Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Ständige Werbung in allen Browsern

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 28.06.2014, 22:25   #1
FVBPlayrt
 
Ständige Werbung in allen Browsern - Standard

Ständige Werbung in allen Browsern



Hallo,
mein Problem sieht folgendermaßen aus:
- in allen Browsern, die ich benutze (Firefox und Chrome) taucht plötzlich eine Vielzahl an Werbung auf. Es sind meistens nur so kleine Fenster, die auf der Seite sind und die man mit einfachen Klicks wieder entfernen kann, dennoch sind sie nervig
- als nächstes öffnen sich meistens, wenn ich Sachen anklicke neue Internetseiten mit verschiedenen Werbungen
- die Schnelligkeit des Laptops ist seitdem extrem gering und es dauert sehr lange, bis Seiten geladen sind. Downloadgeschwindigkeiten sind dagegen relativ konstant wie vorher auch.

Vielleicht kann mir jemand helfen und mir sagen was ich machen kann, bevor ich ein neues Betriebssystem installieren muss.

Vielen Dank

Alt 28.06.2014, 22:36   #2
Bootsektor
Ruhe in Frieden
† 2019
 
Ständige Werbung in allen Browsern - Standard

Ständige Werbung in allen Browsern





Mein Name ist Sandra und ich werde Dir bei Deinem Problem behilflich sein.
  • Bitte arbeite alle Schritte der Reihe nach ab.
  • Lese die Anleitungen sorgfältig durch bevor Du beginnst. Wenn es Probleme gibt oder Du etwas nicht verstehst, dann stoppe mit Deiner Ausführung und beschreibe mir das Problem
  • Führe bitte nur Scans durch zu denen Du von mir aufgefordert wirst.
  • Bitte kein Crossposting ( posten in mehreren Foren).
  • Installiere oder deinstalliere während der Bereinigung keine Software, ausser Du wurdest dazu aufgefordert.
  • Poste die Logfiles direkt in deinen Thread in Code-Tags.
  • Bedenke, dass wir hier alle während unserer Freizeit tätig sind, wenn du innerhalb von 2 Tagen nichts von mir hörst, dann schreibe mir bitte eine PM.

Hinweis: Ich kann Dir niemals eine Garantie geben, dass ich auch alles finde. Eine Formatierung ist meist der schnellere und bei einem Befall durch Malware immer der sicherste Weg. Adware lässt sich in den allermeisten Fällen problemlos entfernen.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Dir jemand vom Team sagt, dass Du clean bist.

Posten in Code Tags
Bitte füge die Logs immer in Code-Tags ein. Wenn Du das nicht machst, erschwert es mir sehr das Auswerten. Danke.
Dazu:
  • Klicke über dem Antwortfenster auf die Raute #, dann steht dort in eckigen Klammern [] CODE /CODE.
  • Zwischen den beiden code-Bausteinen fügst Du dann deine Logfiles ein. Also CODE Logfile /CODE
  • Wenn die Logs zu lang sein sollten, dann teile sie bitte auf und poste sie dann hier in Deinem Thread, notfalls in mehreren Antworten.

Schritt 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 28.06.2014, 22:53   #3
FVBPlayrt
 
Ständige Werbung in allen Browsern - Standard

Ständige Werbung in allen Browsern




FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-06-2014 02
Ran by Julian (administrator) on JULIAN-PC on 28-06-2014 23:48:45
Running from C:\Users\Julian\DOWNLOADS
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(Cherished Technololgy LIMITED) C:\ProgramData\IePluginService\PluginService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Cherished Technololgy LIMITED) C:\ProgramData\WPM\wprotectmanager.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
() C:\Program Files (x86)\BlockAndSurf-soft\BlockAndSurfg.exe
(Systweak) C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Simplygen) C:\Program Files (x86)\Protected Search\ProtectedSearch.exe
(CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(SMART Technologies) C:\Program Files (x86)\SMART Technologies\Education Software\SMARTHelperService.exe
(Crawler.com) C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
() C:\Users\Julian\AppData\Roaming\VOPackage\VOsrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Crawler.com) C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Revizer) C:\Program Files (x86)\BlockAndSurf-soft\BlockNSurf.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe
(Vimicro) C:\Program Files (x86)\USB Camera\VM331_STI.EXE
() C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
(MyPCBackup.com) C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Lenovo) C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
( ) C:\Program Files (x86)\LockKey\LockKey.exe
(Ask) C:\Program Files (x86)\Ask.com\Updater\Updater.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(SMART Technologies ULC) C:\Program Files (x86)\SMART Technologies\Education Software\FloatingTools.exe
(SMART Technologies) C:\Program Files (x86)\SMART Technologies\Education Software\SMARTNotification.exe
(SMART Technologies) C:\Program Files (x86)\SMART Technologies\Education Software\SMARTTrayIcon.exe
(SMART Technologies) C:\Program Files (x86)\SMART Technologies\Education Software\SMARTBoardService.exe
(SMART Technologies) C:\Program Files (x86)\SMART Technologies\Education Software\SMARTInk.exe
(Joyent, Inc) C:\Program Files (x86)\SMART Technologies\Education Software\sbsdk-server\SBWDKService.exe
() C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
() C:\Program Files (x86)\Browsersafeguard\BrowserSafeguard.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTStackServer.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(SMART Technologies) C:\Program Files (x86)\SMART Technologies\Education Software\Office\SMARTInk-SBSDKProxy.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(SMART Technologies) C:\Program Files (x86)\SMART Technologies\Education Software\SMARTInkPrivilegedAccess.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoUpdateCheck.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
() C:\Program Files (x86)\Privacy Dr\Splash.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\OneClick.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TUDefragBackend64.exe
(Crawler.com) C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
() C:\Program Files (x86)\BlockAndSurf-soft\BlockAndSurfdc171.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [564352 2012-03-01] (Conexant Systems, Inc.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2809856 2012-01-16] (ELAN Microelectronics Corp.)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [8079408 2012-08-19] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [6202416 2012-08-19] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo EE Boot Optimizer] => C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe [206176 2012-08-19] (Lenovo)
HKLM\...\Run: [SpywareTerminatorShield] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe [2777296 2012-11-09] (Crawler.com)
HKLM\...\Run: [SpywareTerminatorUpdater] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe [3684488 2013-04-03] (Crawler.com)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291648 2012-05-21] (Intel Corporation)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-11-29] (Intel Corporation)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [507744 2011-12-20] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [331BigDog] => C:\Program Files (x86)\USB Camera\VM331_STI.EXE [548864 2011-11-24] (Vimicro)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-06-06] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [152896 2012-06-25] (Intel Corporation)
HKLM-x32\...\Run: [YouCam Mirage] => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2011-01-28] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe [228448 2011-01-28] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2010-07-26] (CyberLink Corp.)
HKLM-x32\...\Run: [VeriFaceManager] => C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe [329056 2012-08-19] (Lenovo)
HKLM-x32\...\Run: [UpdatePRCShortCut] => C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-13] (CyberLink Corp.)
HKLM-x32\...\Run: [LockKey] => C:\Program Files (x86)\LockKey\LockKey.exe [337776 2011-08-25] ( )
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [ApnUpdater] => C:\Program Files (x86)\Ask.com\Updater\Updater.exe [1573584 2012-10-29] (Ask)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [737872 2014-06-11] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [SMART Floating Tools] => C:\Program Files (x86)\SMART Technologies\Education Software\FloatingTools.exe [9024304 2013-11-20] (SMART Technologies ULC)
HKLM-x32\...\Run: [SMARTNotification] => C:\Program Files (x86)\SMART Technologies\Education Software\SMARTNotification.exe [204592 2013-11-22] (SMART Technologies)
HKLM-x32\...\Run: [SMART Tray Tools] => C:\Program Files (x86)\SMART Technologies\Education Software\SMARTTrayIcon.exe [743728 2013-11-22] (SMART Technologies)
HKLM-x32\...\Run: [SMART Board Service] => C:\Program Files (x86)\SMART Technologies\Education Software\SMARTBoardService.exe [1933104 2013-11-22] (SMART Technologies)
HKLM-x32\...\Run: [sbsdk-server] => C:\Program Files (x86)\SMART Technologies\Education Software\sbsdk-server\NodeLauncher.exe [62768 2013-08-22] (SMART Technologies)
HKLM-x32\...\Run: [SMART Ink] => C:\Program Files (x86)\SMART Technologies\Education Software\SMARTInk.exe [147248 2013-10-31] (SMART Technologies)
HKLM-x32\...\Run: [mobilegeni daemon] => C:\Program Files (x86)\Mobogenie\DaemonProcess.exe [761536 2014-01-02] ()
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKLM-x32\...\Run: [BrowserSafeguard] => C:\Program Files (x86)\Browsersafeguard\BrowserSafeguard.exe [522752 2014-05-06] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1677683325-2679214213-1298775176-1000\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3588952 2014-05-18] (Electronic Arts)
HKU\S-1-5-21-1677683325-2679214213-1298775176-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-08-19] (Google Inc.)
HKU\S-1-5-21-1677683325-2679214213-1298775176-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-1677683325-2679214213-1298775176-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-1677683325-2679214213-1298775176-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [24474752 2014-06-05] (Google)
HKU\S-1-5-21-1677683325-2679214213-1298775176-1000\...\Run: [NextLive] => C:\Windows\SysWOW64\rundll32.exe "C:\Users\Julian\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
HKU\S-1-5-21-1677683325-2679214213-1298775176-1000\...\Run: [lollipop] => lollipop
HKU\S-1-5-21-1677683325-2679214213-1298775176-1000\...\Run: [PrivacyDr] => C:\Program Files (x86)\Privacy Dr\PrivacyDr.exe [2920384 2013-11-13] ()
HKU\S-1-5-21-1677683325-2679214213-1298775176-1000\...\Run: [BlockNSurf] => C:\Program Files (x86)\BlockAndSurf-soft\BlockNSurf.exe [131584 2014-05-22] (Revizer)
HKU\S-1-5-21-1677683325-2679214213-1298775176-1000\...\MountPoints2: {61b469da-e9ed-11e1-ac5f-806e6f6e6963} - F:\Autorun.exe
HKU\S-1-5-21-1677683325-2679214213-1298775176-1000\...\MountPoints2: {9ff9f46d-94bb-11e3-9a60-c0143dc3fd0c} - E:\LaunchU3.exe -a
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll [1355040 2014-03-30] (Conduit)
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll [1050400 2014-03-30] (Conduit)
Lsa: [Notification Packages] scecli C:\Program Files\Lenovo\Bluetooth Software\BtwProximityCP.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnk
ShortcutTarget: TP-LINK Wireless Configuration Utility.lnk -> C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe ()
Startup: C:\Users\Julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
ShortcutTarget: MyPC Backup.lnk -> C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)
Startup: C:\Users\Julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\simplicheck.lnk
ShortcutTarget: simplicheck.lnk -> C:\Program Files (x86)\simplitec\simplicheck\simplicheck.exe (simplitec)
ShellIconOverlayIdentifiers: GDriveBlacklistedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedEditOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedViewOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncingOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: VeriFace Enc -> {771C7324-DA80-49D3-8017-753B0AF60951} => C:\Windows\system32\IcnOvrly.dll ()
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:49423;https=127.0.0.1:49423
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.mysearchdial.com/?f=1&a=cmi_14_14_ff&cd=2XzuyEtN2Y1L1Qzu0CtDtCyEtA0D0CtA0F0DtD0C0E0EyC0AtN0D0Tzu0SzztBtCtN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyEzytD0CyDtB0B0DtGzy0B0A0EtGtBtDtAyBtGtDtD0E0DtGtBtB0F0Czz0EtB0ByBtAtA0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyC0CyEtCtDyEyE0EtGyB0B0E0BtG0B0CyCzytGyDyBzyzytGyE0AyBzz0EtCtB0CyBtA0B0E2Q&cr=1707376684&ir=
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://start.qone8.com/?type=hp&ts=1396349106&from=adks&uid=ST500LM012XHN-M500MBB_S2U3J9AC569467
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.google.com/ig/redirectdomain?brand=KMOH&bmod=KMOH
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = 
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.qone8.com/web/?type=ds&ts=1396349106&from=adks&uid=ST500LM012XHN-M500MBB_S2U3J9AC569467&q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Start Default_Page_URL = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2937
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.qone8.com/web/?type=ds&ts=1396349106&from=adks&uid=ST500LM012XHN-M500MBB_S2U3J9AC569467&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.qone8.com/web/?type=ds&ts=1396349106&from=adks&uid=ST500LM012XHN-M500MBB_S2U3J9AC569467&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://start.qone8.com/?type=hp&ts=1396349106&from=adks&uid=ST500LM012XHN-M500MBB_S2U3J9AC569467
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.mysearchdial.com/?f=1&a=cmi_14_14_ff&cd=2XzuyEtN2Y1L1Qzu0CtDtCyEtA0D0CtA0F0DtD0C0E0EyC0AtN0D0Tzu0SzztBtCtN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyEzytD0CyDtB0B0DtGzy0B0A0EtGtBtDtAyBtGtDtD0E0DtGtBtB0F0Czz0EtB0ByBtAtA0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyC0CyEtCtDyEyE0EtGyB0B0E0BtG0B0CyCzytGyDyBzyzytGyE0AyBzz0EtCtB0CyBtA0B0E2Q&cr=1707376684&ir=
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.qone8.com/web/?type=ds&ts=1396349106&from=adks&uid=ST500LM012XHN-M500MBB_S2U3J9AC569467&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.qone8.com/web/?type=ds&ts=1396349106&from=adks&uid=ST500LM012XHN-M500MBB_S2U3J9AC569467&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://start.qone8.com/?type=hp&ts=1396349106&from=adks&uid=ST500LM012XHN-M500MBB_S2U3J9AC569467
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.mysearchdial.com/?f=1&a=cmi_14_14_ff&cd=2XzuyEtN2Y1L1Qzu0CtDtCyEtA0D0CtA0F0DtD0C0E0EyC0AtN0D0Tzu0SzztBtCtN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyEzytD0CyDtB0B0DtGzy0B0A0EtGtBtDtAyBtGtDtD0E0DtGtBtB0F0Czz0EtB0ByBtAtA0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyC0CyEtCtDyEyE0EtGyB0B0E0BtG0B0CyCzytGyDyBzyzytGyE0AyBzz0EtCtB0CyBtA0B0E2Q&cr=1707376684&ir=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.qone8.com/web/?type=ds&ts=1396349106&from=adks&uid=ST500LM012XHN-M500MBB_S2U3J9AC569467&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Default_Page_URL = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2937
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.certified-toolbar.com?si=41460&tid=2937&bs=true&q=
URLSearchHook: HKCU - &Crawler Toolbar Helper - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\Program Files (x86)\Crawler\Toolbar\ctbr.dll (Crawler.com)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://start.qone8.com/?type=sc&ts=1396349106&from=adks&uid=ST500LM012XHN-M500MBB_S2U3J9AC569467
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.qone8.com/web/?type=ds&ts=1396349106&from=adks&uid=ST500LM012XHN-M500MBB_S2U3J9AC569467&q={searchTerms}
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.qone8.com/web/?type=ds&ts=1396349106&from=adks&uid=ST500LM012XHN-M500MBB_S2U3J9AC569467&q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.qone8.com/web/?type=ds&ts=1396349106&from=adks&uid=ST500LM012XHN-M500MBB_S2U3J9AC569467&q={searchTerms}
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.qone8.com/web/?type=ds&ts=1396349106&from=adks&uid=ST500LM012XHN-M500MBB_S2U3J9AC569467&q={searchTerms}
SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.certified-toolbar.com?si=41460&bs=true&tid=2937&q={searchTerms}
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=cmi_14_14_ff&cd=2XzuyEtN2Y1L1Qzu0CtDtCyEtA0D0CtA0F0DtD0C0E0EyC0AtN0D0Tzu0SzztBtCtN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyEzytD0CyDtB0B0DtGzy0B0A0EtGtBtDtAyBtGtDtD0E0DtGtBtB0F0Czz0EtB0ByBtAtA0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyC0CyEtCtDyEyE0EtGyB0B0E0BtG0B0CyCzytGyDyBzyzytGyE0AyBzz0EtCtB0CyBtA0B0E2Q&cr=1707376684&ir=
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=cmi_14_14_ff&cd=2XzuyEtN2Y1L1Qzu0CtDtCyEtA0D0CtA0F0DtD0C0E0EyC0AtN0D0Tzu0SzztBtCtN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyEzytD0CyDtB0B0DtGzy0B0A0EtGtBtDtAyBtGtDtD0E0DtGtBtB0F0Czz0EtB0ByBtAtA0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyC0CyEtCtDyEyE0EtGyB0B0E0BtG0B0CyCzytGyDyBzyzytGyE0AyBzz0EtCtB0CyBtA0B0E2Q&cr=1707376684&ir=
SearchScopes: HKCU - {193DDDE3-3F56-48EC-8085-549FD9F026DB} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10261&src=kw&q={searchTerms}&locale=&apn_ptnrs=^AGS&apn_dtid=^YYYYYY^YY^DE&apn_uid=09599e60-d3a6-4fb0-946d-ff4c0fa54d5f&apn_sauid=46E449BC-4F3E-4556-9110-102CBC7E6CD9
SearchScopes: HKCU - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} URL = hxxp://www.crawler.com/search/dispatcher.aspx?tp=bs&qkw={searchTerms}&tbid=60747
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.qone8.com/web/?type=ds&ts=1396349106&from=adks&uid=ST500LM012XHN-M500MBB_S2U3J9AC569467&q={searchTerms}
SearchScopes: HKCU - {44594F6D-AD20-45F6-8766-FBB35DB5C317} URL = hxxp://search.softonic.com/MOY00621/tb_v1?q={searchTerms}&SearchSource=4&cc=&mi=7ac7ee6a000000000000c0143dc3fd0b&r=392
SearchScopes: HKCU - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3317742&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SPF7CFA909-731C-4EE5-B9E9-2B4AE0B75CBD&q={searchTerms}&SSPV=
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.certified-toolbar.com?si=41460&bs=true&tid=2937&q={searchTerms}
BHO: Weather It Up - {11111111-1111-1111-1111-110411911136} - C:\Program Files (x86)\Weather It Up\Weather It Up-bho64.dll (Phoenix Media)
BHO: Plus-HD-9.3 - {11111111-1111-1111-1111-110511301198} - C:\Program Files (x86)\Plus-HD-9.3\Plus-HD-9.3-bho64.dll (Plus HD)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: DVDVideoSoft IE Extension - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO-x32: Weather It Up - {11111111-1111-1111-1111-110411911136} - C:\Program Files (x86)\Weather It Up\Weather It Up-bho.dll (Phoenix Media)
BHO-x32: Plus-HD-9.3 - {11111111-1111-1111-1111-110511301198} - C:\Program Files (x86)\Plus-HD-9.3\Plus-HD-9.3-bho.dll (Plus HD)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: &Crawler Toolbar Helper - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\Program Files (x86)\Crawler\Toolbar\ctbr.dll (Crawler.com)
BHO-x32: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files (x86)\SupTab\SupTab.dll (Thinknice Co. Limited)
BHO-x32: SMART Notebook Download Utility - {67BCF957-85FC-4036-8DC4-D4D80E00A77B} - C:\Program Files (x86)\SMART Technologies\Education Software\NotebookPlugin.dll (SMART Technologies ULC.)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Avira SearchFree Toolbar plus Web Protection - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
BHO-x32: BlockAndSurf - {D5B592B1-D572-EF9F-EF4F-05BF14D59119} - C:\Program Files (x86)\BlockAndSurf-soft\171.dll ()
BHO-x32: DownTango Launcher - {e327b07a-0e11-4fd4-bef2-b2c5605b59c6} - C:\Users\Julian\AppData\Roaming\DownTangoFTToolbar\DownTangoFTToolbar.dll (Simplytech Ltd.)
BHO-x32: Softonic Helper Object - {E87806B5-E908-45FD-AF5E-957D83E58E68} - C:\Program Files (x86)\Softonic\Softonic\1.8.21.14\bh\Softonic.dll (Softonic.com)
BHO-x32: DVDVideoSoft IE Extension - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Avira SearchFree Toolbar plus Web Protection - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
Toolbar: HKLM-x32 - &Crawler Toolbar - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\Program Files (x86)\Crawler\Toolbar\ctbr.dll (Crawler.com)
Toolbar: HKLM-x32 - DownTango Launcher - {e327b07a-0e11-4fd4-bef2-b2c5605b59c6} - C:\Users\Julian\AppData\Roaming\DownTangoFTToolbar\DownTangoFTToolbar.dll (Simplytech Ltd.)
Toolbar: HKLM-x32 - Softonic Toolbar - {5018CFD2-804D-4C99-9F81-25EAEA2769DE} - C:\Program Files (x86)\Softonic\Softonic\1.8.21.14\SoftonicTlbr.dll (Softonic.com)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - mysearchdial Toolbar - {3004627E-F8E9-4E8B-909D-316753CBA923} - C:\Program Files (x86)\Mysearchdial\1.8.29.0\mysearchdialTlbr.dll No File
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Toolbar: HKCU - No Name - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} -  No File
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} -  No File
Handler-x32: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\Program Files (x86)\Crawler\Toolbar\ctbr.dll (Crawler.com)
Tcpip\Parameters: [DhcpNameServer] 192.168.192.1

FireFox:
========
FF ProfilePath: C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\6dmk8n6k.default
FF NewTab: chrome://quick_start/content/index.html
FF SearchEngineOrder.1: Mysearchdial
FF Homepage: hxxp://start.mysearchdial.com/?f=1&a=cmi_14_14_ff&cd=2XzuyEtN2Y1L1Qzu0CtDtCyEtA0D0CtA0F0DtD0C0E0EyC0AtN0D0Tzu0SzztBtCtN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyEzytD0CyDtB0B0DtGzy0B0A0EtGtBtDtAyBtGtDtD0E0DtGtBtB0F0Czz0EtB0ByBtAtA0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyC0CyEtCtDyEyE0EtGyB0B0E0BtG0B0CyCzytGyDyBzyzytGyE0AyBzz0EtCtB0CyBtA0B0E2Q&cr=1707376684&ir=
FF Keyword.URL: hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=AVR-4&o=APN10261&locale=de_DE&apn_uid=09599e60-d3a6-4fb0-946d-ff4c0fa54d5f&apn_ptnrs=%5EAGS&apn_sauid=46E449BC-4F3E-4556-9110-102CBC7E6CD9&apn_dtid=%5EYYYYYY%5EYY%5EDE&&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_152.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\6dmk8n6k.default\user.js
FF SearchPlugin: C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\6dmk8n6k.default\searchplugins\Mysearchdial.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\qone8.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Plus-HD-9.3 - C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\6dmk8n6k.default\Extensions\120b8567-cef7-4a3f-bc74-951746209d5b@e3f0d12e-110a-4dac-a277-22ad73cee452.com [2014-04-01]
FF Extension: Weather It Up - C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\6dmk8n6k.default\Extensions\18c3bc7a-b2aa-43c1-885a-665d2f25cf89@d6802e59-3519-4428-bef7-bce888d550bb.com [2014-04-01]
FF Extension: mysearchdial.com - C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\6dmk8n6k.default\Extensions\ffxtlbr@mysearchdial.com [2014-04-01]
FF Extension: Quick Start - C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\6dmk8n6k.default\Extensions\quick_start@gmail.com [2014-04-01]
FF Extension: PriceGong - C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\6dmk8n6k.default\Extensions\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829} [2014-04-01]
FF Extension: MySearchDial - C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\6dmk8n6k.default\Extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}.xpi [2014-06-01]
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2013-12-09]
FF HKLM-x32\...\Firefox\Extensions: [quick_start@gmail.com] - C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\6dmk8n6k.default\extensions\quick_start@gmail.com
FF Extension: Quick Start - C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\6dmk8n6k.default\extensions\quick_start@gmail.com [2014-04-01]
FF HKLM-x32\...\Firefox\Extensions: [{20d1f7b3-7721-4da0-b6f3-78bb4d7248f4}] - C:\Program Files (x86)\Browser Guard\browserguard.xpi
FF Extension: Browser Guard - C:\Program Files (x86)\Browser Guard\browserguard.xpi [2014-02-24]
FF HKCU\...\Firefox\Extensions: [{A7CB7E6E-035E-B31C-D7CC-50F8151A4100}] - C:\Program Files (x86)\BlockAndSurf-soft\171.xpi
FF Extension: BlockAndSurf - C:\Program Files (x86)\BlockAndSurf-soft\171.xpi [2014-05-22]

