optional.SupraSavings.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\buuoujqmrk64, In Quarantäne, [d2baf7826c0ffa3c811fa20e0ff37b85], 
PUP.Optional.SupraSavings.A, HKLM\SOFTWARE\suprasavings, In Quarantäne, [226ab1c8106b5adc24c86a4b4db550b0], 
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, In Quarantäne, [6d1f42375823181e1ad18d58cf34cf31], 
PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\WOW6432NODE\webssearchesSoftware, In Quarantäne, [a5e729506912d5617304b9fe44bef20e], 
PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, In Quarantäne, [6923562396e566d015d6d31206fd53ad], 
PUP.Optional.AdPeak.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{E6B105B8-1F65-4428-9397-1DFD8A03B94D}, In Quarantäne, [dfad6e0b9be020164a37475d7092b44c], 
PUP.Optional.MediaPlayerPlus.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Media_Play_AIR+_1.1, In Quarantäne, [573541382c4f5fd74b74366ff50d2fd1], 
PUP.Optional.PlusHD.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Plus-HD-9.1, In Quarantäne, [414b5a1f97e42f076dd1ad0a48bae818], 
PUP.Optional.SupraSavings.A, HKU\S-1-5-21-1090653915-3958093925-69300803-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SupraSavings, In Quarantäne, [43490772a1dab581bc31486d39c9ed13], 
PUP.Optional.CrossRider.A, HKU\S-1-5-21-1090653915-3958093925-69300803-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Crossrider, In Quarantäne, [ee9eaacfc4b7fb3bfda8c529a75c52ae], 
PUP.Optional.SupraSavings.A, HKU\S-1-5-21-1090653915-3958093925-69300803-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Supra Savings, In Quarantäne, [d4b896e34b30a294b62b852fa161ac54], 
PUP.Optional.SupraSavings.A, HKU\S-1-5-21-1090653915-3958093925-69300803-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\suprasavings, In Quarantäne, [4349f4858fec78bec8261b9a25dd5ba5], 
PUP.Optional.Qone8, HKU\S-1-5-21-1090653915-3958093925-69300803-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, In Quarantäne, [28642b4ec6b54beb10daebfa996a827e], 

Registrierungswerte: 3
PUP.Optional.Spigot.A, HKU\S-1-5-21-1090653915-3958093925-69300803-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Browser Extensions, "C:\Users\seaimager\AppData\Roaming\Browser Extensions\CouponsHelper.exe", In Quarantäne, [fa92bcbd186340f6a0b5ef051de6d12f]
PUP.Optional.FirstSeenToday.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|fst_de_31, In Quarantäne, [711bd0a94536d46297c68c241ce6a25e], 
PUP.Optional.QuickStart.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|quick_start@gmail.com, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\quick_start@gmail.com, In Quarantäne, [2b6184f565164ee8f93bd0e8a95951af]

Registrierungsdaten: 14
PUP.Optional.Skytech.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|AppInit_DLLs, C:\PROGRA~2\SupTab\SEARCH~2.DLL, Gut: (), Schlecht: (C:\PROGRA~2\SupTab\SEARCH~2.DLL),Ersetzt,[fd8f027718638da96579dfa9e1206898]
PUP.Optional.Skytech.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|AppInit_DLLs, C:\PROGRA~2\SupTab\SEARCH~1.DLL, Gut: (), Schlecht: (C:\PROGRA~2\SupTab\SEARCH~1.DLL),Ersetzt,[1d6fa5d43a4161d5439b7f09fd040bf5]
PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\CLIENTS\STARTMENUINTERNET\IEXPLORE.EXE\SHELL\OPEN\COMMAND, C:\Program Files\Internet Explorer\iexplore.exe hxxp://istart.webssearches.com/?type=sc&ts=1401992283&from=tugs&uid=WDCXWD15EADS-00P8B0_WD-WMAVU098454584545, Gut: (iexplore.exe), Schlecht: (C:\Program Files\Internet Explorer\iexplore.exe hxxp://istart.webssearches.com/?type=sc&ts=1401992283&from=tugs&uid=WDCXWD15EADS-00P8B0_WD-WMAVU098454584545),Ersetzt,[c4c86f0a3c3f5dd99e3474fc34d0d828]
PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, hxxp://istart.webssearches.com/web/?type=ds&ts=1401992283&from=tugs&uid=WDCXWD15EADS-00P8B0_WD-WMAVU098454584545&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://istart.webssearches.com/web/?type=ds&ts=1401992283&from=tugs&uid=WDCXWD15EADS-00P8B0_WD-WMAVU098454584545&q={searchTerms}),Ersetzt,[1775fd7c522974c25475acc47a8a2ed2]
PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, hxxp://istart.webssearches.com/?type=hp&ts=1401992283&from=tugs&uid=WDCXWD15EADS-00P8B0_WD-WMAVU098454584545, Gut: (www.google.com), Schlecht: (hxxp://istart.webssearches.com/?type=hp&ts=1401992283&from=tugs&uid=WDCXWD15EADS-00P8B0_WD-WMAVU098454584545),Ersetzt,[b8d43544027933033790ff71ed1716ea]
PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://istart.webssearches.com/?type=hp&ts=1401992283&from=tugs&uid=WDCXWD15EADS-00P8B0_WD-WMAVU098454584545, Gut: (www.google.com), Schlecht: (hxxp://istart.webssearches.com/?type=hp&ts=1401992283&from=tugs&uid=WDCXWD15EADS-00P8B0_WD-WMAVU098454584545),Ersetzt,[54385b1ebcbf8caa0ebd81ef62a20000]
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Gut: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Schlecht: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Ersetzt,[8ffd7207cbb0d1657585700aa65ea759]
PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\WOW6432NODE\CLIENTS\STARTMENUINTERNET\IEXPLORE.EXE\SHELL\OPEN\COMMAND, C:\Program Files\Internet Explorer\iexplore.exe hxxp://istart.webssearches.com/?type=sc&ts=1401992283&from=tugs&uid=WDCXWD15EADS-00P8B0_WD-WMAVU098454584545, Gut: (iexplore.exe), Schlecht: (C:\Program Files\Internet Explorer\iexplore.exe hxxp://istart.webssearches.com/?type=sc&ts=1401992283&from=tugs&uid=WDCXWD15EADS-00P8B0_WD-WMAVU098454584545),Ersetzt,[1f6d91e8621940f6d9f980f080848f71]
PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, hxxp://istart.webssearches.com/web/?type=ds&ts=1401992283&from=tugs&uid=WDCXWD15EADS-00P8B0_WD-WMAVU098454584545&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://istart.webssearches.com/web/?type=ds&ts=1401992283&from=tugs&uid=WDCXWD15EADS-00P8B0_WD-WMAVU098454584545&q={searchTerms}),Ersetzt,[5c308beec8b30531f0d968083ec6f60a]
PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, hxxp://istart.webssearches.com/?type=hp&ts=1401992283&from=tugs&uid=WDCXWD15EADS-00P8B0_WD-WMAVU098454584545, Gut: (www.google.com), Schlecht: (hxxp://istart.webssearches.com/?type=hp&ts=1401992283&from=tugs&uid=WDCXWD15EADS-00P8B0_WD-WMAVU098454584545),Ersetzt,[7d0fb8c137442313d9ee8ce4f90b4db3]
PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://istart.webssearches.com/?type=hp&ts=1401992283&from=tugs&uid=WDCXWD15EADS-00P8B0_WD-WMAVU098454584545, Gut: (www.google.com), Schlecht: (hxxp://istart.webssearches.com/?type=hp&ts=1401992283&from=tugs&uid=WDCXWD15EADS-00P8B0_WD-WMAVU098454584545),Ersetzt,[c4c887f209724ee815b6c9a7d4308c74]
PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Gut: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Schlecht: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Ersetzt,[751793e6c4b7d165fa007ffb31d3e61a]
PUP.Optional.WebsSearches.A, HKU\S-1-5-21-1090653915-3958093925-69300803-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://istart.webssearches.com/?type=hp&ts=1401992283&from=tugs&uid=WDCXWD15EADS-00P8B0_WD-WMAVU098454584545, Gut: (www.google.com), Schlecht: (hxxp://istart.webssearches.com/?type=hp&ts=1401992283&from=tugs&uid=WDCXWD15EADS-00P8B0_WD-WMAVU098454584545),Ersetzt,[5339babff58688ae5d6f026e3ec608f8]
PUP.Optional.WebsSearches.A, HKU\S-1-5-21-1090653915-3958093925-69300803-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, hxxp://istart.webssearches.com/?type=hp&ts=1401992283&from=tugs&uid=WDCXWD15EADS-00P8B0_WD-WMAVU098454584545, Gut: (www.google.com), Schlecht: (hxxp://istart.webssearches.com/?type=hp&ts=1401992283&from=tugs&uid=WDCXWD15EADS-00P8B0_WD-WMAVU098454584545),Ersetzt,[1e6e5e1b8fec3ef83692432dc0448e72]

