win32/emotet.aa - T-online "Rechnung" .exe im Anhang ausgeführt

Cke · 23.06.2014, 14:09

Hallo Zusammen,

ich habe folgende Mail weitergeleitet bekommen und ohne nachzudenken den Anhang ausgeführt.

Zitat:

Betreff: Ihre Telekom Mobilfunk RechnungOnline Monat Juni 2014 (Nr.: 25144705006)
Datum: Mon, 23 Jun 2014 09:50:09 +0200
Von: 5233023958-kundenservice.rechnungonline@t-mobile.de <web189p2>

An: juttafriedl@online.de

Ihre Rechnung, Monat Juni 2014

Guten Tag,

anbei erhalten Sie im Anhang an diese E-Mail Ihre aktuelle Rechnung. Höhe der Forderung in Juni 2014: 172,98 Euro.

Im Anhang finden Sie die gewünschten Dokumente zu Ihrer Mobilfunk RechnungOnline für Juni 2014.
Diese E-Mail wurde automatisch erzeugt. Bitte antworten Sie nicht an die angeführte Absenderadresse.

Mit freundlichen Grüßen

Ralf Hoßbach
Leiter Kundenservice

© Telekom Deutschland GmbH 2014

Wie ich nun schon erlesen konnte handelt es sich hierbei um eine win32/emotet.aa.
MS Security Essentials hat nicht ausgeschlagen. Daraufhin habe ich mir eine Testversion von Eset Nod32 geladen, welche auch bei der 3. vollständigen Prüfung die selben 9 infizierten Dateien aus dem Arbeitsspeicher löscht:

Zitat:

Arbeitsspeicher = IAStorIcon.exe(3328) - Variante von Win32/Emotet.AA Trojaner - Gesäubert durch Löschen [1]
Arbeitsspeicher = IAStorIcon.exe(3328) - Variante von Win32/Emotet.AA Trojaner - Gesäubert durch Löschen [1]
Arbeitsspeicher = SlideNavMedia.exe(3336) - Variante von Win32/Emotet.AA Trojaner - Gesäubert durch Löschen [1]
Arbeitsspeicher = SlideNavMedia.exe(3336) - Variante von Win32/Emotet.AA Trojaner - Gesäubert durch Löschen [1]
Arbeitsspeicher = firefox.exe(2812) - Variante von Win32/Emotet.AA Trojaner - Gesäubert durch Löschen [1]
Arbeitsspeicher = firefox.exe(2812) - Variante von Win32/Emotet.AA Trojaner - Gesäubert durch Löschen [1]
Arbeitsspeicher = FlashPlayerPlugin_13_0_0_214.exe(1316) - Variante von Win32/Emotet.AA Trojaner - Gesäubert durch Löschen [1]
Arbeitsspeicher = Acrobat.exe(1136) - Variante von Win32/Emotet.AA Trojaner - Gesäubert durch Löschen [1]
Arbeitsspeicher = Acrobat.exe(1136) - Variante von Win32/Emotet.AA Trojaner - Gesäubert durch Löschen [1]

Nachdem habe ich "Mbam" laufen lassen. Den Log hierzu findet ihr im Folgenden:

Zitat:

alwarebytes Anti-Malware
www.malwarebytes.org

Suchlauf Datum: 23.06.2014
Suchlauf-Zeit: 14:38:31
Logdatei: mbam.txt
Administrator: Ja

Version: 2.00.2.1012
Malware Datenbank: v2014.06.23.08
Rootkit Datenbank: v2014.06.20.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Self-protection: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Jakob

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 280756
Verstrichene Zeit: 6 Min, 4 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 3
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{68B81CCD-A80C-4060-8947-5AE69ED01199}, , [6084fc7f3b40f73f3a8c106c936ff40c],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E6B969FB-6D33-48d2-9061-8BBD4899EB08}, , [964e5f1c81fa2c0a6b5c512b729041bf],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\Iminent, , [ac38423986f5af8794899a324fb340c0],

Registrierungswerte: 0
(No malicious items detected)

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 21
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\USER DATA\Default\EXTENSIONS\IGDHBBLPCELLALJOKKPFHCJLAGEMHGJL, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\USER DATA\Default\EXTENSIONS\IGDHBBLPCELLALJOKKPFHCJLAGEMHGJL\6.2.4.1_0, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\USER DATA\Default\EXTENSIONS\IGDHBBLPCELLALJOKKPFHCJLAGEMHGJL\6.2.4.1_0\images, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\USER DATA\Default\EXTENSIONS\IGDHBBLPCELLALJOKKPFHCJLAGEMHGJL\6.2.4.1_0\scripts, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\USER DATA\Default\EXTENSIONS\IGDHBBLPCELLALJOKKPFHCJLAGEMHGJL\6.2.4.1_0\scripts\lib, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\USER DATA\Default\EXTENSIONS\IGDHBBLPCELLALJOKKPFHCJLAGEMHGJL\6.2.4.1_0\scripts\minibar, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\USER DATA\Default\EXTENSIONS\IGDHBBLPCELLALJOKKPFHCJLAGEMHGJL\6.2.4.1_0\scripts\minibar\adapters, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\USER DATA\Default\EXTENSIONS\IGDHBBLPCELLALJOKKPFHCJLAGEMHGJL\6.2.4.1_0\scripts\minibar\adapters\de, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\USER DATA\Default\EXTENSIONS\IGDHBBLPCELLALJOKKPFHCJLAGEMHGJL\6.2.4.1_0\scripts\minibar\adapters\Webmail, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\USER DATA\Default\EXTENSIONS\IGDHBBLPCELLALJOKKPFHCJLAGEMHGJL\6.2.4.1_0\scripts\minibar\advertising, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\USER DATA\Default\EXTENSIONS\IGDHBBLPCELLALJOKKPFHCJLAGEMHGJL\6.2.4.1_0\scripts\minibar\content, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\USER DATA\Default\EXTENSIONS\IGDHBBLPCELLALJOKKPFHCJLAGEMHGJL\6.2.4.1_0\scripts\minibar\content\fx2, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\USER DATA\Default\EXTENSIONS\IGDHBBLPCELLALJOKKPFHCJLAGEMHGJL\6.2.4.1_0\scripts\minibar\content\fx2\off, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\USER DATA\Default\EXTENSIONS\IGDHBBLPCELLALJOKKPFHCJLAGEMHGJL\6.2.4.1_0\scripts\minibar\content\fx2\on, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\USER DATA\Default\EXTENSIONS\IGDHBBLPCELLALJOKKPFHCJLAGEMHGJL\6.2.4.1_0\scripts\minibar\content\images, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\USER DATA\Default\EXTENSIONS\IGDHBBLPCELLALJOKKPFHCJLAGEMHGJL\6.2.4.1_0\scripts\minibar\content\images\emoji, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\USER DATA\Default\EXTENSIONS\IGDHBBLPCELLALJOKKPFHCJLAGEMHGJL\6.2.4.1_0\scripts\minibar\games, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\USER DATA\Default\EXTENSIONS\IGDHBBLPCELLALJOKKPFHCJLAGEMHGJL\6.2.4.1_0\scripts\minibar\menu_page, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\USER DATA\Default\EXTENSIONS\IGDHBBLPCELLALJOKKPFHCJLAGEMHGJL\6.2.4.1_0\_locales, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\USER DATA\Default\EXTENSIONS\IGDHBBLPCELLALJOKKPFHCJLAGEMHGJL\6.2.4.1_0\_locales\en, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\USER DATA\Default\EXTENSIONS\IGDHBBLPCELLALJOKKPFHCJLAGEMHGJL\6.2.4.1_0\_locales\fr, , [16ceabd092e9d462be915f3240c2b14f],

