| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Mozilla öffnet von alleine neue TabsWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
29.07.2014, 14:22
| #1 |
| |  Mozilla öffnet von alleine neue Tabs Hallo liebes Trojaner Board Team, seit einiger Zeit öffnet sich bei meinem Firefox von alleine neue Tabs mit allerhand Werbung. Dazu kommt, dass ich auf den Seiten, auf denen ich mich befinde, immer wieder kleine Fenster mit Werbung von allen möglichen Dingen wie Spiele, Mode usw. habe die ich dann mit einem X wegklicken kann. Diese kommen aber ebenfalls immer wieder. Ich habe mal einen Scan durchgeführt aber habe auch weiter keine Ahnung davon. Ich bitte um Hilfe, liebe Grüße und vielen Dank schonmal FRST Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-07-2014 Ran by Markus (administrator) on MORGAN on 29-07-2014 15:06:36 Running from C:\Users\Markus\Downloads Platform: Windows 8 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 10 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Cherished Technololgy LIMITED) C:\ProgramData\IePluginServices\PluginService.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe (Microsoft Corporation) C:\Windows\System32\dasHost.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe (SIEN S.A.) C:\Program Files (x86)\Common Files\IMGUpdater\IMGUpdater.exe () C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe (Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe (Dritek System INC.) C:\Windows\RfBtnSvc64.exe (Iminent) C:\Program Files (x86)\Common Files\Umbrella\Umbrella210.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Iminent) C:\Program Files (x86)\Common Files\Umbrella\Umbrella210.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe () C:\Program Files (x86)\SupTab\HpUI.exe (Intel Corporation) C:\Windows\System32\igfxext.exe () C:\Program Files (x86)\SupTab\Loader32.exe () C:\Program Files (x86)\SupTab\Loader64.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Spotify Ltd) C:\Users\Markus\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Smartbar) C:\Users\Markus\AppData\Local\Smartbar\Application\Smartbar.exe (Dritek System Inc.) C:\Program Files (x86)\RadioController\RfBtnHelper.exe (CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Microsoft Corporation) C:\Windows\splwow64.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe () C:\Users\Markus\AppData\Local\Smartbar\Application\Lrcnta.exe (CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE (CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.EXE (Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Microsoft Corporation) C:\Windows\System32\WWAHost.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2873744 2012-11-20] (ELAN Microelectronics Corp.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor) HKLM-x32\...\Run: [LManager] => [X] HKLM-x32\...\Run: [RadioController] => C:\Program Files (x86)\RadioController\RfBtnHelper.exe [111216 2013-07-30] (Dritek System Inc.) HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2994880 2012-08-15] (Symantec Corporation) HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1273448 2012-04-03] (CANON INC.) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-03] (Apple Inc.) HKLM-x32\...\Run: [mobilegeni daemon] => C:\Program Files (x86)\Mobogenie\DaemonProcess.exe HKLM-x32\...\Run: [AnyProtect Scanner] => "C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe" HKLM-x32\...\Run: [AnyProtect Tray] => "C:\Program Files (x86)\AnyProtectEx\AnyProtectTrayIcon.exe" HKLM-x32\...\Run: [fst_de_75] => [X] HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-07-08] (Apple Inc.) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-3478845354-2299671783-2462539787-1002\...\Run: [Spotify Web Helper] => C:\Users\Markus\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1176632 2014-07-01] (Spotify Ltd) HKU\S-1-5-21-3478845354-2299671783-2462539787-1002\...\Run: [NextLive] => C:\Windows\SysWOW64\rundll32.exe "C:\Users\Markus\AppData\Roaming\newnext.me\nengine.dll",EntryPoint (the data entry has 6 more characters). HKU\S-1-5-21-3478845354-2299671783-2462539787-1002\...\Run: [Browser Infrastructure Helper] => C:\Users\Markus\AppData\Local\Smartbar\Application\Smartbar.exe [28952 2014-06-11] (Smartbar) AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [245872 2013-02-21] (NVIDIA Corporation) AppInit_DLLs: C:\PROGRA~3\FASTAN~1\FASTAN~2.DLL => C:\ProgramData\Fast And Safe\FastAndSafe_x64.dll [4302848 2014-07-24] () AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [201576 2013-02-21] (NVIDIA Corporation) AppInit_DLLs-x32: c:\progra~3\fastan~1\fastan~1.dll => c:\ProgramData\Fast And Safe\FastAndSafe.dll [4125696 2014-07-24] () IFEO\DatamngrCoordinator.exe: [Debugger] tasklist.exe ShellIconOverlayIdentifiers: SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Markus\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64\SkyDriveShell64.dll (Microsoft Corporation) ShellIconOverlayIdentifiers: SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Markus\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64\SkyDriveShell64.dll (Microsoft Corporation) ShellIconOverlayIdentifiers: SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Markus\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64\SkyDriveShell64.dll (Microsoft Corporation) ShellIconOverlayIdentifiers: SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers: SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers: SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Markus\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\SkyDriveShell.dll (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Markus\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\SkyDriveShell.dll (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Markus\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\SkyDriveShell.dll (Microsoft Corporation) GroupPolicy: Group Policy on Chrome detected <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StLKYZZHUxozG7WbG8M4ZbpPFmdMdnxsM5TEzN82KrkxsAMQ2M_ucVyCiDfMqKfi8T7o6SfBNWAvVd3w2NVqtHbXB1QakofDqcezBu_mD55W29eHDqrmLA4QENdiskQFZ 9MXzGUVgXaO89kx2x4S_Z5s01KLxwlX2MKGCdRC8T6vB2LLtpkVhp-9MmOw9z9BVWT2uaNGlcpA,,&q={searchTerms} HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://myhome.vi-view.com/?type=hp&ts=1406294425&from=tugs&uid=TOSHIBAXMQ01ABD075_53L8P7KXTXX53L8P7KXT HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StLKYZZHUxozG7WbG8M4ZbpPFmdMdnxsM5TEzN82KrkxsAMQ2M_ucVyCiDfMqKfi8T7o6SfBNWAvVd3w2NVqtHbXB1QakofDqcezBu_mD55W29eHDqrmLA4QENdiskQFZ 9MXzGUVgXaO89kx2x4S_Z5s01KLxwlX2MKGCdRC8T6vB2LLtpkVhp-9MmOw9z9BVWT2uaNGlcpA,,&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://myhome.vi-view.com/web/?type=ds&ts=1406294425&from=tugs&uid=TOSHIBAXMQ01ABD075_53L8P7KXTXX53L8P7KXT&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://myhome.vi-view.com/?type=hp&ts=1406294425&from=tugs&uid=TOSHIBAXMQ01ABD075_53L8P7KXTXX53L8P7KXT HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://myhome.vi-view.com/?type=hp&ts=1406294425&from=tugs&uid=TOSHIBAXMQ01ABD075_53L8P7KXTXX53L8P7KXT HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://myhome.vi-view.com/web/?type=ds&ts=1406294425&from=tugs&uid=TOSHIBAXMQ01ABD075_53L8P7KXTXX53L8P7KXT&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://myhome.vi-view.com/web/?type=ds&ts=1406294425&from=tugs&uid=TOSHIBAXMQ01ABD075_53L8P7KXTXX53L8P7KXT&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://myhome.vi-view.com/?type=hp&ts=1406294425&from=tugs&uid=TOSHIBAXMQ01ABD075_53L8P7KXTXX53L8P7KXT HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://myhome.vi-view.com/?type=hp&ts=1406294425&from=tugs&uid=TOSHIBAXMQ01ABD075_53L8P7KXTXX53L8P7KXT HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://myhome.vi-view.com/web/?type=ds&ts=1406294425&from=tugs&uid=TOSHIBAXMQ01ABD075_53L8P7KXTXX53L8P7KXT&q={searchTerms} StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.nationzoom.com/?type=sc&ts=1388195262&from=tugs&uid=TOSHIBAXMQ01ABD075_53L8P7KXTXX53L8P7KXT SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = SearchScopes: HKLM - {A33DB9FD-7A8A-496E-92D3-9CFCF9D9E1C9} URL = hxxp://myhome.vi-view.com/web/?type=ds&ts=1406294425&from=tugs&uid=TOSHIBAXMQ01ABD075_53L8P7KXTXX53L8P7KXT&q={searchTerms} SearchScopes: HKLM - {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms} SearchScopes: HKLM - {D5D69A15-4A00-4858-A6FD-DD708ED1681B} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://myhome.vi-view.com/web/?type=ds&ts=1406294425&from=tugs&uid=TOSHIBAXMQ01ABD075_53L8P7KXTXX53L8P7KXT&q={searchTerms} SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StLKYZZHUxozG7WbG8M4ZbpPFmdMdnxsM5TEzN82KrkxsAMQ2M_ucVyCiDfMqKfi8T7o6SfBNWAvVd3w2NVqtHbXB1QakofDqcezBu_mD55W29eHDqrmLA4QENdiskQFZ 9MXzGUVgXaO89kx2x4S_Z5s01KLxwlX2MKGCdRC8T6vB2LLtpkVhp-9Mly-dU_lgAWBeU3Pfbag,,&q={searchTerms} SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://myhome.vi-view.com/web/?type=ds&ts=1406294425&from=tugs&uid=TOSHIBAXMQ01ABD075_53L8P7KXTXX53L8P7KXT&q={searchTerms} SearchScopes: HKCU - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://start.iminent.com/?appId=DDDAC049-75D2-4819-AE02-A28036A20839&ref=toolbox&q={searchTerms} SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://start.iminent.com/?appId=DDDAC049-75D2-4819-AE02-A28036A20839&ref=toolbox&q={searchTerms} SearchScopes: HKCU - {460C3D19-B3D4-4964-A550-77D263B0CCCB} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StLKYZZHUxozG7WbG8M4ZbpPFmdMdnxsM5TEzN82KrkxsAMQ2M_ucVyCiDfMqKfi8T7o6SfBNWAvVd3w2NVqtHbXB1QakofDqcezBu_mD55W29eHDqrmLA4QENdiskQFZ 9MXzGUVgXaO89kx2x4S_Z5s01KLxwlX2MKGCdRC8T6vB2LLtpkVhp-9MmOw9z9BVWT2uaNGlcpA,,&q={searchTerms} SearchScopes: HKCU - {A33DB9FD-7A8A-496E-92D3-9CFCF9D9E1C9} URL = hxxp://myhome.vi-view.com/web/?type=ds&ts=1406294425&from=tugs&uid=TOSHIBAXMQ01ABD075_53L8P7KXTXX53L8P7KXT&q={searchTerms} BHO: video MediaPlay-Air -> {11111111-1111-1111-1111-110611171199} -> C:\Program Files (x86)\video MediaPlay-Air\video MediaPlay-Air-bho64.dll (enter) BHO: Yahoo Community Smartbar (by Linkury)Engine -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> C:\Windows\system32\mscoree.dll (Microsoft Corporation) BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: video MediaPlay-Air -> {11111111-1111-1111-1111-110611171199} -> C:\Program Files (x86)\video MediaPlay-Air\video MediaPlay-Air-bho.dll (enter) BHO-x32: Yahoo Community Smartbar (by Linkury)Engine -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation) BHO-x32: IETabPage Class -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -> C:\Program Files (x86)\SupTab\SupTab.dll (Thinknice Co. Limited) BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.) BHO-x32: No Name -> {84FF7BD6-B47F-46F8-9130-01B2696B36CB} -> No File Toolbar: HKLM - Yahoo Community Smartbar (by Linkury) - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\system32\mscoree.dll (Microsoft Corporation) Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.) Toolbar: HKLM-x32 - Yahoo Community Smartbar (by Linkury) - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation) Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 FireFox: ======== FF ProfilePath: C:\Users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\ppfgea47.default FF NewTab: chrome://quick_start/content/index.html FF DefaultSearchEngine: StartWeb FF SearchEngineOrder.1: Sichere Suche FF SelectedSearchEngine: StartWeb FF Homepage: www.google.de FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll () FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll () FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.) FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll () FF Plugin HKCU: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF SearchPlugin: C:\Users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\ppfgea47.default\searchplugins\Web Search.