Chrome: 
=======
CHR HomePage: hxxp://google.de/
CHR StartupUrls: "hxxp://start.mysearchdial.com/?f=1&a=cmi_14_14_ff&cd=2XzuyEtN2Y1L1Qzu0CtDtCyEtA0D0CtA0F0DtD0C0E0EyC0AtN0D0Tzu0SzztBtCtN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyEzytD0CyDtB0B0DtGzy0B0A0EtGtBtDtAyBtGtDtD0E0DtGtBtB0F0Czz0EtB0ByBtAtA0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyC0CyEtCtDyEyE0EtGyB0B0E0BtG0B0CyCzytGyDyBzyzytGyE0AyBzz0EtCtB0CyBtA0B0E2Q&cr=1707376684&ir=", "hxxp://start.qone8.com/?type=hp&ts=1396349106&from=adks&uid=ST500LM012XHN-M500MBB_S2U3J9AC569467"
CHR DefaultSearchKeyword: mysearchdial.com
CHR DefaultSearchProvider: Mysearchdial
CHR DefaultSearchURL: hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=cmi_14_14_ff&cd=2XzuyEtN2Y1L1Qzu0CtDtCyEtA0D0CtA0F0DtD0C0E0EyC0AtN0D0Tzu0SzztBtCtN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyEzytD0CyDtB0B0DtGzy0B0A0EtGtBtDtAyBtGtDtD0E0DtGtBtB0F0Czz0EtB0ByBtAtA0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyC0CyEtCtDyEyE0EtGyB0B0E0BtG0B0CyCzytGyDyBzyzytGyE0AyBzz0EtCtB0CyBtA0B0E2Q&cr=1707376684&ir=
CHR DefaultNewTabURL: 
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\gcswf32.dll No File
CHR Plugin: (McAfee SiteAdvisor) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.31.137.7_0\McChPlg.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll No File
CHR Plugin: (Intel Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll No File
CHR Plugin: (McAfee SecurityCenter) - c:\progra~2\mcafee\msc\npmcsn~1.dll No File
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Extension: (Google Drive) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-06]
CHR Extension: (Weather It Up) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\bakgmemkflciahncfpgaebpnknhejeja [2014-04-01]
CHR Extension: (YouTube) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-11-10]
CHR Extension: (Google-Suche) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-11-10]
CHR Extension: (Softonic Chrome Toolbar) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf [2013-12-09]
CHR Extension: (BlockAndSurf) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\fclfdhclgpnocgnailhbcaeplhjhemlj [2014-05-22]
CHR Extension: (DownTango Launcher) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gladcbhcbkdeddbidiblppadjdjalidb [2012-11-26]
CHR Extension: (Plus-HD-9.3) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak [2014-04-01]
CHR Extension: (Google Wallet) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-29]
CHR Extension: (Quick start) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma [2014-04-01]
CHR Extension: (Google Mail) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-11-10]
CHR Extension: (Extutil) - C:\Users\Julian\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B [2014-01-24]
CHR Extension: (Managera) - C:\Users\Julian\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42 [2014-01-02]
CHR HKCU\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Julian\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2013-12-28]
CHR HKLM-x32\...\Chrome\Extension: [aaaaabfjnbeinlpljodiajipidiompfl] - C:\Users\Julian\AppData\Local\APN\GoogleCRXs\aaaaabfjnbeinlpljodiajipidiompfl_7.15.11.0.crx [2012-11-10]
CHR HKLM-x32\...\Chrome\Extension: [elchiiiejkobdbblfejjkbphbddgmljf] - C:\Program Files (x86)\Softonic\Softonic\1.8.21.14\Softonic.crx [2013-06-11]
CHR HKLM-x32\...\Chrome\Extension: [gladcbhcbkdeddbidiblppadjdjalidb] - C:\Program Files (x86)\DownTangoFTToolbar\chrome\DownTangoFTToolbar.crx [2012-11-26]
CHR HKLM-x32\...\Chrome\Extension: [pelmeidfhdlhlbjimpabfcbnnojbboma] - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv3.crx [2014-04-01]

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-06-11] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-06-11] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1039440 2014-06-11] (Avira Operations GmbH & Co. KG)
S2 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [38440 2013-09-20] (Just Develop It)
R2 BlockAndSurf; C:\Program Files (x86)\BlockAndSurf-soft\BlockAndSurfdc171.exe [178688 2014-05-22] () [File not signed]
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [945440 2012-02-01] (Broadcom Corporation.)
S4 CltMngSvc; C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe [2466080 2014-03-30] (Conduit)
R2 IePluginService; C:\ProgramData\IePluginService\PluginService.exe [705136 2014-04-11] (Cherished Technololgy LIMITED)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-28] (Intel Corporation)
R2 SMARTHelperService; C:\Program Files (x86)\SMART Technologies\Education Software\SMARTHelperService.exe [538416 2013-11-22] (SMART Technologies)
R2 ST2012_Svc; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [1148664 2012-11-09] (Crawler.com)
R2 TuneUp.UtilitiesSvc; C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2014\TUNEUPUTILITIESSERVICE64.EXE [2100024 2013-08-30] (TuneUp Software)
R2 vosr; C:\Users\Julian\AppData\Roaming\VOPackage\VOsrv.exe [355328 2014-04-01] () [File not signed]
R2 Wpm; C:\ProgramData\WPM\wprotectmanager.exe [496640 2014-04-01] (Cherished Technololgy LIMITED) [File not signed]

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [112080 2014-06-11] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-06-11] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-04] (Avira Operations GmbH & Co. KG)
R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [134696 2012-02-02] (Broadcom Corporation.)
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [104048 2012-03-02] (Qualcomm Atheros Co., Ltd.)
R3 SMARTMouseFilterx64; C:\Windows\System32\DRIVERS\SMARTMouseFilterx64.sys [10240 2013-11-04] (SMART Technologies)
R3 SMARTVHidMiniVistaAmd64; C:\Windows\System32\DRIVERS\SMARTVHidMiniVistaAmd64.sys [9216 2013-11-04] (SMART Technologies)
S3 SMARTVTabletPCx64; C:\Windows\System32\DRIVERS\SMARTVTabletPCx64.sys [22184 2013-11-04] (SMART Technologies ULC)
R2 sp_rsdrv2; C:\Windows\System32\DRIVERS\stflt.sys [51496 2012-11-10] (Windows (R) Win 7 DDK provider)
R3 TuneUpUtilitiesDrv; C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2014\TuneUpUtilitiesDriver64.sys [14112 2013-08-21] (TuneUp Software)
R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [952832 2011-12-06] (Vimicro Corporation)
U3 BcmSqlStartupSvc; 
U2 CLKMSVC10_3A60B698; 
U2 CLKMSVC10_C3B3B687; 
U2 DriverService; 
U2 iATAgentService; 
U2 idealife Update Service; 
U3 IGRS; 
U2 IviRegMgr; 
U2 nvUpdatusService; 
U2 Oasis2Service; 
U2 PCCarerService; 
U2 ReadyComm.DirectRouter; 
U2 RichVideo; 
U2 RtLedService; 
U2 SeaPort; 
U2 SoftwareService; 
U3 SQLWriter; 

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-28 23:48 - 2014-06-28 23:49 - 00044428 _____ () C:\Users\Julian\Downloads\FRST.txt
2014-06-28 23:47 - 2014-06-28 23:49 - 00000000 ____D () C:\FRST
2014-06-28 23:44 - 2014-06-28 23:44 - 02083328 _____ (Farbar) C:\Users\Julian\Downloads\FRST64.exe
2014-06-27 09:29 - 2014-06-27 09:29 - 00001107 _____ () C:\Users\Julian\Desktop\Continue VuuPC Installation.lnk
2014-06-24 12:18 - 2014-06-24 12:18 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-06-24 11:25 - 2014-06-24 11:25 - 00290320 _____ () C:\Users\Julian\Downloads\Java.exe
2014-06-18 11:50 - 2014-06-24 11:14 - 00005630 _____ () C:\Users\Julian\Desktop\Lufthnsa Motivationsschreiben.odt
2014-06-18 10:26 - 2014-06-18 11:50 - 00005704 _____ () C:\Users\Julian\Documents\Lufthnsa MOtivationsschreiben.odt
2014-06-11 15:53 - 2014-06-08 11:13 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-11 15:53 - 2014-06-08 11:08 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-11 15:53 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-11 15:53 - 2014-05-30 12:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-11 15:53 - 2014-05-30 12:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-11 15:53 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-11 15:53 - 2014-05-30 11:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-11 15:53 - 2014-05-30 11:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-11 15:53 - 2014-05-30 11:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-11 15:53 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-11 15:53 - 2014-05-30 11:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-11 15:53 - 2014-05-30 11:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-11 15:53 - 2014-05-30 11:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-11 15:53 - 2014-05-30 11:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-11 15:53 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-11 15:53 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-11 15:53 - 2014-05-30 11:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-11 15:53 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-11 15:53 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-11 15:53 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-11 15:53 - 2014-05-30 10:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-11 15:53 - 2014-05-30 10:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-11 15:53 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-11 15:53 - 2014-05-30 10:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-11 15:53 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-11 15:53 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-11 15:53 - 2014-05-30 10:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-11 15:53 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-11 15:53 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-11 15:53 - 2014-05-30 10:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-11 15:53 - 2014-05-30 10:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-11 15:53 - 2014-05-30 10:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-11 15:53 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-11 15:53 - 2014-05-30 10:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-11 15:53 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-11 15:53 - 2014-05-30 10:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-11 15:53 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-11 15:53 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-11 15:53 - 2014-05-30 10:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-11 15:53 - 2014-05-30 10:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-11 15:53 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-11 15:53 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-11 15:53 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-11 15:53 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-11 15:53 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-11 15:53 - 2014-05-30 09:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-11 15:53 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-11 15:53 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-11 15:53 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-11 15:53 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-11 15:53 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-11 15:53 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-11 15:53 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-11 15:53 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-11 15:53 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-11 15:53 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-06-11 15:53 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-11 15:53 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-11 15:53 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-11 15:53 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-11 15:53 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-11 15:53 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-11 15:53 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-06-11 15:53 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-11 15:53 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-06-11 15:53 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-06-06 12:47 - 2014-06-06 12:47 - 04558848 _____ (Google Inc.) C:\Windows\SysWOW64\GPhotos.scr
2014-06-02 15:55 - 2014-06-02 15:55 - 00000000 ____D () C:\Users\Julian\Documents\Bus Simulator 2012
2014-06-02 15:55 - 2014-06-02 15:55 - 00000000 ____D () C:\Users\Julian\AppData\Local\Bus Simulator 2012
2014-06-01 15:14 - 2014-06-18 15:24 - 00005937 _____ () C:\Users\Julian\Desktop\Motivationsschreiben Ausbildung.odt
2014-06-01 15:01 - 2014-06-28 15:01 - 00001426 _____ () C:\Users\Julian\Desktop\Registry kostenlos entrümpeln!.lnk
2014-06-01 14:58 - 2014-06-01 14:58 - 00000000 ____D () C:\Users\Julian\Desktop\Programme
2014-06-01 14:56 - 2014-06-24 12:18 - 00000000 ____D () C:\Users\Julian\Desktop\Games
2014-06-01 12:22 - 2014-06-01 12:23 - 02002656 _____ (Driver Restore) C:\Users\Julian\Downloads\DriverRestore.exe
2014-06-01 12:10 - 2014-06-11 21:07 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-01 12:10 - 2014-06-11 21:05 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-01 11:58 - 2014-06-01 11:58 - 00001162 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-06-01 11:57 - 2014-06-01 11:57 - 00283144 _____ (Mozilla) C:\Users\Julian\Downloads\Firefox Setup Stub 29.0.1.exe

==================== One Month Modified Files and Folders =======

2014-06-28 23:49 - 2014-06-28 23:48 - 00044428 _____ () C:\Users\Julian\Downloads\FRST.txt
2014-06-28 23:49 - 2014-06-28 23:47 - 00000000 ____D () C:\FRST
2014-06-28 23:44 - 2014-06-28 23:44 - 02083328 _____ (Farbar) C:\Users\Julian\Downloads\FRST64.exe
2014-06-28 23:08 - 2014-04-01 12:47 - 00003102 _____ () C:\Windows\Tasks\Weather It Up-chromeinstaller.job
2014-06-28 23:05 - 2012-08-19 13:46 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-28 23:04 - 2013-12-18 21:27 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-28 23:04 - 2012-11-07 23:20 - 00984569 _____ () C:\FaceProv.log
2014-06-28 23:04 - 2012-08-19 13:46 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-28 23:04 - 2012-08-19 13:44 - 00000000 ____D () C:\ProgramData\VeriFace
2014-06-28 23:03 - 2014-04-01 13:02 - 00000296 _____ () C:\Windows\Tasks\MySearchDial.job
2014-06-28 23:03 - 2014-04-01 12:49 - 00001588 _____ () C:\Windows\Tasks\ae1c3042-3388-45b9-b3c5-7de311620ae3-5.job
2014-06-28 23:03 - 2014-04-01 12:48 - 00003116 _____ () C:\Windows\Tasks\ae1c3042-3388-45b9-b3c5-7de311620ae3-3.job
2014-06-28 23:03 - 2014-04-01 12:48 - 00002378 _____ () C:\Windows\Tasks\ae1c3042-3388-45b9-b3c5-7de311620ae3-4.job
2014-06-28 23:03 - 2014-04-01 12:48 - 00001494 _____ () C:\Windows\Tasks\ae1c3042-3388-45b9-b3c5-7de311620ae3-1.job
2014-06-28 23:03 - 2014-04-01 12:48 - 00001432 _____ () C:\Windows\Tasks\ae1c3042-3388-45b9-b3c5-7de311620ae3-2.job
2014-06-28 23:03 - 2014-04-01 12:47 - 00002436 _____ () C:\Windows\Tasks\Weather It Up-firefoxinstaller.job
2014-06-28 23:03 - 2014-04-01 12:47 - 00001520 _____ () C:\Windows\Tasks\Weather It Up-updater.job
2014-06-28 23:03 - 2014-04-01 12:47 - 00001474 _____ () C:\Windows\Tasks\Weather It Up-codedownloader.job
2014-06-28 23:03 - 2014-04-01 12:47 - 00001354 _____ () C:\Windows\Tasks\Weather It Up-enabler.job
2014-06-28 23:03 - 2014-01-02 15:26 - 00054470 _____ () C:\Users\Julian\daemonprocess.txt
2014-06-28 23:03 - 2012-08-19 13:05 - 01340271 _____ () C:\Windows\WindowsUpdate.log
2014-06-28 15:03 - 2014-01-02 15:25 - 00000278 _____ () C:\Windows\Tasks\RegClean Pro_DEFAULT.job
2014-06-28 15:01 - 2014-06-01 15:01 - 00001426 _____ () C:\Users\Julian\Desktop\Registry kostenlos entrümpeln!.lnk
2014-06-28 15:01 - 2014-01-14 02:27 - 00003108 _____ () C:\Windows\System32\Tasks\RegClean Pro
2014-06-28 14:30 - 2012-11-10 21:04 - 00000000 ____D () C:\ProgramData\Spyware Terminator
2014-06-27 18:24 - 2014-04-01 13:02 - 00000426 _____ () C:\Windows\Tasks\BlockAndSurf Update.job
2014-06-27 18:23 - 2014-04-01 13:02 - 00000406 _____ () C:\Windows\Tasks\BlockAndSurf_wd.job
2014-06-27 09:29 - 2014-06-27 09:29 - 00001107 _____ () C:\Users\Julian\Desktop\Continue VuuPC Installation.lnk
2014-06-27 09:28 - 2013-12-22 14:06 - 00000000 ____D () C:\Users\Julian\AppData\Local\Deployment
2014-06-27 09:15 - 2009-07-14 06:45 - 00031840 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-27 09:15 - 2009-07-14 06:45 - 00031840 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-27 09:10 - 2013-12-28 18:12 - 00000000 ___RD () C:\Users\Julian\Google Drive
2014-06-27 09:06 - 2012-08-19 22:47 - 00699666 _____ () C:\Windows\system32\perfh007.dat
2014-06-27 09:06 - 2012-08-19 22:47 - 00149774 _____ () C:\Windows\system32\perfc007.dat
2014-06-27 09:06 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-27 09:04 - 2014-01-02 15:27 - 00003120 _____ () C:\Windows\System32\Tasks\Advanced System Protector_startup
2014-06-27 09:01 - 2013-07-10 16:59 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-06-27 08:59 - 2014-01-02 15:26 - 00000000 ____D () C:\Users\Julian\AppData\Roaming\newnext.me
2014-06-27 08:59 - 2012-08-19 13:48 - 00466209 _____ () C:\Windows\system32\fastboot.set
2014-06-27 08:56 - 2010-11-21 05:47 - 00383106 _____ () C:\Windows\PFRO.log
2014-06-27 08:56 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-27 08:56 - 2009-07-14 06:51 - 00072347 _____ () C:\Windows\setupact.log
2014-06-24 12:18 - 2014-06-24 12:18 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-06-24 12:18 - 2014-06-01 14:56 - 00000000 ____D () C:\Users\Julian\Desktop\Games
2014-06-24 12:18 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-06-24 12:17 - 2014-05-22 17:43 - 00000000 ____D () C:\Program Files (x86)\Der Planer 5
2014-06-24 11:25 - 2014-06-24 11:25 - 00290320 _____ () C:\Users\Julian\Downloads\Java.exe
2014-06-24 11:14 - 2014-06-18 11:50 - 00005630 _____ () C:\Users\Julian\Desktop\Lufthnsa Motivationsschreiben.odt
2014-06-21 15:31 - 2014-01-02 15:25 - 00000286 _____ () C:\Windows\Tasks\RegClean Pro_UPDATES.job
2014-06-19 18:48 - 2012-08-19 13:46 - 00004120 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-19 18:48 - 2012-08-19 13:46 - 00003868 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-18 15:24 - 2014-06-01 15:14 - 00005937 _____ () C:\Users\Julian\Desktop\Motivationsschreiben Ausbildung.odt
2014-06-18 11:50 - 2014-06-18 10:26 - 00005704 _____ () C:\Users\Julian\Documents\Lufthnsa MOtivationsschreiben.odt
2014-06-18 11:17 - 2013-04-16 08:04 - 00000454 ____H () C:\Windows\Tasks\Norton Security Scan for Julian.job
2014-06-18 10:01 - 2013-12-28 18:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-06-17 18:44 - 2012-08-19 13:37 - 00045512 _____ () C:\Windows\DirectX.log
2014-06-17 18:26 - 2013-07-10 16:59 - 00000000 ____D () C:\ProgramData\Origin
2014-06-13 07:14 - 2012-08-19 13:46 - 00002380 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-06-12 12:58 - 2014-01-27 11:38 - 00000000 ____D () C:\Program Files (x86)\TP-LINK
2014-06-12 12:08 - 2014-02-17 11:18 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-12 12:08 - 2014-01-02 15:36 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-11 21:07 - 2014-06-01 12:10 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-11 21:05 - 2014-06-01 12:10 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-11 21:04 - 2012-11-17 16:53 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-11 21:03 - 2014-05-11 19:45 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-11 15:45 - 2013-04-03 12:07 - 00130584 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-06-11 15:45 - 2013-04-03 12:07 - 00112080 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-06-08 11:13 - 2014-06-11 15:53 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-08 11:08 - 2014-06-11 15:53 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-06 12:47 - 2014-06-06 12:47 - 04558848 _____ (Google Inc.) C:\Windows\SysWOW64\GPhotos.scr
2014-06-03 10:57 - 2014-03-25 15:29 - 00000000 ____D () C:\Users\Julian\Documents\Euro Truck Simulator 2
2014-06-02 15:55 - 2014-06-02 15:55 - 00000000 ____D () C:\Users\Julian\Documents\Bus Simulator 2012
2014-06-02 15:55 - 2014-06-02 15:55 - 00000000 ____D () C:\Users\Julian\AppData\Local\Bus Simulator 2012
2014-06-01 15:06 - 2014-04-01 12:47 - 00000000 ____D () C:\Program Files (x86)\Weather It Up
2014-06-01 14:58 - 2014-06-01 14:58 - 00000000 ____D () C:\Users\Julian\Desktop\Programme
2014-06-01 14:09 - 2013-12-09 21:54 - 00000000 ____D () C:\ProgramData\TuneUp Software
2014-06-01 12:23 - 2014-06-01 12:22 - 02002656 _____ (Driver Restore) C:\Users\Julian\Downloads\DriverRestore.exe
2014-06-01 12:15 - 2014-04-01 12:48 - 00000000 ____D () C:\Program Files (x86)\Plus-HD-9.3
2014-06-01 11:58 - 2014-06-01 11:58 - 00001162 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-06-01 11:58 - 2014-01-02 15:36 - 00001174 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-06-01 11:57 - 2014-06-01 11:57 - 00283144 _____ (Mozilla) C:\Users\Julian\Downloads\Firefox Setup Stub 29.0.1.exe
2014-05-30 12:21 - 2014-06-11 15:53 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-30 12:02 - 2014-06-11 15:53 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-30 12:02 - 2014-06-11 15:53 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-05-30 11:45 - 2014-06-11 15:53 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-05-30 11:39 - 2014-06-11 15:53 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-05-30 11:39 - 2014-06-11 15:53 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-05-30 11:38 - 2014-06-11 15:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-05-30 11:28 - 2014-06-11 15:53 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-05-30 11:27 - 2014-06-11 15:53 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-05-30 11:24 - 2014-06-11 15:53 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-05-30 11:21 - 2014-06-11 15:53 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-05-30 11:21 - 2014-06-11 15:53 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-05-30 11:20 - 2014-06-11 15:53 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-05-30 11:18 - 2014-06-11 15:53 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-30 11:11 - 2014-06-11 15:53 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-05-30 11:08 - 2014-06-11 15:53 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-05-30 11:06 - 2014-06-11 15:53 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-05-30 11:02 - 2014-06-11 15:53 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-30 10:55 - 2014-06-11 15:53 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-05-30 10:49 - 2014-06-11 15:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-05-30 10:46 - 2014-06-11 15:53 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-30 10:44 - 2014-06-11 15:53 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-05-30 10:44 - 2014-06-11 15:53 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-05-30 10:43 - 2014-06-11 15:53 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-05-30 10:42 - 2014-06-11 15:53 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-05-30 10:38 - 2014-06-11 15:53 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-05-30 10:35 - 2014-06-11 15:53 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-05-30 10:34 - 2014-06-11 15:53 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-05-30 10:33 - 2014-06-11 15:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-05-30 10:30 - 2014-06-11 15:53 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-05-30 10:29 - 2014-06-11 15:53 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-05-30 10:28 - 2014-06-11 15:53 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-05-30 10:27 - 2014-06-11 15:53 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-05-30 10:24 - 2014-06-11 15:53 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-05-30 10:23 - 2014-06-11 15:53 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-05-30 10:16 - 2014-06-11 15:53 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-05-30 10:10 - 2014-06-11 15:53 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-05-30 10:06 - 2014-06-11 15:53 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-05-30 10:04 - 2014-06-11 15:53 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-30 10:02 - 2014-06-11 15:53 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-05-30 09:56 - 2014-06-11 15:53 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-05-30 09:56 - 2014-06-11 15:53 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-05-30 09:54 - 2014-06-11 15:53 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-05-30 09:50 - 2014-06-11 15:53 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-05-30 09:49 - 2014-06-11 15:53 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-05-30 09:43 - 2014-06-11 15:53 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-05-30 09:40 - 2014-06-11 15:53 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-05-30 09:30 - 2014-06-11 15:53 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-05-30 09:21 - 2014-06-11 15:53 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-05-30 09:15 - 2014-06-11 15:53 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-05-30 09:13 - 2014-06-11 15:53 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-05-30 09:13 - 2014-06-11 15:53 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