Dateien: 268
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\manifest.json, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\images\icon_19.png, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\images\logo128.png, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\images\logo16.png, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\images\logo48.png, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\background.js, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\contentScript.js, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\SOAP.js, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\lib\jquery.min.js, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\config.xml, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\menu.css, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\minibar.min.js, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\template.css, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\ebayit.js, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\hi5.css, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\netlog.js, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\tagged.js, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\01net.js, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\amazon.js, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\antronio.js, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\ask.js, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\autoscout.js, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\avmagazine.js, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\banners-test.js, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\basecamphq.js, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\blog.js, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\blogger.js, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\ciao.js, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\conduit.js, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\craigslist.js, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\dailymotion.css, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\dailymotion.js, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\diretta.js, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\drivingitalia.js, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\ebay.js, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\ehow.js, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\everyeye.js, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\facebook.css, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\facebook.js, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\flickr.js, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\forum.js, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\forumVB.js, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\foxsports.js, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\france_hardware.js, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\friv.js, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\gamekult.js, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\gamesvillage.js, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\globo.js, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\google-map.css, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\google-map.js, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\guiadohardware.js, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\gumtree.js, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\hardware.js, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\hi5.js, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\ilmeteo.js, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\imdb.css, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\imdb.js, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\infos_du_net.js, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\jappy.js, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\leboncoin.js, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\libero.js, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\lokalisten.js, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\macitynet.js, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\marca.js, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\meebo.css, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\meebo.js, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\meteonetwork.js, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\milanuncios.js, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\mundoanuncio.js, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\myspace.css, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\myspace.js, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\nexopia.css, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\nexopia.js, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\nirvam.js, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\ohmydollz.js, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\orkut.css, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\orkut.js, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\pagesjaunes.js, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\photobucket.js, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\pinterest.js, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\poptropica.js, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\schueler.js, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\segundamano.js, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\shopping.js, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\skype.js, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\skyrock.js, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\subito.js, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\t-online.css, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\t-online.js, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\taringa.css, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\taringa.js, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\terra.js, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\tibiabr.js, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\tiscali.js, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\tripadvisor.js, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\twitter.css, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\twitter.js, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\uol.js, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\v9.js, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\virgilio.js, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\voila.js, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\weather.js, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\web.js, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\wordpress.js, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\wp-admin.js, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\xvideos.js, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\yahoo.css, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\yahoo.js, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\yammer.js, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\yellowpages.js, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\yelp.js, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\youtube.css, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\youtube.js, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\de\lokalisten.css, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\de\lokalisten.js, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\de\schueler.css, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\de\schueler.js, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\de\stayfriends.css, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\de\stayfriends.js, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\de\studivz.css, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\de\studivz.js, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\de\wer-kennt-wen.css, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\de\wer-kennt-wen.js, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\Webmail\aol.css, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\Webmail\aol.js, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\Webmail\gmail.css, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\Webmail\gmail.js, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\Webmail\hotmail.css, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\Webmail\hotmail.js, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\Webmail\orange.js, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\adapters\Webmail\outlook.js, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\advertising\AdFrame.html, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\advertising\adsmanagement.js, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\advertising\rmx.js, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\fx2\led_background.png, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\fx2\off\blink.gif, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\fx2\off\flip.gif, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\fx2\off\led.gif, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\fx2\off\rainbow.gif, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\fx2\off\typed.gif, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\fx2\off\wave.gif, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\fx2\on\blink.gif, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\fx2\on\flip.gif, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\fx2\on\led.gif, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\fx2\on\rainbow.gif, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\fx2\on\typed.gif, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\fx2\on\wave.gif, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\images\iminentbutton.png, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\images\arrow.png, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\images\ArrowExpandBar.png, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\images\BkgExpandBar.png, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\images\close.png, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\images\default_icon.png, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\images\default_icon_states.png, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\images\Expand-26x24.png, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\images\FB_Share.png, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\images\FB_Share_Tiny.png, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\images\gifts.png, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\images\help.png, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\images\home.png, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\images\imbwin1.png, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\images\imbwin1_409daae67f73f4fb84c27d6d70463f2b.png, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\images\imbwin_bg.png, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\images\imbwin_hf.png, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\images\imbwin_vf.png, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\images\iminentbutton_bg.png, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\images\InviteFriends.png, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\images\LeftExpandBar.png, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\images\leftTooltip.png, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\images\Line.png, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\images\Line2.png, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\images\mailfooter.jpg, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\images\Minibar_buttons.png, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\images\new.png, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\images\notification.png, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\images\RightExpandBar.png, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\images\rightTooltip.png, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\images\s10.png, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\images\search.png, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\images\separator.png, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\images\social_games.png, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\images\TellAFriendBackground.png, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\images\toolbarbutton_bg.png, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\images\toolbar_bg.png, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\images\tooltipArrow.png, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\images\ui-check-box-checked.png, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\images\ui-check-box.png, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\images\emoji\F09F90B0.png, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\images\emoji\F09F9299.png, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\images\emoji\E29ABD.png, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\images\emoji\E29BB5.png, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\images\emoji\F09F8C99.png, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\images\emoji\F09F8C9F.png, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\images\emoji\F09F8CB9.png, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\images\emoji\F09F8D80.png, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\images\emoji\F09F8DBB.png, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\images\emoji\F09F8E81.png, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\images\emoji\F09F8E89.png, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\images\emoji\F09F8EB1.png, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\images\emoji\F09F8EB6.png, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\images\emoji\F09F8EB8.png, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\images\emoji\F09F908D.png, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\images\emoji\F09F90A7.png, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\images\emoji\F09F90AC.png, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\images\emoji\F09F90AE.png, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\images\emoji\F09F90AF.png, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\images\emoji\F09F90B1.png, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\images\emoji\F09F90B4.png, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\images\emoji\F09F90B6.png, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\images\emoji\F09F90B7.png, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\images\emoji\F09F90B9.png, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\images\emoji\F09F918C.png, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\images\emoji\F09F918D.png, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\images\emoji\F09F918E.png, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\images\emoji\F09F91BD.png, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\images\emoji\F09F9280.png, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\images\emoji\F09F9284.png, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\images\emoji\F09F928B.png, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\images\emoji\F09F928D.png, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\images\emoji\F09F928F.png, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\images\emoji\F09F9293.png, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\images\emoji\F09F9294.png, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\images\emoji\F09F9297.png, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\images\emoji\F09F929B.png, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\images\emoji\F09F929C.png, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\images\emoji\F09F929D.png, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\images\emoji\F09F92A4.png, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\images\emoji\F09F92A9.png, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\images\emoji\F09F92AA.png, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\images\emoji\F09F93B1.png, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\images\emoji\F09F94A5.png, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\images\emoji\F09F9881.png, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\images\emoji\F09F9882.png, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\images\emoji\F09F9884.png, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\images\emoji\F09F9889.png, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\images\emoji\F09F988A.png, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\images\emoji\F09F988C.png, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\images\emoji\F09F988D.png, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\images\emoji\F09F9892.png, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\images\emoji\F09F9893.png, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\images\emoji\F09F9894.png, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\images\emoji\F09F9896.png, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\images\emoji\F09F9898.png, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\images\emoji\F09F989A.png, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\images\emoji\F09F989C.png, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\images\emoji\F09F98A1.png, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\images\emoji\F09F98AD.png, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\images\emoji\F09F98B2.png, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\images\emoji\F09F98B3.png, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\images\emoji\F09F9A97.png, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\content\images\emoji\F09F9ABD.png, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\games\gameiframe1.html, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\games\gameiframe2.html, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\games\gameiframe3.html, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\games\gameiframe4.html, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\games\games.css, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\games\games.html, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\menu_page\1031.html, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\menu_page\1033.html, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\menu_page\1036.html, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\menu_page\1040.html, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\menu_page\1048.html, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\menu_page\1055.html, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\menu_page\2070.html, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\menu_page\3082.html, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\scripts\minibar\menu_page\ShareMenu.css, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\_locales\en\messages.json, , [16ceabd092e9d462be915f3240c2b14f],
PUP.Optional.Conduit, C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.2.4.1_0\_locales\fr\messages.json, , [16ceabd092e9d462be915f3240c2b14f],

Physische Sektoren: 0
(No malicious items detected)

(end)

Was meinen die Experten? Wie soll ich weiter vorgehen?

Mit freundlichen Grüßen,

Cke

PS.: Bei etwaigen Unzulänglichkeiten, was meinen Post betrifft, bitte ich um Hinweis und Verbesserung

cosinus · 23.06.2014, 15:10

Hallo und

Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden?

Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten!
Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht!

Zudem bitte auch ein Log mit Farbars Tool machen:

Scan mit Farbar's Recovery Scan Tool (FRST)

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Cke · 23.06.2014, 15:46

Hallo cosinus,

vielen Dank für die schnelle Antwort.
Weitere Logs stehen mir leider nicht zur verfügung.
Im Folgenden die Ergebnisse von Farbar:

FRST:

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-06-2014
Ran by Jakob (administrator) on JAKOB-NOTEBOOK on 23-06-2014 16:38:24
Running from D:\Downloads
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlidebarNotifier.exe
(TuneUp Software) D:\Programme\TuneUp Utilities\TuneUpUtilitiesService64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(TuneUp Software) D:\Programme\TuneUp Utilities\TuneUpUtilitiesApp64.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynBtnAsst.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Alexander Shakhov) C:\Program Files (x86)\Lenovo\Lenovo SlideNav\MediaKeysPlugIn\SlideNavMedia.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlideNavVDM.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI\ATI.ACE\Core-Static\MOM.exe
(Mindjet) D:\Programme\Mindjet\MmReminderService.exe
() C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI\ATI.ACE\Core-Static\CCC.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) D:\Programme\Mozilla Firefox\firefox.exe
(Mozilla Corporation) D:\Programme\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
(Microsoft Corporation) D:\Programme\Microsoft Offic Professional Plus 2010\Office14\OUTLOOK.EXE
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Adobe Systems Incorporated) D:\Programme\Adobe Acrobat\Acrobat\Acrobat.exe
(Malwarebytes Corporation) D:\Programme\ Malwarebytes Anti-Malware \mbam.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\utility.exe [4400064 2009-12-26] (Lenovo(beijing) Limited)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [6988736 2009-12-26] (Lenovo (Beijing) Limited)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1889064 2009-12-03] (Synaptics Incorporated)
HKLM\...\Run: [SynBtnAsst] => C:\Program Files\Synaptics\SynTP\SynBtnAsst.exe [54568 2009-12-03] (Synaptics Incorporated)
HKLM\...\Run: [OnekeyStudio] => C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe [776608 2009-12-19] (Lenovo)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [877600 2010-01-29] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10038304 2010-01-29] (Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5581888 2014-02-24] (ESET)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-03] (Intel Corporation)
HKLM-x32\...\Run: [Lenovo SlideNav2] => C:\Program Files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlideNavVDM.exe [318400 2009-12-30] (Lenovo)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-08-31] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [] => [X]
Winlogon\Notify\igfxcui: C:\Windows\SYSTEM32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1265798755-1054352805-3517939008-1000\...\MountPoints2: {d3f7dc7c-9336-11e3-95b4-e89a8f334165} - G:\SafeToGo.exe
IFEO\managementconsole.exe: [Debugger] "D:\Programme\TuneUp Utilities\TUAutoReactivator64.exe"
IFEO\mediabuilder.exe: [Debugger] "D:\Programme\TuneUp Utilities\TUAutoReactivator64.exe"
IFEO\osselectorsetup.exe: [Debugger] "D:\Programme\TuneUp Utilities\TUAutoReactivator64.exe"
IFEO\trueimagelauncher.exe: [Debugger] "D:\Programme\TuneUp Utilities\TUAutoReactivator64.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SlideNav Media Keys.lnk
ShortcutTarget: SlideNav Media Keys.lnk -> C:\Windows\Installer\{6ADF1C3F-9D61-4858-B49F-F3F0E2338E1E}\_E3A9B04900483B97C5BCF9.exe ()
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 1 (GFS Unread Stub) -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => D:\Programme\Microsoft Offic Professional Plus 2010\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 2 (GFS Stub) -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => D:\Programme\Microsoft Offic Professional Plus 2010\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => D:\Programme\Microsoft Offic Professional Plus 2010\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 3 (GFS Folder) -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => D:\Programme\Microsoft Offic Professional Plus 2010\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 4 (GFS Unread Mark) -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => D:\Programme\Microsoft Offic Professional Plus 2010\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 1 (GFS Unread Stub) -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 2 (GFS Stub) -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 3 (GFS Folder) -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 4 (GFS Unread Mark) -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x2A50F625342CCC01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Programme\Microsoft Offic Professional Plus 2010\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - D:\Programme\Microsoft Offic Professional Plus 2010\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} -  No File
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
DPF: HKLM-x32 {9E2CD2C3-4DDA-4473-B904-B8E6D0DBAB86} hxxp://consumersupport.lenovo.com/smartdownloading/cab/npdueng.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: 127.0.0.1 activate.adobe.com
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Jakob\AppData\Roaming\Mozilla\Firefox\Profiles\t35t9oqz.default
FF DefaultSearchEngine: user_pref("browser.search.defaultenginename", "");
FF Homepage: hxxp://tagesschau.de/
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - D:\Programme\Microsoft Offic Professional Plus 2010\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - D:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - G:\Programme\DivX\DivX Plus Web Player\npdivx32.dll No File
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - G:\Programme\DivX\DivX OVS Helper\npovshelper.dll No File
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @lenovo.com/dueng,version=2.0 - C:\Windows\SysWow64\lenovo\update\npdueng.dll (Lenovo)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\Microsoft Office\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Acrobat - D:\Programme\Adobe Acrobat\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\Jakob\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Users\Jakob\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Jakob\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Jakob\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF user.js: detected! => C:\Users\Jakob\AppData\Roaming\Mozilla\Firefox\Profiles\t35t9oqz.default\user.js
FF Plugin ProgramFiles/Appdata: C:\Users\Jakob\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Jakob\AppData\Roaming\mozilla\plugins\npgtpo3dautoplugin.dll ()
FF SearchPlugin: C:\Users\Jakob\AppData\Roaming\Mozilla\Firefox\Profiles\t35t9oqz.default\searchplugins\googlede.xml
FF SearchPlugin: C:\Users\Jakob\AppData\Roaming\Mozilla\Firefox\Profiles\t35t9oqz.default\searchplugins\imdb.xml
FF Extension: ProxTube - Unblock YouTube - C:\Users\Jakob\AppData\Roaming\Mozilla\Firefox\Profiles\t35t9oqz.default\Extensions\ich@maltegoetz.de [2013-12-13]
FF Extension: No Name - C:\Users\Jakob\AppData\Roaming\Mozilla\Firefox\Profiles\t35t9oqz.default\Extensions\staged [2013-01-11]
FF Extension: DivX Web Player - C:\Users\Jakob\AppData\Roaming\Mozilla\Firefox\Profiles\t35t9oqz.default\Extensions\DivXWebPlayer@divx.com.xpi [2012-08-14]
FF Extension: Adblock Plus - C:\Users\Jakob\AppData\Roaming\Mozilla\Firefox\Profiles\t35t9oqz.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-06-16]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2014-06-23]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - D:\Programme\Adobe Acrobat\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - D:\Programme\Adobe Acrobat\Acrobat\Browser\WCFirefoxExtn [2012-11-12]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2014-06-23]
FF StartMenuInternet: FIREFOX.EXE - D:\Programme\Mozilla Firefox\firefox.exe

Chrome: 
=======
CHR HomePage: 
CHR Extension: (No Name) - C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\2.0.0.0_0 [2013-01-11]
CHR Extension: (Iminent) - C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl [2013-01-11]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - D:\Programme\Adobe Acrobat\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2013-01-11]

==================== Services (Whitelisted) =================

S4 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [864032 2009-07-01] (Broadcom Corporation.)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1343408 2014-02-24] (ESET)
S3 Microsoft SharePoint Workspace Audit Service; D:\Programme\Microsoft Offic Professional Plus 2010\Office14\GROOVE.EXE [50942144 2013-12-19] (Microsoft Corporation)
S4 OS Selector; C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe [2155848 2010-05-25] ()
S2 SkypeUpdate; D:\Programme\Skype\Updater\Updater.exe [172192 2013-10-23] (Skype Technologies)
R2 Slidebar Notifier Service; C:\Program Files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlidebarNotifier.exe [69568 2009-12-30] (Lenovo)
R2 TuneUp.UtilitiesSvc; D:\Programme\TuneUp Utilities\TuneUpUtilitiesService64.exe [2143072 2012-05-29] (TuneUp Software)
S3 WMZuneComm; G:\Programme\Zune\WMZuneComm.exe [X]