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\nationzoom.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\StartWeb.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\vi-view.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: video MediaPlay-Air - C:\Users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\ppfgea47.default\Extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com [2014-07-25] FF Extension: HQPureQualV1.8 - C:\Users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\ppfgea47.default\Extensions\d55cd0d7-9f24-4660-95b3-188599e8e4f8@6b2faf04-e86f-4bcf-a878-632814acf518.com [2014-07-25] FF Extension: cosstminn - C:\Users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\ppfgea47.default\Extensions\eeoaaaye@o-qjgl.edu [2014-07-25] FF Extension: Fast Start - C:\Users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\ppfgea47.default\Extensions\faststartff@gmail.com [2014-07-25] FF Extension: WOwCiouuppon - C:\Users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\ppfgea47.default\Extensions\rhooy@kafnvxxz.co.uk [2014-07-24] FF Extension: Iminent - C:\Users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\ppfgea47.default\Extensions\webbooster@iminent.com.xpi [2014-07-03] FF HKLM-x32\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\ppfgea47.default\extensions\faststartff@gmail.com Chrome: ======= CHR HomePage: hxxp://start.iminent.com/?appId=DDDAC049-75D2-4819-AE02-A28036A20839 CHR StartupUrls: "https://www.google.de/?gws_rd=ssl" CHR DefaultSearchKeyword: start.iminent.com CHR DefaultNewTabURL: CHR Extension: (Google Docs) - C:\Users\Markus\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-26] CHR Extension: (Google Drive) - C:\Users\Markus\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-26] CHR Extension: (YouTube) - C:\Users\Markus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-26] CHR Extension: (Google-Suche) - C:\Users\Markus\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-26] CHR Extension: (cosstminn) - C:\Users\Markus\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf [2014-07-25] CHR Extension: (Google Wallet) - C:\Users\Markus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-26] CHR Extension: (Quick start) - C:\Users\Markus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma [2014-07-25] CHR Extension: (Google Mail) - C:\Users\Markus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-26] CHR Extension: (cosstminn) - C:\Users\Markus\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0 [2014-07-25] CHR HKLM-x32\...\Chrome\Extension: [igdhbblpcellaljokkpfhcjlagemhgjl] - "C:\Program Files (x86)\Iminent\Iminent.crx" [2014-07-25] CHR HKLM-x32\...\Chrome\Extension: [pelmeidfhdlhlbjimpabfcbnnojbboma] - C:\Users\Markus\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv3.crx [2014-07-25] CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 64af91bf; c:\ProgramData\Fast And Safe\FastAndSafeSvc.dll [186192 2014-07-24] () [File not signed] R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2615368 2013-02-19] (Acer Incorporated) R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2356408 2014-06-19] (Microsoft Corporation) R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [662088 2013-03-15] (Acer Incorporated) R2 ETDService; C:\Program Files\Elantech\ETDService.exe [100752 2012-11-20] (ELAN Microelectronics Corp.) R2 GlobalUpdater; C:\Program Files (x86)\Common Files\IMGUpdater\IMGUpdater.exe [378152 2014-06-18] (SIEN S.A.) R2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe [702344 2014-07-25] (Cherished Technololgy LIMITED) R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] () R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation) R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [3943104 2012-08-15] (Symantec Corporation) R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [96880 2013-07-30] (Dritek System INC.) R2 SProtection; C:\Program Files (x86)\Common Files\Umbrella\Umbrella210.exe [3209024 2014-07-18] (Iminent) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation) S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X] S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X] S2 McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [5139968 2012-06-02] (Broadcom Corporation) R1 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0401000.00E\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation) R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2013-07-30] (Dritek System Inc.) ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-07-29 15:06 - 2014-07-29 15:07 - 00026731 _____ () C:\Users\Markus\Downloads\FRST.txt 2014-07-29 15:05 - 2014-07-29 15:06 - 00000000 ____D () C:\FRST 2014-07-29 15:05 - 2014-07-29 15:05 - 02093568 _____ (Farbar) C:\Users\Markus\Downloads\FRST64.exe 2014-07-29 14:49 - 2014-07-16 00:51 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys 2014-07-29 14:49 - 2014-05-29 06:04 - 00094552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys 2014-07-29 14:49 - 2014-05-08 03:34 - 00328024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys 2014-07-28 15:32 - 2014-07-28 15:32 - 00000000 ____D () C:\Program Files (x86)\WowCouponn 2014-07-25 15:29 - 2014-07-25 15:29 - 00003118 _____ () C:\Windows\System32\Tasks\{D0140B21-80DB-4F5B-9F90-290E5EA14860} 2014-07-25 15:26 - 2014-07-25 15:28 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\Probit Software 2014-07-25 15:23 - 2014-07-25 15:23 - 00000000 ____D () C:\Users\Markus\AppData\Local\com 2014-07-25 15:22 - 2014-07-29 14:52 - 00001732 _____ () C:\Windows\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-1.job 2014-07-25 15:22 - 2014-07-29 14:52 - 00001566 _____ () C:\Windows\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-5_user.job 2014-07-25 15:22 - 2014-07-29 14:52 - 00001550 _____ () C:\Windows\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-5.job 2014-07-25 15:22 - 2014-07-29 14:52 - 00001478 _____ () C:\Windows\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-2.job 2014-07-25 15:22 - 2014-07-25 15:22 - 00004736 _____ () C:\Windows\System32\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-1 2014-07-25 15:22 - 2014-07-25 15:22 - 00004554 _____ () C:\Windows\System32\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-5 2014-07-25 15:22 - 2014-07-25 15:22 - 00004482 _____ () C:\Windows\System32\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-2 2014-07-25 15:21 - 2014-07-29 14:52 - 00002366 _____ () C:\Windows\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-4.job 2014-07-25 15:21 - 2014-07-25 15:23 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect 2014-07-25 15:21 - 2014-07-25 15:22 - 00005370 _____ () C:\Windows\System32\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-4 2014-07-25 15:21 - 2014-07-25 15:21 - 00000000 ____D () C:\ProgramData\IePluginServices 2014-07-25 15:21 - 2014-07-25 15:21 - 00000000 ____D () C:\Program Files (x86)\SupTab 2014-07-25 15:20 - 2014-07-28 15:26 - 00000000 ____D () C:\Program Files (x86)\globalUpdate 2014-07-25 15:20 - 2014-07-25 15:25 - 00000000 ____D () C:\ProgramData\cosstminn 2014-07-25 15:20 - 2014-07-25 15:22 - 00000000 ____D () C:\Program Files (x86)\video MediaPlay-Air 2014-07-25 15:20 - 2014-07-25 15:21 - 00000000 ____D () C:\Program Files (x86)\cosstminn 2014-07-25 15:20 - 2014-07-25 15:20 - 00000306 __RSH () C:\ProgramData\ntuser.pol 2014-07-25 15:20 - 2014-07-25 15:20 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Chromatic Browser 2014-07-25 15:20 - 2014-07-25 15:20 - 00000000 ____D () C:\Users\Markus\AppData\Local\globalUpdate 2014-07-25 15:20 - 2014-07-25 15:20 - 00000000 ____D () C:\Users\Markus\AppData\Local\Chromatic Browser 2014-07-25 15:20 - 2014-07-25 15:20 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser 2014-07-25 15:20 - 2014-07-25 15:20 - 00000000 ____D () C:\Users\Gast\AppData\Local\Chromatic Browser 2014-07-25 15:20 - 2014-07-25 15:20 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Chromatic Browser 2014-07-25 15:19 - 2014-07-25 15:28 - 00000000 ____D () C:\Program Files (x86)\Probit Software 2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Torch 2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Google 2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Comodo 2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\Markus\AppData\Local\Torch 2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\Markus\AppData\Local\SearchProtect 2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\Markus\AppData\Local\Comodo 2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Torch 2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google 2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo 2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\HomeGroupUser$ 2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\Gast\AppData\Local\Torch 2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google 2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\Gast\AppData\Local\Comodo 2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\Gast 2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Torch 2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google 2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo 2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\Administrator 2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 _____ () C:\END 2014-07-25 15:18 - 2014-07-25 15:18 - 01399360 _____ () C:\Users\Markus\Downloads\Setup.exe 2014-07-24 07:26 - 2014-07-28 15:32 - 00000000 ____D () C:\ProgramData\7a791e75f7c17ac 2014-07-24 07:25 - 2014-07-29 12:26 - 00000000 ____D () C:\ProgramData\WowCouponn 2014-07-24 07:05 - 2014-07-24 07:05 - 00000000 ____D () C:\ProgramData\Fast And Safe 2014-07-11 14:53 - 2014-07-11 14:53 - 00001787 _____ () C:\Users\Public\Desktop\iTunes.lnk 2014-07-11 14:53 - 2014-07-11 14:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2014-07-11 14:53 - 2014-07-11 14:53 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2014-07-11 14:53 - 2014-07-11 14:53 - 00000000 ____D () C:\Program Files\iTunes 2014-07-11 14:53 - 2014-07-11 14:53 - 00000000 ____D () C:\Program Files\iPod 2014-07-11 14:53 - 2014-07-11 14:53 - 00000000 ____D () C:\Program Files (x86)\iTunes 2014-07-11 13:42 - 2014-07-11 13:42 - 00000000 ____D () C:\ProgramData\Microsoft OneDrive 2014-07-11 13:30 - 2014-07-11 13:30 - 00000000 __RHD () C:\MSOCache 2014-07-10 20:35 - 2014-07-10 20:35 - 00421880 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-07-10 11:37 - 2014-06-26 22:53 - 00703968 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-07-10 11:37 - 2014-06-26 22:53 - 00105440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-07-10 11:34 - 2014-07-10 11:35 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-07-09 00:38 - 2014-06-18 01:27 - 01440256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe 2014-07-09 00:38 - 2014-06-18 01:24 - 01557504 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe 2014-07-09 00:38 - 2014-06-11 06:18 - 04038144 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-07-09 00:38 - 2014-06-03 00:33 - 00265216 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll 2014-07-09 00:38 - 2014-05-30 01:31 - 00452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll 2014-07-09 00:38 - 2014-05-30 01:03 - 00588288 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll 2014-07-09 00:38 - 2014-05-30 01:02 - 01281536 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2014-07-09 00:38 - 2014-05-30 01:02 - 00439808 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll 2014-07-09 00:38 - 2014-05-03 08:34 - 06974808 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2014-07-09 00:38 - 2014-05-03 08:33 - 01824808 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2014-07-09 00:38 - 2014-05-03 06:51 - 01408976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2014-07-09 00:38 - 2014-05-02 00:37 - 01023488 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll 2014-07-09 00:38 - 2014-04-30 00:32 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\Robocopy.exe 2014-07-09 00:38 - 2014-04-30 00:32 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Robocopy.exe 2014-07-09 00:38 - 2014-04-24 01:51 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll 2014-07-09 00:38 - 2014-04-24 01:51 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2014-07-09 00:38 - 2014-04-24 01:38 - 00693760 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll 2014-07-09 00:38 - 2014-04-24 01:38 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2014-07-09 00:37 - 2014-07-01 00:42 - 00702464 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-07-09 00:37 - 2014-07-01 00:42 - 00394240 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2014-07-09 00:37 - 2014-07-01 00:42 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2014-07-09 00:37 - 2014-06-28 05:35 - 00556544 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-07-09 00:37 - 2014-06-19 04:12 - 02239488 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-07-09 00:37 - 2014-06-19 04:12 - 01366528 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-07-09 00:37 - 2014-06-19 04:12 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll 2014-07-09 00:37 - 2014-06-19 04:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll 2014-07-09 00:37 - 2014-06-19 04:12 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-07-09 00:37 - 2014-06-19 04:11 - 19277312 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-07-09 00:37 - 2014-06-19 04:11 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-07-09 00:37 - 2014-06-19 04:11 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-07-09 00:37 - 2014-06-19 04:10 - 15369728 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-07-09 00:37 - 2014-06-19 04:10 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-07-09 00:37 - 2014-06-19 04:10 - 02650624 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-07-09 00:37 - 2014-06-19 04:10 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2014-07-09 00:37 - 2014-06-19 04:10 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-07-09 00:37 - 2014-06-19 04:10 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-07-09 00:37 - 2014-06-19 04:10 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-07-09 00:37 - 2014-06-19 04:10 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-07-09 00:37 - 2014-06-19 04:10 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2014-07-09 00:37 - 2014-06-19 04:10 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-07-09 00:37 - 2014-06-19 04:10 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-07-09 00:37 - 2014-06-19 04:10 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-07-09 00:37 - 2014-06-19 04:09 - 01508864 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-07-09 00:37 - 2014-06-19 02:53 - 14368768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-07-09 00:37 - 2014-06-19 02:53 - 01766400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-07-09 00:37 - 2014-06-19 02:53 - 01141760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-07-09 00:37 - 2014-06-19 02:53 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-07-09 00:37 - 2014-06-19 02:53 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-07-09 00:37 - 2014-06-19 02:53 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-07-09 00:37 - 2014-06-19 02:53 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll 2014-07-09 00:37 - 2014-06-19 02:52 - 13732352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-07-09 00:37 - 2014-06-19 02:52 - 02863616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-07-09 00:37 - 2014-06-19 02:52 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-07-09 00:37 - 2014-06-19 02:52 - 01440768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-07-09 00:37 - 2014-06-19 02:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2014-07-09 00:37 - 2014-06-19 02:52 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-07-09 00:37 - 2014-06-19 02:52 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-07-09 00:37 - 2014-06-19 02:52 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-07-09 00:37 - 2014-06-19 02:52 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2014-07-09 00:37 - 2014-06-19 02:52 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-07-09 00:37 - 2014-06-19 02:52 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-07-09 00:37 - 2014-06-19 02:52 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-07-09 00:37 - 2014-06-19 02:33 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-07-09 00:37 - 2014-06-19 02:30 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-07-09 00:37 - 2014-06-19 00:05 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll 2014-07-09 00:37 - 2014-06-06 16:06 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll 2014-07-09 00:37 - 2014-06-06 12:17 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll 2014-07-09 00:37 - 2014-05-30 00:24 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys 2014-07-03 18:50 - 2014-07-03 18:50 - 00001077 _____ () C:\Users\Markus\Desktop\DENON DJ ASIO Driver.lnk 2014-07-03 18:50 - 2014-07-03 18:50 - 00000000 ____D () C:\Program Files (x86)\DENON_DJ 2014-07-03 18:49 - 2014-07-03 18:49 - 00435075 _____ () C:\Users\Markus\Downloads\DDJAsioDrv101.zip 2014-07-03 17:52 - 2014-07-03 17:52 - 00001098 _____ () C:\Users\Public\Desktop\Controller Editor.lnk 2014-07-03 17:52 - 2014-07-03 17:52 - 00000000 __HDC () C:\ProgramData\{FA277A43-401F-4EAE-9068-FCDF88DB3EA9} 2014-07-03 17:45 - 2014-07-03 17:46 - 00000000 ____D () C:\Users\Markus\Documents\Native Instruments 2014-07-03 17:41 - 2014-07-03 17:41 - 00001006 _____ () C:\Users\Public\Desktop\Traktor 2.lnk 2014-07-03 17:41 - 2014-07-03 17:41 - 00000000 __HDC () C:\ProgramData\{05C334F7-C2A4-418A-9BC8-1542AE38D62B} 2014-07-03 17:37 - 2014-07-03 17:37 - 00000000 __HDC () C:\ProgramData\{D2030082-F62A-402A-9456-8009276FD896} 2014-07-03 17:37 - 2014-07-03 17:37 - 00000000 __HDC () C:\ProgramData\{B3478C15-588A-4968-AD66-76AA98803A28} 2014-07-03 17:37 - 2014-07-03 17:37 - 00000000 __HDC () C:\ProgramData\{4682E4CB-7209-4099-8AA1-580ABCCCE731} 2014-07-03 17:37 - 2014-07-03 17:37 - 00000000 __HDC () C:\ProgramData\{033B4844-E9C3-45D2-88D9-34DDF3F91100} 2014-07-03 17:36 - 2014-07-03 17:36 - 00000000 __HDC () C:\ProgramData\{EB21323D-3F46-4EF0-B849-B096B7705C69} 2014-07-03 17:36 - 2014-07-03 17:36 - 00000000 __HDC () C:\ProgramData\{9B09061B-0A4F-42DA-9987-7D3F452DCB09} 2014-07-03 17:36 - 2014-07-03 17:36 - 00000000 __HDC () C:\ProgramData\{9597097D-B8DC-4754-AF2D-CB61CCFC861A} 2014-07-03 17:36 - 2014-07-03 17:36 - 00000000 __HDC () C:\ProgramData\{662EAAEC-9E9A-4C69-A658-884E51E909BB} 2014-07-03 17:36 - 2014-07-03 17:36 - 00000000 __HDC () C:\ProgramData\{5EE4F9B1-7274-48A2-9C25-C287604C3058} 2014-07-03 17:36 - 2014-07-03 17:36 - 00000000 __HDC () C:\ProgramData\{219191E6-6846-4329-889D-7956C487D9A6} 2014-07-03 17:36 - 2014-07-03 17:36 - 00000000 __HDC () C:\ProgramData\{0CC85DFF-E70A-4AB0-968A-F1F98F4D0C67} 2014-07-03 17:36 - 2014-07-03 17:36 - 00000000 __HDC () C:\ProgramData\{018F1C44-00D1-417B-B251-92A5634F74AE} 2014-07-03 17:35 - 2014-07-03 17:35 - 00000000 __HDC () C:\ProgramData\{B7C85E99-2AC6-455D-B4D1-752A56403757} 2014-07-03 17:35 - 2014-07-03 17:35 - 00000000 __HDC () C:\ProgramData\{AF79C86B-2321-4D47-A168-2A24BA2B6A73} 2014-07-03 17:35 - 2014-07-03 17:35 - 00000000 __HDC () C:\ProgramData\{9F570B21-E27A-40BE-A508-292899A7D042} 2014-07-03 17:35 - 2014-07-03 17:35 - 00000000 __HDC () C:\ProgramData\{57B31BE2-3175-4425-9722-D2AC5F68C7BD} 2014-07-03 17:34 - 2014-07-03 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments 2014-07-03 17:34 - 2014-07-03 17:52 - 00000000 ____D () C:\Program Files\Native Instruments 2014-07-03 17:34 - 2014-07-03 17:52 - 00000000 ____D () C:\Program Files\Common Files\Native Instruments 2014-07-03 17:34 - 2014-07-03 17:37 - 00000000 ____D () C:\ProgramData\Native Instruments 2014-07-03 17:34 - 2014-07-03 17:34 - 00001063 _____ () C:\Users\Public\Desktop\Service Center.lnk 2014-07-03 17:34 - 2014-07-03 17:34 - 00000000 __HDC () C:\ProgramData\{C6A355F5-168B-4EEC-AB7C-75594F783EDB} 2014-07-03 17:19 - 2014-07-03 17:26 - 534450853 _____ () C:\Users\Markus\Downloads\Traktor_2_268_PC.zip 2014-07-03 15:36 - 2014-07-11 13:25 - 00000000 ____D () C:\Users\Markus\Desktop\Noten 2014-07-03 15:35 - 2014-07-03 15:54 - 00000000 ____D () C:\Users\Markus\Desktop\Musik Markus 2014-07-03 15:07 - 2014-07-24 07:05 - 00000000 ____D () C:\ProgramData\374311380 2014-07-03 15:05 - 2014-07-03 15:05 - 00000000 ____D () C:\Users\Markus\AppData\Local\Smartbar 2014-07-03 15:05 - 2014-07-03 15:05 - 00000000 ____D () C:\Users\Markus\AppData\Local\LPT 2014-07-03 15:03 - 2014-07-03 15:07 - 00000000 ____D () C:\Program Files (x86)\Optimizer Pro 2014-07-03 15:02 - 2014-07-03 15:02 - 00797384 _____ (Company limited) C:\Users\Markus\Downloads\Virtual DJ v7.0 PRO Crack [ChattChitto RG].exe 2014-07-03 14:54 - 2014-07-03 14:54 - 01250584 _____ () C:\Users\Markus\Downloads\jvlsetup.exe 2014-07-03 13:53 - 2014-07-03 13:53 - 00000000 ____D () C:\Program Files (x86)\predm 2014-07-03 13:41 - 2014-06-18 09:54 - 00000000 ____D () C:\Program Files (x86)\Iminent 2014-07-03 13:40 - 2014-07-03 13:54 - 00000000 ____D () C:\Users\Markus\AppData\Local\Genesis_07031140 2014-07-03 13:40 - 2014-07-03 13:40 - 00000000 ____D () C:\Program Files\003 2014-07-03 13:27 - 2014-07-03 13:47 - 00000378 _____ () C:\Windows\Tasks\APSnotifierPP1.job 2014-07-03 13:27 - 2014-07-03 13:36 - 00000376 _____ () C:\Windows\Tasks\APSnotifierPP3.job 2014-07-03 13:27 - 2014-07-03 13:36 - 00000376 _____ () C:\Windows\Tasks\APSnotifierPP2.job 2014-07-03 13:27 - 2014-07-03 13:28 - 00002808 _____ () C:\Windows\System32\Tasks\APSnotifierPP3 2014-07-03 13:27 - 2014-07-03 13:28 - 00002808 _____ () C:\Windows\System32\Tasks\APSnotifierPP2 2014-07-03 13:27 - 2014-07-03 13:27 - 00002810 _____ () C:\Windows\System32\Tasks\APSnotifierPP1 2014-07-03 13:27 - 2014-07-03 13:27 - 00000318 _____ () C:\Users\Markus\AppData\Roaming\aps.uninstall.scan.results 2014-07-03 13:26 - 2014-07-03 13:41 - 00000000 ____D () C:\Program Files (x86)\PC Speed Up 2014-07-03 13:26 - 2014-07-03 13:26 - 00623696 _____ (Click Me In Limited) C:\Users\Markus\AppData\Local\nsbB897.tmp 2014-07-03 13:26 - 2014-07-03 13:26 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\InetStat 2014-07-03 12:35 - 2014-07-03 12:35 - 00012800 ___SH () C:\Users\Markus\Documents\Thumbs.db 2014-07-02 17:51 - 2014-07-03 12:22 - 00000000 ____D () C:\Users\Markus\AppData\Local\Deployment 2014-07-02 17:51 - 2014-07-02 17:51 - 00000000 ____D () C:\Users\Markus\AppData\Local\Apps\2.0 2014-07-01 15:23 - 2014-07-01 15:23 - 00002128 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk 2014-07-01 15:23 - 