Some content of TEMP:
====================
C:\Users\Julian\AppData\Local\Temp\6_Offer_15.exe
C:\Users\Julian\AppData\Local\Temp\avgnt.exe
C:\Users\Julian\AppData\Local\Temp\BackupSetup.exe
C:\Users\Julian\AppData\Local\Temp\DownloadManager.exe
C:\Users\Julian\AppData\Local\Temp\DownTangoSetup20130408213950.exe
C:\Users\Julian\AppData\Local\Temp\GetCC.dll
C:\Users\Julian\AppData\Local\Temp\installer.exe
C:\Users\Julian\AppData\Local\Temp\Mobogenie_Setup_INT.exe
C:\Users\Julian\AppData\Local\Temp\nscD6E.exe
C:\Users\Julian\AppData\Local\Temp\nsr103C.exe
C:\Users\Julian\AppData\Local\Temp\nsrC803.exe
C:\Users\Julian\AppData\Local\Temp\nswCA93.exe
C:\Users\Julian\AppData\Local\Temp\ose00000.exe
C:\Users\Julian\AppData\Local\Temp\RegClean10.exe
C:\Users\Julian\AppData\Local\Temp\SearchProtectINT.exe
C:\Users\Julian\AppData\Local\Temp\SendMsg.dll
C:\Users\Julian\AppData\Local\Temp\SPSetup.exe
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite10636.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite11538.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite13076.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite13167.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite14296.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite14320.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite14692.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite16002.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite16712.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite16736.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite17398.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite18006.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite18241.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite18803.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite19003.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite19128.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite21542.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite23399.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite23779.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite24821.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite26681.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite29469.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite29631.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite29738.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite30640.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite30887.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite31130.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite31309.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite31540.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite31591.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite33108.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite34256.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite34470.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite35057.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite36438.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite36736.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite37732.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite37863.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite39949.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite40089.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite40143.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite40173.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite42094.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite42426.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite42736.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite43265.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite45714.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite46079.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite46143.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite48451.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite50387.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite51230.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite52270.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite53244.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite53291.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite55408.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite57620.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite57693.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite58099.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite58126.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite60758.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite61462.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite62073.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite62586.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite62860.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite64753.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite65354.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite65640.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite68189.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite68303.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite68456.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite68485.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite68490.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite69387.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite69569.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite71648.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite72697.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite72922.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite74683.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite74968.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite75926.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite77555.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite78275.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite80301.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite81027.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite82686.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite83095.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite85021.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite86184.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite87614.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite88124.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite88466.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite91859.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite92227.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite93212.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite96672.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite98100.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite98744.dll
C:\Users\Julian\AppData\Local\Temp\vbmz10.exe
C:\Users\Julian\AppData\Local\Temp\vcredist_x64.exe
C:\Users\Julian\AppData\Local\Temp\_BnSup.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-01-11 16:23

==================== End Of Log ============================
         
--- --- ---
__________________

Alt 28.06.2014, 22:54   #4
FVBPlayrt
 
Ständige Werbung in allen Browsern - Standard

Ständige Werbung in allen Browsern



Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-06-2014 02
Ran by Julian at 2014-06-28 23:50:09
Running from C:\Users\Julian\DOWNLOADS
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Adobe Flash Player 11 ActiveX (HKLM-x32\...\{EFC4BB62-CD01-4F63-9165-FC5DEB350469}) (Version: 11.9.900.152 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (HKLM-x32\...\{91A605E2-0372-4198-B64D-FA4D7E9FC851}) (Version: 11.9.900.152 - Adobe Systems Incorporated)
Adobe Reader X (10.1.1) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.1 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.0.112 - Adobe Systems, Inc.)
Advanced System Protector (HKLM-x32\...\00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Systweak_Ad~B9F029BF_is1) (Version: 2.1.1000.12150 - Systweak Software) <==== ATTENTION
AnyProtect (HKLM-x32\...\AnyProtect) (Version: 1.0.0.0 - CMI Limited) <==== ATTENTION
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ask Toolbar (HKLM-x32\...\{86D4B82A-ABED-442A-BE86-96357B70F4FE}) (Version: 1.15.11.0 - Ask.com) <==== ATTENTION
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.0.14.15 - Atheros Communications Inc.)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.4.672 - Avira)
Avira SearchFree Toolbar plus Web Protection Updater (HKCU\...\{79A765E1-C399-405B-85AF-466F52E918B0}) (Version: 1.2.3.30498 - Ask.com) <==== ATTENTION
Benutzerhandbuch (x32 Version: 1.0.0.6 - Lenovo) Hidden
BlockAndSurf (HKLM-x32\...\40799A39-9C1F-BC9A-1E9F-6800FD3B1623) (Version:  - BlockAndSurf-software) <==== ATTENTION
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Browser Guard (HKLM-x32\...\Browser Guard) (Version:  - )
BrowserSafeguard with RocketTab (HKLM-x32\...\BrowserSafeguard) (Version:  - BrowserSafeguard with RocketTab) <==== ATTENTION
ClipGrab 3.3.0.4 (HKLM-x32\...\{8A1033B0-EF33-4FB5-97A1-C47A7DCDD7E6}_is1) (Version:  - Philipp Schmieder Medien)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.54.34.0 - Conexant)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{CA75CBF9-B078-47CB-ABA3-74EFD4FC9A43}) (Version:  - Microsoft)
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.7000.11 - Dolby Laboratories Inc)
DownTango (HKLM-x32\...\DownTango) (Version: 1.1.1022 - Red Sky Sp. z o.o.) <==== ATTENTION
DownTango Launcher 1.6 (HKLM-x32\...\{4a505538-f48f-412e-9b69-dbac7e3149c3}_is1) (Version: 1.6 - DownTango Launcher) <==== ATTENTION
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 7.0.4.1 - Lenovo)
Energy Management (x32 Version: 7.0.4.1 - Lenovo) Hidden
Euro Truck Simulator 2 (HKLM-x32\...\{1B705E8F-9893-4486-B5D7-4F7FEB9C871E}_is1) (Version: 1.5.2 - SCS Software)
Free YouTube to MP3 Converter version 3.12.17.1125 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.17.1125 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Drive (HKLM-x32\...\{D9F75285-4864-461D-83DA-8D056BAC44D1}) (Version: 1.16.6866.4367 - Google, Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 38645) (Version: 03.05.11 - Intel)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.3.1427 - Intel Corporation)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version:  - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2778 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.0.0.1032 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.5.235 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Java 7 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417051FF}) (Version: 7.0.510 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Lenovo Bluetooth with Enhanced Data Rate Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.2300 - Broadcom Corporation)
Lenovo EasyCamera (HKLM-x32\...\{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0332}) (Version: 13.11.1206.1 - Vimicro)
Lenovo EE Boot Optimizer (HKLM\...\Lenovo EE Boot Optimizer) (Version: 0.0.1.9 - Lenovo)
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 7.0.0.3712 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 7.0.0.3712 - CyberLink Corp.) Hidden
Lenovo pointing device (HKLM\...\Elantech) (Version: 10.4.2.8 - ELAN Microelectronic Corp.)
Lenovo YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.3728 - CyberLink Corp.)
Lenovo YouCam (x32 Version: 3.1.3728 - CyberLink Corp.) Hidden
Lenovo_Wireless_Driver (HKLM-x32\...\{28ABE740-47F3-441B-9437-852F6A64EFF8}) (Version: 1.02.01 - Lenovo)
LockKey (HKLM-x32\...\InstallShield_{AF192694-4B15-4AC1-92F3-1B02E98C08BD}) (Version: 1.38.1.2 - Lenovo)
LockKey (x32 Version: 1.38.1.2 - Lenovo) Hidden
Lollipop (HKCU\...\lollipop) (Version:  - Lollipop Network, S.L.) <==== ATTENTION
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50325 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.50330 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU (Version: 10.0.50325 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50325 - Microsoft Corporation)
Mobogenie (HKLM-x32\...\Mobogenie) (Version:  - Mobogenie.com) <==== ATTENTION
Mozilla Firefox 29.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 29.0.1 (x86 de)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MyPC Backup  (HKLM\...\MyPC Backup) (Version:  - MyPC Backup) <==== ATTENTION
Mysearchdial (HKLM-x32\...\mysearchdial) (Version:  - Mysearchdial) <==== ATTENTION
Norton Security Scan (HKLM-x32\...\NSS) (Version: 4.0.3.24 - Symantec Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.0.11.77 - Electronic Arts, Inc.)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Plus-HD-9.3 (HKLM-x32\...\Plus-HD-9.3) (Version: 1.34.3.28 - Plus HD) <==== ATTENTION
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.7303 - CyberLink Corp.)
PriceGong 2.6.11 (HKLM-x32\...\PriceGong) (Version: 2.6.11 - PriceGong) <==== ATTENTION
Privacy Dr (HKLM-x32\...\{2FD6906C-AC7B-4D51-AFC3-DC6A2E1DCB03}) (Version: 2.1.2 - EuroTrade A.L. Ltd)
Protected Search 1.1 (HKLM-x32\...\Protected Search_is1) (Version:  - Protected Search) <==== ATTENTION
qone8 uninstaller (HKLM-x32\...\qone8 uninstaller) (Version:  - qone8) <==== ATTENTION
Realtek USB 2.0 Reader Driver (HKLM-x32\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 6.1.7601.39016 - Realtek Semiconductor Corp.)
RegClean Pro (HKLM-x32\...\RegClean Pro_is1) (Version: 6.21 - Systweak Inc) <==== ATTENTION
Search Protect (HKLM-x32\...\SearchProtect) (Version: 2.12.11.11 - Conduit) <==== ATTENTION
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
simplitec simplicheck (HKLM-x32\...\{328ADEEA-4B1D-4B37-87D5-E3718E1CDB01}) (Version: 1.2.6.0 - simplitec GmbH)
SMART Common Files (HKLM-x32\...\{26A95DBF-A866-4838-A8C9-FA219FCBD22E}) (Version: 11.5.159.0 - SMART Technologies ULC)
SMART German Language Pack (HKLM-x32\...\{8F98EED9-2AB7-4B92-B37F-70C6877C1783}) (Version: 11.4.19.0 - SMART Technologies ULC)
SMART Ink (HKLM-x32\...\{5ABC49B5-D0DC-428D-A082-4AEFF6490F04}) (Version: 2.0.721.0 - SMART Technologies ULC)
SMART Notebook (HKLM-x32\...\{79660EE7-9C0B-4962-B566-2693FE34719D}) (Version: 11.4.564.0 - SMART Technologies ULC)
SMART Produkttreiber (HKLM-x32\...\{53330A17-78DE-458E-9997-292A2D6D3ADD}) (Version: 11.4.479.0 - SMART Technologies ULC)
Softonic toolbar  on IE and Chrome (HKLM-x32\...\Softonic) (Version: 1.8.21.14 - Softonic) <==== ATTENTION
Spyware Terminator 2012 (HKLM-x32\...\{56736259-613E-4A3B-B428-6235F2E76F44}_is1) (Version: 3.0.0.80 - Crawler.com)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TP-LINK TL-WDN4200 Driver (HKLM-x32\...\{76E22E5B-B0E7-49B5-9B9A-2112EB41D1EA}) (Version: 1.3.1 - TP-LINK)
TP-LINK Wireless Configuration Utility (HKLM-x32\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 1.3.1 - TP-LINK)
TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.89 - TuneUp Software) Hidden
TuneUp Utilities 2014 (HKLM-x32\...\TuneUp Utilities 2014) (Version: 14.0.1000.89 - TuneUp Software)
TuneUp Utilities 2014 (x32 Version: 14.0.1000.89 - TuneUp Software) Hidden
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{C70D2038-A2C4-4A99-87DE-5272BB44F0CE}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{40EC8FB1-5202-469D-9232-C28FB1C6FC64}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version:  - Microsoft)
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.6 - Lenovo)
VeriFace (HKLM-x32\...\VeriFace) (Version: 4.0.1.1230 - Lenovo)
VisualBee for Microsoft PowerPoint (HKCU\...\VisualBee for Microsoft PowerPoint) (Version: V4.1 - VisualBee.com)
VO Package (HKLM-x32\...\VOPackage) (Version: 1.0.0.0 - ) <==== ATTENTION
Weather It Up (HKLM-x32\...\Weather It Up) (Version: 1.34.3.6 - Phoenix Media)
Web Security Guard with Crawler Toolbar (HKLM-x32\...\CToolbar_UNINSTALL) (Version:  - Crawler, LLC)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows-Treiberpaket - Lenovo (ACPIVPC) System  (12/15/2011 7.1.0.1) (HKLM\...\99841829BE839365AA67B2AD0E50D371F59F8A1E) (Version: 12/15/2011 7.1.0.1 - Lenovo)
WinRAR 5.00 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
WinRAR 5.00 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
WPM17.8.0.3442 (HKLM-x32\...\WPM) (Version: 17.8.0.3442 - Cherished Technololgy LIMITED) <==== ATTENTION

==================== Restore Points  =========================

25-05-2014 17:01:02 Windows-Sicherung
26-05-2014 17:26:13 Installed TP-LINK Wireless Configuration Utility and Driver
01-06-2014 10:09:28 Windows Update
01-06-2014 17:03:52 Windows-Sicherung
09-06-2014 10:49:45 Windows-Sicherung
11-06-2014 19:01:09 Windows Update
12-06-2014 10:56:58 Installed PowerLine Utility
17-06-2014 16:41:40 DirectX wurde installiert
17-06-2014 19:26:58 Windows-Sicherung
24-06-2014 09:17:22 Windows-Sicherung

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {068082D9-0CF7-498A-842A-C9B65DB826D1} - System32\Tasks\Advanced System Protector_startup => C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe [2013-10-04] (Systweak) <==== ATTENTION
Task: {150EF0BF-A738-44C0-B1FB-E7B5C7992C8F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-08-19] (Google Inc.)
Task: {15150AC7-DFB6-495F-AA49-F7A18EE12FFC} - System32\Tasks\ae1c3042-3388-45b9-b3c5-7de311620ae3-5 => C:\Program Files (x86)\Plus-HD-9.3\ae1c3042-3388-45b9-b3c5-7de311620ae3-5.exe <==== ATTENTION
Task: {170B39E8-2942-45C7-8825-F905F6C592AC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-18] (Adobe Systems Incorporated)
Task: {18496993-2143-41B6-97E3-0FB175748A27} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {2170E350-C7F3-4CEF-BFE3-C2C238EE2594} - System32\Tasks\RegClean Pro_UPDATES => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe [2013-07-11] (Systweak Inc) <==== ATTENTION
Task: {22047AD4-F249-455C-9948-B8406AF32233} - System32\Tasks\RegClean Pro => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe [2013-07-11] (Systweak Inc) <==== ATTENTION
Task: {255AF57D-67E3-4FC5-8CC8-37B873D52942} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {33535263-5917-4D7B-9337-F6B02A8BA43E} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files (x86)\Ask.com\UpdateTask.exe [2012-10-29] () <==== ATTENTION
Task: {3770834E-1FD4-4A19-BC76-9CC46DF88091} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2014\OneClick.exe [2013-08-30] (TuneUp Software)
Task: {3D4D3CF7-BD80-45E4-91CA-2FC80DED067C} - System32\Tasks\APSnotifierPP3 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2014-04-01] (AnyProtect by CMI) <==== ATTENTION
Task: {3DAB6028-F884-4B51-9D26-AB9D750CB8A8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-08-19] (Google Inc.)
Task: {5EED5FCC-AE50-4459-85C9-374E501DA4E8} - System32\Tasks\Weather It Up-updater => C:\Program Files (x86)\Weather It Up\Weather It Up-updater.exe [2014-04-01] (Phoenix Media)
Task: {6023D30E-9302-4225-A4E9-D42AAF71AECE} - System32\Tasks\MySearchDial => C:\Users\Julian\AppData\Roaming\mysearchdial\UpdateProc\UpdateTask.exe [2013-04-12] () <==== ATTENTION
Task: {652C1272-9EAF-4C21-96CA-8315C82B4B8D} - System32\Tasks\Weather It Up-codedownloader => C:\Program Files (x86)\Weather It Up\Weather It Up-codedownloader.exe [2014-04-01] (Phoenix Media)
Task: {6B402D9F-9393-4F3E-843E-BF6893FF5FA0} - System32\Tasks\Weather It Up-firefoxinstaller => C:\Program Files (x86)\Weather It Up\Weather It Up-firefoxinstaller.exe [2014-04-01] (Phoenix Media)
Task: {7D3E29F6-EE2B-43C0-8A37-B727D11383E0} - System32\Tasks\APSnotifierPP1 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2014-04-01] (AnyProtect by CMI) <==== ATTENTION
Task: {7E9166AF-4D60-4400-BF30-1DAF66F6D3B4} - System32\Tasks\ae1c3042-3388-45b9-b3c5-7de311620ae3-4 => C:\Program Files (x86)\Plus-HD-9.3\ae1c3042-3388-45b9-b3c5-7de311620ae3-4.exe <==== ATTENTION
Task: {83512CF7-3FCA-4468-A9D9-86C3525FA26A} - System32\Tasks\ae1c3042-3388-45b9-b3c5-7de311620ae3-1 => C:\Program Files (x86)\Plus-HD-9.3\Plus-HD-9.3-codedownloader.exe <==== ATTENTION
Task: {84CB915E-AE22-40B5-AB60-F42D4D5D79FF} - System32\Tasks\MirageAgent => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2011-01-28] (CyberLink)
Task: {8C3619FD-04CC-4C1E-A238-0AE50B0FB679} - System32\Tasks\PrivacyDr_Splash => C:\Program Files (x86)\Privacy Dr\Splash.exe [2013-11-13] ()
Task: {9FC8F7AE-9B71-4879-A6EE-66ACB6EDF6AE} - System32\Tasks\Norton Security Scan for Julian => C:\Program Files (x86)\Norton Security Scan\Engine\4.0.3.24\Nss.exe [2013-08-19] (Symantec Corporation)
Task: {A0761E70-70B8-4035-8186-B5936C708B52} - System32\Tasks\ProtectedSearch\Protected Search => C:\Program Files (x86)\Protected Search\ProtectedSearch.exe [2012-10-11] (Simplygen) <==== ATTENTION
Task: {C28CD781-E211-4712-87B4-B5C86054EFD9} - System32\Tasks\APSnotifierPP2 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2014-04-01] (AnyProtect by CMI) <==== ATTENTION
Task: {D85A7E85-4BE6-4315-9CDA-2F54596AE661} - System32\Tasks\Weather It Up-chromeinstaller => C:\Program Files (x86)\Weather It Up\Weather It Up-chromeinstaller.exe [2014-04-01] (Phoenix Media)
Task: {DC07BF9B-D977-458A-9CB9-B6909D9FF560} - System32\Tasks\ae1c3042-3388-45b9-b3c5-7de311620ae3-2 => C:\Program Files (x86)\Plus-HD-9.3\ae1c3042-3388-45b9-b3c5-7de311620ae3-2.exe <==== ATTENTION
Task: {DEC5D467-DD9F-4808-B0C9-B260D02FA63A} - System32\Tasks\BrowserSafeguard Update Task => C:\Program Files (x86)\Browsersafeguard\uninstall.BrowserSafeguard.exe [2014-05-17] () <==== ATTENTION
Task: {E21AABE7-D8DA-41A7-B9BA-BD61FB31DE09} - System32\Tasks\BlockAndSurf Update => C:\Program Files (x86)\BlockAndSurf-soft\BlockAndSurfA98.exe [2014-05-22] () <==== ATTENTION
Task: {E8395618-29D9-4798-B7BB-204170A87627} - System32\Tasks\ae1c3042-3388-45b9-b3c5-7de311620ae3-3 => C:\Program Files (x86)\Plus-HD-9.3\ae1c3042-3388-45b9-b3c5-7de311620ae3-3.exe <==== ATTENTION
Task: {F1A9EF49-A76F-4E9F-90E0-8ECCFD43AAEC} - System32\Tasks\Weather It Up-enabler => C:\Program Files (x86)\Weather It Up\Weather It Up-enabler.exe [2014-04-01] (Phoenix Media) <==== ATTENTION
Task: {F4E93B22-4DD6-4695-A9F6-6FCACC89C174} - System32\Tasks\BlockAndSurf_wd => C:\Program Files (x86)\BlockAndSurf-soft\BlockAndSurfg.exe [2014-05-22] () <==== ATTENTION
Task: {FF3CE8BE-D5A8-463C-A845-D0A680C9B0B1} - System32\Tasks\RegClean Pro_DEFAULT => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe [2013-07-11] (Systweak Inc) <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\ae1c3042-3388-45b9-b3c5-7de311620ae3-1.job => C:\Program Files (x86)\Plus-HD-9.3\Plus-HD-9.3-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\ae1c3042-3388-45b9-b3c5-7de311620ae3-2.job => C:\Program Files (x86)\Plus-HD-9.3\ae1c3042-3388-45b9-b3c5-7de311620ae3-2.exe <==== ATTENTION
Task: C:\Windows\Tasks\ae1c3042-3388-45b9-b3c5-7de311620ae3-3.job => C:\Program Files (x86)\Plus-HD-9.3\ae1c3042-3388-45b9-b3c5-7de311620ae3-3.exe <==== ATTENTION
Task: C:\Windows\Tasks\ae1c3042-3388-45b9-b3c5-7de311620ae3-4.job => C:\Program Files (x86)\Plus-HD-9.3\ae1c3042-3388-45b9-b3c5-7de311620ae3-4.exe <==== ATTENTION
Task: C:\Windows\Tasks\ae1c3042-3388-45b9-b3c5-7de311620ae3-5.job => C:\Program Files (x86)\Plus-HD-9.3\ae1c3042-3388-45b9-b3c5-7de311620ae3-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP1.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP2.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP3.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\BlockAndSurf Update.job => C:\Program Files (x86)\BlockAndSurf-soft\BlockAndSurfA98.exe <==== ATTENTION
Task: C:\Windows\Tasks\BlockAndSurf_wd.job => C:\Program Files (x86)\BlockAndSurf-soft\BlockAndSurfg.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\MySearchDial.job => C:\Users\Julian\AppData\Roaming\MYSEAR~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\Windows\Tasks\Norton Security Scan for Julian.job => C:\PROGRA~2\NORTON~2\Engine\403~1.24\Nss.exe
Task: C:\Windows\Tasks\RegClean Pro_DEFAULT.job => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe <==== ATTENTION
Task: C:\Windows\Tasks\RegClean Pro_UPDATES.job => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe <==== ATTENTION
Task: C:\Windows\Tasks\Weather It Up-chromeinstaller.job => C:\Program Files (x86)\Weather It Up\Weather It Up-chromeinstaller.exe
Task: C:\Windows\Tasks\Weather It Up-codedownloader.job => C:\Program Files (x86)\Weather It Up\Weather It Up-codedownloader.exe
Task: C:\Windows\Tasks\Weather It Up-enabler.job => C:\Program Files (x86)\Weather It Up\Weather It Up-enabler.exe <==== ATTENTION
Task: C:\Windows\Tasks\Weather It Up-firefoxinstaller.job => C:\Program Files (x86)\Weather It Up\Weather It Up-firefoxinstaller.exe
Task: C:\Windows\Tasks\Weather It Up-updater.job => C:\Program Files (x86)\Weather It Up\Weather It Up-updater.exe