Ordner: 92
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab, Löschen bei Neustart, [47454732ee8d8ea8b92cbe02b54da759], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web, In Quarantäne, [47454732ee8d8ea8b92cbe02b54da759], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img, In Quarantäne, [47454732ee8d8ea8b92cbe02b54da759], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\weather, In Quarantäne, [47454732ee8d8ea8b92cbe02b54da759], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js, In Quarantäne, [47454732ee8d8ea8b92cbe02b54da759], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales, In Quarantäne, [47454732ee8d8ea8b92cbe02b54da759], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\en-US, In Quarantäne, [47454732ee8d8ea8b92cbe02b54da759], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\es-419, In Quarantäne, [47454732ee8d8ea8b92cbe02b54da759], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\es-ES, In Quarantäne, [47454732ee8d8ea8b92cbe02b54da759], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-BE, In Quarantäne, [47454732ee8d8ea8b92cbe02b54da759], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-CA, In Quarantäne, [47454732ee8d8ea8b92cbe02b54da759], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-CH, In Quarantäne, [47454732ee8d8ea8b92cbe02b54da759], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-FR, In Quarantäne, [47454732ee8d8ea8b92cbe02b54da759], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-LU, In Quarantäne, [47454732ee8d8ea8b92cbe02b54da759], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\it-CH, In Quarantäne, [47454732ee8d8ea8b92cbe02b54da759], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\it-IT, In Quarantäne, [47454732ee8d8ea8b92cbe02b54da759], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pl, In Quarantäne, [47454732ee8d8ea8b92cbe02b54da759], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pt, In Quarantäne, [47454732ee8d8ea8b92cbe02b54da759], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pt-BR, In Quarantäne, [47454732ee8d8ea8b92cbe02b54da759], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\ru, In Quarantäne, [47454732ee8d8ea8b92cbe02b54da759], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\ru-MO, In Quarantäne, [47454732ee8d8ea8b92cbe02b54da759], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\tr-TR, In Quarantäne, [47454732ee8d8ea8b92cbe02b54da759], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\vi-VI, In Quarantäne, [47454732ee8d8ea8b92cbe02b54da759], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\zh-CN, In Quarantäne, [47454732ee8d8ea8b92cbe02b54da759], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\zh-TW, In Quarantäne, [47454732ee8d8ea8b92cbe02b54da759], 
PUP.Optional.QuickStart.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\quick_start@gmail.com, In Quarantäne, [6527d6a363181f175af2bed362a06f91], 
PUP.Optional.QuickStart.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\quick_start@gmail.com\chrome, In Quarantäne, [6527d6a363181f175af2bed362a06f91], 
PUP.Optional.QuickStart.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\quick_start@gmail.com\chrome\content, In Quarantäne, [6527d6a363181f175af2bed362a06f91], 
PUP.Optional.QuickStart.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\quick_start@gmail.com\chrome\content\include, In Quarantäne, [6527d6a363181f175af2bed362a06f91], 
PUP.Optional.QuickStart.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\quick_start@gmail.com\chrome\content\include\tools, In Quarantäne, [6527d6a363181f175af2bed362a06f91], 
PUP.Optional.QuickStart.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\quick_start@gmail.com\chrome\content\js, In Quarantäne, [6527d6a363181f175af2bed362a06f91], 
PUP.Optional.QuickStart.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\quick_start@gmail.com\chrome\content\js\lib, In Quarantäne, [6527d6a363181f175af2bed362a06f91], 
PUP.Optional.QuickStart.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\quick_start@gmail.com\chrome\content\js\module, In Quarantäne, [6527d6a363181f175af2bed362a06f91], 
PUP.Optional.QuickStart.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\quick_start@gmail.com\chrome\content\js\pack, In Quarantäne, [6527d6a363181f175af2bed362a06f91], 
PUP.Optional.QuickStart.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\quick_start@gmail.com\chrome\locale, In Quarantäne, [6527d6a363181f175af2bed362a06f91], 
PUP.Optional.QuickStart.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\quick_start@gmail.com\chrome\locale\en, In Quarantäne, [6527d6a363181f175af2bed362a06f91], 
PUP.Optional.QuickStart.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\quick_start@gmail.com\chrome\locale\en-US, In Quarantäne, [6527d6a363181f175af2bed362a06f91], 
PUP.Optional.QuickStart.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\quick_start@gmail.com\chrome\locale\es, In Quarantäne, [6527d6a363181f175af2bed362a06f91], 
PUP.Optional.QuickStart.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\quick_start@gmail.com\chrome\locale\es-419, In Quarantäne, [6527d6a363181f175af2bed362a06f91], 
PUP.Optional.QuickStart.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\quick_start@gmail.com\chrome\locale\fr, In Quarantäne, [6527d6a363181f175af2bed362a06f91], 
PUP.Optional.QuickStart.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\quick_start@gmail.com\chrome\locale\fr-BE, In Quarantäne, [6527d6a363181f175af2bed362a06f91], 
PUP.Optional.QuickStart.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\quick_start@gmail.com\chrome\locale\fr-CA, In Quarantäne, [6527d6a363181f175af2bed362a06f91], 
PUP.Optional.QuickStart.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\quick_start@gmail.com\chrome\locale\fr-CH, In Quarantäne, [6527d6a363181f175af2bed362a06f91], 
PUP.Optional.QuickStart.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\quick_start@gmail.com\chrome\locale\fr-LU, In Quarantäne, [6527d6a363181f175af2bed362a06f91], 
PUP.Optional.QuickStart.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\quick_start@gmail.com\chrome\locale\it, In Quarantäne, [6527d6a363181f175af2bed362a06f91], 
PUP.Optional.QuickStart.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\quick_start@gmail.com\chrome\locale\it-CH, In Quarantäne, [6527d6a363181f175af2bed362a06f91], 
PUP.Optional.QuickStart.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\quick_start@gmail.com\chrome\locale\pl, In Quarantäne, [6527d6a363181f175af2bed362a06f91], 
PUP.Optional.QuickStart.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\quick_start@gmail.com\chrome\locale\pt-BR, In Quarantäne, [6527d6a363181f175af2bed362a06f91], 
PUP.Optional.QuickStart.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\quick_start@gmail.com\chrome\locale\ru, In Quarantäne, [6527d6a363181f175af2bed362a06f91], 
PUP.Optional.QuickStart.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\quick_start@gmail.com\chrome\locale\ru-MO, In Quarantäne, [6527d6a363181f175af2bed362a06f91], 
PUP.Optional.QuickStart.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\quick_start@gmail.com\chrome\locale\tr, In Quarantäne, [6527d6a363181f175af2bed362a06f91], 
PUP.Optional.QuickStart.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\quick_start@gmail.com\chrome\locale\vi, In Quarantäne, [6527d6a363181f175af2bed362a06f91], 
PUP.Optional.QuickStart.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\quick_start@gmail.com\chrome\locale\zh-CN, In Quarantäne, [6527d6a363181f175af2bed362a06f91], 
PUP.Optional.QuickStart.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\quick_start@gmail.com\chrome\locale\zh-TW, In Quarantäne, [6527d6a363181f175af2bed362a06f91], 
PUP.Optional.QuickStart.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\quick_start@gmail.com\chrome\skin, In Quarantäne, [6527d6a363181f175af2bed362a06f91], 
PUP.Optional.QuickStart.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\quick_start@gmail.com\chrome\skin\weather, In Quarantäne, [6527d6a363181f175af2bed362a06f91], 
PUP.Optional.QuickStart.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\quick_start@gmail.com\defaults, In Quarantäne, [6527d6a363181f175af2bed362a06f91], 
PUP.Optional.QuickStart.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\quick_start@gmail.com\defaults\preferences, In Quarantäne, [6527d6a363181f175af2bed362a06f91], 
PUP.Optional.QuickStart.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\quick_start@gmail.com\modules, In Quarantäne, [6527d6a363181f175af2bed362a06f91], 
PUP.Optional.SupraSavings.A, C:\Program Files (x86)\SupraSavings, In Quarantäne, [8a024237611a0036c2bff2a06c962fd1], 
PUP.Optional.SupraSavings.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\SupraSavings@jetpack, In Quarantäne, [1775e297e09be94d9192fc9732d025db], 
PUP.Optional.SupraSavings.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\SupraSavings@jetpack\defaults, In Quarantäne, [1775e297e09be94d9192fc9732d025db], 
PUP.Optional.SupraSavings.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\SupraSavings@jetpack\defaults\preferences, In Quarantäne, [1775e297e09be94d9192fc9732d025db], 
PUP.Optional.SupraSavings.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\SupraSavings@jetpack\locale, In Quarantäne, [1775e297e09be94d9192fc9732d025db], 
PUP.Optional.SupraSavings.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\SupraSavings@jetpack\resources, In Quarantäne, [1775e297e09be94d9192fc9732d025db], 
PUP.Optional.SupraSavings.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\SupraSavings@jetpack\resources\addon-kit, In Quarantäne, [1775e297e09be94d9192fc9732d025db], 
PUP.Optional.SupraSavings.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\SupraSavings@jetpack\resources\addon-kit\data, In Quarantäne, [1775e297e09be94d9192fc9732d025db], 
PUP.Optional.SupraSavings.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\SupraSavings@jetpack\resources\addon-kit\lib, In Quarantäne, [1775e297e09be94d9192fc9732d025db], 
PUP.Optional.SupraSavings.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\SupraSavings@jetpack\resources\api-utils, In Quarantäne, [1775e297e09be94d9192fc9732d025db], 
PUP.Optional.SupraSavings.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\SupraSavings@jetpack\resources\api-utils\data, In Quarantäne, [1775e297e09be94d9192fc9732d025db], 
PUP.Optional.SupraSavings.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\SupraSavings@jetpack\resources\api-utils\lib, In Quarantäne, [1775e297e09be94d9192fc9732d025db], 
PUP.Optional.SupraSavings.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\SupraSavings@jetpack\resources\api-utils\lib\event, In Quarantäne, [1775e297e09be94d9192fc9732d025db], 
PUP.Optional.SupraSavings.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\SupraSavings@jetpack\resources\api-utils\lib\addon, In Quarantäne, [1775e297e09be94d9192fc9732d025db], 
PUP.Optional.SupraSavings.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\SupraSavings@jetpack\resources\api-utils\lib\content, In Quarantäne, [1775e297e09be94d9192fc9732d025db], 
PUP.Optional.SupraSavings.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\SupraSavings@jetpack\resources\api-utils\lib\dom, In Quarantäne, [1775e297e09be94d9192fc9732d025db], 
PUP.Optional.SupraSavings.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\SupraSavings@jetpack\resources\api-utils\lib\events, In Quarantäne, [1775e297e09be94d9192fc9732d025db], 
PUP.Optional.SupraSavings.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\SupraSavings@jetpack\resources\api-utils\lib\l10n, In Quarantäne, [1775e297e09be94d9192fc9732d025db], 
PUP.Optional.SupraSavings.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\SupraSavings@jetpack\resources\api-utils\lib\private-browsing, In Quarantäne, [1775e297e09be94d9192fc9732d025db], 
PUP.Optional.SupraSavings.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\SupraSavings@jetpack\resources\api-utils\lib\system, In Quarantäne, [1775e297e09be94d9192fc9732d025db], 
PUP.Optional.SupraSavings.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\SupraSavings@jetpack\resources\api-utils\lib\tabs, In Quarantäne, [1775e297e09be94d9192fc9732d025db], 
PUP.Optional.SupraSavings.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\SupraSavings@jetpack\resources\api-utils\lib\traits, In Quarantäne, [1775e297e09be94d9192fc9732d025db], 
PUP.Optional.SupraSavings.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\SupraSavings@jetpack\resources\api-utils\lib\utils, In Quarantäne, [1775e297e09be94d9192fc9732d025db], 
PUP.Optional.SupraSavings.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\SupraSavings@jetpack\resources\api-utils\lib\window, In Quarantäne, [1775e297e09be94d9192fc9732d025db], 
PUP.Optional.SupraSavings.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\SupraSavings@jetpack\resources\api-utils\lib\windows, In Quarantäne, [1775e297e09be94d9192fc9732d025db], 
PUP.Optional.SupraSavings.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\SupraSavings@jetpack\resources\SupraSavings, In Quarantäne, [1775e297e09be94d9192fc9732d025db], 
PUP.Optional.SupraSavings.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\SupraSavings@jetpack\resources\SupraSavings\data, In Quarantäne, [1775e297e09be94d9192fc9732d025db], 
PUP.Optional.SupraSavings.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\SupraSavings@jetpack\resources\SupraSavings\lib, In Quarantäne, [1775e297e09be94d9192fc9732d025db], 
PUP.Optional.SupraSavings.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\SupraSavings@jetpack\resources\SupraSavings\tests, In Quarantäne, [1775e297e09be94d9192fc9732d025db], 
PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices, Löschen bei Neustart, [7517b9c0bfbc2b0b13d33e626e948080], 
PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices\update, In Quarantäne, [7517b9c0bfbc2b0b13d33e626e948080], 
PUP.Optional.SearchProtect.A, C:\Users\seaimager\AppData\Local\SearchProtect, In Quarantäne, [7b1193e6b4c7f93d95522e72e81a56aa], 
PUP.Optional.SearchProtect.A, C:\Users\seaimager\AppData\Local\SearchProtect\Logs, In Quarantäne, [7b1193e6b4c7f93d95522e72e81a56aa], 