2014-07-01 15:23 - 00002128 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk 2014-07-01 15:23 - 2014-07-01 15:23 - 00000000 ___RD () C:\Users\Markus\SkyDrive 2014-07-01 15:23 - 2014-07-01 15:23 - 00000000 ____D () C:\ProgramData\Microsoft SkyDrive 2014-07-01 15:23 - 2014-07-01 15:23 - 00000000 ____D () C:\Program Files (x86)\Microsoft SkyDrive 2014-07-01 15:18 - 2014-07-01 15:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 2014-07-01 15:17 - 2014-07-10 12:04 - 00000000 ____D () C:\Program Files\Microsoft Office 15 2014-07-01 15:17 - 2014-07-01 15:17 - 00989376 _____ (Microsoft Corporation) C:\Users\Markus\Downloads\Setup.X86.de-DE_O365HomePremRetail_87ed99a4-6c59-4399-a86e-769502a1fec2_TX_DB_.exe 2014-07-01 10:46 - 2014-07-01 10:46 - 00000000 ____D () C:\Users\Markus\AppData\Local\Tracker Software ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-07-29 15:07 - 2014-07-29 15:06 - 00026731 _____ () C:\Users\Markus\Downloads\FRST.txt 2014-07-29 15:06 - 2014-07-29 15:05 - 00000000 ____D () C:\FRST 2014-07-29 15:05 - 2014-07-29 15:05 - 02093568 _____ (Farbar) C:\Users\Markus\Downloads\FRST64.exe 2014-07-29 15:00 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\sru 2014-07-29 14:58 - 2013-07-31 03:19 - 00753134 _____ () C:\Windows\system32\perfh007.dat 2014-07-29 14:58 - 2013-07-31 03:19 - 00155826 _____ () C:\Windows\system32\perfc007.dat 2014-07-29 14:58 - 2012-07-26 09:28 - 01745416 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-07-29 14:52 - 2014-07-25 15:22 - 00001732 _____ () C:\Windows\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-1.job 2014-07-29 14:52 - 2014-07-25 15:22 - 00001566 _____ () C:\Windows\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-5_user.job 2014-07-29 14:52 - 2014-07-25 15:22 - 00001550 _____ () C:\Windows\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-5.job 2014-07-29 14:52 - 2014-07-25 15:22 - 00001478 _____ () C:\Windows\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-2.job 2014-07-29 14:52 - 2014-07-25 15:21 - 00002366 _____ () C:\Windows\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-4.job 2014-07-29 14:52 - 2014-03-26 21:09 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-07-29 14:52 - 2013-12-28 03:48 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\newnext.me 2014-07-29 14:51 - 2012-07-26 09:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-07-29 14:50 - 2013-10-28 22:33 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-07-29 14:50 - 2013-07-30 17:35 - 01098036 _____ () C:\Windows\WindowsUpdate.log 2014-07-29 14:50 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\BBI 2014-07-29 14:49 - 2012-07-26 09:59 - 00000000 ____D () C:\Windows\CbsTemp 2014-07-29 14:35 - 2014-03-26 21:09 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-07-29 12:26 - 2014-07-24 07:25 - 00000000 ____D () C:\ProgramData\WowCouponn 2014-07-29 12:26 - 2013-05-23 06:13 - 00042110 _____ () C:\Windows\PFRO.log 2014-07-28 16:01 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\AUInstallAgent 2014-07-28 15:32 - 2014-07-28 15:32 - 00000000 ____D () C:\Program Files (x86)\WowCouponn 2014-07-28 15:32 - 2014-07-24 07:26 - 00000000 ____D () C:\ProgramData\7a791e75f7c17ac 2014-07-28 15:26 - 2014-07-25 15:20 - 00000000 ____D () C:\Program Files (x86)\globalUpdate 2014-07-25 15:29 - 2014-07-25 15:29 - 00003118 _____ () C:\Windows\System32\Tasks\{D0140B21-80DB-4F5B-9F90-290E5EA14860} 2014-07-25 15:28 - 2014-07-25 15:26 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\Probit Software 2014-07-25 15:28 - 2014-07-25 15:19 - 00000000 ____D () C:\Program Files (x86)\Probit Software 2014-07-25 15:26 - 2014-03-26 21:09 - 00002237 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2014-07-25 15:25 - 2014-07-25 15:20 - 00000000 ____D () C:\ProgramData\cosstminn 2014-07-25 15:23 - 2014-07-25 15:23 - 00000000 ____D () C:\Users\Markus\AppData\Local\com 2014-07-25 15:23 - 2014-07-25 15:21 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect 2014-07-25 15:22 - 2014-07-25 15:22 - 00004736 _____ () C:\Windows\System32\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-1 2014-07-25 15:22 - 2014-07-25 15:22 - 00004554 _____ () C:\Windows\System32\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-5 2014-07-25 15:22 - 2014-07-25 15:22 - 00004482 _____ () C:\Windows\System32\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-2 2014-07-25 15:22 - 2014-07-25 15:21 - 00005370 _____ () C:\Windows\System32\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-4 2014-07-25 15:22 - 2014-07-25 15:20 - 00000000 ____D () C:\Program Files (x86)\video MediaPlay-Air 2014-07-25 15:21 - 2014-07-25 15:21 - 00000000 ____D () C:\ProgramData\IePluginServices 2014-07-25 15:21 - 2014-07-25 15:21 - 00000000 ____D () C:\Program Files (x86)\SupTab 2014-07-25 15:21 - 2014-07-25 15:20 - 00000000 ____D () C:\Program Files (x86)\cosstminn 2014-07-25 15:21 - 2014-03-26 21:09 - 00000000 ____D () C:\Program Files (x86)\Google 2014-07-25 15:20 - 2014-07-25 15:20 - 00000306 __RSH () C:\ProgramData\ntuser.pol 2014-07-25 15:20 - 2014-07-25 15:20 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Chromatic Browser 2014-07-25 15:20 - 2014-07-25 15:20 - 00000000 ____D () C:\Users\Markus\AppData\Local\globalUpdate 2014-07-25 15:20 - 2014-07-25 15:20 - 00000000 ____D () C:\Users\Markus\AppData\Local\Chromatic Browser 2014-07-25 15:20 - 2014-07-25 15:20 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser 2014-07-25 15:20 - 2014-07-25 15:20 - 00000000 ____D () C:\Users\Gast\AppData\Local\Chromatic Browser 2014-07-25 15:20 - 2014-07-25 15:20 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Chromatic Browser 2014-07-25 15:20 - 2012-07-26 10:12 - 00000000 ___HD () C:\Windows\system32\GroupPolicy 2014-07-25 15:20 