==================== Loaded Modules (whitelisted) =============

2012-08-19 13:44 - 2012-08-19 13:43 - 01508192 _____ () C:\Windows\system32\IcnOvrly.dll
2014-05-22 12:52 - 2014-05-22 12:52 - 00104960 _____ () C:\Program Files (x86)\BlockAndSurf-soft\BlockAndSurfg.exe
2013-08-30 10:51 - 2013-08-30 10:51 - 00757048 _____ () C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2014\avgrepliba.dll
2014-04-01 11:28 - 2014-04-01 11:28 - 00355328 _____ () C:\USERS\JULIAN\APPDATA\ROAMING\VOPACKAGE\VOSRV.EXE
2012-07-11 03:48 - 2012-06-07 03:51 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2008-12-20 03:20 - 2012-08-19 13:47 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\HookLib.dll
2012-04-19 16:22 - 2012-08-19 13:47 - 01516592 _____ () C:\Program Files (x86)\Lenovo\Energy Management\EMWpfUI.dll
2012-03-10 16:31 - 2012-08-19 13:47 - 00012336 _____ () C:\Program Files (x86)\Lenovo\Energy Management\de-DE\EMWpfUI.resources.dll
2008-12-20 03:20 - 2012-08-19 13:47 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\kbdhook.dll
2014-01-27 11:38 - 2013-05-21 10:53 - 00846848 _____ () C:\PROGRAM FILES (X86)\TP-LINK\TP-LINK WIRELESS CONFIGURATION UTILITY\TWCU.EXE
2013-09-20 00:37 - 2013-09-20 00:37 - 00012288 _____ () C:\Program Files (x86)\MyPC Backup\GetText.dll
2013-09-20 00:32 - 2013-09-20 00:32 - 01102336 _____ () C:\Program Files (x86)\MyPC Backup\x64\System.Data.SQLite.dll
2014-01-02 15:26 - 2014-01-02 15:28 - 00761536 _____ () C:\PROGRAM FILES (X86)\MOBOGENIE\DAEMONPROCESS.EXE
2014-03-31 17:02 - 2014-05-06 16:16 - 00522752 _____ () C:\PROGRAM FILES (X86)\BROWSERSAFEGUARD\BROWSERSAFEGUARD.EXE
2013-11-13 23:22 - 2013-11-13 23:22 - 00199104 _____ () C:\PROGRAM FILES (X86)\PRIVACY DR\SPLASH.EXE
2014-05-22 12:52 - 2014-05-22 12:52 - 00178688 _____ () C:\PROGRAM FILES (X86)\BLOCKANDSURF-SOFT\BLOCKANDSURFDC171.EXE
2014-05-22 12:52 - 2014-05-22 12:52 - 00172544 _____ () C:\Program Files (x86)\BlockAndSurf-soft\BlockAndSurfdc171.dll
2014-01-02 15:25 - 2012-07-25 13:03 - 00886272 _____ () C:\Program Files (x86)\Advanced System Protector\System.Data.SQLite.dll
2014-01-02 15:25 - 2013-10-04 19:20 - 01730928 _____ () C:\Program Files (x86)\Advanced System Protector\aspsys.dll
2014-01-02 15:25 - 2012-07-25 13:03 - 00168448 _____ () C:\Program Files (x86)\Advanced System Protector\UNRAR.DLL
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-04-01 11:28 - 2014-04-01 11:28 - 00355328 _____ () C:\Users\Julian\AppData\Roaming\VOPackage\VOsrv.exe
2013-09-14 02:51 - 2013-09-14 02:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll
2013-09-14 02:50 - 2013-09-14 02:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll
2014-01-27 11:38 - 2013-05-21 10:53 - 00846848 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
2014-01-27 11:38 - 2013-05-21 10:53 - 01411072 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\nicLan.dll
2014-01-27 11:38 - 2013-05-21 10:53 - 00193024 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\DC_WFF.dll
2012-08-19 13:43 - 2012-08-19 13:43 - 00013664 _____ () C:\Program Files (x86)\Lenovo\VeriFace\ChooseLang.dll
2013-08-22 20:43 - 2013-08-22 20:43 - 00272688 _____ () C:\Program Files (x86)\SMART Technologies\Education Software\sbsdk-server\node_modules\SBSDK.node
2013-08-22 20:44 - 2013-08-22 20:44 - 00039216 _____ () C:\Program Files (x86)\SMART Technologies\Education Software\sbsdk-server\node_modules\HWR.node
2013-08-22 20:44 - 2013-08-22 20:44 - 00053040 _____ () C:\Program Files (x86)\SMART Technologies\Education Software\sbsdk-server\node_modules\SWR.node
2013-08-22 20:44 - 2013-08-22 20:44 - 00057648 _____ () C:\Program Files (x86)\SMART Technologies\Education Software\sbsdk-server\node_modules\MWR.node
2013-08-22 20:44 - 2013-08-22 20:44 - 00014848 _____ () C:\Program Files (x86)\SMART Technologies\Education Software\sbsdk-server\node_modules\SessionNotification.node
2014-01-02 15:26 - 2014-01-02 15:28 - 00761536 _____ () C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
2014-03-31 17:02 - 2014-05-06 16:16 - 00522752 _____ () C:\Program Files (x86)\Browsersafeguard\BrowserSafeguard.exe
2014-02-13 17:11 - 2014-02-13 17:11 - 00172032 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\b162055347700182d96325676dd591c4\IsdiInterop.ni.dll
2012-08-19 13:14 - 2011-11-29 20:00 - 00059392 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2012-08-19 13:15 - 2012-02-21 06:09 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2013-11-13 23:22 - 2013-11-13 23:22 - 00199104 _____ () C:\Program Files (x86)\Privacy Dr\Splash.exe
2013-08-30 17:47 - 2013-08-30 17:47 - 00007168 _____ () C:\Program Files (x86)\Privacy Dr\Setup.dll
2014-05-22 12:52 - 2014-05-22 12:52 - 00178688 _____ () C:\Program Files (x86)\BlockAndSurf-soft\BlockAndSurfdc171.exe
2014-06-13 07:14 - 2014-06-05 15:58 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libglesv2.dll
2014-06-13 07:14 - 2014-06-05 15:58 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libegl.dll
2014-06-13 07:14 - 2014-06-05 15:58 - 04217672 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll
2014-06-13 07:14 - 2014-06-05 15:58 - 00414536 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll
2014-06-13 07:14 - 2014-06-05 15:58 - 01732424 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ffmpegsumo.dll
2013-06-11 04:27 - 2013-06-11 04:27 - 00237568 _____ () C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\ctb.dll
2014-06-13 07:14 - 2014-06-05 15:58 - 14612296 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========


==================== Faulty Device Manager Devices =============

Name: SMART Virtual TabletPC
Description: SMART Virtual TabletPC
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: SMART Technologies ULC
Service: SMARTVTabletPCx64
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/28/2014 11:02:38 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 28220940

Error: (06/28/2014 11:02:38 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 28220940

Error: (06/28/2014 11:02:38 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/28/2014 03:12:24 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6489

Error: (06/28/2014 03:12:24 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6489

Error: (06/28/2014 03:12:24 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/28/2014 03:12:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5475

Error: (06/28/2014 03:12:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5475

Error: (06/28/2014 03:12:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/28/2014 03:12:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4461


System errors:
=============
Error: (06/28/2014 11:02:38 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst netprofm erreicht.

Error: (06/28/2014 11:02:38 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst ShellHWDetection erreicht.

Error: (06/28/2014 03:07:51 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 107.

Error: (06/28/2014 03:07:51 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 107.

Error: (06/28/2014 03:07:51 PM) (Source: Schannel) (EventID: 4106) (User: NT-AUTORITÄT)
Description: Eine SSL 3.0-Verbindungsanforderung wurde von einer Remoteclientanwendung übermittelt, jedoch werden keine der Verschlüsselungssammlungen, die von der Clientanwendung unterstützt werden, vom Server unterstützt. Fehler bei der SSL-Verbindungsanforderung.

Error: (06/28/2014 03:07:51 PM) (Source: Schannel) (EventID: 4106) (User: NT-AUTORITÄT)
Description: Eine SSL 3.0-Verbindungsanforderung wurde von einer Remoteclientanwendung übermittelt, jedoch werden keine der Verschlüsselungssammlungen, die von der Clientanwendung unterstützt werden, vom Server unterstützt. Fehler bei der SSL-Verbindungsanforderung.

Error: (06/27/2014 09:07:41 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.

Error: (06/27/2014 09:02:51 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Microsoft .NET Framework NGEN v4.0.30319_X64 erreicht.

Error: (06/27/2014 09:02:13 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Microsoft .NET Framework NGEN v4.0.30319_X86 erreicht.

Error: (06/27/2014 08:57:33 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Computer Backup (MyPC Backup)" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053


Microsoft Office Sessions:
=========================
Error: (06/28/2014 11:02:38 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 28220940

Error: (06/28/2014 11:02:38 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 28220940

Error: (06/28/2014 11:02:38 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/28/2014 03:12:24 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6489

Error: (06/28/2014 03:12:24 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6489

Error: (06/28/2014 03:12:24 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/28/2014 03:12:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5475

Error: (06/28/2014 03:12:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5475

Error: (06/28/2014 03:12:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/28/2014 03:12:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4461


==================== Memory info =========================== 

Percentage of memory in use: 54%
Total physical RAM: 3996.36 MB
Available physical RAM: 1810.42 MB
Total Pagefile: 7990.9 MB
Available Pagefile: 3979.39 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (Windows7_OS) (Fixed) (Total:420.56 GB) (Free:330.15 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (LENOVO) (Fixed) (Total:25.47 GB) (Free:0 GB) NTFS
Drive f: (MANAGER13) (CDROM) (Total:5.73 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 7F8E0386)
Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=421 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=25 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=20 GB) - (Type=12)

==================== End Of Log ============================
         

Alt 28.06.2014, 23:10   #5
Bootsektor
Ruhe in Frieden
† 2019
 
Ständige Werbung in allen Browsern - Standard

Ständige Werbung in allen Browsern



Hallo,

das ist ja mal eine imposante Anhäufung an Krams
Kein Wunder, dass dein Rechner schwer beschäftigt ist.


Hast du diesen Proxy gesetzt?


Zitat:
ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:49423;https=127.0.0.1:49423
Schritt 1
Bitte deinstalliere folgende Programme (falls vorhanden) :

Advanced System Protector
AnyProtect
Ask Toolbar
BlockAndSurf
Browser Guard
BrowserSafeguard with RocketTab
DownTango
DownTango Launcher 1.6
Java 7 Update 51
Lollipop
Mobogenie
MyPC Backup
Mysearchdial
Norton Security Scan
Plus-HD-9.3
PriceGong 2.6.11
Protected Search 1.1
qone8 uninstaller
RegClean Pro
Search Protect
Softonic toolbar on IE and Chrome
Spyware Terminator 2012
VO Package
Weather It Up
Web Security Guard with Crawler Toolbar (
WPM17.8.0.3442


Dazu gehe auf:
den Windowsbutton in der Taskleiste --> Systemsteuerung --> Programme (Unterpunkt Programme deinstallieren) --> Programm auswählen --> entfernen

Falls du ein Programm nicht deinstallieren kannst, lade dir von hier den Revo-uninstaller herunter und deinstalliere es damit, wähle dabei den moderaten Modus.

Schritt 2
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).


Schritt 3
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad.
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Sollte die Benutzeroberfläche noch in Englisch sein, klicke auf Settings und wähle bei Language Deutsch aus.
  • Klicke im Anschluss auf Suchlauf, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf jetzt starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Aktionen anwenden.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Suchlauf-Protokoll aus und klicke auf Ansicht. Wähle Exportieren auf Textdatei (.txt) und speichere die Datei als mbam.txt auf dem Desktop ab.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Schritt 4
Starte noch einmal FRST.
  • Setze den Haken bei addition.txt und drücke auf Scan.
  • Wenn der Scan abgeschlossen ist, werden zwei neue Logfiles FRST.txt und addition.txt erstellt und auf dem Desktop (oder in dem Verzeichnis in dem FRST liegt) gespeichert.
  • Poste den Inhalt dieser Logfiles bitte hier in deinen Thread.


Alt 29.06.2014, 00:52   #6
FVBPlayrt
 
Ständige Werbung in allen Browsern - Standard

Ständige Werbung in allen Browsern



Hahahaha, ja, ich habe auch recht lange gebraucht, um solch eine Sammlung anzuhäufen.

Zitat:
ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:49423;https=127.0.0.1:49423
Diese Proxy habe ich nicht eingerichtete.

Code:
ATTFilter
# AdwCleaner v3.213 - Bericht erstellt am 29/06/2014 um 01:02:25
# Aktualisiert 23/06/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Julian - JULIAN-PC
# Gestartet von : C:\Users\Julian\Downloads\adwcleaner_3.213.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma

***** [ Verknüpfungen ] *****

Verknüpfung Desinfiziert : C:\Users\Julian\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
Verknüpfung Desinfiziert : C:\Users\Julian\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Verknüpfung Desinfiziert : C:\Users\Julian\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk
Verknüpfung Desinfiziert : C:\Users\Julian\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk

***** [ Registrierungsdatenbank ] *****

Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{ACAA314B-EEBA-48E4-AD47-84E31C44796C}]
Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [quick_start@gmail.com]
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaabfjnbeinlpljodiajipidiompfl
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma
Schlüssel Gelöscht : HKCU\Software\Classes\Applications\lollipop.exe
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Crawler Search
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [lollipop]
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [NextLive]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ctbcommon.Buttons
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ctbr.R404Pro
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CToolbar.TB4Client
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CToolbar.TB4Script
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CToolbar.TB4Server
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\tbr
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ScriptHost.Tool
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ScriptHost.Tool.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\CToolbar_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\CToolbar_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\Crawler
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C17DC5CF-54FF-4E63-8AC7-94335D6DA231}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D14D0EE2-2DD1-4230-BE70-3F3AD6172C40}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{05366194-3126-4601-AC1A-DDE573E093DC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{061F450C-37B9-4330-9235-0F25D9F75B33}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{183643C8-EE67-4574-9A38-927852E34163}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1DDA201E-5B42-4352-933E-21A92B297E3B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{22FEB0F5-0BA0-4D4B-8A66-55A21667BC31}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{26249267-15F4-4DA3-8247-C5A78E4FA918}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3004627E-F8E9-4E8B-909D-316753CBA923}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{39B217B4-8C69-4E45-A8DC-8CC4DAD3CF0A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3CB4CE45-8849-4638-9226-D6B615A15827}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{43AB7B5D-4C40-4103-A549-7002A116A7D5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4D25FB7A-8902-4291-960E-9ADA051CFBBF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4ED063C9-4A0B-4B44-A9DC-23AFF424A0D3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{54ECA872-DB2A-4C6B-BBB2-F3777C6786CC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{8736C681-37A0-40C6-A0F0-4C083409151C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{996ED20F-A740-47A2-A7EF-9620D422BB4E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{9F0F16DD-4E76-4049-A9B1-7A91E48F0323}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C358B3D0-B911-41E3-A276-E7D43A6BA56D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D2B79F7D-2D7D-4420-B2A9-ECE52C7C83A0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D40753C7-8A59-4C1F-BE88-C300F4624D5B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{DBDB6FAA-1F5F-4A18-B60B-7A905C7FF83F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F4288797-CB12-49CE-9DF8-7CDFA1143BEA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110411911136}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110511301198}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220422912236}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220522302298}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{01C78433-6FDF-4E5A-A82D-B535C32E03DF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0400EBCA-042C-4000-AA89-9713FBEDB671}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{061F450C-37B9-4330-9235-0F25D9F75B33}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0BD19251-4B4B-4B94-AB16-617106245BB7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{22FEB0F5-0BA0-4D4B-8A66-55A21667BC31}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3281114F-BCAB-45E3-80D9-A6CD64D4E636}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{41349826-5C7F-4BF0-8279-5DAF1DE6E9AE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{44533FCB-F9FB-436A-8B6B-CF637B2D465A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{44B29DDD-CF7A-454A-A275-A322A398D93F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{604EA016-1EDE-41E6-A23E-76CF8F2A4808}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A4DE94DB-DF03-45A3-8A5D-D1B7464B242D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{AA0F50A8-2618-4AE4-A779-9F7378555A8F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B2DB115C-8278-4947-9A07-57B53D1C4215}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B3BA5582-79A9-464D-A7FA-711C5888C6E9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B97FC455-DB33-431D-84DB-6F1514110BD5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C67281E0-78F5-4E49-9FAE-4B1B2ADAF17B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D2B79F7D-2D7D-4420-B2A9-ECE52C7C83A0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E72E9312-0367-4216-BFC7-21485FA8390B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E9BBD270-4B87-4EE2-912F-6635674986C0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F6CCB6C9-127E-44AE-8552-B94356F39FFE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FFD25630-2734-4AE9-88E6-21BF6525F3FE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550455915536}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555305598}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660466916636}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566306698}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{04006843-5199-4CE4-B3CD-8092CC91706E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{1D55DAA5-04AC-4036-B0BE-DA81EE9676CD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{212C2C4F-C845-4FBC-9561-C833A13D8DCE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{3C5D1D57-16C8-473C-A552-37B8D88596FE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{4A115D8A-6A7B-4C72-92B1-2E2D01F36979}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{506F578A-91E1-46CE-830F-E2F4268E9966}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{58CBF821-A0C7-4AE8-9430-77DD1AF38E99}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{72BCBFF7-2837-4CA0-B3B5-3DAED7F54601}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{824125FD-7732-4DA2-9277-3A7D0A0A0813}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{99DF8440-814E-497F-BDDD-FB93E9E9DF96}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{DCABB943-792E-44C4-9029-ECBEE6265AF9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{E79BB61D-7F1A-41DF-8AD0-402795E3B566}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440444914436}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440544304498}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411911136}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511301198}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E327B07A-0E11-4FD4-BEF2-B2C5605B59C6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E87806B5-E908-45FD-AF5E-957D83E58E68}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E327B07A-0E11-4FD4-BEF2-B2C5605B59C6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E87806B5-E908-45FD-AF5E-957D83E58E68}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{219046AE-358F-4CF1-B1FD-2B4DE83642A8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7459F1D0-9FB6-4D71-AA7B-9DECB34EB704}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C17DC5CF-54FF-4E63-8AC7-94335D6DA231}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CFD485F0-96BD-47CD-BB6D-CD7DDA95F102}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D14D0EE2-2DD1-4230-BE70-3F3AD6172C40}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F994E0D9-8335-48F1-99C2-A712C21F8D5F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FBF1B8D2-9A06-4174-A8B5-E38606DDB92B}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{3004627E-F8E9-4E8B-909D-316753CBA923}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{4B3803EA-5230-4DC3-A7FC-33638F3D3542}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{4B3803EA-5230-4DC3-A7FC-33638F3D3542}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110411911136}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110511301198}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220422912236}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220522302298}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{01C78433-6FDF-4E5A-A82D-B535C32E03DF}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0400EBCA-042C-4000-AA89-9713FBEDB671}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0BD19251-4B4B-4B94-AB16-617106245BB7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3281114F-BCAB-45E3-80D9-A6CD64D4E636}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{41349826-5C7F-4BF0-8279-5DAF1DE6E9AE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{44533FCB-F9FB-436A-8B6B-CF637B2D465A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{44B29DDD-CF7A-454A-A275-A322A398D93F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{604EA016-1EDE-41E6-A23E-76CF8F2A4808}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A4DE94DB-DF03-45A3-8A5D-D1B7464B242D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{AA0F50A8-2618-4AE4-A779-9F7378555A8F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B2DB115C-8278-4947-9A07-57B53D1C4215}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B3BA5582-79A9-464D-A7FA-711C5888C6E9}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B97FC455-DB33-431D-84DB-6F1514110BD5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C67281E0-78F5-4E49-9FAE-4B1B2ADAF17B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E72E9312-0367-4216-BFC7-21485FA8390B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E9BBD270-4B87-4EE2-912F-6635674986C0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F6CCB6C9-127E-44AE-8552-B94356F39FFE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FFD25630-2734-4AE9-88E6-21BF6525F3FE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550455915536}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555305598}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660466916636}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566306698}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411911136}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511301198}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Daten Wiederhergestellt : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Schlüssel Gelöscht : HKCU\Software\AnyProtect
Schlüssel Gelöscht : HKCU\Software\Ask.com
Schlüssel Gelöscht : HKCU\Software\CToolbar
Schlüssel Gelöscht : HKCU\Software\InstallCore
Schlüssel Gelöscht : HKCU\Software\installedbrowserextensions
Schlüssel Gelöscht : HKCU\Software\mysearchdial
Schlüssel Gelöscht : HKCU\Software\mysearchdial.com
Schlüssel Gelöscht : HKCU\Software\Optimizer Pro
Schlüssel Gelöscht : HKCU\Software\ProtectedSearch
Schlüssel Gelöscht : HKCU\Software\SearchProtectINT
Schlüssel Gelöscht : HKCU\Software\visualbee
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\AskToolbar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\blockAndSurf
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Crossrider
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\PriceGong
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\simplytech
Schlüssel Gelöscht : HKLM\Software\AskToolbar
Schlüssel Gelöscht : HKLM\Software\CToolbar
Schlüssel Gelöscht : HKLM\Software\IePlugin
Schlüssel Gelöscht : HKLM\Software\InstallCore
Schlüssel Gelöscht : HKLM\Software\installedbrowserextensions
Schlüssel Gelöscht : HKLM\Software\qone8Software
Schlüssel Gelöscht : HKLM\Software\simplitec
Schlüssel Gelöscht : HKLM\Software\SupTab
Schlüssel Gelöscht : HKLM\Software\supWPM
Schlüssel Gelöscht : HKLM\Software\systweak
Schlüssel Gelöscht : HKLM\Software\visualbee
Schlüssel Gelöscht : HKLM\Software\Wpm
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\installedbrowserextensions
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17126

Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Default_Page_URL]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Default_Page_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Bar]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [Start Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [Start Default_Page_URL]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [Search Bar]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [Search Page]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Start Page]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Start Default_Page_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Default_Search_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Search Bar]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Search Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [(Default)]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [(Default)]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Mozilla Firefox v29.0.1 (de)

[ Datei : C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\6dmk8n6k.default\prefs.js ]