Dateien: 257
PUP.Optional.IePluginService.A, C:\ProgramData\IePluginServices\PluginService.exe, Löschen bei Neustart, [256780f96e0dab8b2bb0bd9c1ae7a45c], 
PUP.Optional.Skytech.A, C:\Program Files (x86)\SupTab\DpInterface32.dll, Löschen bei Neustart, [810bc6b353281d19f1ed0682e61b02fe], 
Adware.Adpeak, C:\Program Files\003\buuoujqmrk64.exe, Löschen bei Neustart, [1874b3c6a4d7c57118d85a0ce81cf808], 
PUP.Optional.Skytech.A, C:\Program Files (x86)\SupTab\SearchProtect64.dll, In Quarantäne, [fd8f027718638da96579dfa9e1206898], 
PUP.Optional.Skytech.A, C:\Program Files (x86)\SupTab\SearchProtect32.dll, In Quarantäne, [1d6fa5d43a4161d5439b7f09fd040bf5], 
PUP.Optional.Spigot, C:\Users\seaimager\AppData\Roaming\Browser Extensions\Coupons64.dll, In Quarantäne, [a6e6a8d1f5868da976d155f091718779], 
PUP.Optional.CouponDownloader.A, C:\Program Files (x86)\SupraSavings\2rs3.dll, In Quarantäne, [c4c855240c6faf875786310e7c8636ca], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\SupTab.dll, In Quarantäne, [35575029f685fb3bf105f151738f718f], 
PUP.Optional.Spigot.A, C:\Users\seaimager\AppData\Roaming\Browser Extensions\Uninstall.exe, In Quarantäne, [94f83f3a7efd8fa7ca456cd0a15fd32d], 
PUP.Optional.AdPeak.A, C:\Temp\InstallFilter64.msi, In Quarantäne, [4c40fc7d7308ed496916fa430ff139c7], 
PUP.Optional.SupraSavings.A, C:\Temp\t.msi, In Quarantäne, [09836b0ebbc07cba624310555ea63ac6], 
PUP.Optional.ScramblePacker.A, C:\Users\seaimager\AppData\Local\Temp\media.exe, In Quarantäne, [7715b5c4552665d136d6602b639ec53b], 
PUP.Optional.Spigot.A, C:\Users\seaimager\AppData\Local\Temp\~sp59A6.tmp, In Quarantäne, [f894ea8f4437072f38d796a6808038c8], 
PUP.Optional.Wajam.A, C:\Users\seaimager\AppData\Local\Temp\wajam_download.exe, In Quarantäne, [187461182754ac8a705b24221ee238c8], 
PUP.Optional.Conduit.A, C:\Users\seaimager\AppData\Local\Temp\spidentifierimpl.exe, In Quarantäne, [6d1feb8e8cef88aead2df690f50c57a9], 
PUP.Optional.NewPlayer.A, C:\Users\seaimager\AppData\Local\Temp\newvideoplayersetup.exe, In Quarantäne, [048845342f4cdc5ab1381a67ad54d52b], 
PUP.Optional.SupraSavings.A, C:\Users\seaimager\AppData\Local\Temp\f978377c-b7d4-4536-8e10-14ca97b13394.exe, In Quarantäne, [7c1011682f4c90a6665b0231fa08c33d], 
PUP.Optional.FirstSeenToday, C:\Users\seaimager\AppData\Local\Temp\freesofttoday.exe, In Quarantäne, [a8e48bee6813c4724d0ebacadb265ca4], 
PUP.Optional.InstallMonetizer.A, C:\Users\seaimager\AppData\Local\Temp\is-KQH27.tmp\IMNS.exe, In Quarantäne, [c6c67affc8b3a98d6254a98156ab9868], 
PUP.Optional.SupraSavings.A, C:\Windows\Installer\13bc52.msi, In Quarantäne, [bdcfb2c7384313239510b4b10cf8c937], 
PUP.Optional.SupraSavings.A, C:\Program Files\003\buuoujqmrk64.exe, Löschen bei Neustart, [d2baf7826c0ffa3c811fa20e0ff37b85], 
PUP.Optional.WebsSearches.A, C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\webssearches.xml, In Quarantäne, [7e0e2d4cb0cb5fd7740509ae4ab8bd43], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\install.data, In Quarantäne, [47454732ee8d8ea8b92cbe02b54da759], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\DpInterface64.dll, In Quarantäne, [47454732ee8d8ea8b92cbe02b54da759], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\DpInterfacef32.dll, In Quarantäne, [47454732ee8d8ea8b92cbe02b54da759], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\ient.json, In Quarantäne, [47454732ee8d8ea8b92cbe02b54da759], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\RSHP.exe, In Quarantäne, [47454732ee8d8ea8b92cbe02b54da759], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\SpAPPSv32.dll, In Quarantäne, [47454732ee8d8ea8b92cbe02b54da759], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\SpAPPSv64.dll, In Quarantäne, [47454732ee8d8ea8b92cbe02b54da759], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\uninstall.exe, In Quarantäne, [47454732ee8d8ea8b92cbe02b54da759], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\WebDataJs, In Quarantäne, [47454732ee8d8ea8b92cbe02b54da759], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\data.html, In Quarantäne, [47454732ee8d8ea8b92cbe02b54da759], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\indexIE.html, In Quarantäne, [47454732ee8d8ea8b92cbe02b54da759], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\indexIE8.html, In Quarantäne, [47454732ee8d8ea8b92cbe02b54da759], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\main.css, In Quarantäne, [47454732ee8d8ea8b92cbe02b54da759], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\ver.txt, In Quarantäne, [47454732ee8d8ea8b92cbe02b54da759], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\arrow.png, In Quarantäne, [47454732ee8d8ea8b92cbe02b54da759], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\default_add_logo.png, In Quarantäne, [47454732ee8d8ea8b92cbe02b54da759], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\default_add_logo_hover.png, In Quarantäne, [47454732ee8d8ea8b92cbe02b54da759], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\default_logo.png, In Quarantäne, [47454732ee8d8ea8b92cbe02b54da759], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\googlelogo.png, In Quarantäne, [47454732ee8d8ea8b92cbe02b54da759], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\googlelogo2.png, In Quarantäne, [47454732ee8d8ea8b92cbe02b54da759], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\google_trends.png, In Quarantäne, [47454732ee8d8ea8b92cbe02b54da759], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\icon128.png, In Quarantäne, [47454732ee8d8ea8b92cbe02b54da759], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\icon16.png, In Quarantäne, [47454732ee8d8ea8b92cbe02b54da759], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\icon48.png, In Quarantäne, [47454732ee8d8ea8b92cbe02b54da759], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\loading.gif, In Quarantäne, [47454732ee8d8ea8b92cbe02b54da759], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\logo32.ico, In Quarantäne, [47454732ee8d8ea8b92cbe02b54da759], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\weather\0.png, In Quarantäne, [47454732ee8d8ea8b92cbe02b54da759], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\common.js, In Quarantäne, [47454732ee8d8ea8b92cbe02b54da759], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\ga.js, In Quarantäne, [47454732ee8d8ea8b92cbe02b54da759], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\ie8.js, In Quarantäne, [47454732ee8d8ea8b92cbe02b54da759], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\jquery-1.11.0.min.js, In Quarantäne, [47454732ee8d8ea8b92cbe02b54da759], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\jquery.autocomplete.js, In Quarantäne, [47454732ee8d8ea8b92cbe02b54da759], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\js.js, In Quarantäne, [47454732ee8d8ea8b92cbe02b54da759], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\library.js, In Quarantäne, [47454732ee8d8ea8b92cbe02b54da759], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\xagainit.js, In Quarantäne, [47454732ee8d8ea8b92cbe02b54da759], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\en-US\messages.json, In Quarantäne, [47454732ee8d8ea8b92cbe02b54da759], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\es-419\messages.json, In Quarantäne, [47454732ee8d8ea8b92cbe02b54da759], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\es-ES\messages.json, In Quarantäne, [47454732ee8d8ea8b92cbe02b54da759], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-BE\messages.json, In Quarantäne, [47454732ee8d8ea8b92cbe02b54da759], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-CA\messages.json, In Quarantäne, [47454732ee8d8ea8b92cbe02b54da759], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-CH\messages.json, In Quarantäne, [47454732ee8d8ea8b92cbe02b54da759], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-FR\messages.json, In Quarantäne, [47454732ee8d8ea8b92cbe02b54da759], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-LU\messages.json, In Quarantäne, [47454732ee8d8ea8b92cbe02b54da759], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\it-CH\messages.json, In Quarantäne, [47454732ee8d8ea8b92cbe02b54da759], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\it-IT\messages.json, In Quarantäne, [47454732ee8d8ea8b92cbe02b54da759], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pl\messages.json, In Quarantäne, [47454732ee8d8ea8b92cbe02b54da759], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pt\messages.json, In Quarantäne, [47454732ee8d8ea8b92cbe02b54da759], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pt-BR\messages.json, In Quarantäne, [47454732ee8d8ea8b92cbe02b54da759], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\ru\messages.json, In Quarantäne, [47454732ee8d8ea8b92cbe02b54da759], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\ru-MO\messages.json, In Quarantäne, [47454732ee8d8ea8b92cbe02b54da759], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\tr-TR\messages.json, In Quarantäne, [47454732ee8d8ea8b92cbe02b54da759], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\vi-VI\messages.json, In Quarantäne, [47454732ee8d8ea8b92cbe02b54da759], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\zh-CN\messages.json, In Quarantäne, [47454732ee8d8ea8b92cbe02b54da759], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\zh-TW\messages.json, In Quarantäne, [47454732ee8d8ea8b92cbe02b54da759], 