==================== Drivers (Whitelisted) ====================

R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [254528 2011-06-17] (DT Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [239320 2013-09-17] (ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [239296 2013-09-17] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [168256 2013-09-17] (ESET)
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [157432 2013-09-17] (ESET)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-06-23] (Malwarebytes Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [560184 2012-10-03] (Duplex Secure Ltd.)
R3 TuneUpUtilitiesDrv; D:\Programme\TuneUp Utilities\TuneUpUtilitiesDriver64.sys [11856 2012-05-08] (TuneUp Software)
S3 ATICDSDr; \??\C:\Users\Jakob\AppData\Local\Temp\ATICDSDr.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-23 16:38 - 2014-06-23 16:38 - 00000000 ____D () C:\FRST
2014-06-23 16:32 - 2014-06-23 16:32 - 00016242 _____ () C:\Users\Jakob\Desktop\FRST 64-Bit.htm
2014-06-23 14:58 - 2014-06-23 14:58 - 00036531 _____ () C:\Users\Jakob\Desktop\Fwd Ihre Telekom Mobilfunk RechnungOnline Monat Juni 2014 (Nr. 25144705006).htm
2014-06-23 14:58 - 2014-06-23 14:58 - 00000000 ____D () C:\Users\Jakob\Desktop\Fwd Ihre Telekom Mobilfunk RechnungOnline Monat Juni 2014 (Nr. 25144705006)-Dateien
2014-06-23 14:48 - 2014-06-23 14:48 - 00064444 _____ () C:\Users\Jakob\Desktop\mbam.txt
2014-06-23 14:37 - 2014-06-23 14:38 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-23 14:37 - 2014-06-23 14:37 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-23 14:37 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-06-23 14:37 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-06-23 14:37 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-06-23 14:36 - 2014-06-23 14:35 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Jakob\Desktop\mbam-setup-2.0.2.1012.exe
2014-06-23 13:44 - 2014-06-23 13:44 - 00000000 ____D () C:\ProgramData\TEMP
2014-06-23 13:44 - 2014-06-23 13:44 - 00000000 ____D () C:\ProgramData\Licenses
2014-06-23 13:43 - 2014-06-23 13:43 - 00000000 ____D () C:\Users\Jakob\Documents\Simply Super Software
2014-06-23 13:43 - 2014-06-23 13:43 - 00000000 ____D () C:\Users\Jakob\AppData\Roaming\Simply Super Software
2014-06-23 13:43 - 2014-06-23 13:43 - 00000000 ____D () C:\ProgramData\Simply Super Software
2014-06-23 13:43 - 2014-06-23 13:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trojan Remover
2014-06-23 13:06 - 2014-06-23 13:06 - 00000000 ____D () C:\Users\Jakob\AppData\Local\ESET
2014-06-23 12:53 - 2014-06-23 12:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2014-06-23 12:53 - 2014-06-23 12:53 - 00000000 ____D () C:\ProgramData\ESET
2014-06-23 12:53 - 2014-06-23 12:53 - 00000000 ____D () C:\Program Files\ESET
2014-06-23 12:39 - 2014-06-23 13:07 - 00000000 ____D () C:\Users\Jakob\Desktop\2014_06rechnung_61977851559353_sign
2014-06-21 14:26 - 2014-06-21 14:26 - 00002922 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Mindjet.lnk
2014-06-21 14:26 - 2014-06-21 14:26 - 00000000 ____D () C:\Users\Jakob\Documents\Eigene Maps
2014-06-21 14:26 - 2014-06-21 14:26 - 00000000 ____D () C:\Users\Jakob\AppData\Local\Mindjet
2014-06-21 14:26 - 2014-06-21 14:26 - 00000000 ____D () C:\ProgramData\Mindjet
2014-06-21 14:26 - 2014-06-21 14:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mindjet
2014-06-21 14:26 - 2012-11-12 22:00 - 00057472 _____ (Tracker Software Products (Canada) Ltd.) C:\Windows\system32\pxc50pm.dll
2014-06-21 14:22 - 2014-06-21 14:22 - 00000000 ____D () C:\Users\Jakob\AppData\Local\{4B44FF5A-5138-49E6-ABDF-A124A33A5139}
2014-06-21 12:59 - 2014-06-21 12:59 - 00000000 ____D () C:\Users\Jakob\AppData\Local\Packages
2014-06-16 22:07 - 2014-06-16 22:07 - 00000000 _____ () C:\Users\Jakob\Desktop\Neues Textdokument.txt
2014-06-13 00:23 - 2014-06-13 00:23 - 00000000 ____D () C:\Intel
2014-06-11 19:16 - 2014-06-11 19:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2014-06-11 19:16 - 2014-06-11 19:16 - 00000000 ____D () C:\ProgramData\EPSON
2014-06-11 19:16 - 2014-06-11 19:16 - 00000000 ____D () C:\Program Files\Common Files\EPSON
2014-06-11 19:16 - 2011-04-18 18:03 - 00120320 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\E_ILMIKE.DLL
2014-06-11 19:16 - 2011-03-13 18:03 - 00083968 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\E_IBCBIKE.DLL
2014-06-11 19:16 - 2007-04-09 16:06 - 00010752 _____ (SEIKO EPSON CORP.) C:\Windows\system32\E_GCINST.DLL
2014-06-11 08:42 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-11 08:42 - 2014-05-30 12:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-11 08:42 - 2014-05-30 12:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-11 08:42 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-11 08:42 - 2014-05-30 11:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-11 08:42 - 2014-05-30 11:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-11 08:42 - 2014-05-30 11:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-11 08:42 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-11 08:42 - 2014-05-30 11:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-11 08:42 - 2014-05-30 11:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-11 08:42 - 2014-05-30 11:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-11 08:42 - 2014-05-30 11:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-11 08:42 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-11 08:42 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-11 08:42 - 2014-05-30 11:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-11 08:42 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-11 08:42 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-11 08:42 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-11 08:42 - 2014-05-30 10:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-11 08:42 - 2014-05-30 10:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-11 08:42 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-11 08:42 - 2014-05-30 10:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-11 08:42 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-11 08:42 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-11 08:42 - 2014-05-30 10:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-11 08:42 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-11 08:42 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-11 08:42 - 2014-05-30 10:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-11 08:42 - 2014-05-30 10:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-11 08:42 - 2014-05-30 10:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-11 08:42 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-11 08:42 - 2014-05-30 10:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-11 08:42 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-11 08:42 - 2014-05-30 10:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-11 08:42 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-11 08:42 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-11 08:42 - 2014-05-30 10:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-11 08:42 - 2014-05-30 10:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-11 08:42 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-11 08:42 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-11 08:42 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-11 08:42 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-11 08:42 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-11 08:42 - 2014-05-30 09:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-11 08:42 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-11 08:42 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-11 08:42 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-11 08:42 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-11 08:42 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-11 08:42 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-11 08:42 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-11 08:42 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-11 08:42 - 2014-05-08 11:32 - 03178496 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-06-11 08:42 - 2014-05-08 11:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-06-11 08:42 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-11 08:42 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-06-11 08:42 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-11 08:42 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-11 08:42 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-11 08:42 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-11 08:42 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-11 08:42 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-11 08:42 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-06-11 08:42 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-11 08:42 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-06-11 08:42 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll

==================== One Month Modified Files and Folders =======

2014-06-23 16:38 - 2014-06-23 16:38 - 00000000 ____D () C:\FRST
2014-06-23 16:38 - 2014-03-19 16:24 - 00000000 ____D () C:\Users\Jakob\Documents\Outlook-Dateien
2014-06-23 16:32 - 2014-06-23 16:32 - 00016242 _____ () C:\Users\Jakob\Desktop\FRST 64-Bit.htm
2014-06-23 16:13 - 2013-03-25 21:06 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-23 16:12 - 2012-06-27 22:49 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-23 14:58 - 2014-06-23 14:58 - 00036531 _____ () C:\Users\Jakob\Desktop\Fwd Ihre Telekom Mobilfunk RechnungOnline Monat Juni 2014 (Nr. 25144705006).htm
2014-06-23 14:58 - 2014-06-23 14:58 - 00000000 ____D () C:\Users\Jakob\Desktop\Fwd Ihre Telekom Mobilfunk RechnungOnline Monat Juni 2014 (Nr. 25144705006)-Dateien
2014-06-23 14:48 - 2014-06-23 14:48 - 00064444 _____ () C:\Users\Jakob\Desktop\mbam.txt
2014-06-23 14:44 - 2011-06-15 20:36 - 01378122 _____ () C:\Windows\WindowsUpdate.log
2014-06-23 14:38 - 2014-06-23 14:37 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-23 14:37 - 2014-06-23 14:37 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-23 14:35 - 2014-06-23 14:36 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Jakob\Desktop\mbam-setup-2.0.2.1012.exe
2014-06-23 13:44 - 2014-06-23 13:44 - 00000000 ____D () C:\ProgramData\TEMP
2014-06-23 13:44 - 2014-06-23 13:44 - 00000000 ____D () C:\ProgramData\Licenses
2014-06-23 13:43 - 2014-06-23 13:43 - 00000000 ____D () C:\Users\Jakob\Documents\Simply Super Software
2014-06-23 13:43 - 2014-06-23 13:43 - 00000000 ____D () C:\Users\Jakob\AppData\Roaming\Simply Super Software
2014-06-23 13:43 - 2014-06-23 13:43 - 00000000 ____D () C:\ProgramData\Simply Super Software
2014-06-23 13:43 - 2014-06-23 13:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trojan Remover
2014-06-23 13:13 - 2013-03-25 21:06 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-23 13:08 - 2011-04-12 09:43 - 00699682 _____ () C:\Windows\system32\perfh007.dat
2014-06-23 13:08 - 2011-04-12 09:43 - 00149790 _____ () C:\Windows\system32\perfc007.dat
2014-06-23 13:08 - 2009-07-14 07:13 - 01620684 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-23 13:07 - 2014-06-23 12:39 - 00000000 ____D () C:\Users\Jakob\Desktop\2014_06rechnung_61977851559353_sign
2014-06-23 13:06 - 2014-06-23 13:06 - 00000000 ____D () C:\Users\Jakob\AppData\Local\ESET
2014-06-23 13:06 - 2014-02-11 18:10 - 00000000 __SHD () C:\Users\Jakob\AppData\Local\.#
2014-06-23 12:53 - 2014-06-23 12:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2014-06-23 12:53 - 2014-06-23 12:53 - 00000000 ____D () C:\ProgramData\ESET
2014-06-23 12:53 - 2014-06-23 12:53 - 00000000 ____D () C:\Program Files\ESET
2014-06-23 12:52 - 2011-06-24 16:56 - 00001912 _____ () C:\Windows\epplauncher.mif
2014-06-23 07:15 - 2009-07-14 06:45 - 00026544 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-23 07:15 - 2009-07-14 06:45 - 00026544 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-23 07:10 - 2014-04-29 14:09 - 00007202 _____ () C:\Windows\setupact.log
2014-06-23 07:10 - 2013-01-07 20:24 - 00002896 _____ () C:\Windows\System32\Tasks\AutoKMS
2014-06-23 07:10 - 2013-01-07 20:24 - 00000266 _____ () C:\Windows\Tasks\AutoKMS.job
2014-06-23 07:10 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-22 12:09 - 2009-07-14 06:45 - 04995960 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-06-21 14:26 - 2014-06-21 14:26 - 00002922 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Mindjet.lnk
2014-06-21 14:26 - 2014-06-21 14:26 - 00000000 ____D () C:\Users\Jakob\Documents\Eigene Maps
2014-06-21 14:26 - 2014-06-21 14:26 - 00000000 ____D () C:\Users\Jakob\AppData\Local\Mindjet
2014-06-21 14:26 - 2014-06-21 14:26 - 00000000 ____D () C:\ProgramData\Mindjet
2014-06-21 14:26 - 2014-06-21 14:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mindjet
2014-06-21 14:26 - 2011-06-15 20:57 - 00119968 _____ () C:\Users\Jakob\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-21 14:22 - 2014-06-21 14:22 - 00000000 ____D () C:\Users\Jakob\AppData\Local\{4B44FF5A-5138-49E6-ABDF-A124A33A5139}
2014-06-21 12:59 - 2014-06-21 12:59 - 00000000 ____D () C:\Users\Jakob\AppData\Local\Packages
2014-06-16 22:07 - 2014-06-16 22:07 - 00000000 _____ () C:\Users\Jakob\Desktop\Neues Textdokument.txt
2014-06-13 00:23 - 2014-06-13 00:23 - 00000000 ____D () C:\Intel
2014-06-12 20:47 - 2013-11-29 18:31 - 00000000 ____D () C:\Windows\rescache
2014-06-12 20:07 - 2011-04-12 09:54 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-06-12 20:05 - 2011-06-15 20:35 - 00000000 ____D () C:\Users\Jakob
2014-06-11 23:26 - 2013-08-17 19:19 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-11 23:26 - 2011-06-16 16:46 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-11 23:25 - 2011-06-16 21:02 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-11 19:16 - 2014-06-11 19:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2014-06-11 19:16 - 2014-06-11 19:16 - 00000000 ____D () C:\ProgramData\EPSON
2014-06-11 19:16 - 2014-06-11 19:16 - 00000000 ____D () C:\Program Files\Common Files\EPSON
2014-06-06 09:39 - 2009-07-14 07:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-06-03 13:47 - 2011-06-28 17:05 - 00002197 _____ () C:\Users\Jakob\Desktop\Notizen.txt
2014-06-02 12:53 - 2012-06-29 14:02 - 00003694 _____ () C:\Windows\System32\Tasks\Adobe-Online-Aktualisierungsprogramm
2014-06-02 12:04 - 2011-06-23 13:54 - 00000000 ____D () C:\Users\Jakob\AppData\Local\Adobe
2014-06-02 11:28 - 2012-11-12 23:34 - 00002485 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat XI Pro.lnk
2014-06-02 11:28 - 2012-11-12 23:34 - 00001828 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe FormsCentral.lnk
2014-06-02 11:28 - 2012-11-12 23:34 - 00001687 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller XI.lnk
2014-05-30 12:21 - 2014-06-11 08:42 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-30 12:02 - 2014-06-11 08:42 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-30 12:02 - 2014-06-11 08:42 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-05-30 11:45 - 2014-06-11 08:42 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-05-30 11:39 - 2014-06-11 08:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-05-30 11:39 - 2014-06-11 08:42 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-05-30 11:38 - 2014-06-11 08:42 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-05-30 11:28 - 2014-06-11 08:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-05-30 11:27 - 2014-06-11 08:42 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-05-30 11:24 - 2014-06-11 08:42 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-05-30 11:21 - 2014-06-11 08:42 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-05-30 11:21 - 2014-06-11 08:42 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-05-30 11:20 - 2014-06-11 08:42 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-05-30 11:18 - 2014-06-11 08:42 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-30 11:11 - 2014-06-11 08:42 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-05-30 11:08 - 2014-06-11 08:42 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-05-30 11:06 - 2014-06-11 08:42 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-05-30 11:02 - 2014-06-11 08:42 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-30 10:55 - 2014-06-11 08:42 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-05-30 10:49 - 2014-06-11 08:42 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-05-30 10:46 - 2014-06-11 08:42 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-30 10:44 - 2014-06-11 08:42 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-05-30 10:44 - 2014-06-11 08:42 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-05-30 10:43 - 2014-06-11 08:42 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-05-30 10:42 - 2014-06-11 08:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-05-30 10:38 - 2014-06-11 08:42 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-05-30 10:35 - 2014-06-11 08:42 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-05-30 10:34 - 2014-06-11 08:42 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-05-30 10:33 - 2014-06-11 08:42 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-05-30 10:30 - 2014-06-11 08:42 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-05-30 10:29 - 2014-06-11 08:42 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-05-30 10:28 - 2014-06-11 08:42 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-05-30 10:27 - 2014-06-11 08:42 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-05-30 10:24 - 2014-06-11 08:42 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-05-30 10:23 - 2014-06-11 08:42 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-05-30 10:16 - 2014-06-11 08:42 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-05-30 10:10 - 2014-06-11 08:42 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-05-30 10:06 - 2014-06-11 08:42 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-05-30 10:04 - 2014-06-11 08:42 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-30 10:02 - 2014-06-11 08:42 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-05-30 09:56 - 2014-06-11 08:42 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-05-30 09:56 - 2014-06-11 08:42 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-05-30 09:54 - 2014-06-11 08:42 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-05-30 09:50 - 2014-06-11 08:42 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-05-30 09:49 - 2014-06-11 08:42 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-05-30 09:43 - 2014-06-11 08:42 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-05-30 09:40 - 2014-06-11 08:42 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-05-30 09:30 - 2014-06-11 08:42 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-05-30 09:21 - 2014-06-11 08:42 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-05-30 09:15 - 2014-06-11 08:42 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-05-30 09:13 - 2014-06-11 08:42 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-05-30 09:13 - 2014-06-11 08:42 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-06-18 09:06

==================== End Of Log ============================

--- --- ---

--- --- ---

Addition:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-06-2014
Ran by Jakob at 2014-06-23 16:38:50
Running from D:\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: ESET NOD32 Antivirus 7.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET NOD32 Antivirus 7.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}