Zeile gelöscht : user_pref("browser.startup.homepage", "hxxp://start.mysearchdial.com/?f=1&a=cmi_14_14_ff&cd=2XzuyEtN2Y1L1Qzu0CtDtCyEtA0D0CtA0F0DtD0C0E0EyC0AtN0D0Tzu0SzztBtCtN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD[...]
Zeile gelöscht : user_pref("extensions.a120b8567cef74a3fbc74951746209d5be3f0d12e110a4daca27722ad73cee452com53098.53098.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssf[...]
Zeile gelöscht : user_pref("extensions.a18c3bc7ab2aa43c1885a665d2f25cf89d6802e5935194428bef7bce888d550bbcom49136.49136.internaldb.Resources_meta.value", "%7B%22html/popup.html%22%3A%7B%22id%22%3A526988%2C%22ver%22%3A6[...]
Zeile gelöscht : user_pref("extensions.a18c3bc7ab2aa43c1885a665d2f25cf89d6802e5935194428bef7bce888d550bbcom49136.49136.internaldb.Resources_resource_526988.value", "%22%3C%21DOCTYPE%20HTML%3E%5Cn%3Chtml%20lang%3D%5C%2[...]
Zeile gelöscht : user_pref("extensions.a18c3bc7ab2aa43c1885a665d2f25cf89d6802e5935194428bef7bce888d550bbcom49136.49136.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssf[...]
Zeile gelöscht : user_pref("extensions.asktb.ff-original-keyword-url", "");
Zeile gelöscht : user_pref("extensions.crossrider.bic", "1451ce799a78efbbb5a3ccebfc68ebb1");
Zeile gelöscht : user_pref("extensions.enabledAddons", "ffxtlbr%40mysearchdial.com:1.6.0,120b8567-cef7-4a3f-bc74-951746209d5b%40e3f0d12e-110a-4dac-a277-22ad73cee452.com:0.94.51,18c3bc7a-b2aa-43c1-885a-665d2f25cf89%40d[...]
Zeile gelöscht : user_pref("extensions.irmysearch.aflt", "cmi_14_14_ff");
Zeile gelöscht : user_pref("extensions.irmysearch.cd", "2XzuyEtN2Y1L1Qzu0CtDtCyEtA0D0CtA0F0DtD0C0E0EyC0AtN0D0Tzu0SzztBtCtN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyEzytD0CyDtB0B0DtGzy0B0A0Et[...]
Zeile gelöscht : user_pref("extensions.irmysearch.cr", "1707376684");
Zeile gelöscht : user_pref("extensions.irmysearch.instlRef", "140305_b");
Zeile gelöscht : user_pref("extensions.mysearchdial.AL", 2);
Zeile gelöscht : user_pref("extensions.mysearchdial.aflt", "cmi_14_14_ff");
Zeile gelöscht : user_pref("extensions.mysearchdial.appId", "{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}");
Zeile gelöscht : user_pref("extensions.mysearchdial.cd", "2XzuyEtN2Y1L1Qzu0CtDtCyEtA0D0CtA0F0DtD0C0E0EyC0AtN0D0Tzu0SzztBtCtN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyEzytD0CyDtB0B0DtGzy0B0A0[...]
Zeile gelöscht : user_pref("extensions.mysearchdial.cntry", "DE");
Zeile gelöscht : user_pref("extensions.mysearchdial.cr", "1707376684");
Zeile gelöscht : user_pref("extensions.mysearchdial.dfltLng", "");
Zeile gelöscht : user_pref("extensions.mysearchdial.dfltSrch", true);
Zeile gelöscht : user_pref("extensions.mysearchdial.dnsErr", true);
Zeile gelöscht : user_pref("extensions.mysearchdial.dpkLst", "3654782829,1334533236,1121012847,231756876,1895130307,603719297,4288797614,3754950497,426401714,3046281807,752626116,1657571787,3224935090,2597085128,18285[...]
Zeile gelöscht : user_pref("extensions.mysearchdial.dspFFXOld", "");
Zeile gelöscht : user_pref("extensions.mysearchdial.excTlbr", false);
Zeile gelöscht : user_pref("extensions.mysearchdial.hdrMd5", "2036F02F64C8F55B2B89C5184AFE60B0");
Zeile gelöscht : user_pref("extensions.mysearchdial.hmpg", true);
Zeile gelöscht : user_pref("extensions.mysearchdial.hmpgUrl", "hxxp://start.mysearchdial.com/?f=1&a=cmi_14_14_ff&cd=2XzuyEtN2Y1L1Qzu0CtDtCyEtA0D0CtA0F0DtD0C0E0EyC0AtN0D0Tzu0SzztBtCtN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEt[...]
Zeile gelöscht : user_pref("extensions.mysearchdial.id", "C0143DC3FD0CEE6A");
Zeile gelöscht : user_pref("extensions.mysearchdial.instlDay", "16161");
Zeile gelöscht : user_pref("extensions.mysearchdial.instlRef", "140305_b");
Zeile gelöscht : user_pref("extensions.mysearchdial.lastB", "hxxp://start.mysearchdial.com/?f=1&a=cmi_14_14_ff&cd=2XzuyEtN2Y1L1Qzu0CtDtCyEtA0D0CtA0F0DtD0C0E0EyC0AtN0D0Tzu0SzztBtCtN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDt[...]
Zeile gelöscht : user_pref("extensions.mysearchdial.lastVrsnTs", "");
Zeile gelöscht : user_pref("extensions.mysearchdial.newTabUrl", "hxxp://start.mysearchdial.com/?f=2&a=cmi_14_14_ff&cd=2XzuyEtN2Y1L1Qzu0CtDtCyEtA0D0CtA0F0DtD0C0E0EyC0AtN0D0Tzu0SzztBtCtN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCy[...]
Zeile gelöscht : user_pref("extensions.mysearchdial.pnu_base", "{\"newVrsn\":\"96\",\"lastVrsn\":\"96\",\"vrsnLoad\":\"\",\"showMsg\":\"false\",\"showSilent\":\"true\",\"msgTs\":0,\"lstMsgTs\":\"0\"}");
Zeile gelöscht : user_pref("extensions.mysearchdial.prdct", "mysearchdial");
Zeile gelöscht : user_pref("extensions.mysearchdial.prtnrId", "mysearchdial");
Zeile gelöscht : user_pref("extensions.mysearchdial.sg", "{smplGrp}");
Zeile gelöscht : user_pref("extensions.mysearchdial.srchPrvdr", "Mysearchdial");
Zeile gelöscht : user_pref("extensions.mysearchdial.tlbrId", "base");
Zeile gelöscht : user_pref("extensions.mysearchdial.tlbrSrchUrl", "hxxp://start.mysearchdial.com/?f=3&a=cmi_14_14_ff&cd=2XzuyEtN2Y1L1Qzu0CtDtCyEtA0D0CtA0F0DtD0C0E0EyC0AtN0D0Tzu0SzztBtCtN1L2XzutBtFtCzztFtBtFtDtN1L1Czut[...]
Zeile gelöscht : user_pref("extensions.mysearchdial.vrsn", "1.8.29.0");
Zeile gelöscht : user_pref("extensions.mysearchdial.vrsni", "1.8.29.0");
Zeile gelöscht : user_pref("extensions.mysearchdial_i.newTab", false);
Zeile gelöscht : user_pref("extensions.mysearchdial_i.smplGrp", "none");
Zeile gelöscht : user_pref("extensions.mysearchdial_i.vrsnTs", "1.8.29.013:2:19");

-\\ Google Chrome v35.0.1916.153

[ Datei : C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gelöscht [Search Provider] : hxxp://www.qone8.com/web/?type=ds&ts=1396349106&from=adks&uid=ST500LM012XHN-M500MBB_S2U3J9AC569467&q={searchTerms}
Gelöscht [Search Provider] : hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=cmi_14_14_ff&cd=2XzuyEtN2Y1L1Qzu0CtDtCyEtA0D0CtA0F0DtD0C0E0EyC0AtN0D0Tzu0SzztBtCtN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyEzytD0CyDtB0B0DtGzy0B0A0EtGtBtDtAyBtGtDtD0E0DtGtBtB0F0Czz0EtB0ByBtAtA0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyC0CyEtCtDyEyE0EtGyB0B0E0BtG0B0CyCzytGyDyBzyzytGyE0AyBzz0EtCtB0CyBtA0B0E2Q&cr=1707376684&ir=
Gelöscht [Startup_urls] : hxxp://start.mysearchdial.com/?f=1&a=cmi_14_14_ff&cd=2XzuyEtN2Y1L1Qzu0CtDtCyEtA0D0CtA0F0DtD0C0E0EyC0AtN0D0Tzu0SzztBtCtN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyEzytD0CyDtB0B0DtGzy0B0A0EtGtBtDtAyBtGtDtD0E0DtGtBtB0F0Czz0EtB0ByBtAtA0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyC0CyEtCtDyEyE0EtGyB0B0E0BtG0B0CyCzytGyDyBzyzytGyE0AyBzz0EtCtB0CyBtA0B0E2Q&cr=1707376684&ir=
Gelöscht [Startup_urls] : hxxp://start.qone8.com/?type=hp&ts=1396349106&from=adks&uid=ST500LM012XHN-M500MBB_S2U3J9AC569467
Gelöscht [Extension] : aaaaabfjnbeinlpljodiajipidiompfl
Gelöscht [Extension] : booedmolknjekdopkepjjeckmjkdpfgl
Gelöscht [Extension] : flpcjncodpafbgdpnkljologafpionhb
Gelöscht [Extension] : pelmeidfhdlhlbjimpabfcbnnojbboma

*************************

AdwCleaner[R0].txt - [45119 octets] - [29/06/2014 00:49:23]
AdwCleaner[R1].txt - [45119 octets] - [29/06/2014 00:52:41]
AdwCleaner[R2].txt - [67941 octets] - [29/06/2014 00:55:30]
AdwCleaner[R3].txt - [39722 octets] - [29/06/2014 01:01:56]
AdwCleaner[S0].txt - [8265 octets] - [29/06/2014 00:58:36]
AdwCleaner[S1].txt - [32993 octets] - [29/06/2014 01:02:25]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [33054 octets] ##########
         
Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org


Protection, 29.06.2014 01:12:09, SYSTEM, JULIAN-PC, Protection, Malware Protection, Starting, 
Protection, 29.06.2014 01:12:09, SYSTEM, JULIAN-PC, Protection, Malware Protection, Started, 
Protection, 29.06.2014 01:12:09, SYSTEM, JULIAN-PC, Protection, Malicious Website Protection, Starting, 
Update, 29.06.2014 01:12:38, SYSTEM, JULIAN-PC, Manual, Rootkit Database, 2014.2.20.1, 2014.6.23.2, 
Update, 29.06.2014 01:12:41, SYSTEM, JULIAN-PC, Manual, Malware Database, 2014.3.4.9, 2014.6.28.5, 
Protection, 29.06.2014 01:12:42, SYSTEM, JULIAN-PC, Protection, Refresh, Starting, 
Protection, 29.06.2014 01:13:06, SYSTEM, JULIAN-PC, Protection, Malicious Website Protection, Started, 
Protection, 29.06.2014 01:13:06, SYSTEM, JULIAN-PC, Protection, Malicious Website Protection, Stopping, 
Protection, 29.06.2014 01:13:06, SYSTEM, JULIAN-PC, Protection, Malicious Website Protection, Stopped, 
Protection, 29.06.2014 01:13:10, SYSTEM, JULIAN-PC, Protection, Refresh, Success, 
Protection, 29.06.2014 01:13:10, SYSTEM, JULIAN-PC, Protection, Malicious Website Protection, Starting, 
Protection, 29.06.2014 01:13:11, SYSTEM, JULIAN-PC, Protection, Malicious Website Protection, Started, 
Detection, 29.06.2014 01:13:46, SYSTEM, JULIAN-PC, Protection, Malicious Website Protection, IP, 46.21.150.117, 6881, Outbound, C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe, 
Detection, 29.06.2014 01:13:46, SYSTEM, JULIAN-PC, Protection, Malicious Website Protection, IP, 46.21.150.117, 6881, Outbound, C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe, 
Detection, 29.06.2014 01:33:16, SYSTEM, JULIAN-PC, Protection, Malicious Website Protection, IP, 195.174.111.176, 6881, Outbound, C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe, 
Detection, 29.06.2014 01:33:17, SYSTEM, JULIAN-PC, Protection, Malicious Website Protection, IP, 195.174.111.176, 6881, Outbound, C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe, 
Protection, 29.06.2014 01:35:37, SYSTEM, JULIAN-PC, Protection, Malware Protection, Starting, 
Protection, 29.06.2014 01:35:37, SYSTEM, JULIAN-PC, Protection, Malware Protection, Started, 
Protection, 29.06.2014 01:35:37, SYSTEM, JULIAN-PC, Protection, Malicious Website Protection, Starting, 
Protection, 29.06.2014 01:37:33, SYSTEM, JULIAN-PC, Protection, Malicious Website Protection, Started, 

(end)
         

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-06-2014 02
Ran by Julian (administrator) on JULIAN-PC on 29-06-2014 01:45:58
Running from C:\Users\Julian\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(SMART Technologies) C:\Program Files (x86)\SMART Technologies\Education Software\SMARTHelperService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Crawler.com) C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
() C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe
(Vimicro) C:\Program Files (x86)\USB Camera\VM331_STI.EXE
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Lenovo) C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTStackServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
( ) C:\Program Files (x86)\LockKey\LockKey.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(SMART Technologies ULC) C:\Program Files (x86)\SMART Technologies\Education Software\FloatingTools.exe
(SMART Technologies) C:\Program Files (x86)\SMART Technologies\Education Software\SMARTNotification.exe
(SMART Technologies) C:\Program Files (x86)\SMART Technologies\Education Software\SMARTTrayIcon.exe
(SMART Technologies) C:\Program Files (x86)\SMART Technologies\Education Software\SMARTBoardService.exe
(SMART Technologies) C:\Program Files (x86)\SMART Technologies\Education Software\SMARTInk.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Joyent, Inc) C:\Program Files (x86)\SMART Technologies\Education Software\sbsdk-server\SBWDKService.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(SMART Technologies) C:\Program Files (x86)\SMART Technologies\Education Software\Office\SMARTInk-SBSDKProxy.exe
(SMART Technologies) C:\Program Files (x86)\SMART Technologies\Education Software\SMARTInkPrivilegedAccess.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [564352 2012-03-01] (Conexant Systems, Inc.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2809856 2012-01-16] (ELAN Microelectronics Corp.)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [8079408 2012-08-19] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [6202416 2012-08-19] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo EE Boot Optimizer] => C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe [206176 2012-08-19] (Lenovo)
HKLM\...\Run: [SpywareTerminatorShield] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
HKLM\...\Run: [SpywareTerminatorUpdater] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe [3684488 2013-04-03] (Crawler.com)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291648 2012-05-21] (Intel Corporation)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-11-29] (Intel Corporation)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [507744 2011-12-20] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [331BigDog] => C:\Program Files (x86)\USB Camera\VM331_STI.EXE [548864 2011-11-24] (Vimicro)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-06-06] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [152896 2012-06-25] (Intel Corporation)
HKLM-x32\...\Run: [YouCam Mirage] => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2011-01-28] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe [228448 2011-01-28] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2010-07-26] (CyberLink Corp.)
HKLM-x32\...\Run: [VeriFaceManager] => C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe [329056 2012-08-19] (Lenovo)
HKLM-x32\...\Run: [UpdatePRCShortCut] => C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-13] (CyberLink Corp.)
HKLM-x32\...\Run: [LockKey] => C:\Program Files (x86)\LockKey\LockKey.exe [337776 2011-08-25] ( )
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [737872 2014-06-11] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [SMART Floating Tools] => C:\Program Files (x86)\SMART Technologies\Education Software\FloatingTools.exe [9024304 2013-11-20] (SMART Technologies ULC)
HKLM-x32\...\Run: [SMARTNotification] => C:\Program Files (x86)\SMART Technologies\Education Software\SMARTNotification.exe [204592 2013-11-22] (SMART Technologies)
HKLM-x32\...\Run: [SMART Tray Tools] => C:\Program Files (x86)\SMART Technologies\Education Software\SMARTTrayIcon.exe [743728 2013-11-22] (SMART Technologies)
HKLM-x32\...\Run: [SMART Board Service] => C:\Program Files (x86)\SMART Technologies\Education Software\SMARTBoardService.exe [1933104 2013-11-22] (SMART Technologies)
HKLM-x32\...\Run: [sbsdk-server] => C:\Program Files (x86)\SMART Technologies\Education Software\sbsdk-server\NodeLauncher.exe [62768 2013-08-22] (SMART Technologies)
HKLM-x32\...\Run: [SMART Ink] => C:\Program Files (x86)\SMART Technologies\Education Software\SMARTInk.exe [147248 2013-10-31] (SMART Technologies)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1677683325-2679214213-1298775176-1000\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3588952 2014-05-18] (Electronic Arts)
HKU\S-1-5-21-1677683325-2679214213-1298775176-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-08-19] (Google Inc.)
HKU\S-1-5-21-1677683325-2679214213-1298775176-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-1677683325-2679214213-1298775176-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-1677683325-2679214213-1298775176-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [24474752 2014-06-05] (Google)
HKU\S-1-5-21-1677683325-2679214213-1298775176-1000\...\Run: [PrivacyDr] => C:\Program Files (x86)\Privacy Dr\PrivacyDr.exe [2920384 2013-11-13] ()
HKU\S-1-5-21-1677683325-2679214213-1298775176-1000\...\MountPoints2: {61b469da-e9ed-11e1-ac5f-806e6f6e6963} - F:\Autorun.exe
HKU\S-1-5-21-1677683325-2679214213-1298775176-1000\...\MountPoints2: {9ff9f46d-94bb-11e3-9a60-c0143dc3fd0c} - E:\LaunchU3.exe -a
Lsa: [Notification Packages] scecli C:\Program Files\Lenovo\Bluetooth Software\BtwProximityCP.dll
ShellIconOverlayIdentifiers: GDriveBlacklistedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedEditOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedViewOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncingOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: VeriFace Enc -> {771C7324-DA80-49D3-8017-753B0AF60951} => C:\Windows\system32\IcnOvrly.dll ()
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.google.com/ig/redirectdomain?brand=KMOH&bmod=KMOH
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = 
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - {193DDDE3-3F56-48EC-8085-549FD9F026DB} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10261&src=kw&q={searchTerms}&locale=&apn_ptnrs=^AGS&apn_dtid=^YYYYYY^YY^DE&apn_uid=09599e60-d3a6-4fb0-946d-ff4c0fa54d5f&apn_sauid=46E449BC-4F3E-4556-9110-102CBC7E6CD9
SearchScopes: HKCU - {44594F6D-AD20-45F6-8766-FBB35DB5C317} URL = hxxp://search.softonic.com/MOY00621/tb_v1?q={searchTerms}&SearchSource=4&cc=&mi=7ac7ee6a000000000000c0143dc3fd0b&r=392
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: SMART Notebook Download Utility - {67BCF957-85FC-4036-8DC4-D4D80E00A77B} - C:\Program Files (x86)\SMART Technologies\Education Software\NotebookPlugin.dll (SMART Technologies ULC.)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.192.1

FireFox:
========
FF ProfilePath: C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\6dmk8n6k.default
FF NewTab: chrome://quick_start/content/index.html
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_152.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: No Name - C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\6dmk8n6k.default\Extensions\staged [2014-06-29]

Chrome: 
=======
CHR HomePage: hxxp://google.de/
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\gcswf32.dll No File
CHR Plugin: (McAfee SiteAdvisor) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.31.137.7_0\McChPlg.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll No File
CHR Plugin: (Intel Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll No File
CHR Plugin: (McAfee SecurityCenter) - c:\progra~2\mcafee\msc\npmcsn~1.dll No File
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Extension: (Google Drive) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-06]
CHR Extension: (YouTube) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-11-10]
CHR Extension: (Google-Suche) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-11-10]
CHR Extension: (Google Wallet) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-29]
CHR Extension: (Google Mail) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-11-10]
CHR HKCU\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Julian\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2013-12-28]

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-06-11] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-06-11] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1039440 2014-06-11] (Avira Operations GmbH & Co. KG)
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [945440 2012-02-01] (Broadcom Corporation.)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-28] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 SMARTHelperService; C:\Program Files (x86)\SMART Technologies\Education Software\SMARTHelperService.exe [538416 2013-11-22] (SMART Technologies)
R2 TuneUp.UtilitiesSvc; C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2014\TUNEUPUTILITIESSERVICE64.EXE [2100024 2013-08-30] (TuneUp Software)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [112080 2014-06-11] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-06-11] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-04] (Avira Operations GmbH & Co. KG)
R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [134696 2012-02-02] (Broadcom Corporation.)
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [104048 2012-03-02] (Qualcomm Atheros Co., Ltd.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-06-29] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
R3 SMARTMouseFilterx64; C:\Windows\System32\DRIVERS\SMARTMouseFilterx64.sys [10240 2013-11-04] (SMART Technologies)
R3 SMARTVHidMiniVistaAmd64; C:\Windows\System32\DRIVERS\SMARTVHidMiniVistaAmd64.sys [9216 2013-11-04] (SMART Technologies)
S3 SMARTVTabletPCx64; C:\Windows\System32\DRIVERS\SMARTVTabletPCx64.sys [22184 2013-11-04] (SMART Technologies ULC)
R3 TuneUpUtilitiesDrv; C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2014\TuneUpUtilitiesDriver64.sys [14112 2013-08-21] (TuneUp Software)
R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [952832 2011-12-06] (Vimicro Corporation)
U3 BcmSqlStartupSvc; 
U2 CLKMSVC10_3A60B698; 
U2 CLKMSVC10_C3B3B687; 
U2 DriverService; 
U2 iATAgentService; 
U2 idealife Update Service; 
U3 IGRS; 
U2 IviRegMgr; 
U2 nvUpdatusService; 
U2 Oasis2Service; 
U2 PCCarerService; 
U2 ReadyComm.DirectRouter; 
U2 RichVideo; 
U2 RtLedService; 
U2 SeaPort; 
U2 SoftwareService; 
U3 SQLWriter; 