PUP.Optional.Spigot.A, C:\Users\seaimager\AppData\Roaming\Browser Extensions\CouponsHelper.exe, In Quarantäne, [fa92bcbd186340f6a0b5ef051de6d12f], 
PUP.Optional.QuickStart.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\quick_start@gmail.com\chrome.manifest, In Quarantäne, [6527d6a363181f175af2bed362a06f91], 
PUP.Optional.QuickStart.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\quick_start@gmail.com\install.rdf, In Quarantäne, [6527d6a363181f175af2bed362a06f91], 
PUP.Optional.QuickStart.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\quick_start@gmail.com\chrome\content\index.html, In Quarantäne, [6527d6a363181f175af2bed362a06f91], 
PUP.Optional.QuickStart.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\quick_start@gmail.com\chrome\content\quick_start.js, In Quarantäne, [6527d6a363181f175af2bed362a06f91], 
PUP.Optional.QuickStart.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\quick_start@gmail.com\chrome\content\quick_start.xul, In Quarantäne, [6527d6a363181f175af2bed362a06f91], 
PUP.Optional.QuickStart.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\quick_start@gmail.com\chrome\content\include\pageload.js, In Quarantäne, [6527d6a363181f175af2bed362a06f91], 
PUP.Optional.QuickStart.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\quick_start@gmail.com\chrome\content\include\speed_dial.js, In Quarantäne, [6527d6a363181f175af2bed362a06f91], 
PUP.Optional.QuickStart.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\quick_start@gmail.com\chrome\content\include\tools\about_blank_hook.js, In Quarantäne, [6527d6a363181f175af2bed362a06f91], 
PUP.Optional.QuickStart.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\quick_start@gmail.com\chrome\content\include\tools\misc.js, In Quarantäne, [6527d6a363181f175af2bed362a06f91], 
PUP.Optional.QuickStart.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\quick_start@gmail.com\chrome\content\include\tools\popup_image_helper.js, In Quarantäne, [6527d6a363181f175af2bed362a06f91], 
PUP.Optional.QuickStart.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\quick_start@gmail.com\chrome\content\include\tools\urlrequestor.js, In Quarantäne, [6527d6a363181f175af2bed362a06f91], 
PUP.Optional.QuickStart.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\quick_start@gmail.com\chrome\content\js\js.js, In Quarantäne, [6527d6a363181f175af2bed362a06f91], 
PUP.Optional.QuickStart.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\quick_start@gmail.com\chrome\content\js\toolbar.js, In Quarantäne, [6527d6a363181f175af2bed362a06f91], 
PUP.Optional.QuickStart.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\quick_start@gmail.com\chrome\content\js\lib\doT.min.js, In Quarantäne, [6527d6a363181f175af2bed362a06f91], 
PUP.Optional.QuickStart.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\quick_start@gmail.com\chrome\content\js\lib\jquery-2.1.0.min.js, In Quarantäne, [6527d6a363181f175af2bed362a06f91], 
PUP.Optional.QuickStart.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\quick_start@gmail.com\chrome\content\js\lib\jquery.autocomplete.js, In Quarantäne, [6527d6a363181f175af2bed362a06f91], 
PUP.Optional.QuickStart.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\quick_start@gmail.com\chrome\content\js\module\bookmark.js, In Quarantäne, [6527d6a363181f175af2bed362a06f91], 
PUP.Optional.QuickStart.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\quick_start@gmail.com\chrome\content\js\module\helpGider.js, In Quarantäne, [6527d6a363181f175af2bed362a06f91], 
PUP.Optional.QuickStart.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\quick_start@gmail.com\chrome\content\js\module\hotSearch.js, In Quarantäne, [6527d6a363181f175af2bed362a06f91], 
PUP.Optional.QuickStart.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\quick_start@gmail.com\chrome\content\js\module\other.js, In Quarantäne, [6527d6a363181f175af2bed362a06f91], 
PUP.Optional.QuickStart.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\quick_start@gmail.com\chrome\content\js\module\pageManager.js, In Quarantäne, [6527d6a363181f175af2bed362a06f91], 
PUP.Optional.QuickStart.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\quick_start@gmail.com\chrome\content\js\module\pageNew.js, In Quarantäne, [6527d6a363181f175af2bed362a06f91], 
PUP.Optional.QuickStart.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\quick_start@gmail.com\chrome\content\js\module\search.js, In Quarantäne, [6527d6a363181f175af2bed362a06f91], 
PUP.Optional.QuickStart.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\quick_start@gmail.com\chrome\content\js\module\searchMode.js, In Quarantäne, [6527d6a363181f175af2bed362a06f91], 
PUP.Optional.QuickStart.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\quick_start@gmail.com\chrome\content\js\module\stat.js, In Quarantäne, [6527d6a363181f175af2bed362a06f91], 
PUP.Optional.QuickStart.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\quick_start@gmail.com\chrome\content\js\module\wallpaper.js, In Quarantäne, [6527d6a363181f175af2bed362a06f91], 
PUP.Optional.QuickStart.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\quick_start@gmail.com\chrome\content\js\module\weather.js, In Quarantäne, [6527d6a363181f175af2bed362a06f91], 
PUP.Optional.QuickStart.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\quick_start@gmail.com\chrome\content\js\pack\browerStart.js, In Quarantäne, [6527d6a363181f175af2bed362a06f91], 
PUP.Optional.QuickStart.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\quick_start@gmail.com\chrome\content\js\pack\common.js, In Quarantäne, [6527d6a363181f175af2bed362a06f91], 
PUP.Optional.QuickStart.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\quick_start@gmail.com\chrome\content\js\pack\ga.js, In Quarantäne, [6527d6a363181f175af2bed362a06f91], 
PUP.Optional.QuickStart.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\quick_start@gmail.com\chrome\content\js\pack\xagainit.js, In Quarantäne, [6527d6a363181f175af2bed362a06f91], 
PUP.Optional.QuickStart.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\quick_start@gmail.com\chrome\locale\en\locale.properties, In Quarantäne, [6527d6a363181f175af2bed362a06f91], 
PUP.Optional.QuickStart.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\quick_start@gmail.com\chrome\locale\en-US\locale.properties, In Quarantäne, [6527d6a363181f175af2bed362a06f91], 
PUP.Optional.QuickStart.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\quick_start@gmail.com\chrome\locale\es\locale.properties, In Quarantäne, [6527d6a363181f175af2bed362a06f91], 
PUP.Optional.QuickStart.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\quick_start@gmail.com\chrome\locale\es-419\locale.properties, In Quarantäne, [6527d6a363181f175af2bed362a06f91], 
PUP.Optional.QuickStart.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\quick_start@gmail.com\chrome\locale\fr\locale.properties, In Quarantäne, [6527d6a363181f175af2bed362a06f91], 
PUP.Optional.QuickStart.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\quick_start@gmail.com\chrome\locale\fr-BE\locale.properties, In Quarantäne, [6527d6a363181f175af2bed362a06f91], 
PUP.Optional.QuickStart.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\quick_start@gmail.com\chrome\locale\fr-CA\locale.properties, In Quarantäne, [6527d6a363181f175af2bed362a06f91], 
PUP.Optional.QuickStart.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\quick_start@gmail.com\chrome\locale\fr-CH\locale.properties, In Quarantäne, [6527d6a363181f175af2bed362a06f91], 
PUP.Optional.QuickStart.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\quick_start@gmail.com\chrome\locale\fr-LU\locale.properties, In Quarantäne, [6527d6a363181f175af2bed362a06f91], 