==================== Installed Programs ======================

Acronis*Disk*Director*Home (HKLM-x32\...\{9CCC78EF-027E-40E0-9B61-39932C65E3FE}) (Version: 11.0.216 - Acronis)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.07 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.3.9120 - Adobe Systems Inc.) Hidden
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Community Help (x32 Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.8.638 - Adobe Systems, Inc.)
AMD APP SDK Runtime (Version: 2.4.650.9 - Advanced Micro Devices Inc.) Hidden
Apple Application Support (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2F72F540-1F60-4266-9506-952B21D6640D}) (Version: 6.1.0.13 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ATI Catalyst Install Manager (HKLM\...\{CFF9D801-1EC4-B8F5-2CAB-4A1790C95A18}) (Version: 3.0.829.0 - ATI Technologies, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom 802.11 Wireless Driver (HKLM-x32\...\{8991E763-21F5-4DEA-A938-5D9D77DCB488}) (Version: 1.0.0.0 - )
Broadcom Gigabit Integrated Controller (HKLM\...\{DFC87296-B08A-45EF-82E3-6F30999205A2}) (Version: 12.53.01 - Broadcom Corporation)
Broadcom Gigabit NetLink Controller (HKLM\...\{A84DB02B-9C2B-4272-9D2D-A80E00A56513}) (Version: 12.52.01 - Broadcom Corporation)
Canon MX880 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX880_series) (Version:  - )
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2010.0831.2142.37073 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.0831.2142.37073 - ATI) Hidden
Catalyst Control Center Localization All (x32 Version: 2010.0831.2142.37073 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2010.0831.2141.37073 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2010.0831.2141.37073 - ATI) Hidden
CCC Help Czech (x32 Version: 2010.0831.2141.37073 - ATI) Hidden
CCC Help Danish (x32 Version: 2010.0831.2141.37073 - ATI) Hidden
CCC Help Dutch (x32 Version: 2010.0831.2141.37073 - ATI) Hidden
CCC Help English (x32 Version: 2010.0831.2141.37073 - ATI) Hidden
CCC Help Finnish (x32 Version: 2010.0831.2141.37073 - ATI) Hidden
CCC Help French (x32 Version: 2010.0831.2141.37073 - ATI) Hidden
CCC Help German (x32 Version: 2010.0831.2141.37073 - ATI) Hidden
CCC Help Greek (x32 Version: 2010.0831.2141.37073 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2010.0831.2141.37073 - ATI) Hidden
CCC Help Italian (x32 Version: 2010.0831.2141.37073 - ATI) Hidden
CCC Help Japanese (x32 Version: 2010.0831.2141.37073 - ATI) Hidden
CCC Help Korean (x32 Version: 2010.0831.2141.37073 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2010.0831.2141.37073 - ATI) Hidden
CCC Help Polish (x32 Version: 2010.0831.2141.37073 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2010.0831.2141.37073 - ATI) Hidden
CCC Help Russian (x32 Version: 2010.0831.2141.37073 - ATI) Hidden
CCC Help Spanish (x32 Version: 2010.0831.2141.37073 - ATI) Hidden
CCC Help Swedish (x32 Version: 2010.0831.2141.37073 - ATI) Hidden
CCC Help Thai (x32 Version: 2010.0831.2141.37073 - ATI) Hidden
CCC Help Turkish (x32 Version: 2010.0831.2141.37073 - ATI) Hidden
ccc-core-static (x32 Version: 2010.0831.2142.37073 - Ihr Firmenname) Hidden
ccc-utility64 (Version: 2010.0831.2142.37073 - ATI) Hidden
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{2A16B95F-7377-410A-B961-EFD9394E1AF3}) (Version:  - Microsoft)
Dropbox (HKCU\...\Dropbox) (Version: 2.4.11 - Dropbox, Inc.)
Energy Management (HKLM-x32\...\{0CE226F3-EB27-4ECD-BBF5-F088716779FD}) (Version: 5.4.0.9 - Lenovo)
EPSON XP-302 303 305 306 Series Printer Uninstall (HKLM\...\EPSON XP-302 303 305 306 Series) (Version:  - SEIKO EPSON Corporation)
ESET NOD32 Antivirus (HKLM\...\{EDD78A07-776B-417C-817B-35BB00F12EBF}) (Version: 7.0.317.4 - ESET, spol s r. o.)
foobar2000 v1.1.15 (HKLM-x32\...\foobar2000) (Version: 1.1.15 - Peter Pawlowski)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Talk Plugin (HKLM-x32\...\{975C3A93-2491-3D44-A071-F6CBF153E46D}) (Version: 3.1.4.8140 - Google)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
ICQ7M (HKLM-x32\...\{781B39EC-2E18-41FC-9B00-B84E4FFCA85F}) (Version: 7.8 - ICQ)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)
iTunes (HKLM\...\{76FF0F03-B707-4332-B5D1-A56C8303514E}) (Version: 11.0.4.4 - Apple Inc.)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.41.2 - JMicron Technology Corp.)
Lenovo Bluetooth with Enhanced Data Rate Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.0.9600 - Broadcom Corporation)
Lenovo SlideNav (HKLM-x32\...\Lenovo SlideNav2) (Version: 2.0.1230.0001 - Lenovo)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Media Add-ons für Acronis True Image Home 2010 (HKLM-x32\...\{3C6F60BD-EDBF-4D45-A063-59261E6FD540}) (Version: 13.0.7046 - Acronis)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 32-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Outlook Hotmail Connector 64-bit (HKLM\...\{95140000-0081-0409-1000-0000000FF1CE}) (Version: 14.0.6123.5001 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{ac3600d2-e1b3-4573-bef7-73f9409d6393}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Windows Performance Toolkit (HKLM\...\{24190661-2122-40D1-9F7C-8FDEA5AE4197}) (Version: 4.6.0 - Microsoft Corporation)
Microsoft Windows SDK for Windows 7 (7.0) (Version: 7.0.40715 - Microsoft Corporation) Hidden
Microsoft Windows SDK for Windows 7 Common Utilities (40715) (Version: 7.0.40715 - Microsoft Corporation) Hidden
Microsoft Windows SDK for Windows 7 Utilities for Win32 Development (40715) (Version: 7.0.40715 - Microsoft Corporation) Hidden
Microsoft Windows SDK Intellisense and Reference Assemblies (40715) (Version: 7.0.40715 - Microsoft Corporation) Hidden
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Mindjet (HKLM-x32\...\{BD76D284-BE6E-40B2-8F37-2201F9B6EACC}) (Version: 11.2.185 - Mindjet)
Mozilla Firefox 13.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 13.0.1 (x86 de)) (Version: 13.0.1 - Mozilla)
Mozilla Firefox 29.0.1 (x86 de) (HKCU\...\Mozilla Firefox 29.0.1 (x86 de)) (Version: 29.0.1 - Mozilla)
MPC-HC 1.6.6.6957 (3975d54) (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.6.6.6957 - MPC-HC Team)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
Onekey Theater (HKLM-x32\...\{DFB19121-0609-49C1-92B1-546E5A940FE8}) (Version: 2.0.1.7 - Lenovo)
PDF-XChange 2012 (HKLM\...\{504022CD-6A58-42D5-ACC9-966F695AAD93}_is1) (Version: 5.0.266.0 - Tracker Software Products Ltd)
Plus Pack für Acronis True Image Home 2010 (HKLM-x32\...\{4C556B5C-8EF7-47B4-AE05-FE71EEB2C25B}) (Version: 13.0.7046 - Acronis)
PowerXpressHybrid (x32 Version: 1.00.0000 - Ihr Firmenname) Hidden
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6037 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version:  - Microsoft) Hidden
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
SlideNav Media Keys (HKLM-x32\...\{6ADF1C3F-9D61-4858-B49F-F3F0E2338E1E}) (Version: 1.0.5 - Alexander Shakhov)
Solid Edge ST4 (HKLM-x32\...\{6BADDD61-4B40-4FD1-BAE8-0E8C1E85F806}) (Version: 104.00.00082 - Siemens)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.18.0 - Synaptics Incorporated)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.6 - TeamSpeak Systems GmbH)
Trojan Remover 6.9.1.2931 (HKLM-x32\...\Trojan Remover_is1) (Version: 6.9.1.2931 - Simply Super Software)
TuneUp Utilities 2012 (HKLM-x32\...\TuneUp Utilities 2012) (Version: 12.0.3600.73 - TuneUp Software)
TuneUp Utilities 2012 (x32 Version: 12.0.3600.73 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (x32 Version: 10.0.4010.25 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (x32 Version: 12.0.3600.73 - TuneUp Software) Hidden
Update for Microsoft Access 2010 (KB2553446) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{FEF4C57D-0975-4D3C-ACC7-DCD038C3788F}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{84B191B5-5319-463A-A305-8C4D53B1D20A}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{DB0B0CDF-77EC-47B0-94E2-4738573A1E58}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{1AA82E2E-7DB7-4C70-910C-BBB657A6B3A5}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{79C725A1-3964-421C-A528-78C1C083C7C7}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{EBD18DE5-BC84-4B57-9A30-097044871F9A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{4AD36582-256B-433D-8593-F31773A15CA4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{4AD36582-256B-433D-8593-F31773A15CA4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F216169C-2B40-429B-8370-B5BA06EC5423}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F216169C-2B40-429B-8370-B5BA06EC5423}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{B6AD7E27-012A-4B63-82BA-AF62893E5435}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{07DC9C6C-E916-4F42-8677-716930ED0393}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{6E760BBA-B83F-4C2D-918F-5F91EF6C9861}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{43F59F4D-7179-497E-BE99-BC6F7D1DDCBA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition (HKLM\...\{90140000-0044-0407-1000-0000000FF1CE}_Office14.PROPLUS_{43F59F4D-7179-497E-BE99-BC6F7D1DDCBA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 64-Bit Edition (HKLM\...\{90140000-001F-0407-1000-0000000FF1CE}_Office14.PROPLUS_{64D96F30-CF4C-4CCE-AAF2-F8909348BF35}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 64-Bit Edition (HKLM\...\{90140000-001F-040C-1000-0000000FF1CE}_Office14.PROPLUS_{9F6507AC-7D8F-46C1-B90F-59C7828E0E0D}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{8A6BDA63-4D23-4485-A466-8979E10BCF49}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{8A6BDA63-4D23-4485-A466-8979E10BCF49}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{3029C408-1DD1-4273-8E58-87CB1B638FC8}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{3029C408-1DD1-4273-8E58-87CB1B638FC8}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{DDDC32A5-9528-4771-B91A-97A8E1D7957B}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 64-Bit Edition (HKLM\...\{90140000-001A-0407-1000-0000000FF1CE}_Office14.PROPLUS_{6164E0E5-C903-488C-93AF-1B7AF7EBC331}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A20A650C-F820-4CE4-AEA5-EC140192FAFB}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 64-Bit Edition (HKLM\...\{90140000-0018-0407-1000-0000000FF1CE}_Office14.PROPLUS_{FD360122-6829-4497-97C1-1BF578EF695B}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{77374F16-2DC6-4EEF-AFAD-C59FDA2E010D}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{77374F16-2DC6-4EEF-AFAD-C59FDA2E010D}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F6F342A1-530B-4D48-A468-1E3F70928984}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{C950A55F-82E3-4CC8-8FA2-E8A2A0F651F3}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{89FDC8D9-FB84-4EFE-950D-AF4EECC3B64C}) (Version:  - Microsoft)
Winamp (HKLM-x32\...\Winamp) (Version: 5.623  - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKCU\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Mobile Device Updater Component (Version: 04.07.1407.00 - Microsoft Corporation) Hidden
Windows SDK Intellidocs (x32 Version: 9.0.30729 - Microsoft) Hidden
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Zune (Version: 04.07.1404.01 - Microsoft Corporation) Hidden
Zune Language Pack (DEU) (Version: 04.07.1404.01 - Microsoft Corporation) Hidden
Zune Language Pack (ESP) (Version: 04.07.1404.01 - Microsoft Corporation) Hidden
Zune Language Pack (FRA) (Version: 04.07.1404.01 - Microsoft Corporation) Hidden
Zune Language Pack (ITA) (Version: 04.07.1404.01 - Microsoft Corporation) Hidden
Zune Language Pack (NLD) (Version: 04.07.1404.01 - Microsoft Corporation) Hidden
Zune Language Pack (PTB) (Version: 04.07.1404.01 - Microsoft Corporation) Hidden
Zune Language Pack (PTG) (Version: 04.07.1404.01 - Microsoft Corporation) Hidden