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-29 01:45 - 2014-06-29 01:45 - 00002466 _____ () C:\Users\Julian\Desktop\mbam.txt
2014-06-29 01:12 - 2014-06-29 01:38 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-29 01:11 - 2014-06-29 01:11 - 00001117 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-06-29 01:11 - 2014-06-29 01:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-06-29 01:11 - 2014-06-29 01:11 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-29 01:11 - 2014-06-29 01:11 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-06-29 01:11 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-06-29 01:11 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-06-29 01:11 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-06-29 01:10 - 2014-06-29 01:10 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Julian\Downloads\mbam-setup-2.0.2.1012.exe
2014-06-29 01:10 - 2014-06-29 01:10 - 00033299 _____ () C:\Users\Julian\Desktop\AdwCleaner[S1].txt
2014-06-29 01:04 - 2014-06-29 01:04 - 00000000 ____D () C:\Users\Julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
2014-06-29 00:58 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-06-29 00:48 - 2014-06-29 01:02 - 00000000 ____D () C:\AdwCleaner
2014-06-29 00:48 - 2014-06-29 00:48 - 01342659 _____ () C:\Users\Julian\Downloads\adwcleaner_3.213.exe
2014-06-29 00:38 - 2014-06-29 00:38 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Julian\Downloads\revosetup95.exe
2014-06-29 00:38 - 2014-06-29 00:38 - 00001279 _____ () C:\Users\Julian\Desktop\Revo Uninstaller.lnk
2014-06-29 00:38 - 2014-06-29 00:38 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-06-29 00:34 - 2014-06-29 00:34 - 00000000 ____D () C:\ProgramData\Spyware Terminator
2014-06-29 00:20 - 2014-06-29 00:20 - 00003100 _____ () C:\Windows\System32\Tasks\{9E50DF3D-63D7-48F6-BBC0-F330D1315084}
2014-06-28 23:51 - 2014-06-28 23:51 - 02083328 _____ (Farbar) C:\Users\Julian\Downloads\FRST64 (1).exe
2014-06-28 23:50 - 2014-06-28 23:51 - 00046633 _____ () C:\Users\Julian\Downloads\Addition.txt
2014-06-28 23:48 - 2014-06-29 01:46 - 00024845 _____ () C:\Users\Julian\Downloads\FRST.txt
2014-06-28 23:47 - 2014-06-29 01:46 - 00000000 ____D () C:\FRST
2014-06-28 23:44 - 2014-06-28 23:44 - 02083328 _____ (Farbar) C:\Users\Julian\Downloads\FRST64.exe
2014-06-24 12:18 - 2014-06-24 12:18 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-06-18 11:50 - 2014-06-24 11:14 - 00005630 _____ () C:\Users\Julian\Desktop\Lufthnsa Motivationsschreiben.odt
2014-06-18 10:26 - 2014-06-18 11:50 - 00005704 _____ () C:\Users\Julian\Documents\Lufthnsa MOtivationsschreiben.odt
2014-06-11 15:53 - 2014-06-08 11:13 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-11 15:53 - 2014-06-08 11:08 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-11 15:53 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-11 15:53 - 2014-05-30 12:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-11 15:53 - 2014-05-30 12:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-11 15:53 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-11 15:53 - 2014-05-30 11:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-11 15:53 - 2014-05-30 11:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-11 15:53 - 2014-05-30 11:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-11 15:53 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-11 15:53 - 2014-05-30 11:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-11 15:53 - 2014-05-30 11:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-11 15:53 - 2014-05-30 11:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-11 15:53 - 2014-05-30 11:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-11 15:53 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-11 15:53 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-11 15:53 - 2014-05-30 11:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-11 15:53 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-11 15:53 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-11 15:53 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-11 15:53 - 2014-05-30 10:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-11 15:53 - 2014-05-30 10:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-11 15:53 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-11 15:53 - 2014-05-30 10:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-11 15:53 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-11 15:53 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-11 15:53 - 2014-05-30 10:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-11 15:53 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-11 15:53 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-11 15:53 - 2014-05-30 10:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-11 15:53 - 2014-05-30 10:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-11 15:53 - 2014-05-30 10:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-11 15:53 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-11 15:53 - 2014-05-30 10:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-11 15:53 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-11 15:53 - 2014-05-30 10:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-11 15:53 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-11 15:53 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-11 15:53 - 2014-05-30 10:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-11 15:53 - 2014-05-30 10:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-11 15:53 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-11 15:53 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-11 15:53 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-11 15:53 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-11 15:53 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-11 15:53 - 2014-05-30 09:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-11 15:53 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-11 15:53 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-11 15:53 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-11 15:53 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-11 15:53 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-11 15:53 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-11 15:53 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-11 15:53 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-11 15:53 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-11 15:53 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-06-11 15:53 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-11 15:53 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-11 15:53 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-11 15:53 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-11 15:53 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-11 15:53 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-11 15:53 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-06-11 15:53 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-11 15:53 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-06-11 15:53 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-06-06 12:47 - 2014-06-06 12:47 - 04558848 _____ (Google Inc.) C:\Windows\SysWOW64\GPhotos.scr
2014-06-02 15:55 - 2014-06-02 15:55 - 00000000 ____D () C:\Users\Julian\Documents\Bus Simulator 2012
2014-06-02 15:55 - 2014-06-02 15:55 - 00000000 ____D () C:\Users\Julian\AppData\Local\Bus Simulator 2012
2014-06-01 15:14 - 2014-06-18 15:24 - 00005937 _____ () C:\Users\Julian\Desktop\Motivationsschreiben Ausbildung.odt
2014-06-01 14:58 - 2014-06-01 14:58 - 00000000 ____D () C:\Users\Julian\Desktop\Programme
2014-06-01 14:56 - 2014-06-24 12:18 - 00000000 ____D () C:\Users\Julian\Desktop\Games
2014-06-01 12:22 - 2014-06-01 12:23 - 02002656 _____ (Driver Restore) C:\Users\Julian\Downloads\DriverRestore.exe
2014-06-01 12:10 - 2014-06-11 21:07 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-01 12:10 - 2014-06-11 21:05 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-01 11:58 - 2014-06-01 11:58 - 00001162 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-06-01 11:57 - 2014-06-01 11:57 - 00283144 _____ (Mozilla) C:\Users\Julian\Downloads\Firefox Setup Stub 29.0.1.exe

==================== One Month Modified Files and Folders =======

2014-06-29 01:46 - 2014-06-28 23:48 - 00024845 _____ () C:\Users\Julian\Downloads\FRST.txt
2014-06-29 01:46 - 2014-06-28 23:47 - 00000000 ____D () C:\FRST
2014-06-29 01:45 - 2014-06-29 01:45 - 00002466 _____ () C:\Users\Julian\Desktop\mbam.txt
2014-06-29 01:45 - 2009-07-14 06:45 - 00031840 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-29 01:45 - 2009-07-14 06:45 - 00031840 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-29 01:42 - 2012-08-19 13:05 - 01365649 _____ () C:\Windows\WindowsUpdate.log
2014-06-29 01:39 - 2013-12-28 18:12 - 00000000 ___RD () C:\Users\Julian\Google Drive
2014-06-29 01:39 - 2012-08-19 13:44 - 00000000 ____D () C:\ProgramData\VeriFace
2014-06-29 01:38 - 2014-06-29 01:12 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-29 01:38 - 2012-08-19 13:48 - 00485047 _____ () C:\Windows\system32\fastboot.set
2014-06-29 01:35 - 2012-11-07 23:20 - 00991774 _____ () C:\FaceProv.log
2014-06-29 01:35 - 2012-08-19 13:46 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-29 01:35 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-29 01:35 - 2009-07-14 06:51 - 00072515 _____ () C:\Windows\setupact.log
2014-06-29 01:34 - 2010-11-21 05:47 - 00461508 _____ () C:\Windows\PFRO.log
2014-06-29 01:11 - 2014-06-29 01:11 - 00001117 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-06-29 01:11 - 2014-06-29 01:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-06-29 01:11 - 2014-06-29 01:11 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-29 01:11 - 2014-06-29 01:11 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-06-29 01:10 - 2014-06-29 01:10 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Julian\Downloads\mbam-setup-2.0.2.1012.exe
2014-06-29 01:10 - 2014-06-29 01:10 - 00033299 _____ () C:\Users\Julian\Desktop\AdwCleaner[S1].txt
2014-06-29 01:04 - 2014-06-29 01:04 - 00000000 ____D () C:\Users\Julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
2014-06-29 01:02 - 2014-06-29 00:48 - 00000000 ____D () C:\AdwCleaner
2014-06-29 01:00 - 2012-11-07 23:20 - 00000000 ____D () C:\Users\Julian
2014-06-29 01:00 - 2012-08-19 13:46 - 00001293 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-06-29 01:00 - 2012-08-19 13:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-06-29 00:53 - 2012-08-19 13:46 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-29 00:48 - 2014-06-29 00:48 - 01342659 _____ () C:\Users\Julian\Downloads\adwcleaner_3.213.exe
2014-06-29 00:38 - 2014-06-29 00:38 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Julian\Downloads\revosetup95.exe
2014-06-29 00:38 - 2014-06-29 00:38 - 00001279 _____ () C:\Users\Julian\Desktop\Revo Uninstaller.lnk
2014-06-29 00:38 - 2014-06-29 00:38 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-06-29 00:34 - 2014-06-29 00:34 - 00000000 ____D () C:\ProgramData\Spyware Terminator
2014-06-29 00:34 - 2012-11-10 20:53 - 00000000 ____D () C:\Program Files (x86)\Spyware Terminator
2014-06-29 00:23 - 2013-04-16 08:04 - 00000000 ____D () C:\ProgramData\Symantec
2014-06-29 00:23 - 2013-04-16 08:03 - 00000000 ____D () C:\ProgramData\Norton
2014-06-29 00:20 - 2014-06-29 00:20 - 00003100 _____ () C:\Windows\System32\Tasks\{9E50DF3D-63D7-48F6-BBC0-F330D1315084}
2014-06-29 00:16 - 2014-04-01 13:02 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-06-29 00:04 - 2013-12-18 21:27 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-28 23:51 - 2014-06-28 23:51 - 02083328 _____ (Farbar) C:\Users\Julian\Downloads\FRST64 (1).exe
2014-06-28 23:51 - 2014-06-28 23:50 - 00046633 _____ () C:\Users\Julian\Downloads\Addition.txt
2014-06-28 23:44 - 2014-06-28 23:44 - 02083328 _____ (Farbar) C:\Users\Julian\Downloads\FRST64.exe
2014-06-27 09:28 - 2013-12-22 14:06 - 00000000 ____D () C:\Users\Julian\AppData\Local\Deployment
2014-06-27 09:06 - 2012-08-19 22:47 - 00699666 _____ () C:\Windows\system32\perfh007.dat
2014-06-27 09:06 - 2012-08-19 22:47 - 00149774 _____ () C:\Windows\system32\perfc007.dat
2014-06-27 09:06 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-27 09:01 - 2013-07-10 16:59 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-06-24 12:18 - 2014-06-24 12:18 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-06-24 12:18 - 2014-06-01 14:56 - 00000000 ____D () C:\Users\Julian\Desktop\Games
2014-06-24 12:18 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-06-24 12:17 - 2014-05-22 17:43 - 00000000 ____D () C:\Program Files (x86)\Der Planer 5
2014-06-24 11:14 - 2014-06-18 11:50 - 00005630 _____ () C:\Users\Julian\Desktop\Lufthnsa Motivationsschreiben.odt
2014-06-19 18:48 - 2012-08-19 13:46 - 00004120 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-19 18:48 - 2012-08-19 13:46 - 00003868 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-18 15:24 - 2014-06-01 15:14 - 00005937 _____ () C:\Users\Julian\Desktop\Motivationsschreiben Ausbildung.odt
2014-06-18 11:50 - 2014-06-18 10:26 - 00005704 _____ () C:\Users\Julian\Documents\Lufthnsa MOtivationsschreiben.odt
2014-06-18 10:01 - 2013-12-28 18:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-06-17 18:44 - 2012-08-19 13:37 - 00045512 _____ () C:\Windows\DirectX.log
2014-06-17 18:26 - 2013-07-10 16:59 - 00000000 ____D () C:\ProgramData\Origin
2014-06-12 12:58 - 2014-01-27 11:38 - 00000000 ____D () C:\Program Files (x86)\TP-LINK
2014-06-12 12:08 - 2014-02-17 11:18 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-12 12:08 - 2014-01-02 15:36 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-11 21:07 - 2014-06-01 12:10 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-11 21:05 - 2014-06-01 12:10 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-11 21:04 - 2012-11-17 16:53 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-11 21:03 - 2014-05-11 19:45 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-11 15:45 - 2013-04-03 12:07 - 00130584 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-06-11 15:45 - 2013-04-03 12:07 - 00112080 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-06-08 11:13 - 2014-06-11 15:53 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-08 11:08 - 2014-06-11 15:53 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-06 12:47 - 2014-06-06 12:47 - 04558848 _____ (Google Inc.) C:\Windows\SysWOW64\GPhotos.scr
2014-06-03 10:57 - 2014-03-25 15:29 - 00000000 ____D () C:\Users\Julian\Documents\Euro Truck Simulator 2
2014-06-02 15:55 - 2014-06-02 15:55 - 00000000 ____D () C:\Users\Julian\Documents\Bus Simulator 2012
2014-06-02 15:55 - 2014-06-02 15:55 - 00000000 ____D () C:\Users\Julian\AppData\Local\Bus Simulator 2012
2014-06-01 14:58 - 2014-06-01 14:58 - 00000000 ____D () C:\Users\Julian\Desktop\Programme
2014-06-01 14:09 - 2013-12-09 21:54 - 00000000 ____D () C:\ProgramData\TuneUp Software
2014-06-01 12:23 - 2014-06-01 12:22 - 02002656 _____ (Driver Restore) C:\Users\Julian\Downloads\DriverRestore.exe
2014-06-01 11:58 - 2014-06-01 11:58 - 00001162 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-06-01 11:58 - 2014-01-02 15:36 - 00001174 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-06-01 11:57 - 2014-06-01 11:57 - 00283144 _____ (Mozilla) C:\Users\Julian\Downloads\Firefox Setup Stub 29.0.1.exe
2014-05-30 12:21 - 2014-06-11 15:53 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-30 12:02 - 2014-06-11 15:53 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-30 12:02 - 2014-06-11 15:53 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-05-30 11:45 - 2014-06-11 15:53 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-05-30 11:39 - 2014-06-11 15:53 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-05-30 11:39 - 2014-06-11 15:53 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-05-30 11:38 - 2014-06-11 15:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-05-30 11:28 - 2014-06-11 15:53 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-05-30 11:27 - 2014-06-11 15:53 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-05-30 11:24 - 2014-06-11 15:53 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-05-30 11:21 - 2014-06-11 15:53 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-05-30 11:21 - 2014-06-11 15:53 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-05-30 11:20 - 2014-06-11 15:53 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-05-30 11:18 - 2014-06-11 15:53 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-30 11:11 - 2014-06-11 15:53 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-05-30 11:08 - 2014-06-11 15:53 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-05-30 11:06 - 2014-06-11 15:53 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-05-30 11:02 - 2014-06-11 15:53 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-30 10:55 - 2014-06-11 15:53 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-05-30 10:49 - 2014-06-11 15:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-05-30 10:46 - 2014-06-11 15:53 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-30 10:44 - 2014-06-11 15:53 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-05-30 10:44 - 2014-06-11 15:53 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-05-30 10:43 - 2014-06-11 15:53 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-05-30 10:42 - 2014-06-11 15:53 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-05-30 10:38 - 2014-06-11 15:53 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-05-30 10:35 - 2014-06-11 15:53 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-05-30 10:34 - 2014-06-11 15:53 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-05-30 10:33 - 2014-06-11 15:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-05-30 10:30 - 2014-06-11 15:53 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-05-30 10:29 - 2014-06-11 15:53 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-05-30 10:28 - 2014-06-11 15:53 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-05-30 10:27 - 2014-06-11 15:53 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-05-30 10:24 - 2014-06-11 15:53 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-05-30 10:23 - 2014-06-11 15:53 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-05-30 10:16 - 2014-06-11 15:53 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-05-30 10:10 - 2014-06-11 15:53 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-05-30 10:06 - 2014-06-11 15:53 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-05-30 10:04 - 2014-06-11 15:53 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-30 10:02 - 2014-06-11 15:53 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-05-30 09:56 - 2014-06-11 15:53 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-05-30 09:56 - 2014-06-11 15:53 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-05-30 09:54 - 2014-06-11 15:53 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-05-30 09:50 - 2014-06-11 15:53 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-05-30 09:49 - 2014-06-11 15:53 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-05-30 09:43 - 2014-06-11 15:53 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-05-30 09:40 - 2014-06-11 15:53 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-05-30 09:30 - 2014-06-11 15:53 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-05-30 09:21 - 2014-06-11 15:53 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-05-30 09:15 - 2014-06-11 15:53 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-05-30 09:13 - 2014-06-11 15:53 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-05-30 09:13 - 2014-06-11 15:53 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

Some content of TEMP:
====================
C:\Users\Julian\AppData\Local\Temp\6_Offer_15.exe
C:\Users\Julian\AppData\Local\Temp\avgnt.exe
C:\Users\Julian\AppData\Local\Temp\BackupSetup.exe
C:\Users\Julian\AppData\Local\Temp\DownTangoSetup20130408213950.exe
C:\Users\Julian\AppData\Local\Temp\installer.exe
C:\Users\Julian\AppData\Local\Temp\ose00000.exe
C:\Users\Julian\AppData\Local\Temp\Quarantine.exe
C:\Users\Julian\AppData\Local\Temp\SendMsg.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite10636.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite11538.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite13076.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite13167.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite14296.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite14320.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite14692.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite16002.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite16712.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite16736.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite17398.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite18006.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite18241.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite18803.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite19003.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite19128.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite21542.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite23399.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite23779.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite24821.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite26681.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite29469.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite29631.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite29738.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite30640.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite30887.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite31130.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite31309.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite31540.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite31591.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite33108.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite34256.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite34470.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite35057.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite36438.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite36736.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite37732.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite37863.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite39949.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite40089.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite40143.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite40173.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite42094.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite42426.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite42736.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite43265.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite45714.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite46079.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite46143.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite48451.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite50387.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite51230.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite52270.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite53244.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite53291.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite55408.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite57620.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite57693.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite58099.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite58126.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite60758.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite61462.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite62073.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite62586.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite62860.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite64753.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite65354.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite65640.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite68189.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite68303.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite68456.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite68485.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite68490.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite69387.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite69569.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite71648.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite72697.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite72922.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite73653.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite74683.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite74968.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite75926.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite77555.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite78275.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite80301.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite81027.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite82686.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite83095.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite85021.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite86184.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite87614.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite88124.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite88466.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite91859.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite92227.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite93212.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite96672.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite98100.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite98744.dll
C:\Users\Julian\AppData\Local\Temp\vcredist_x64.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-01-11 16:23

==================== End Of Log ============================
         
--- --- ---


Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-06-2014 02
Ran by Julian at 2014-06-29 01:47:12
Running from C:\Users\Julian\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.54.34.0 - Conexant)
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Lenovo Bluetooth with Enhanced Data Rate Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.2300 - Broadcom Corporation)
Lenovo EE Boot Optimizer (HKLM\...\Lenovo EE Boot Optimizer) (Version: 0.0.1.9 - Lenovo)
Lenovo OneKey Recovery (Version: 7.0.0.3712 - CyberLink Corp.) Hidden
Lenovo pointing device (HKLM\...\Elantech) (Version: 10.4.2.8 - ELAN Microelectronic Corp.)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50325 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.50330 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU (Version: 10.0.50325 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50325 - Microsoft Corporation)
VisualBee for Microsoft PowerPoint (HKCU\...\VisualBee for Microsoft PowerPoint) (Version: V4.1 - VisualBee.com)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows-Treiberpaket - Lenovo (ACPIVPC) System  (12/15/2011 7.1.0.1) (HKLM\...\99841829BE839365AA67B2AD0E50D371F59F8A1E) (Version: 12/15/2011 7.1.0.1 - Lenovo)
WinRAR 5.00 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)

==================== Restore Points  =========================

01-06-2014 17:03:52 Windows-Sicherung
09-06-2014 10:49:45 Windows-Sicherung
11-06-2014 19:01:09 Windows Update
12-06-2014 10:56:58 Installed PowerLine Utility
17-06-2014 16:41:40 DirectX wurde installiert
17-06-2014 19:26:58 Windows-Sicherung
24-06-2014 09:17:22 Windows-Sicherung
28-06-2014 22:18:41 Removed Java 7 Update 51 (64-bit)
28-06-2014 22:40:22 Revo Uninstaller's restore point - Lollipop