PUP.Optional.QuickStart.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\quick_start@gmail.com\chrome\locale\it\locale.properties, In Quarantäne, [6527d6a363181f175af2bed362a06f91], 
PUP.Optional.QuickStart.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\quick_start@gmail.com\chrome\locale\it-CH\locale.properties, In Quarantäne, [6527d6a363181f175af2bed362a06f91], 
PUP.Optional.QuickStart.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\quick_start@gmail.com\chrome\locale\pl\locale.properties, In Quarantäne, [6527d6a363181f175af2bed362a06f91], 
PUP.Optional.QuickStart.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\quick_start@gmail.com\chrome\locale\pt-BR\locale.properties, In Quarantäne, [6527d6a363181f175af2bed362a06f91], 
PUP.Optional.QuickStart.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\quick_start@gmail.com\chrome\locale\ru\locale.properties, In Quarantäne, [6527d6a363181f175af2bed362a06f91], 
PUP.Optional.QuickStart.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\quick_start@gmail.com\chrome\locale\ru-MO\locale.properties, In Quarantäne, [6527d6a363181f175af2bed362a06f91], 
PUP.Optional.QuickStart.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\quick_start@gmail.com\chrome\locale\tr\locale.properties, In Quarantäne, [6527d6a363181f175af2bed362a06f91], 
PUP.Optional.QuickStart.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\quick_start@gmail.com\chrome\locale\vi\locale.properties, In Quarantäne, [6527d6a363181f175af2bed362a06f91], 
PUP.Optional.QuickStart.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\quick_start@gmail.com\chrome\locale\zh-CN\locale.properties, In Quarantäne, [6527d6a363181f175af2bed362a06f91], 
PUP.Optional.QuickStart.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\quick_start@gmail.com\chrome\locale\zh-TW\locale.properties, In Quarantäne, [6527d6a363181f175af2bed362a06f91], 
PUP.Optional.QuickStart.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\quick_start@gmail.com\chrome\skin\arrow.png, In Quarantäne, [6527d6a363181f175af2bed362a06f91], 
PUP.Optional.QuickStart.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\quick_start@gmail.com\chrome\skin\default_add_logo.png, In Quarantäne, [6527d6a363181f175af2bed362a06f91], 
PUP.Optional.QuickStart.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\quick_start@gmail.com\chrome\skin\default_add_logo_hover.png, In Quarantäne, [6527d6a363181f175af2bed362a06f91], 
PUP.Optional.QuickStart.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\quick_start@gmail.com\chrome\skin\default_logo.png, In Quarantäne, [6527d6a363181f175af2bed362a06f91], 
PUP.Optional.QuickStart.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\quick_start@gmail.com\chrome\skin\googlelogo.png, In Quarantäne, [6527d6a363181f175af2bed362a06f91], 
PUP.Optional.QuickStart.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\quick_start@gmail.com\chrome\skin\googlelogo2.png, In Quarantäne, [6527d6a363181f175af2bed362a06f91], 
PUP.Optional.QuickStart.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\quick_start@gmail.com\chrome\skin\google_trends.png, In Quarantäne, [6527d6a363181f175af2bed362a06f91], 
PUP.Optional.QuickStart.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\quick_start@gmail.com\chrome\skin\icon.png, In Quarantäne, [6527d6a363181f175af2bed362a06f91], 
PUP.Optional.QuickStart.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\quick_start@gmail.com\chrome\skin\loading.gif, In Quarantäne, [6527d6a363181f175af2bed362a06f91], 
PUP.Optional.QuickStart.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\quick_start@gmail.com\chrome\skin\logo.ico, In Quarantäne, [6527d6a363181f175af2bed362a06f91], 
PUP.Optional.QuickStart.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\quick_start@gmail.com\chrome\skin\logo.png, In Quarantäne, [6527d6a363181f175af2bed362a06f91], 
PUP.Optional.QuickStart.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\quick_start@gmail.com\chrome\skin\logo32.ico, In Quarantäne, [6527d6a363181f175af2bed362a06f91], 
PUP.Optional.QuickStart.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\quick_start@gmail.com\chrome\skin\media.css, In Quarantäne, [6527d6a363181f175af2bed362a06f91], 
PUP.Optional.QuickStart.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\quick_start@gmail.com\chrome\skin\style.css, In Quarantäne, [6527d6a363181f175af2bed362a06f91], 
PUP.Optional.QuickStart.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\quick_start@gmail.com\chrome\skin\weather\0.png, In Quarantäne, [6527d6a363181f175af2bed362a06f91], 
PUP.Optional.QuickStart.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\quick_start@gmail.com\defaults\preferences\fvd.js, In Quarantäne, [6527d6a363181f175af2bed362a06f91], 
PUP.Optional.QuickStart.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\quick_start@gmail.com\defaults\preferences\preferences.js, In Quarantäne, [6527d6a363181f175af2bed362a06f91], 
PUP.Optional.QuickStart.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\quick_start@gmail.com\modules\addonmanager.js, In Quarantäne, [6527d6a363181f175af2bed362a06f91], 
PUP.Optional.QuickStart.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\quick_start@gmail.com\modules\aes.js, In Quarantäne, [6527d6a363181f175af2bed362a06f91], 
PUP.Optional.QuickStart.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\quick_start@gmail.com\modules\config.js, In Quarantäne, [6527d6a363181f175af2bed362a06f91], 
PUP.Optional.QuickStart.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\quick_start@gmail.com\modules\dialogs.js, In Quarantäne, [6527d6a363181f175af2bed362a06f91], 
PUP.Optional.QuickStart.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\quick_start@gmail.com\modules\last_tab.js, In Quarantäne, [6527d6a363181f175af2bed362a06f91], 
PUP.Optional.QuickStart.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\quick_start@gmail.com\modules\misc.js, In Quarantäne, [6527d6a363181f175af2bed362a06f91], 
PUP.Optional.QuickStart.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\quick_start@gmail.com\modules\properties.js, In Quarantäne, [6527d6a363181f175af2bed362a06f91], 
PUP.Optional.QuickStart.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\quick_start@gmail.com\modules\remoterequest.js, In Quarantäne, [6527d6a363181f175af2bed362a06f91], 
PUP.Optional.QuickStart.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\quick_start@gmail.com\modules\restoreprefs.js, In Quarantäne, [6527d6a363181f175af2bed362a06f91], 
PUP.Optional.QuickStart.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\quick_start@gmail.com\modules\settings.js, In Quarantäne, [6527d6a363181f175af2bed362a06f91], 
PUP.Optional.SupraSavings.A, C:\Program Files (x86)\SupraSavings\background.js, In Quarantäne, [8a024237611a0036c2bff2a06c962fd1], 
PUP.Optional.SupraSavings.A, C:\Program Files (x86)\SupraSavings\CustomActionInstall, In Quarantäne, [8a024237611a0036c2bff2a06c962fd1], 
PUP.Optional.SupraSavings.A, C:\Program Files (x86)\SupraSavings\CustomActionUninstall, In Quarantäne, [8a024237611a0036c2bff2a06c962fd1], 
PUP.Optional.SupraSavings.A, C:\Program Files (x86)\SupraSavings\icon128.png, In Quarantäne, [8a024237611a0036c2bff2a06c962fd1], 
PUP.Optional.SupraSavings.A, C:\Program Files (x86)\SupraSavings\icon16.png, In Quarantäne, [8a024237611a0036c2bff2a06c962fd1], 
PUP.Optional.SupraSavings.A, C:\Program Files (x86)\SupraSavings\icon32.png, In Quarantäne, [8a024237611a0036c2bff2a06c962fd1], 
PUP.Optional.SupraSavings.A, C:\Program Files (x86)\SupraSavings\icon48.png, In Quarantäne, [8a024237611a0036c2bff2a06c962fd1], 
PUP.Optional.SupraSavings.A, C:\Program Files (x86)\SupraSavings\icon64.png, In Quarantäne, [8a024237611a0036c2bff2a06c962fd1], 
PUP.Optional.SupraSavings.A, C:\Program Files (x86)\SupraSavings\icon8.png, In Quarantäne, [8a024237611a0036c2bff2a06c962fd1], 
PUP.Optional.SupraSavings.A, C:\Program Files (x86)\SupraSavings\iwalyk.js, In Quarantäne, [8a024237611a0036c2bff2a06c962fd1], 
PUP.Optional.SupraSavings.A, C:\Program Files (x86)\SupraSavings\manifest.json, In Quarantäne, [8a024237611a0036c2bff2a06c962fd1], 
PUP.Optional.SupraSavings.A, C:\Program Files (x86)\SupraSavings\marcopolo.js, In Quarantäne, [8a024237611a0036c2bff2a06c962fd1], 
PUP.Optional.SupraSavings.A, C:\Program Files (x86)\SupraSavings\Microsoft.Deployment.WindowsInstaller.dll, In Quarantäne, [8a024237611a0036c2bff2a06c962fd1], 
PUP.Optional.SupraSavings.A, C:\Program Files (x86)\SupraSavings\Microsoft.Deployment.WindowsInstaller.xml, In Quarantäne, [8a024237611a0036c2bff2a06c962fd1], 