==================== Restore Points  =========================


==================== Hosts content: ==========================

2009-07-14 04:34 - 2011-07-03 14:40 - 00000854 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 activate.adobe.com

==================== Scheduled Tasks (whitelisted) =============

Task: {28DF8979-1507-4BEA-A8D0-69A4D751CA8F} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2013-01-07] ()
Task: {37986DE2-ECB5-4DFB-A500-ED9D3766D5B7} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2011 => G:\Programme\TuneUp Utilities\OneClick.exe
Task: {4D2FABA7-0111-4AE2-8F81-177EC84BB29B} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2012 => D:\Programme\TuneUp Utilities\OneClick.exe [2012-05-29] (TuneUp Software)
Task: {4E4A489D-76F3-49FA-916B-D9F3B2A71CA2} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-14] (Adobe Systems Incorporated)
Task: {710CD1B5-0056-484E-A50B-2E5BD777D5D6} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1265798755-1054352805-3517939008-1000UA => C:\Users\Jakob\AppData\Local\Google\Update\GoogleUpdate.exe [2011-07-27] (Google Inc.)
Task: {827D40B4-24CF-4864-938C-BF122FD99CAC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-25] (Google Inc.)
Task: {8A30922E-0916-4884-A6F2-5BC6E6C30492} - System32\Tasks\Google Updater and Installer => C:\Users\Jakob\AppData\Local\Google\Update\GoogleUpdate.exe [2011-07-27] (Google Inc.)
Task: {92D216A7-A0D4-4C79-9FC6-B7E23CACFC4E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1265798755-1054352805-3517939008-1000Core => C:\Users\Jakob\AppData\Local\Google\Update\GoogleUpdate.exe [2011-07-27] (Google Inc.)
Task: {AE030A8D-09D6-40B1-B7F5-4833CBFFC86B} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21] (Adobe Systems Incorporated)
Task: {B3D1B5EC-7BC9-4229-B208-C73ABA00FA15} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {E2D856E9-3B20-4059-A6EB-CC8BFF52EEE9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-25] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1265798755-1054352805-3517939008-1000Core.job => C:\Users\Jakob\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1265798755-1054352805-3517939008-1000UA.job => C:\Users\Jakob\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2011-06-28 23:23 - 2009-12-19 02:52 - 00201120 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\ActiveDetect64.dll
2011-06-28 23:23 - 2009-12-19 02:53 - 00156576 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\WindowsApiHookDll64.dll
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2011-06-28 23:04 - 2009-07-15 15:55 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\kbdhook.dll
2011-06-28 23:04 - 2009-07-15 15:55 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\HookLib.dll
2011-06-28 23:23 - 2009-12-19 02:52 - 00100256 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe
2010-08-26 13:47 - 2010-08-26 13:47 - 00016384 _____ () C:\Program Files (x86)\ATI\ATI.ACE\Branding\Branding.dll
2010-08-31 20:41 - 2010-08-31 20:41 - 00270336 _____ () C:\Program Files (x86)\ATI\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\office14\Cultures\office.odf
2012-12-18 21:08 - 2012-12-18 21:08 - 00131072 _____ () D:\Programme\Adobe Acrobat\Acrobat\Locale\de_de\PDFMaker\PDFMOutlookAddin.DEU
2013-12-21 08:04 - 2013-12-21 08:04 - 04891008 _____ () D:\Programme\Adobe Acrobat\PDFMaker\Common\X64\AdobePDFMakerX.dll
2012-12-18 21:08 - 2012-12-18 21:08 - 01446912 _____ () D:\Programme\Adobe Acrobat\Acrobat\Locale\de_DE\PDFMaker\AdobePDFMakerX.DEU
2013-02-15 04:36 - 2013-02-15 04:36 - 01554496 _____ () D:\Programme\Microsoft Offic Professional Plus 2010\Office14\ADDINS\UmOutlookAddin.dll
2011-06-28 23:23 - 2009-12-19 02:50 - 00161696 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\ActiveDetect32.dll
2011-06-28 23:23 - 2009-12-19 02:51 - 00133024 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\WindowsApiHookDll32.dll
2013-02-05 12:05 - 2013-02-05 12:05 - 00151848 _____ () D:\Programme\Mindjet\zlib.dll
2014-02-15 09:20 - 2014-02-15 09:20 - 00170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\bfd5296be62268bc7a31a424f0d1ad5f\IsdiInterop.ni.dll
2011-06-15 20:56 - 2010-03-03 20:08 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2014-05-11 11:25 - 2014-05-11 11:25 - 03839088 _____ () D:\Programme\Mozilla Firefox\mozjs.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2014-05-14 13:26 - 2014-05-14 13:26 - 16361136 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll
2012-09-23 21:43 - 2012-09-23 21:43 - 00313992 _____ () D:\Programme\Adobe Acrobat\Acrobat\sqlite.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: BDESVC => 3
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: bthserv => 3
MSCONFIG\Services: btwdins => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\Windows\pss\Bluetooth.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Jakob^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^EvernoteClipper.lnk => C:\Windows\pss\EvernoteClipper.lnk.Startup
MSCONFIG\startupreg: 332BigDog => C:\Program Files (x86)\USB Camera2\VM332_STI.EXE                                                                                                                                                                                                                         
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "D:\Programme\Adobe Acrobat\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: Acronis Scheduler2 Service => "C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: AlcoholAutomount => "D:\Programme\Alcohol 52\AxAutoMntSrv.exe" -automount
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BCSSync => "D:\Programme\Microsoft Offic Professional Plus 2010\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: DAEMON Tools Lite => "G:\Programme\DAEMON Tools\DTLite.exe" -autorun
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: EPLTarget => 
MSCONFIG\startupreg: Google Update => "C:\Users\Jakob\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: ICQ => "G:\Programme\ICQ\ICQ7.5\ICQ.exe" silent loginmode=4
MSCONFIG\startupreg: iTunesHelper => "D:\Programme\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: MMReminderService => D:\Programme\Mindjet\MMReminderService.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Steam => "D:\Games\Steam\Steam.exe" -silent
MSCONFIG\startupreg: TrojanScanner => D:\Programme\Trojan Remover\Trjscan.exe /boot
MSCONFIG\startupreg: Zune Launcher => "G:\Programme\Zune\ZuneLauncher.exe"

==================== Faulty Device Manager Devices =============

Name: Intel(R) Core(TM) i3 CPU       M 380  @ 2.53GHz
Description: Intel-Prozessor
Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Manufacturer: Intel
Service: intelppm
Problem: : A driver (service) for this device has been disabled. An alternate driver may be providing this functionality (Code 32)
Resolution: The start type for this driver is set to disabled in the registry.
Uninstall the driver from Device Manager, and then scan for new hardware to install the driver again. If this does not work, you might have to change the device start type parameter in the registry.

Name: Intel(R) Core(TM) i3 CPU       M 380  @ 2.53GHz
Description: Intel-Prozessor
Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Manufacturer: Intel
Service: intelppm
Problem: : A driver (service) for this device has been disabled. An alternate driver may be providing this functionality (Code 32)
Resolution: The start type for this driver is set to disabled in the registry.
Uninstall the driver from Device Manager, and then scan for new hardware to install the driver again. If this does not work, you might have to change the device start type parameter in the registry.

Name: Intel(R) Core(TM) i3 CPU       M 380  @ 2.53GHz
Description: Intel-Prozessor
Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Manufacturer: Intel
Service: intelppm
Problem: : A driver (service) for this device has been disabled. An alternate driver may be providing this functionality (Code 32)
Resolution: The start type for this driver is set to disabled in the registry.
Uninstall the driver from Device Manager, and then scan for new hardware to install the driver again. If this does not work, you might have to change the device start type parameter in the registry.

Name: Intel(R) Management Engine Interface
Description: Intel(R) Management Engine Interface
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: HECIx64
Problem: : A driver (service) for this device has been disabled. An alternate driver may be providing this functionality (Code 32)
Resolution: The start type for this driver is set to disabled in the registry.
Uninstall the driver from Device Manager, and then scan for new hardware to install the driver again. If this does not work, you might have to change the device start type parameter in the registry.