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {150EF0BF-A738-44C0-B1FB-E7B5C7992C8F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-08-19] (Google Inc.)
Task: {15150AC7-DFB6-495F-AA49-F7A18EE12FFC} - \ae1c3042-3388-45b9-b3c5-7de311620ae3-5 No Task File <==== ATTENTION
Task: {170B39E8-2942-45C7-8825-F905F6C592AC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-18] (Adobe Systems Incorporated)
Task: {18496993-2143-41B6-97E3-0FB175748A27} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {255AF57D-67E3-4FC5-8CC8-37B873D52942} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {33535263-5917-4D7B-9337-F6B02A8BA43E} - \Scheduled Update for Ask Toolbar No Task File <==== ATTENTION
Task: {3770834E-1FD4-4A19-BC76-9CC46DF88091} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2014\OneClick.exe [2013-08-30] (TuneUp Software)
Task: {3D4D3CF7-BD80-45E4-91CA-2FC80DED067C} - \APSnotifierPP3 No Task File <==== ATTENTION
Task: {3DAB6028-F884-4B51-9D26-AB9D750CB8A8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-08-19] (Google Inc.)
Task: {5EED5FCC-AE50-4459-85C9-374E501DA4E8} - \Weather It Up-updater No Task File <==== ATTENTION
Task: {6023D30E-9302-4225-A4E9-D42AAF71AECE} - \MySearchDial No Task File <==== ATTENTION
Task: {652C1272-9EAF-4C21-96CA-8315C82B4B8D} - \Weather It Up-codedownloader No Task File <==== ATTENTION
Task: {6B402D9F-9393-4F3E-843E-BF6893FF5FA0} - \Weather It Up-firefoxinstaller No Task File <==== ATTENTION
Task: {7D3E29F6-EE2B-43C0-8A37-B727D11383E0} - \APSnotifierPP1 No Task File <==== ATTENTION
Task: {7E9166AF-4D60-4400-BF30-1DAF66F6D3B4} - \ae1c3042-3388-45b9-b3c5-7de311620ae3-4 No Task File <==== ATTENTION
Task: {83512CF7-3FCA-4468-A9D9-86C3525FA26A} - \ae1c3042-3388-45b9-b3c5-7de311620ae3-1 No Task File <==== ATTENTION
Task: {84CB915E-AE22-40B5-AB60-F42D4D5D79FF} - System32\Tasks\MirageAgent => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2011-01-28] (CyberLink)
Task: {8C3619FD-04CC-4C1E-A238-0AE50B0FB679} - System32\Tasks\PrivacyDr_Splash => C:\Program Files (x86)\Privacy Dr\Splash.exe [2013-11-13] ()
Task: {C28CD781-E211-4712-87B4-B5C86054EFD9} - \APSnotifierPP2 No Task File <==== ATTENTION
Task: {D85A7E85-4BE6-4315-9CDA-2F54596AE661} - \Weather It Up-chromeinstaller No Task File <==== ATTENTION
Task: {DC07BF9B-D977-458A-9CB9-B6909D9FF560} - \ae1c3042-3388-45b9-b3c5-7de311620ae3-2 No Task File <==== ATTENTION
Task: {E8395618-29D9-4798-B7BB-204170A87627} - \ae1c3042-3388-45b9-b3c5-7de311620ae3-3 No Task File <==== ATTENTION
Task: {F1A9EF49-A76F-4E9F-90E0-8ECCFD43AAEC} - \Weather It Up-enabler No Task File <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-08-19 13:44 - 2012-08-19 13:43 - 01508192 _____ () C:\Windows\system32\IcnOvrly.dll
2013-08-30 10:51 - 2013-08-30 10:51 - 00757048 _____ () C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2014\avgrepliba.dll
2012-07-11 03:48 - 2012-06-07 03:51 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2008-12-20 03:20 - 2012-08-19 13:47 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\HookLib.dll
2012-04-19 16:22 - 2012-08-19 13:47 - 01516592 _____ () C:\Program Files (x86)\Lenovo\Energy Management\EMWpfUI.dll
2012-03-10 16:31 - 2012-08-19 13:47 - 00012336 _____ () C:\Program Files (x86)\Lenovo\Energy Management\de-DE\EMWpfUI.resources.dll
2008-12-20 03:20 - 2012-08-19 13:47 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\kbdhook.dll
2014-01-27 11:38 - 2013-05-21 10:53 - 00846848 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-09-14 02:51 - 2013-09-14 02:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll
2013-09-14 02:50 - 2013-09-14 02:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll
2014-01-27 11:38 - 2013-05-21 10:53 - 01411072 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\nicLan.dll
2014-01-27 11:38 - 2013-05-21 10:53 - 00193024 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\DC_WFF.dll
2012-08-19 13:43 - 2012-08-19 13:43 - 00013664 _____ () C:\Program Files (x86)\Lenovo\VeriFace\ChooseLang.dll
2014-06-29 01:38 - 2014-06-29 01:38 - 00098816 _____ () C:\Users\Julian\AppData\Local\Temp\_MEI34202\win32api.pyd
2014-06-29 01:38 - 2014-06-29 01:38 - 00110080 _____ () C:\Users\Julian\AppData\Local\Temp\_MEI34202\pywintypes27.dll
2014-06-29 01:38 - 2014-06-29 01:38 - 00364544 _____ () C:\Users\Julian\AppData\Local\Temp\_MEI34202\pythoncom27.dll
2014-06-29 01:38 - 2014-06-29 01:38 - 00045568 _____ () C:\Users\Julian\AppData\Local\Temp\_MEI34202\_socket.pyd
2014-06-29 01:38 - 2014-06-29 01:38 - 01160704 _____ () C:\Users\Julian\AppData\Local\Temp\_MEI34202\_ssl.pyd
2014-06-29 01:38 - 2014-06-29 01:38 - 00320512 _____ () C:\Users\Julian\AppData\Local\Temp\_MEI34202\win32com.shell.shell.pyd
2014-06-29 01:38 - 2014-06-29 01:38 - 00713216 _____ () C:\Users\Julian\AppData\Local\Temp\_MEI34202\_hashlib.pyd
2014-06-29 01:38 - 2014-06-29 01:38 - 01175040 _____ () C:\Users\Julian\AppData\Local\Temp\_MEI34202\wx._core_.pyd
2014-06-29 01:38 - 2014-06-29 01:38 - 00805888 _____ () C:\Users\Julian\AppData\Local\Temp\_MEI34202\wx._gdi_.pyd
2014-06-29 01:38 - 2014-06-29 01:38 - 00811008 _____ () C:\Users\Julian\AppData\Local\Temp\_MEI34202\wx._windows_.pyd
2014-06-29 01:38 - 2014-06-29 01:38 - 01062400 _____ () C:\Users\Julian\AppData\Local\Temp\_MEI34202\wx._controls_.pyd
2014-06-29 01:38 - 2014-06-29 01:38 - 00735232 _____ () C:\Users\Julian\AppData\Local\Temp\_MEI34202\wx._misc_.pyd
2014-06-29 01:38 - 2014-06-29 01:38 - 00128512 _____ () C:\Users\Julian\AppData\Local\Temp\_MEI34202\_elementtree.pyd
2014-06-29 01:38 - 2014-06-29 01:38 - 00127488 _____ () C:\Users\Julian\AppData\Local\Temp\_MEI34202\pyexpat.pyd
2014-06-29 01:38 - 2014-06-29 01:38 - 00557056 _____ () C:\Users\Julian\AppData\Local\Temp\_MEI34202\pysqlite2._sqlite.pyd
2014-06-29 01:38 - 2014-06-29 01:38 - 00007168 _____ () C:\Users\Julian\AppData\Local\Temp\_MEI34202\hashobjs_ext.pyd
2014-06-29 01:38 - 2014-06-29 01:38 - 00087552 _____ () C:\Users\Julian\AppData\Local\Temp\_MEI34202\_ctypes.pyd
2014-06-29 01:38 - 2014-06-29 01:38 - 00119808 _____ () C:\Users\Julian\AppData\Local\Temp\_MEI34202\win32file.pyd
2014-06-29 01:38 - 2014-06-29 01:38 - 00108544 _____ () C:\Users\Julian\AppData\Local\Temp\_MEI34202\win32security.pyd
2014-06-29 01:38 - 2014-06-29 01:38 - 00018432 _____ () C:\Users\Julian\AppData\Local\Temp\_MEI34202\win32event.pyd
2014-06-29 01:38 - 2014-06-29 01:38 - 00038912 _____ () C:\Users\Julian\AppData\Local\Temp\_MEI34202\win32inet.pyd
2014-06-29 01:38 - 2014-06-29 01:38 - 00070656 _____ () C:\Users\Julian\AppData\Local\Temp\_MEI34202\wx._html2.pyd
2014-06-29 01:38 - 2014-06-29 01:38 - 00167936 _____ () C:\Users\Julian\AppData\Local\Temp\_MEI34202\win32gui.pyd
2014-06-29 01:38 - 2014-06-29 01:38 - 00011264 _____ () C:\Users\Julian\AppData\Local\Temp\_MEI34202\win32crypt.pyd
2014-06-29 01:38 - 2014-06-29 01:38 - 00027136 _____ () C:\Users\Julian\AppData\Local\Temp\_MEI34202\_multiprocessing.pyd
2014-06-29 01:38 - 2014-06-29 01:38 - 00122368 _____ () C:\Users\Julian\AppData\Local\Temp\_MEI34202\wx._wizard.pyd
2014-06-29 01:38 - 2014-06-29 01:38 - 00010240 _____ () C:\Users\Julian\AppData\Local\Temp\_MEI34202\select.pyd
2014-06-29 01:38 - 2014-06-29 01:38 - 00024064 _____ () C:\Users\Julian\AppData\Local\Temp\_MEI34202\win32pipe.pyd
2014-06-29 01:38 - 2014-06-29 01:38 - 00686080 _____ () C:\Users\Julian\AppData\Local\Temp\_MEI34202\unicodedata.pyd
2014-06-29 01:38 - 2014-06-29 01:38 - 00025600 _____ () C:\Users\Julian\AppData\Local\Temp\_MEI34202\win32pdh.pyd
2014-06-29 01:38 - 2014-06-29 01:38 - 00525640 _____ () C:\Users\Julian\AppData\Local\Temp\_MEI34202\windows._lib_cacheinvalidation.pyd
2014-06-29 01:38 - 2014-06-29 01:38 - 00035840 _____ () C:\Users\Julian\AppData\Local\Temp\_MEI34202\win32process.pyd
2014-06-29 01:38 - 2014-06-29 01:38 - 00017408 _____ () C:\Users\Julian\AppData\Local\Temp\_MEI34202\win32profile.pyd
2014-06-29 01:38 - 2014-06-29 01:38 - 00022528 _____ () C:\Users\Julian\AppData\Local\Temp\_MEI34202\win32ts.pyd
2014-06-29 01:38 - 2014-06-29 01:38 - 00078336 _____ () C:\Users\Julian\AppData\Local\Temp\_MEI34202\wx._animate.pyd
2014-02-13 17:11 - 2014-02-13 17:11 - 00172032 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\b162055347700182d96325676dd591c4\IsdiInterop.ni.dll
2012-08-19 13:14 - 2011-11-29 20:00 - 00059392 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2012-08-19 13:15 - 2012-02-21 06:09 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2013-08-22 20:43 - 2013-08-22 20:43 - 00272688 _____ () C:\Program Files (x86)\SMART Technologies\Education Software\sbsdk-server\node_modules\SBSDK.node
2013-08-22 20:44 - 2013-08-22 20:44 - 00039216 _____ () C:\Program Files (x86)\SMART Technologies\Education Software\sbsdk-server\node_modules\HWR.node
2013-08-22 20:44 - 2013-08-22 20:44 - 00053040 _____ () C:\Program Files (x86)\SMART Technologies\Education Software\sbsdk-server\node_modules\SWR.node
2013-08-22 20:44 - 2013-08-22 20:44 - 00057648 _____ () C:\Program Files (x86)\SMART Technologies\Education Software\sbsdk-server\node_modules\MWR.node
2013-08-22 20:44 - 2013-08-22 20:44 - 00014848 _____ () C:\Program Files (x86)\SMART Technologies\Education Software\sbsdk-server\node_modules\SessionNotification.node
2014-06-13 07:14 - 2014-06-05 15:58 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libglesv2.dll
2014-06-13 07:14 - 2014-06-05 15:58 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libegl.dll
2014-06-13 07:14 - 2014-06-05 15:58 - 04217672 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll
2014-06-13 07:14 - 2014-06-05 15:58 - 00414536 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll
2014-06-13 07:14 - 2014-06-05 15:58 - 01732424 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========


==================== Faulty Device Manager Devices =============

Name: SMART Virtual TabletPC
Description: SMART Virtual TabletPC
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: SMART Technologies ULC
Service: SMARTVTabletPCx64
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/29/2014 01:36:45 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/29/2014 01:05:46 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/29/2014 00:54:52 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm adwcleaner_3.213.exe, Version 3.2.1.3 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1604

Startzeit: 01cf9323a798f2a8

Endzeit: 12

Anwendungspfad: C:\Users\Julian\Downloads\adwcleaner_3.213.exe

Berichts-ID: 33c6fbe8-ff17-11e3-955d-c0143dc3fd0c

Error: (06/29/2014 00:50:48 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm adwcleaner_3.213.exe, Version 3.2.1.3 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: c38

Startzeit: 01cf93231db1b85b

Endzeit: 4

Anwendungspfad: C:\Users\Julian\Downloads\adwcleaner_3.213.exe

Berichts-ID: a0807aca-ff16-11e3-955d-c0143dc3fd0c

Error: (06/29/2014 00:34:04 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/28/2014 11:02:38 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 28220940

Error: (06/28/2014 11:02:38 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 28220940

Error: (06/28/2014 11:02:38 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/28/2014 03:12:24 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6489

Error: (06/28/2014 03:12:24 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6489


System errors:
=============
Error: (06/29/2014 01:39:36 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Microsoft .NET Framework NGEN v4.0.30319_X86 erreicht.

Error: (06/29/2014 01:08:22 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Microsoft .NET Framework NGEN v4.0.30319_X86 erreicht.

Error: (06/29/2014 00:36:31 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Microsoft .NET Framework NGEN v4.0.30319_X64 erreicht.

Error: (06/29/2014 00:35:58 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Microsoft .NET Framework NGEN v4.0.30319_X86 erreicht.

Error: (06/28/2014 11:02:38 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst netprofm erreicht.

Error: (06/28/2014 11:02:38 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst ShellHWDetection erreicht.

Error: (06/28/2014 03:07:51 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 107.

Error: (06/28/2014 03:07:51 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 107.

Error: (06/28/2014 03:07:51 PM) (Source: Schannel) (EventID: 4106) (User: NT-AUTORITÄT)
Description: Eine SSL 3.0-Verbindungsanforderung wurde von einer Remoteclientanwendung übermittelt, jedoch werden keine der Verschlüsselungssammlungen, die von der Clientanwendung unterstützt werden, vom Server unterstützt. Fehler bei der SSL-Verbindungsanforderung.

Error: (06/28/2014 03:07:51 PM) (Source: Schannel) (EventID: 4106) (User: NT-AUTORITÄT)
Description: Eine SSL 3.0-Verbindungsanforderung wurde von einer Remoteclientanwendung übermittelt, jedoch werden keine der Verschlüsselungssammlungen, die von der Clientanwendung unterstützt werden, vom Server unterstützt. Fehler bei der SSL-Verbindungsanforderung.


Microsoft Office Sessions:
=========================
Error: (06/29/2014 01:36:45 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/29/2014 01:05:46 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/29/2014 00:54:52 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: adwcleaner_3.213.exe3.2.1.3160401cf9323a798f2a812C:\Users\Julian\Downloads\adwcleaner_3.213.exe33c6fbe8-ff17-11e3-955d-c0143dc3fd0c

Error: (06/29/2014 00:50:48 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: adwcleaner_3.213.exe3.2.1.3c3801cf93231db1b85b4C:\Users\Julian\Downloads\adwcleaner_3.213.exea0807aca-ff16-11e3-955d-c0143dc3fd0c

Error: (06/29/2014 00:34:04 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/28/2014 11:02:38 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 28220940

Error: (06/28/2014 11:02:38 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 28220940

Error: (06/28/2014 11:02:38 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/28/2014 03:12:24 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6489

Error: (06/28/2014 03:12:24 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6489


==================== Memory info =========================== 

Percentage of memory in use: 52%
Total physical RAM: 3996.36 MB
Available physical RAM: 1884 MB
Total Pagefile: 7990.9 MB
Available Pagefile: 5356.33 MB
Total Virtual: 8192 MB
Available Virtual: 8191.86 MB

==================== Drives ================================

Drive c: (Windows7_OS) (Fixed) (Total:420.56 GB) (Free:332.61 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (LENOVO) (Fixed) (Total:25.47 GB) (Free:0 GB) NTFS
Drive f: (MANAGER13) (CDROM) (Total:5.73 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 7F8E0386)
Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=421 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=25 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=20 GB) - (Type=12)

==================== End Of Log ============================
         

Alt 29.06.2014, 09:48   #7
Bootsektor
Ruhe in Frieden
† 2019
 
Ständige Werbung in allen Browsern - Standard

Ständige Werbung in allen Browsern



Hallo,
Zitat:
Hahahaha, ja, ich habe auch recht lange gebraucht, um solch eine Sammlung anzuhäufen.
Das glaube ich dir gerne.

Wie sieht es denn aktuell aus auf dem Rechner?


Du hast mir das Protectionslog von Malwarebyte gepostet, suche bitte nach dem Suchlaufsprotokoll

Schritt 1
  • Starte Malwarebytes
  • Gehe nun oben auf Verlauf
  • links findest du nun die Auswahl Quarantäne und Anwendungsprotokolle
  • Gehe auf Anwendungsprotokolle
  • suche hier das letzte Suchlaufsprotokoll und wähle das aus
  • nun gehe oben auf Ansicht, das Protokoll öffnet sich
  • unten links steht exportieren, wähle das aus und klicke auf Textdatei
  • speichere nun das Log unter mbam.txt ab
  • öffne das Log mit deinem Texteditor
  • poste mir den Inhalt

Schritt 2

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - {193DDDE3-3F56-48EC-8085-549FD9F026DB} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10261&src=kw&q={searchTerms}&locale=&apn_ptnrs=^AGS&apn_dtid=^YYYYYY^YY^DE&apn_uid=09599e60-d3a6-4fb0-946d-ff4c0fa54d5f&apn_sauid=46E449BC-4F3E-4556-9110-102CBC7E6CD9
SearchScopes: HKCU - {44594F6D-AD20-45F6-8766-FBB35DB5C317} URL = hxxp://search.softonic.com/MOY00621/tb_v1?q={searchTerms}&SearchSource=4&cc=&mi=7ac7ee6a000000000000c0143dc3fd0b&r=392
Task: {15150AC7-DFB6-495F-AA49-F7A18EE12FFC} - \ae1c3042-3388-45b9-b3c5-7de311620ae3-5 No Task File <==== ATTENTION
Task: {33535263-5917-4D7B-9337-F6B02A8BA43E} - \Scheduled Update for Ask Toolbar No Task File <==== ATTENTION
Task: {3D4D3CF7-BD80-45E4-91CA-2FC80DED067C} - \APSnotifierPP3 No Task File <==== ATTENTION
Task: {5EED5FCC-AE50-4459-85C9-374E501DA4E8} - \Weather It Up-updater No Task File <==== ATTENTION
Task: {6023D30E-9302-4225-A4E9-D42AAF71AECE} - \MySearchDial No Task File <==== ATTENTION
Task: {652C1272-9EAF-4C21-96CA-8315C82B4B8D} - \Weather It Up-codedownloader No Task File <==== ATTENTION
Task: {6B402D9F-9393-4F3E-843E-BF6893FF5FA0} - \Weather It Up-firefoxinstaller No Task File <==== ATTENTION
Task: {7D3E29F6-EE2B-43C0-8A37-B727D11383E0} - \APSnotifierPP1 No Task File <==== ATTENTION
Task: {7E9166AF-4D60-4400-BF30-1DAF66F6D3B4} - \ae1c3042-3388-45b9-b3c5-7de311620ae3-4 No Task File <==== ATTENTION
Task: {83512CF7-3FCA-4468-A9D9-86C3525FA26A} - \ae1c3042-3388-45b9-b3c5-7de311620ae3-1 No Task File <==== ATTENTION
Task: {C28CD781-E211-4712-87B4-B5C86054EFD9} - \APSnotifierPP2 No Task File <==== ATTENTION
Task: {D85A7E85-4BE6-4315-9CDA-2F54596AE661} - \Weather It Up-chromeinstaller No Task File <==== ATTENTION
Task: {DC07BF9B-D977-458A-9CB9-B6909D9FF560} - \ae1c3042-3388-45b9-b3c5-7de311620ae3-2 No Task File <==== ATTENTION
Task: {E8395618-29D9-4798-B7BB-204170A87627} - \ae1c3042-3388-45b9-b3c5-7de311620ae3-3 No Task File <==== ATTENTION
Task: {F1A9EF49-A76F-4E9F-90E0-8ECCFD43AAEC} - \Weather It Up-enabler No Task File <==== ATTENTION
C:\Users\Julian\AppData\Local\Temp\*.exe
C:\Users\Julian\AppData\Local\Temp\*.dll
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.


Alt 29.06.2014, 12:30   #8
FVBPlayrt
 
Ständige Werbung in allen Browsern - Standard

Ständige Werbung in allen Browsern



Zitat:
Wie sieht es denn aktuell aus auf dem Rechner?
Die Werbung ist weg und der PC arbeitet wieder schneller :-)

Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 29.06.2014
Suchlauf-Zeit: 01:13:06
Logdatei: mbam.txt
Administrator: Ja

Version: 2.00.2.1012
Malware Datenbank: v2014.06.28.05
Rootkit Datenbank: v2014.06.23.02
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Self-protection: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Julian

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 290936
Verstrichene Zeit: 18 Min, 37 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 6
PUP.Optional.PlusHD.A, HKLM\SOFTWARE\WOW6432NODE\Plus-HD-9.3, In Quarantäne, [40954736f8832a0c4ce2e7ed5ba7fa06], 
PUP.Optional.WeatherItUp.A, HKLM\SOFTWARE\WOW6432NODE\Weather It Up, In Quarantäne, [904578050b70a690003113b731d18779], 
PUP.Optional.PlusHD.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Plus-HD-9.3, Löschen bei Neustart, [b025552876051a1c31605c68ab57857b], 
PUP.Optional.WeatherItUp.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Weather It Up, Löschen bei Neustart, [eee799e4403bbc7ac46b3397857d09f7], 
PUP.Optional.PlusHD.A, HKU\S-1-5-21-1677683325-2679214213-1298775176-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Plus-HD-9.3, In Quarantäne, [bc19abd24a31ba7c8809853fae54a060], 
PUP.Optional.WeatherItUp.A, HKU\S-1-5-21-1677683325-2679214213-1298775176-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Weather It Up, In Quarantäne, [528393ea0873b680a08f6e5c867c2fd1], 

Registrierungswerte: 2
PUP.Optional.CertifiedToolBar.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHURI|(Default), hxxp://search.certified-toolbar.com?si=41460&bs=true&tid=2937&q=%s, In Quarantäne, [ac297c013249122417340da22bd7d12f]
PUP.Optional.QuickStart.A, HKU\S-1-5-21-1677683325-2679214213-1298775176-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLA\EXTENDS|appid, quick_start@gmail.com, In Quarantäne, [a431c7b63b403ef8fd45723d41c1c53b]

Registrierungsdaten: 2
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Gut: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Schlecht: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Ersetzt,[4c89532a5526dd59a7577e0c51b34cb4]
PUP.Optional.SearchCertifiedTB.A, HKU\S-1-5-21-1677683325-2679214213-1298775176-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURI|(Default), hxxp://search.certified-toolbar.com?si=41460&bs=true&tid=2937&q=%s, Gut: (hxxp://www.google.com), Schlecht: (hxxp://search.certified-toolbar.com?si=41460&bs=true&tid=2937&q=%s),Ersetzt,[5d789be2017ab185c7e43c4f3fc5a957]

Ordner: 17
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\bakgmemkflciahncfpgaebpnknhejeja, In Quarantäne, [468f512c2457c1754e12d3c54db5a45c], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\extensionData, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\extensionData\plugins, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\extensionData\userCode, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\icons, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\icons\actions, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\js\api, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\js\lib, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\js\lib\popupResource, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], 
PUP.Optional.PlusHD.A, C:\Program Files (x86)\Plus-HD-9.3, In Quarantäne, [20b582fb304bfa3cf300118946bcf10f], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gngfnjclpjflgomhidfecidndbfaniak, Löschen bei Neustart, [20b5f588accfa2942b43dcc0a062e020], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_gngfnjclpjflgomhidfecidndbfaniak_0, Löschen bei Neustart, [894cdba21e5d0e285c1399034cb633cd], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bakgmemkflciahncfpgaebpnknhejeja, In Quarantäne, [785d6d10ef8c092d068df5b2a65c639d], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_bakgmemkflciahncfpgaebpnknhejeja_0, In Quarantäne, [7e57c7b6d4a7211599fbb7f0b0523dc3], 