PUP.Optional.SupraSavings.A, C:\Program Files (x86)\SupraSavings\SendJson.dll, In Quarantäne, [8a024237611a0036c2bff2a06c962fd1], 
PUP.Optional.SupraSavings.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\SupraSavings@jetpack\bootstrap.js, In Quarantäne, [1775e297e09be94d9192fc9732d025db], 
PUP.Optional.SupraSavings.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\SupraSavings@jetpack\harness-options.json, In Quarantäne, [1775e297e09be94d9192fc9732d025db], 
PUP.Optional.SupraSavings.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\SupraSavings@jetpack\icon.png, In Quarantäne, [1775e297e09be94d9192fc9732d025db], 
PUP.Optional.SupraSavings.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\SupraSavings@jetpack\install.rdf, In Quarantäne, [1775e297e09be94d9192fc9732d025db], 
PUP.Optional.SupraSavings.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\SupraSavings@jetpack\locales.json, In Quarantäne, [1775e297e09be94d9192fc9732d025db], 
PUP.Optional.SupraSavings.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\SupraSavings@jetpack\defaults\preferences\prefs.js, In Quarantäne, [1775e297e09be94d9192fc9732d025db], 
PUP.Optional.SupraSavings.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\SupraSavings@jetpack\resources\addon-kit\lib\page-mod.js, In Quarantäne, [1775e297e09be94d9192fc9732d025db], 
PUP.Optional.SupraSavings.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\SupraSavings@jetpack\resources\addon-kit\lib\private-browsing.js, In Quarantäne, [1775e297e09be94d9192fc9732d025db], 
PUP.Optional.SupraSavings.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\SupraSavings@jetpack\resources\addon-kit\lib\request.js, In Quarantäne, [1775e297e09be94d9192fc9732d025db], 
PUP.Optional.SupraSavings.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\SupraSavings@jetpack\resources\addon-kit\lib\windows.js, In Quarantäne, [1775e297e09be94d9192fc9732d025db], 
PUP.Optional.SupraSavings.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\SupraSavings@jetpack\resources\api-utils\lib\observer-service.js, In Quarantäne, [1775e297e09be94d9192fc9732d025db], 
PUP.Optional.SupraSavings.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\SupraSavings@jetpack\resources\api-utils\lib\api-utils.js, In Quarantäne, [1775e297e09be94d9192fc9732d025db], 
PUP.Optional.SupraSavings.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\SupraSavings@jetpack\resources\api-utils\lib\base64.js, In Quarantäne, [1775e297e09be94d9192fc9732d025db], 
PUP.Optional.SupraSavings.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\SupraSavings@jetpack\resources\api-utils\lib\byte-streams.js, In Quarantäne, [1775e297e09be94d9192fc9732d025db], 
PUP.Optional.SupraSavings.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\SupraSavings@jetpack\resources\api-utils\lib\collection.js, In Quarantäne, [1775e297e09be94d9192fc9732d025db], 
PUP.Optional.SupraSavings.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\SupraSavings@jetpack\resources\api-utils\lib\content.js, In Quarantäne, [1775e297e09be94d9192fc9732d025db], 
PUP.Optional.SupraSavings.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\SupraSavings@jetpack\resources\api-utils\lib\cortex.js, In Quarantäne, [1775e297e09be94d9192fc9732d025db], 
PUP.Optional.SupraSavings.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\SupraSavings@jetpack\resources\api-utils\lib\cuddlefish.js, In Quarantäne, [1775e297e09be94d9192fc9732d025db], 
PUP.Optional.SupraSavings.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\SupraSavings@jetpack\resources\api-utils\lib\deprecate.js, In Quarantäne, [1775e297e09be94d9192fc9732d025db], 
PUP.Optional.SupraSavings.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\SupraSavings@jetpack\resources\api-utils\lib\environment.js, In Quarantäne, [1775e297e09be94d9192fc9732d025db], 
PUP.Optional.SupraSavings.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\SupraSavings@jetpack\resources\api-utils\lib\errors.js, In Quarantäne, [1775e297e09be94d9192fc9732d025db], 
PUP.Optional.SupraSavings.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\SupraSavings@jetpack\resources\api-utils\lib\events.js, In Quarantäne, [1775e297e09be94d9192fc9732d025db], 
PUP.Optional.SupraSavings.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\SupraSavings@jetpack\resources\api-utils\lib\file.js, In Quarantäne, [1775e297e09be94d9192fc9732d025db], 
PUP.Optional.SupraSavings.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\SupraSavings@jetpack\resources\api-utils\lib\functional.js, In Quarantäne, [1775e297e09be94d9192fc9732d025db], 
PUP.Optional.SupraSavings.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\SupraSavings@jetpack\resources\api-utils\lib\globals.js, In Quarantäne, [1775e297e09be94d9192fc9732d025db], 
PUP.Optional.SupraSavings.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\SupraSavings@jetpack\resources\api-utils\lib\heritage.js, In Quarantäne, [1775e297e09be94d9192fc9732d025db], 
PUP.Optional.SupraSavings.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\SupraSavings@jetpack\resources\api-utils\lib\hidden-frame.js, In Quarantäne, [1775e297e09be94d9192fc9732d025db], 
PUP.Optional.SupraSavings.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\SupraSavings@jetpack\resources\api-utils\lib\light-traits.js, In Quarantäne, [1775e297e09be94d9192fc9732d025db], 
PUP.Optional.SupraSavings.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\SupraSavings@jetpack\resources\api-utils\lib\list.js, In Quarantäne, [1775e297e09be94d9192fc9732d025db], 
PUP.Optional.SupraSavings.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\SupraSavings@jetpack\resources\api-utils\lib\loader.js, In Quarantäne, [1775e297e09be94d9192fc9732d025db], 
PUP.Optional.SupraSavings.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\SupraSavings@jetpack\resources\api-utils\lib\match-pattern.js, In Quarantäne, [1775e297e09be94d9192fc9732d025db], 
PUP.Optional.SupraSavings.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\SupraSavings@jetpack\resources\api-utils\lib\memory.js, In Quarantäne, [1775e297e09be94d9192fc9732d025db], 
PUP.Optional.SupraSavings.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\SupraSavings@jetpack\resources\api-utils\lib\namespace.js, In Quarantäne, [1775e297e09be94d9192fc9732d025db], 
PUP.Optional.SupraSavings.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\SupraSavings@jetpack\resources\api-utils\lib\plain-text-console.js, In Quarantäne, [1775e297e09be94d9192fc9732d025db], 
PUP.Optional.SupraSavings.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\SupraSavings@jetpack\resources\api-utils\lib\preferences-service.js, In Quarantäne, [1775e297e09be94d9192fc9732d025db], 
PUP.Optional.SupraSavings.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\SupraSavings@jetpack\resources\api-utils\lib\promise.js, In Quarantäne, [1775e297e09be94d9192fc9732d025db], 
PUP.Optional.SupraSavings.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\SupraSavings@jetpack\resources\api-utils\lib\querystring.js, In Quarantäne, [1775e297e09be94d9192fc9732d025db], 
PUP.Optional.SupraSavings.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\SupraSavings@jetpack\resources\api-utils\lib\runtime.js, In Quarantäne, [1775e297e09be94d9192fc9732d025db], 
PUP.Optional.SupraSavings.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\SupraSavings@jetpack\resources\api-utils\lib\sandbox.js, In Quarantäne, [1775e297e09be94d9192fc9732d025db], 
PUP.Optional.SupraSavings.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\SupraSavings@jetpack\resources\api-utils\lib\self.js, In Quarantäne, [1775e297e09be94d9192fc9732d025db], 
PUP.Optional.SupraSavings.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\SupraSavings@jetpack\resources\api-utils\lib\system.js, In Quarantäne, [1775e297e09be94d9192fc9732d025db], 
PUP.Optional.SupraSavings.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\SupraSavings@jetpack\resources\api-utils\lib\text-streams.js, In Quarantäne, [1775e297e09be94d9192fc9732d025db], 
PUP.Optional.SupraSavings.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\SupraSavings@jetpack\resources\api-utils\lib\timer.js, In Quarantäne, [1775e297e09be94d9192fc9732d025db], 
PUP.Optional.SupraSavings.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\SupraSavings@jetpack\resources\api-utils\lib\traceback.js, In Quarantäne, [1775e297e09be94d9192fc9732d025db], 
PUP.Optional.SupraSavings.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\SupraSavings@jetpack\resources\api-utils\lib\traits.js, In Quarantäne, [1775e297e09be94d9192fc9732d025db], 