Name: Broadcom BCM2070 Bluetooth 2.1+EDR USB Device
Description: Broadcom BCM2070 Bluetooth 2.1+EDR USB Device
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Broadcom
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Intel(R) Core(TM) i3 CPU       M 380  @ 2.53GHz
Description: Intel-Prozessor
Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Manufacturer: Intel
Service: intelppm
Problem: : A driver (service) for this device has been disabled. An alternate driver may be providing this functionality (Code 32)
Resolution: The start type for this driver is set to disabled in the registry.
Uninstall the driver from Device Manager, and then scan for new hardware to install the driver again. If this does not work, you might have to change the device start type parameter in the registry.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/23/2014 01:47:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SnippingTool.exe, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bcb47
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000ffdc17c0
ID des fehlerhaften Prozesses: 0x2310
Startzeit der fehlerhaften Anwendung: 0xSnippingTool.exe0
Pfad der fehlerhaften Anwendung: SnippingTool.exe1
Pfad des fehlerhaften Moduls: SnippingTool.exe2
Berichtskennung: SnippingTool.exe3

Error: (06/23/2014 01:41:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mspaint.exe, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bca29
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000ffdc17c0
ID des fehlerhaften Prozesses: 0x1898
Startzeit der fehlerhaften Anwendung: 0xmspaint.exe0
Pfad der fehlerhaften Anwendung: mspaint.exe1
Pfad des fehlerhaften Moduls: mspaint.exe2
Berichtskennung: mspaint.exe3

Error: (06/23/2014 01:40:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SnippingTool.exe, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bcb47
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000ffdc17c0
ID des fehlerhaften Prozesses: 0x1880
Startzeit der fehlerhaften Anwendung: 0xSnippingTool.exe0
Pfad der fehlerhaften Anwendung: SnippingTool.exe1
Pfad des fehlerhaften Moduls: SnippingTool.exe2
Berichtskennung: SnippingTool.exe3

Error: (06/23/2014 01:40:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SnippingTool.exe, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bcb47
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000ffdc17c0
ID des fehlerhaften Prozesses: 0x2020
Startzeit der fehlerhaften Anwendung: 0xSnippingTool.exe0
Pfad der fehlerhaften Anwendung: SnippingTool.exe1
Pfad des fehlerhaften Moduls: SnippingTool.exe2
Berichtskennung: SnippingTool.exe3

Error: (06/23/2014 00:35:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: OUTLOOK.EXE, Version: 14.0.7113.5000, Zeitstempel: 0x527d6330
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000ffdcd420
ID des fehlerhaften Prozesses: 0xe78
Startzeit der fehlerhaften Anwendung: 0xOUTLOOK.EXE0
Pfad der fehlerhaften Anwendung: OUTLOOK.EXE1
Pfad des fehlerhaften Moduls: OUTLOOK.EXE2
Berichtskennung: OUTLOOK.EXE3

Error: (06/23/2014 00:10:22 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.

Error: (06/23/2014 00:09:19 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"1".
Die abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (06/23/2014 00:09:11 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"1".
Die abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (06/23/2014 00:08:57 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"1".
Die abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (06/23/2014 00:08:18 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"1".
Die abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".


System errors:
=============
Error: (06/23/2014 00:54:14 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (06/23/2014 00:53:17 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "ESET Service" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (06/23/2014 07:29:29 AM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (06/22/2014 00:20:00 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (06/20/2014 03:43:04 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (06/19/2014 08:15:10 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (06/19/2014 08:05:47 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎19.‎06.‎2014 um 19:01:10 unerwartet heruntergefahren.

Error: (06/18/2014 08:45:22 AM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (06/16/2014 05:27:57 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (06/13/2014 04:52:30 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.


Microsoft Office Sessions:
=========================
Error: (06/23/2014 01:47:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: SnippingTool.exe6.1.7600.163854a5bcb47unknown0.0.0.000000000c000000500000000ffdc17c0231001cf8ed8f41960aeC:\Windows\system32\SnippingTool.exeunknown36c23a64-facc-11e3-8379-e89a8f334165

Error: (06/23/2014 01:41:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: mspaint.exe6.1.7600.163854a5bca29unknown0.0.0.000000000c000000500000000ffdc17c0189801cf8ed802f73f0dC:\Windows\system32\mspaint.exeunknown43933192-facb-11e3-8379-e89a8f334165

Error: (06/23/2014 01:40:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: SnippingTool.exe6.1.7600.163854a5bcb47unknown0.0.0.000000000c000000500000000ffdc17c0188001cf8ed7f69a91abC:\Windows\system32\SnippingTool.exeunknown375ca9d3-facb-11e3-8379-e89a8f334165

Error: (06/23/2014 01:40:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: SnippingTool.exe6.1.7600.163854a5bcb47unknown0.0.0.000000000c000000500000000ffdc17c0202001cf8ed7eaea50f8C:\Windows\system32\SnippingTool.exeunknown2eb51588-facb-11e3-8379-e89a8f334165

Error: (06/23/2014 00:35:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: OUTLOOK.EXE14.0.7113.5000527d6330unknown0.0.0.000000000c000000500000000ffdcd420e7801cf8ea35e5433acD:\Programme\Microsoft Offic Professional Plus 2010\Office14\OUTLOOK.EXEunknown070d4559-fac2-11e3-8379-e89a8f334165

Error: (06/23/2014 00:10:22 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORC:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllC:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3

Error: (06/23/2014 00:09:19 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"C:\Program Files (x86)\Common Files\Acronis\DiskDirector\WinPE\Files\mmsBundle.dll

Error: (06/23/2014 00:09:11 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"C:\Program Files (x86)\Common Files\Acronis\DiskDirector\WinPE\Files\ManagementConsole.exe

Error: (06/23/2014 00:08:57 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"C:\Program Files (x86)\Common Files\Acronis\DiskDirector\WinPE\Files\RecoveryExpert.exe

Error: (06/23/2014 00:08:18 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"C:\Program Files (x86)\Common Files\Acronis\DiskDirector\WinPE\Files\systeminfo.exe


CodeIntegrity Errors:
===================================
  Date: 2014-06-17 11:44:41.451
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-06-10 11:43:16.243
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-06-10 11:41:24.293
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-06-10 11:35:19.408
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-06-03 11:36:28.482
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-05-27 12:00:13.771
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-05-20 11:43:31.373
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-05-20 11:42:02.961
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-05-13 11:42:18.893
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-05-13 11:42:18.425
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 62%
Total physical RAM: 3892.48 MB
Available physical RAM: 1443.76 MB
Total Pagefile: 7783.13 MB
Available Pagefile: 4619.58 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: (Lokales System) (Fixed) (Total:39.53 GB) (Free:1.6 GB) NTFS
Drive d: (Lokale Programme) (Fixed) (Total:34.87 GB) (Free:15.66 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: (Lokale Daten) (Fixed) (Total:698.63 GB) (Free:5.57 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 75 GB) (Disk ID: 1B854D1D)
Partition 1: (Active) - (Size=138 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=35 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=40 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 699 GB) (Disk ID: EFBC7BCF)
Partition 1: (Not Active) - (Size=699 GB) - (Type=07 NTFS)

==================== End Of Log ============================

cosinus · 23.06.2014, 15:51

Zitat:

System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2013-01-07] ()
127.0.0.1 activate.adobe.com

Also so etwas find ich sehr unschön. Office-Crack und ein Hosts-File-Hack um gecrackte Adobe-Software zu nutzen

Ist denn das installierte Win7 Ultimate legal?

Bitte lesen => http://www.trojaner-board.de/95393-c...-software.html

Es geht weiter wenn du alles Illegale entfernt hast.

Bei wiederholten Crack/Keygen Verstößen behalte ich es mir vor, den Support einzustellen, d.h. Hilfe nur noch bei der Datensicherung und Neuinstallation des Betriebssystems.

Cke · 23.06.2014, 16:00

Hallo cosinus,
ich kann mich leider zZ (mitten in der Prüfungsphase) nicht von der Software trennen.
Gibt es eine alternativ Lösung?

cosinus · 23.06.2014, 16:13

Wenn du dich von der Software nicht trennen kannst, gibt es keine Bereinigung.

Cke · 23.06.2014, 16:29

Ich geh davon aus, dass du dir deine Vermutung bzgl. des Betriebsystems im weiteren Verlauf bestätigen könntest. Von daher bleibt mir ohnehin nichts als Neuaufsetzen.

Dennoch vielen Dank

23.06.2014, 16:13	#6
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	win32/emotet.aa - T-online "Rechnung" .exe im Anhang ausgeführt Wenn du dich von der Software nicht trennen kannst, gibt es keine Bereinigung. __________________ --> win32/emotet.aa - T-online "Rechnung" .exe im Anhang ausgeführt

win32/emotet.aa - T-online "Rechnung" .exe im Anhang ausgeführt

Plagegeister aller Art und deren Bekämpfung: win32/emotet.aa - T-online "Rechnung" .exe im Anhang ausgeführt