Dateien: 165
PUP.Optional.DomaIQ, C:\$Recycle.Bin\S-1-5-21-1677683325-2679214213-1298775176-1000\$R3RHQXY.exe, In Quarantäne, [3c99f18ca9d2280e115190fef50c53ad], 
PUP.Optional.DomaIQ, C:\$Recycle.Bin\S-1-5-21-1677683325-2679214213-1298775176-1000\$RSLY7LE.exe, In Quarantäne, [785d116cb8c30f27de06137ee61ba35d], 
PUP.Optional.OutBrowse, C:\Users\Julian\AppData\Local\Temp\DownloadManager.exe, In Quarantäne, [fdd884f9bebdce68d8357ba3ac540ef2], 
PUP.Optional.Conduit.A, C:\Users\Julian\AppData\Local\Temp\SPSetup.exe, In Quarantäne, [a431d0ad94e70a2cf0ca30f33dc4f709], 
PUP.Optional.AdLyrics, C:\Users\Julian\AppData\Local\Temp\_BnSup.exe, In Quarantäne, [1fb6037ac5b6e94d50674446818031cf], 
PUP.Optional.Conduit.A, C:\Users\Julian\AppData\Local\Temp\SearchProtectINT.exe, In Quarantäne, [ede8afce38436acc15e15dc4827f7d83], 
MSIL.Solimba, C:\Users\Julian\AppData\Local\Temp\GetCC.dll, In Quarantäne, [864fafce116aa98da273041e0df442be], 
PUP.Optional.InstallCore.A, C:\Users\Julian\AppData\Local\Temp\ICReinstall_nso3B61.tmp, In Quarantäne, [9a3bf984ff7cab8bec251d5a39c8fe02], 
PUP.Optional.NextLive.A, C:\Users\Julian\AppData\Local\Temp\Mobogenie_Setup_INT.exe, In Quarantäne, [b22365181e5daf87e60c0356ca376898], 
PUP.Optional.SearchProtect.A, C:\Users\Julian\AppData\Local\Temp\nswCA93.exe, In Quarantäne, [23b2f08d76050d29c404979759a8659b], 
PUP.Optional.SearchProtect.A, C:\Users\Julian\AppData\Local\Temp\nsx1851.exe, In Quarantäne, [f7de6716691214225870c96556ab27d9], 
PUP.Optional.RegCleanerPro, C:\Users\Julian\AppData\Local\Temp\RegClean10.exe, In Quarantäne, [9b3ab1cc483357dfef6ab65a80817789], 
PUP.Optional.SearchProtect.A, C:\Users\Julian\AppData\Local\Temp\nscD6E.exe, In Quarantäne, [9c399ae364170d29c8008f9fed148d73], 
PUP.Optional.InstallCore.A, C:\Users\Julian\AppData\Local\Temp\nso3B61.tmp, In Quarantäne, [30a559249fdc12241cf5f28551b0d52b], 
PUP.Optional.SearchProtect.A, C:\Users\Julian\AppData\Local\Temp\nsr103C.exe, In Quarantäne, [3d988eefdd9eb97dba0e48e6629f2fd1], 
PUP.Optional.SearchProtect.A, C:\Users\Julian\AppData\Local\Temp\nsrC803.exe, In Quarantäne, [795c0c717704ee48a4249d916f921ee2], 
MSIL.Solimba, C:\Users\Julian\AppData\Local\Temp\vbmz10.exe, In Quarantäne, [894ca2db68135cda868f160cab56c13f], 
PUP.Optional.SnapDo.A, C:\Users\Julian\AppData\Local\Temp\Installer.msi, In Quarantäne, [4a8b8eefdf9c7fb75789295fd03103fd], 
PUP.Optional.SkyTech.A, C:\Users\Julian\AppData\Local\Temp\fullpackage_temp1396349083\alilog.dll, In Quarantäne, [05d0a3da3b4069cd37f4ed4545bbe719], 
PUP.Optional.SkyTech.A, C:\Users\Julian\AppData\Local\Temp\fullpackage_temp1396349083\package1.zip, In Quarantäne, [dafbe796e398e94d09221022fd038080], 
PUP.Optional.V9.A, C:\Users\Julian\AppData\Local\Temp\fullpackage_temp1396349083\qSE.exe, In Quarantäne, [7560d1ac2853c6702598d67229d733cd], 
PUP.Optional.IePluginService.A, C:\Users\Julian\AppData\Local\Temp\fullpackage_temp1396349083\tmp\SupTab.exe, In Quarantäne, [21b4e19c0279a98d338ce3789869f50b], 
PUP.Optional.WpManager, C:\Users\Julian\AppData\Local\Temp\fullpackage_temp1396349083\tmp\wpm.exe, In Quarantäne, [a82dff7e1269b87edc5c46209968a858], 
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsaB35C.exe, In Quarantäne, [399cd2abf08bd85e3791af7fe918e020], 
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsb7610.exe, In Quarantäne, [1fb6add0ceadad89a82038f613ee7b85], 
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nscE2A4.exe, In Quarantäne, [f4e1a8d5bebd072f03c50c22709153ad], 
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsd62D8.exe, In Quarantäne, [e8ed2657c8b33ef8e0e857d7b64b47b9], 
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsd80BF.exe, In Quarantäne, [b81d4d30a6d51c1a992fae804cb5ea16], 
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsd80C0.exe, In Quarantäne, [686df08d017a71c5e7e1b97540c12dd3], 
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsf15A7.exe, In Quarantäne, [478e82fbd4a73402ffc978b67b86ba46], 
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsjB3C2.exe, In Quarantäne, [cf060479d8a30a2c0cbc0e201ce530d0], 
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nslD740.exe, In Quarantäne, [cb0aaad3dba061d5bd0b9e909f6244bc], 
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsn18D2.exe, In Quarantäne, [eee7f885cbb06cca6b5d53dbdb264fb1], 
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsn99AF.exe, In Quarantäne, [28aded9098e365d14f790925996802fe], 
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsoB20D.exe, In Quarantäne, [8451c3ba3c3f0b2b24a43df12fd242be], 
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsr2B6A.exe, In Quarantäne, [993ccbb2364590a6cff9e14df01156aa], 
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nss9980.exe, In Quarantäne, [dafb6f0e0972ce68e7e157d7ca37de22], 
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nstBE02.exe, In Quarantäne, [4b8a98e5bcbf2511b31575b9798849b7], 
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsvC7F5.exe, In Quarantäne, [ae275d20dd9e171f9d2bb17d3bc6758b], 
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsw51BC.exe, In Quarantäne, [c60f4538bbc0cc6a0abe8ba3fc055aa6], 
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsx1346.exe, In Quarantäne, [14c1b9c4cdae1323a91fc16d847dab55], 
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsxE285.exe, In Quarantäne, [02d33944ee8dde58c3055bd304fdeb15], 
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsz4E82.exe, In Quarantäne, [e0f5a5d85b202d0903c544eae918f10f], 
PUP.Optional.Outbrowse, C:\Users\Julian\Downloads\Setup.exe, In Quarantäne, [ddf8ceaf077473c3c2e3ad63db29758b], 
PUP.Optional.Ciuvo.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_api.ciuvo.com_0.localstorage, Löschen bei Neustart, [3e97c5b8bbc0e74f13dcddd4a55d05fb], 
PUP.Optional.Ciuvo.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_api.ciuvo.com_0.localstorage-journal, Löschen bei Neustart, [fed7b2cbbcbf71c544ab7a3723df41bf], 
PUP.Optional.BetterDeals.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.betterdeals00.betterdeals.co_0.localstorage, In Quarantäne, [b124e796611a89ad674df5be4cb6d62a], 
PUP.Optional.BetterDeals.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.betterdeals00.betterdeals.co_0.localstorage-journal, In Quarantäne, [12c3fc81245741f58f25e6cd08fab848], 
PUP.Optional.SelectNGo.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.select-n-go00.select-n-go.com_0.localstorage, Löschen bei Neustart, [d104b1cc3a418caacfd105b0b2509b65], 
PUP.Optional.SelectNGo.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.select-n-go00.select-n-go.com_0.localstorage-journal, Löschen bei Neustart, [00d51c611269e94d7b25367f966c9769], 
PUP.Optional.LiveLyrics.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.livelyrics00.live-lyrics.com_0.localstorage, In Quarantäne, [b1246518c2b9a393c432744425ddbf41], 
PUP.Optional.LiveLyrics.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.livelyrics00.live-lyrics.com_0.localstorage-journal, In Quarantäne, [666ff38a9cdff343886e2098f70b08f8], 
PUP.Optional.Superfish.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage, Löschen bei Neustart, [6570710c85f61f1707f0aa0e15ed5ea2], 
PUP.Optional.Superfish.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal, Löschen bei Neustart, [cc096914601b6ec88f68b60225ddef11], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gngfnjclpjflgomhidfecidndbfaniak_0.localstorage, Löschen bei Neustart, [eaeb7eff81faec4a41c3e3df79897888], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gngfnjclpjflgomhidfecidndbfaniak_0.localstorage-journal, In Quarantäne, [5d78225b7704bf77da2a626003ff54ac], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bakgmemkflciahncfpgaebpnknhejeja_0.localstorage, In Quarantäne, [be17a9d4700ba98d0991986d24e0e61a], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bakgmemkflciahncfpgaebpnknhejeja_0.localstorage-journal, In Quarantäne, [d3029ae39be06dc93862f70ec53f827e], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\background.html, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\chromeCoreFilesIndex.txt, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\crossriderManifest.json, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\manifest.json, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\popup.html, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\extensionData\manifest.xml, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\extensionData\plugins.json, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\extensionData\plugins\207.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\extensionData\plugins\1.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\extensionData\plugins\102.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\extensionData\plugins\103.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\extensionData\plugins\104.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\extensionData\plugins\119.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\extensionData\plugins\123.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\extensionData\plugins\13.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\extensionData\plugins\14.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\extensionData\plugins\155.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\extensionData\plugins\17.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\extensionData\plugins\177.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\extensionData\plugins\179.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\extensionData\plugins\180.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\extensionData\plugins\182.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\extensionData\plugins\183.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\extensionData\plugins\184.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\extensionData\plugins\19.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\extensionData\plugins\190.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\extensionData\plugins\191.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\extensionData\plugins\195.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\extensionData\plugins\21.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\extensionData\plugins\22.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\extensionData\plugins\220.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\extensionData\plugins\221.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\extensionData\plugins\223.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\extensionData\plugins\231.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\extensionData\plugins\232.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\extensionData\plugins\236.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\extensionData\plugins\242.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\extensionData\plugins\246.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\extensionData\plugins\28.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\extensionData\plugins\4.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\extensionData\plugins\47.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\extensionData\plugins\64.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\extensionData\plugins\7.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\extensionData\plugins\72.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\extensionData\plugins\78.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\extensionData\plugins\80.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\extensionData\plugins\9.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\extensionData\plugins\91.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\extensionData\plugins\93.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\extensionData\plugins\97.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\extensionData\userCode\background.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\extensionData\userCode\extension.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\icons\icon128.png, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\icons\icon16.png, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\icons\icon48.png, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\icons\actions\1.png, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\js\background.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\js\main.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\js\platformVersion.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\js\api\chrome.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\js\api\cookie.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\js\api\message.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\js\api\monitor.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\js\api\pageAction.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\js\api\pageActionBG.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\js\lib\app_api.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\js\lib\bg_app_api.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\js\lib\consts.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\js\lib\cookie_store.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\js\lib\crossriderAPI.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\js\lib\delegate.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\js\lib\events.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\js\lib\extensionDataStore.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\js\lib\installer.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\js\lib\logFile.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\js\lib\logging.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\js\lib\onBGDocumentLoad.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\js\lib\reports.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\js\lib\storageWrapper.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\js\lib\updateManager.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\js\lib\util.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\js\lib\xhr.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\js\lib\popupResource\newPopup.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak\1.26.52_0\js\lib\popupResource\popup.js, In Quarantäne, [5382f4895e1dcc6ad598663459a96f91], 
PUP.Optional.PlusHD.A, C:\Program Files (x86)\Plus-HD-9.3\53098.crx, In Quarantäne, [20b582fb304bfa3cf300118946bcf10f], 
PUP.Optional.PlusHD.A, C:\Program Files (x86)\Plus-HD-9.3\53098.xpi, In Quarantäne, [20b582fb304bfa3cf300118946bcf10f], 
PUP.Optional.PlusHD.A, C:\Program Files (x86)\Plus-HD-9.3\Plus-HD-9.3-bho.dll, In Quarantäne, [20b582fb304bfa3cf300118946bcf10f], 
PUP.Optional.PlusHD.A, C:\Program Files (x86)\Plus-HD-9.3\Plus-HD-9.3-bho64.dll, In Quarantäne, [20b582fb304bfa3cf300118946bcf10f], 
PUP.Optional.PlusHD.A, C:\Program Files (x86)\Plus-HD-9.3\Plus-HD-9.3.ico, In Quarantäne, [20b582fb304bfa3cf300118946bcf10f], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gngfnjclpjflgomhidfecidndbfaniak\000038.ldb, Löschen bei Neustart, [20b5f588accfa2942b43dcc0a062e020], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gngfnjclpjflgomhidfecidndbfaniak\000040.ldb, Löschen bei Neustart, [20b5f588accfa2942b43dcc0a062e020], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gngfnjclpjflgomhidfecidndbfaniak\000056.log, Löschen bei Neustart, [20b5f588accfa2942b43dcc0a062e020], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gngfnjclpjflgomhidfecidndbfaniak\CURRENT, In Quarantäne, [20b5f588accfa2942b43dcc0a062e020], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gngfnjclpjflgomhidfecidndbfaniak\LOCK, Löschen bei Neustart, [20b5f588accfa2942b43dcc0a062e020], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gngfnjclpjflgomhidfecidndbfaniak\LOG, Löschen bei Neustart, [20b5f588accfa2942b43dcc0a062e020], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gngfnjclpjflgomhidfecidndbfaniak\LOG.old, In Quarantäne, [20b5f588accfa2942b43dcc0a062e020], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gngfnjclpjflgomhidfecidndbfaniak\MANIFEST-000054, Löschen bei Neustart, [20b5f588accfa2942b43dcc0a062e020], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_gngfnjclpjflgomhidfecidndbfaniak_0\3, In Quarantäne, [894cdba21e5d0e285c1399034cb633cd], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bakgmemkflciahncfpgaebpnknhejeja\000038.ldb, In Quarantäne, [785d6d10ef8c092d068df5b2a65c639d], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bakgmemkflciahncfpgaebpnknhejeja\000040.ldb, In Quarantäne, [785d6d10ef8c092d068df5b2a65c639d], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bakgmemkflciahncfpgaebpnknhejeja\000053.log, In Quarantäne, [785d6d10ef8c092d068df5b2a65c639d], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bakgmemkflciahncfpgaebpnknhejeja\CURRENT, In Quarantäne, [785d6d10ef8c092d068df5b2a65c639d], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bakgmemkflciahncfpgaebpnknhejeja\LOCK, In Quarantäne, [785d6d10ef8c092d068df5b2a65c639d], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bakgmemkflciahncfpgaebpnknhejeja\LOG, In Quarantäne, [785d6d10ef8c092d068df5b2a65c639d], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bakgmemkflciahncfpgaebpnknhejeja\LOG.old, In Quarantäne, [785d6d10ef8c092d068df5b2a65c639d], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bakgmemkflciahncfpgaebpnknhejeja\MANIFEST-000051, In Quarantäne, [785d6d10ef8c092d068df5b2a65c639d], 
PUP.Optional.CrossRider.A, C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_bakgmemkflciahncfpgaebpnknhejeja_0\2, In Quarantäne, [7e57c7b6d4a7211599fbb7f0b0523dc3], 

Physische Sektoren: 0
(No malicious items detected)


(end)
         
Code:
ATTFilter
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 28-06-2014 02
Ran by Julian at 2014-06-29 13:18:20 Run:1
Running from C:\Users\Julian\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - {193DDDE3-3F56-48EC-8085-549FD9F026DB} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10261&src=kw&q={searchTerms}&locale=&apn_ptnrs=^AGS&apn_dtid=^YYYYYY^YY^DE&apn_uid=09599e60-d3a6-4fb0-946d-ff4c0fa54d5f&apn_sauid=46E449BC-4F3E-4556-9110-102CBC7E6CD9
SearchScopes: HKCU - {44594F6D-AD20-45F6-8766-FBB35DB5C317} URL = hxxp://search.softonic.com/MOY00621/tb_v1?q={searchTerms}&SearchSource=4&cc=&mi=7ac7ee6a000000000000c0143dc3fd0b&r=392
Task: {15150AC7-DFB6-495F-AA49-F7A18EE12FFC} - \ae1c3042-3388-45b9-b3c5-7de311620ae3-5 No Task File <==== ATTENTION
Task: {33535263-5917-4D7B-9337-F6B02A8BA43E} - \Scheduled Update for Ask Toolbar No Task File <==== ATTENTION
Task: {3D4D3CF7-BD80-45E4-91CA-2FC80DED067C} - \APSnotifierPP3 No Task File <==== ATTENTION
Task: {5EED5FCC-AE50-4459-85C9-374E501DA4E8} - \Weather It Up-updater No Task File <==== ATTENTION
Task: {6023D30E-9302-4225-A4E9-D42AAF71AECE} - \MySearchDial No Task File <==== ATTENTION
Task: {652C1272-9EAF-4C21-96CA-8315C82B4B8D} - \Weather It Up-codedownloader No Task File <==== ATTENTION
Task: {6B402D9F-9393-4F3E-843E-BF6893FF5FA0} - \Weather It Up-firefoxinstaller No Task File <==== ATTENTION
Task: {7D3E29F6-EE2B-43C0-8A37-B727D11383E0} - \APSnotifierPP1 No Task File <==== ATTENTION
Task: {7E9166AF-4D60-4400-BF30-1DAF66F6D3B4} - \ae1c3042-3388-45b9-b3c5-7de311620ae3-4 No Task File <==== ATTENTION
Task: {83512CF7-3FCA-4468-A9D9-86C3525FA26A} - \ae1c3042-3388-45b9-b3c5-7de311620ae3-1 No Task File <==== ATTENTION
Task: {C28CD781-E211-4712-87B4-B5C86054EFD9} - \APSnotifierPP2 No Task File <==== ATTENTION
Task: {D85A7E85-4BE6-4315-9CDA-2F54596AE661} - \Weather It Up-chromeinstaller No Task File <==== ATTENTION
Task: {DC07BF9B-D977-458A-9CB9-B6909D9FF560} - \ae1c3042-3388-45b9-b3c5-7de311620ae3-2 No Task File <==== ATTENTION
Task: {E8395618-29D9-4798-B7BB-204170A87627} - \ae1c3042-3388-45b9-b3c5-7de311620ae3-3 No Task File <==== ATTENTION
Task: {F1A9EF49-A76F-4E9F-90E0-8ECCFD43AAEC} - \Weather It Up-enabler No Task File <==== ATTENTION
C:\Users\Julian\AppData\Local\Temp\*.exe
C:\Users\Julian\AppData\Local\Temp\*.dll
*****************

C:\Windows\system32\GroupPolicy\Machine => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
'HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{193DDDE3-3F56-48EC-8085-549FD9F026DB}' => Key deleted successfully.
'HKCR\CLSID\{193DDDE3-3F56-48EC-8085-549FD9F026DB}'=> Key not found.
'HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{44594F6D-AD20-45F6-8766-FBB35DB5C317}' => Key deleted successfully.
'HKCR\CLSID\{44594F6D-AD20-45F6-8766-FBB35DB5C317}'=> Key not found.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{15150AC7-DFB6-495F-AA49-F7A18EE12FFC}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{15150AC7-DFB6-495F-AA49-F7A18EE12FFC}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ae1c3042-3388-45b9-b3c5-7de311620ae3-5' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{33535263-5917-4D7B-9337-F6B02A8BA43E}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{33535263-5917-4D7B-9337-F6B02A8BA43E}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Scheduled Update for Ask Toolbar' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3D4D3CF7-BD80-45E4-91CA-2FC80DED067C}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3D4D3CF7-BD80-45E4-91CA-2FC80DED067C}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\APSnotifierPP3' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5EED5FCC-AE50-4459-85C9-374E501DA4E8}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5EED5FCC-AE50-4459-85C9-374E501DA4E8}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Weather It Up-updater' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6023D30E-9302-4225-A4E9-D42AAF71AECE}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6023D30E-9302-4225-A4E9-D42AAF71AECE}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\MySearchDial' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{652C1272-9EAF-4C21-96CA-8315C82B4B8D}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{652C1272-9EAF-4C21-96CA-8315C82B4B8D}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Weather It Up-codedownloader' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6B402D9F-9393-4F3E-843E-BF6893FF5FA0}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6B402D9F-9393-4F3E-843E-BF6893FF5FA0}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Weather It Up-firefoxinstaller' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7D3E29F6-EE2B-43C0-8A37-B727D11383E0}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7D3E29F6-EE2B-43C0-8A37-B727D11383E0}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\APSnotifierPP1' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7E9166AF-4D60-4400-BF30-1DAF66F6D3B4}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7E9166AF-4D60-4400-BF30-1DAF66F6D3B4}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ae1c3042-3388-45b9-b3c5-7de311620ae3-4' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{83512CF7-3FCA-4468-A9D9-86C3525FA26A}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{83512CF7-3FCA-4468-A9D9-86C3525FA26A}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ae1c3042-3388-45b9-b3c5-7de311620ae3-1' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C28CD781-E211-4712-87B4-B5C86054EFD9}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C28CD781-E211-4712-87B4-B5C86054EFD9}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\APSnotifierPP2' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D85A7E85-4BE6-4315-9CDA-2F54596AE661}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D85A7E85-4BE6-4315-9CDA-2F54596AE661}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Weather It Up-chromeinstaller' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{DC07BF9B-D977-458A-9CB9-B6909D9FF560}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DC07BF9B-D977-458A-9CB9-B6909D9FF560}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ae1c3042-3388-45b9-b3c5-7de311620ae3-2' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E8395618-29D9-4798-B7BB-204170A87627}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E8395618-29D9-4798-B7BB-204170A87627}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ae1c3042-3388-45b9-b3c5-7de311620ae3-3' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F1A9EF49-A76F-4E9F-90E0-8ECCFD43AAEC}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F1A9EF49-A76F-4E9F-90E0-8ECCFD43AAEC}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Weather It Up-enabler' => Key deleted successfully.
C:\Users\Julian\AppData\Local\Temp\*.exe => Moved successfully.
C:\Users\Julian\AppData\Local\Temp\*.dll => Moved successfully.


The system needed a reboot. 

==== End of Fixlog ====
         

Alt 29.06.2014, 22:36   #9
Bootsektor
Ruhe in Frieden
† 2019
 
Ständige Werbung in allen Browsern - Standard

Ständige Werbung in allen Browsern



Hallo FVBPlayrt,

Prima

nehmen wir noch den Proxy raus und machen einen Kontrollscan

Schritt 1

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:49423;https=127.0.0.1:49423
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.



Schritt 2
Da der Scan mit Eset sehr gründlich ist, kann er unter Umständen mehrere Stunden dauern

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset



Schritt 3
Starte noch einmal FRST.
  • Ändere keine der Voreinstellungen und drücke auf Scan.
  • Wenn der Scan abgeschlossen ist, wird ein neues Logfile FRST.txt erstellt und auf dem Desktop gespeichert.
  • Poste den Inhalt dieses Logfiles bitte hier in deinen Thread.

Alt 30.06.2014, 13:15   #10
FVBPlayrt
 
Ständige Werbung in allen Browsern - Standard

Ständige Werbung in allen Browsern



Hallo,

perfekt. Hier ist der Fixlog
Code:
ATTFilter
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 28-06-2014 02
Ran by Julian at 2014-06-30 14:13:37 Run:2
Running from C:\Users\Julian\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:49423;https=127.0.0.1:49423
*****************

HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => Value not found.

==== End of Fixlog ====
         
Dann fange ich jetzt mal an das Programm herunterzuladen und zu starten

Vielen Dank

Alt 30.06.2014, 20:19   #11
Bootsektor
Ruhe in Frieden
† 2019
 
Ständige Werbung in allen Browsern - Standard

Ständige Werbung in allen Browsern



Ok, ich warte dann auf die weiteren Logs

Antwort

Themen zu Ständige Werbung in allen Browsern
msil.solimba, pup.optional.adlyrics, pup.optional.betterdeals.a, pup.optional.certifiedtoolbar.a, pup.optional.ciuvo.a, pup.optional.conduit.a, pup.optional.crossrider.a, pup.optional.domaiq, pup.optional.iepluginservice.a, pup.optional.installcore.a, pup.optional.nextlive.a, pup.optional.outbrowse, pup.optional.plushd.a, pup.optional.qone8, pup.optional.quickstart.a, pup.optional.regcleanerpro, pup.optional.searchcertifiedtb.a, pup.optional.searchprotect.a, pup.optional.selectngo.a, pup.optional.skytech.a, pup.optional.snapdo.a, pup.optional.v9.a, pup.optional.weatheritup.a, pup.optional.wpmanager, ständige werbung




Ähnliche Themen: Ständige Werbung in allen Browsern


  1. Ständige Werbung in allen Browsern unter Windows 10
    Log-Analyse und Auswertung - 15.08.2015 (11)
  2. Windows 8: Ständige Werbung & markierte Links in Browsern
    Log-Analyse und Auswertung - 09.04.2015 (8)
  3. Win7, Seiten ploppen auf, Weiterleitungen und nervige Werbung in allen Browsern
    Log-Analyse und Auswertung - 13.11.2014 (12)
  4. Pop-Up Fenster in allen Browsern - Win 7
    Log-Analyse und Auswertung - 23.06.2014 (5)
  5. Werbung auf allen browsern, adope flash player hängt sich immer auf
    Plagegeister aller Art und deren Bekämpfung - 30.03.2014 (19)
  6. Werbung in allen Browsern
    Plagegeister aller Art und deren Bekämpfung - 27.11.2013 (12)
  7. Windows Vista: Werbung von a2ZLyrics in allen Browsern
    Log-Analyse und Auswertung - 09.11.2013 (11)
  8. Blaue Werbung in allen Browsern!
    Log-Analyse und Auswertung - 14.10.2013 (4)
  9. Instant Savings in allen Browsern
    Plagegeister aller Art und deren Bekämpfung - 06.08.2013 (17)
  10. PopUps in allen Browsern (IE&FF) und Werbung auf Websites, die nicht daher stammt
    Log-Analyse und Auswertung - 22.05.2013 (31)
  11. Fenster links unten in allen Browsern mit lästiger Werbung, teilweise falsche link weiterleitung, UpdatusUser in C:\Dokumente und Einstellu
    Plagegeister aller Art und deren Bekämpfung - 15.02.2013 (18)
  12. Werbung in allen Browsern
    Log-Analyse und Auswertung - 06.12.2012 (22)
  13. ichanti.ru als Startseite in allen Browsern
    Log-Analyse und Auswertung - 25.03.2012 (4)
  14. Seitenladefehler bei Youtube mit allen Browsern
    Plagegeister aller Art und deren Bekämpfung - 03.10.2011 (52)
  15. Unerwünschte Popups in allen Browsern
    Mülltonne - 06.01.2009 (0)
  16. immer werbung bei allen browsern
    Log-Analyse und Auswertung - 19.10.2008 (48)
  17. Probleme mit allen Browsern
    Log-Analyse und Auswertung - 01.10.2006 (9)

Zum Thema Ständige Werbung in allen Browsern - Hallo, mein Problem sieht folgendermaßen aus: - in allen Browsern, die ich benutze (Firefox und Chrome) taucht plötzlich eine Vielzahl an Werbung auf. Es sind meistens nur so kleine Fenster, - Ständige Werbung in allen Browsern...
Archiv
Du betrachtest: Ständige Werbung in allen Browsern auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.