PUP.Optional.SupraSavings.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\SupraSavings@jetpack\resources\api-utils\lib\unload.js, In Quarantäne, [1775e297e09be94d9192fc9732d025db], 
PUP.Optional.SupraSavings.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\SupraSavings@jetpack\resources\api-utils\lib\url.js, In Quarantäne, [1775e297e09be94d9192fc9732d025db], 
PUP.Optional.SupraSavings.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\SupraSavings@jetpack\resources\api-utils\lib\uuid.js, In Quarantäne, [1775e297e09be94d9192fc9732d025db], 
PUP.Optional.SupraSavings.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\SupraSavings@jetpack\resources\api-utils\lib\window-utils.js, In Quarantäne, [1775e297e09be94d9192fc9732d025db], 
PUP.Optional.SupraSavings.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\SupraSavings@jetpack\resources\api-utils\lib\xhr.js, In Quarantäne, [1775e297e09be94d9192fc9732d025db], 
PUP.Optional.SupraSavings.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\SupraSavings@jetpack\resources\api-utils\lib\xpcom.js, In Quarantäne, [1775e297e09be94d9192fc9732d025db], 
PUP.Optional.SupraSavings.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\SupraSavings@jetpack\resources\api-utils\lib\xul-app.js, In Quarantäne, [1775e297e09be94d9192fc9732d025db], 
PUP.Optional.SupraSavings.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\SupraSavings@jetpack\resources\api-utils\lib\event\core.js, In Quarantäne, [1775e297e09be94d9192fc9732d025db], 
PUP.Optional.SupraSavings.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\SupraSavings@jetpack\resources\api-utils\lib\event\target.js, In Quarantäne, [1775e297e09be94d9192fc9732d025db], 
PUP.Optional.SupraSavings.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\SupraSavings@jetpack\resources\api-utils\lib\addon\runner.js, In Quarantäne, [1775e297e09be94d9192fc9732d025db], 
PUP.Optional.SupraSavings.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\SupraSavings@jetpack\resources\api-utils\lib\content\content-proxy.js, In Quarantäne, [1775e297e09be94d9192fc9732d025db], 
PUP.Optional.SupraSavings.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\SupraSavings@jetpack\resources\api-utils\lib\content\content-worker.js, In Quarantäne, [1775e297e09be94d9192fc9732d025db], 
PUP.Optional.SupraSavings.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\SupraSavings@jetpack\resources\api-utils\lib\content\loader.js, In Quarantäne, [1775e297e09be94d9192fc9732d025db], 
PUP.Optional.SupraSavings.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\SupraSavings@jetpack\resources\api-utils\lib\content\symbiont.js, In Quarantäne, [1775e297e09be94d9192fc9732d025db], 
PUP.Optional.SupraSavings.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\SupraSavings@jetpack\resources\api-utils\lib\content\worker.js, In Quarantäne, [1775e297e09be94d9192fc9732d025db], 
PUP.Optional.SupraSavings.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\SupraSavings@jetpack\resources\api-utils\lib\dom\events.js, In Quarantäne, [1775e297e09be94d9192fc9732d025db], 
PUP.Optional.SupraSavings.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\SupraSavings@jetpack\resources\api-utils\lib\events\assembler.js, In Quarantäne, [1775e297e09be94d9192fc9732d025db], 
PUP.Optional.SupraSavings.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\SupraSavings@jetpack\resources\api-utils\lib\l10n\core.js, In Quarantäne, [1775e297e09be94d9192fc9732d025db], 
PUP.Optional.SupraSavings.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\SupraSavings@jetpack\resources\api-utils\lib\l10n\html.js, In Quarantäne, [1775e297e09be94d9192fc9732d025db], 
PUP.Optional.SupraSavings.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\SupraSavings@jetpack\resources\api-utils\lib\l10n\loader.js, In Quarantäne, [1775e297e09be94d9192fc9732d025db], 
PUP.Optional.SupraSavings.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\SupraSavings@jetpack\resources\api-utils\lib\l10n\locale.js, In Quarantäne, [1775e297e09be94d9192fc9732d025db], 
PUP.Optional.SupraSavings.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\SupraSavings@jetpack\resources\api-utils\lib\l10n\prefs.js, In Quarantäne, [1775e297e09be94d9192fc9732d025db], 
PUP.Optional.SupraSavings.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\SupraSavings@jetpack\resources\api-utils\lib\private-browsing\utils.js, In Quarantäne, [1775e297e09be94d9192fc9732d025db], 
PUP.Optional.SupraSavings.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\SupraSavings@jetpack\resources\api-utils\lib\system\events.js, In Quarantäne, [1775e297e09be94d9192fc9732d025db], 
PUP.Optional.SupraSavings.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\SupraSavings@jetpack\resources\api-utils\lib\tabs\events.js, In Quarantäne, [1775e297e09be94d9192fc9732d025db], 
PUP.Optional.SupraSavings.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\SupraSavings@jetpack\resources\api-utils\lib\tabs\observer.js, In Quarantäne, [1775e297e09be94d9192fc9732d025db], 
PUP.Optional.SupraSavings.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\SupraSavings@jetpack\resources\api-utils\lib\tabs\tab.js, In Quarantäne, [1775e297e09be94d9192fc9732d025db], 
PUP.Optional.SupraSavings.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\SupraSavings@jetpack\resources\api-utils\lib\tabs\utils.js, In Quarantäne, [1775e297e09be94d9192fc9732d025db], 
PUP.Optional.SupraSavings.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\SupraSavings@jetpack\resources\api-utils\lib\traits\core.js, In Quarantäne, [1775e297e09be94d9192fc9732d025db], 
PUP.Optional.SupraSavings.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\SupraSavings@jetpack\resources\api-utils\lib\utils\data.js, In Quarantäne, [1775e297e09be94d9192fc9732d025db], 
PUP.Optional.SupraSavings.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\SupraSavings@jetpack\resources\api-utils\lib\utils\object.js, In Quarantäne, [1775e297e09be94d9192fc9732d025db], 
PUP.Optional.SupraSavings.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\SupraSavings@jetpack\resources\api-utils\lib\utils\registry.js, In Quarantäne, [1775e297e09be94d9192fc9732d025db], 
PUP.Optional.SupraSavings.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\SupraSavings@jetpack\resources\api-utils\lib\utils\thumbnail.js, In Quarantäne, [1775e297e09be94d9192fc9732d025db], 
PUP.Optional.SupraSavings.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\SupraSavings@jetpack\resources\api-utils\lib\window\utils.js, In Quarantäne, [1775e297e09be94d9192fc9732d025db], 
PUP.Optional.SupraSavings.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\SupraSavings@jetpack\resources\api-utils\lib\windows\dom.js, In Quarantäne, [1775e297e09be94d9192fc9732d025db], 
PUP.Optional.SupraSavings.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\SupraSavings@jetpack\resources\api-utils\lib\windows\loader.js, In Quarantäne, [1775e297e09be94d9192fc9732d025db], 
PUP.Optional.SupraSavings.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\SupraSavings@jetpack\resources\api-utils\lib\windows\observer.js, In Quarantäne, [1775e297e09be94d9192fc9732d025db], 
PUP.Optional.SupraSavings.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\SupraSavings@jetpack\resources\api-utils\lib\windows\tabs.js, In Quarantäne, [1775e297e09be94d9192fc9732d025db], 
PUP.Optional.SupraSavings.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\SupraSavings@jetpack\resources\SupraSavings\data\icon64.png, In Quarantäne, [1775e297e09be94d9192fc9732d025db], 
PUP.Optional.SupraSavings.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\extensions\SupraSavings@jetpack\resources\SupraSavings\lib\main.js, In Quarantäne, [1775e297e09be94d9192fc9732d025db], 
PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices\update\conf, In Quarantäne, [7517b9c0bfbc2b0b13d33e626e948080], 
PUP.Optional.WebsSearches.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\prefs.js, Gut: (), Schlecht: (user_pref("browser.startup.homepage", "hxxp://istart.webssearches.com/?type=hppp&ts=1402844558&from=tugs&uid=WDCXWD15EADS-00P8B0_WD-WMAVU098454584545");), Ersetzt,[5b311c5d32499f9750f44f59b84c9b65]
PUP.Optional.CrossRider.A, C:\Users\seaimager\AppData\Roaming\Mozilla\Firefox\Profiles\yanl13x8.default-1396898604837\prefs.js, Gut: (), Schlecht: (user_pref("extensions.crossrider.bic", "1466d416dde428ac86f314384aefa167");), Ersetzt,[fd8fcbae3e3d52e4961904a4b64ebd43]

Physische Sektoren: 0
(No malicious items detected)


(end)
Hallo Cosinus

hoffe dass nun alles passt
danke

Alt 18.06.2014, 10:23   #11
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Werbung erscheint plötzlich Browser, einige Wörter erscheinen als Links zu Werbeseiten - Standard

Werbung erscheint plötzlich Browser, einige Wörter erscheinen als Links zu Werbeseiten


Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
Task: {82E79536-3F61-4842-93D0-F7BFB144A93E} - \globalUpdateUpdateTaskMachineCore No Task File <==== ATTENTION
Task: {96429E48-7204-4417-AF9C-3648B0DAE097} - \globalUpdateUpdateTaskMachineUA No Task File <==== ATTENTION
AlternateDataStreams: C:\ProgramData\TEMP:3241321C
AlternateDataStreams: C:\Users\seaimager\AppData\Local\Temp:QxzaNzdeoy5arJs302ramfp7S6

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.

__________________
Logfiles bitte immer in CODE-Tags posten

Antwort

Themen zu Werbung erscheint plötzlich Browser, einige Wörter erscheinen als Links zu Werbeseiten
adware.adpeak, pup.optional.adpeak.a, pup.optional.conduit.a, pup.optional.coupondownloader.a, pup.optional.crossrider.a, pup.optional.firstseentoday, pup.optional.firstseentoday.a, pup.optional.iepluginservice.a, pup.optional.iepluginservices.a, pup.optional.installmonetizer.a, pup.optional.mediaplayerplus.a, pup.optional.newplayer.a, pup.optional.plushd.a, pup.optional.qone8, pup.optional.quickstart.a, pup.optional.scramblepacker.a, pup.optional.searchprotect.a, pup.optional.skytech.a, pup.optional.spigot, pup.optional.spigot.a, pup.optional.suprasavings.a, pup.optional.suptab.a, pup.optional.wajam.a, pup.optional.webssearches.a, werbebanner


« Windows 7: neuer Computer, ungewollte Programme, im Fließtext Tabs mit Popups, Seiten, die sich ungewollt öffnen | Avira erkennt Viren nach öffnen einer falschen Telekom-Email »


Ähnliche Themen: Werbung erscheint plötzlich Browser, einige Wörter erscheinen als Links zu Werbeseiten


  1. einzelne Wörter blau unterstrichen, Browser öffnet Werbeseiten
    Log-Analyse und Auswertung - 19.05.2015 (13)
  2. Blau unterstrichene Wörter mit Werbung erscheinen bei Firefox
    Log-Analyse und Auswertung - 09.01.2015 (15)
  3. doppelt unterstrichene Wörter erscheinen bei Firefox und posten Werbung
    Plagegeister aller Art und deren Bekämpfung - 08.08.2014 (7)
  4. In meinen Browser erscheinen beim Surfen unterstrichene Wörter und wenn ich drauf gehe erscheint ein Pop-Up
    Plagegeister aller Art und deren Bekämpfung - 20.06.2014 (18)
  5. Windows7: auf Webseiten erscheinen unzählige automatische Links zu Werbeseiten
    Log-Analyse und Auswertung - 25.03.2014 (13)
  6. Werbung im Browser; Unterstrichene Wörter mit Werbung; Taskleiste zeigt kurz ein Symbol
    Plagegeister aller Art und deren Bekämpfung - 17.03.2014 (4)
  7. Wörter werden plötzlich zu links, sind grün und doppelt unterstrichen
    Plagegeister aller Art und deren Bekämpfung - 17.01.2014 (9)
  8. Windows 7: Pop up's: Werbung und Browserseiten erscheinen plötzlich
    Log-Analyse und Auswertung - 05.01.2014 (23)
  9. Im Firefox unter Windows 7, 64bit bekomme ich plötzlich Werbung im Browser (Links und rechts flackernde Anzeigen, pp. und Popups.
    Plagegeister aller Art und deren Bekämpfung - 05.01.2014 (51)
  10. Wörter erscheinen im Browser Grün und doppelt unterstrichen
    Log-Analyse und Auswertung - 30.12.2013 (9)
  11. Windows 8: Im Browser erscheinen grün Doppelt unterstrichene Wörter, die mich umleiten wollen
    Log-Analyse und Auswertung - 29.12.2013 (17)
  12. Seit kurzem im Browser plötzlich Werbung und grün unterstrichene Wörter, die mit Popup-Werbung hinterlegt sind
    Log-Analyse und Auswertung - 13.12.2013 (7)
  13. In Firefox erscheinen doppelt unterstichene Wörter und es erscheint ein Verweis auf "MediaPlayerTotal" - was tun?
    Log-Analyse und Auswertung - 11.12.2013 (11)
  14. Plötzlich vermehrt aufgetretene Werbung im Browser und unterstrichene Wörter
    Log-Analyse und Auswertung - 04.11.2013 (5)
  15. Mozilla Firefox: überall Werbung, unterstrichene Wörter mit Links, Weiterleitung zu Links
    Plagegeister aller Art und deren Bekämpfung - 23.10.2013 (11)
  16. Windows 7, 64bit: plötzlich Werbung im Browser (Links und flackernde Anzeigen, pp.) und Popups
    Log-Analyse und Auswertung - 14.09.2013 (9)
  17. TubeSaver - wie entfernen? Im Browser sind plötzlich Werbung + unterstrichende Wörter mit Pop-Ups und Links
    Log-Analyse und Auswertung - 28.08.2013 (10)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Werbung erscheint plötzlich Browser, einige Wörter erscheinen als Links zu Werbeseiten - Liebe Forumsgemeinde Seit gestern erscheinen in meinem Browser Werbebanner, entdeckt habe ich es als erstes auf meiner eigenen Homepage. Zudem sind einige Wörter farbig unterlegt und anklickbar, der Link führt - Werbung erscheint plötzlich Browser, einige Wörter erscheinen als Links zu Werbeseiten...
Archiv
Du betrachtest: Werbung erscheint plötzlich Browser, einige Wörter erscheinen als Links zu Werbeseiten auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131