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy 2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Torch 2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Google 2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Comodo 2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\Markus\AppData\Local\Torch 2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\Markus\AppData\Local\SearchProtect 2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\Markus\AppData\Local\Comodo 2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Torch 2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google 2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo 2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\HomeGroupUser$ 2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\Gast\AppData\Local\Torch 2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google 2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\Gast\AppData\Local\Comodo 2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\Gast 2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Torch 2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google 2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo 2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\Administrator 2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 _____ () C:\END 2014-07-25 15:19 - 2014-03-26 21:09 - 00000000 ____D () C:\Users\Markus\AppData\Local\Google 2014-07-25 15:18 - 2014-07-25 15:18 - 01399360 _____ () C:\Users\Markus\Downloads\Setup.exe 2014-07-24 07:05 - 2014-07-24 07:05 - 00000000 ____D () C:\ProgramData\Fast And Safe 2014-07-24 07:05 - 2014-07-03 15:07 - 00000000 ____D () C:\ProgramData\374311380 2014-07-20 16:25 - 2012-07-26 09:21 - 00036379 _____ () C:\Windows\setupact.log 2014-07-16 00:51 - 2014-07-29 14:49 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys 2014-07-11 17:54 - 2013-10-26 15:38 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3478845354-2299671783-2462539787-1002 2014-07-11 14:53 - 2014-07-11 14:53 - 00001787 _____ () C:\Users\Public\Desktop\iTunes.lnk 2014-07-11 14:53 - 2014-07-11 14:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2014-07-11 14:53 - 2014-07-11 14:53 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2014-07-11 14:53 - 2014-07-11 14:53 - 00000000 ____D () C:\Program Files\iTunes 2014-07-11 14:53 - 2014-07-11 14:53 - 00000000 ____D () C:\Program Files\iPod 2014-07-11 14:53 - 2014-07-11 14:53 - 00000000 ____D () C:\Program Files (x86)\iTunes 2014-07-11 13:42 - 2014-07-11 13:42 - 00000000 ____D () C:\ProgramData\Microsoft OneDrive 2014-07-11 13:30 - 2014-07-11 13:30 - 00000000 __RHD () C:\MSOCache 2014-07-11 13:25 - 2014-07-03 15:36 - 00000000 ____D () C:\Users\Markus\Desktop\Noten 2014-07-11 13:20 - 2014-01-06 00:33 - 00083456 ___SH () C:\Users\Markus\Desktop\Thumbs.db 2014-07-10 20:35 - 2014-07-10 20:35 - 00421880 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-07-10 13:22 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\rescache 2014-07-10 12:04 - 2014-07-01 15:17 - 00000000 ____D () C:\Program Files\Microsoft Office 15 2014-07-10 11:35 - 2014-07-10 11:34 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-07-10 11:35 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2014-07-10 11:35 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2014-07-10 11:34 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\WinStore 2014-07-10 11:34 - 2012-07-26 09:52 - 00000000 ____D () C:\Program Files\Windows Journal 2014-07-09 12:21 - 2013-10-27 04:04 - 00000000 ____D () C:\Windows\system32\MRT 2014-07-09 12:18 - 2013-10-27 04:04 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-07-09 00:50 - 2013-10-28 22:33 - 00003772 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-07-04 16:36 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM 2014-07-04 01:19 - 2013-11-18 02:03 - 00000000 ____D () C:\ProgramData\CanonIJPLM 2014-07-04 01:11 - 2013-12-04 22:06 - 00036352 ___SH () C:\Users\Markus\Downloads\Thumbs.db 2014-07-03 18:50 - 2014-07-03 18:50 - 00001077 _____ () C:\Users\Markus\Desktop\DENON DJ ASIO Driver.lnk 2014-07-03 18:50 - 2014-07-03 18:50 - 00000000 ____D () C:\Program Files (x86)\DENON_DJ 2014-07-03 18:49 - 2014-07-03 18:49 - 00435075 _____ () C:\Users\Markus\Downloads\DDJAsioDrv101.zip 2014-07-03 17:52 - 2014-07-03 17:52 - 00001098 _____ () C:\Users\Public\Desktop\Controller Editor.lnk 2014-07-03 17:52 - 2014-07-03 17:52 - 00000000 __HDC () C:\ProgramData\{FA277A43-401F-4EAE-9068-FCDF88DB3EA9} 2014-07-03 17:52 - 2014-07-03 17:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments 2014-07-03 17:52 - 2014-07-03 17:34 - 00000000 ____D () C:\Program Files\Native Instruments 2014-07-03 17:52 - 2014-07-03 17:34 - 00000000 ____D () C:\Program Files\Common Files\Native Instruments 2014-07-03 17:46 - 2014-07-03 17:45 - 00000000 ____D () C:\Users\Markus\Documents\Native Instruments 2014-07-03 17:41 - 2014-07-03 17:41 - 00001006 _____ () C:\Users\Public\Desktop\Traktor 2.lnk 2014-07-03 17:41 - 2014-07-03 17:41 - 00000000 __HDC () C:\ProgramData\{05C334F7-C2A4-418A-9BC8-1542AE38D62B} 2014-07-03 17:37 - 2014-07-03 17:37 - 00000000 __HDC () C:\ProgramData\{D2030082-F62A-402A-9456-8009276FD896} 2014-07-03 17:37 - 2014-07-03 17:37 - 00000000 __HDC () C:\ProgramData\{B3478C15-588A-4968-AD66-76AA98803A28} 2014-07-03 17:37 - 2014-07-03 17:37 - 00000000 __HDC () C:\ProgramData\{4682E4CB-7209-4099-8AA1-580ABCCCE731} 2014-07-03 17:37 - 2014-07-03 17:37 - 00000000 __HDC () C:\ProgramData\{033B4844-E9C3-45D2-88D9-34DDF3F91100} 2014-07-03 17:37 - 2014-07-03 17:34 - 00000000 ____D () C:\ProgramData\Native Instruments 2014-07-03 17:37 - 2013-07-30 17:48 - 00118426 _____ () C:\Windows\DPINST.LOG 2014-07-03 17:36 - 2014-07-03 17:36 - 00000000 __HDC () C:\ProgramData\{EB21323D-3F46-4EF0-B849-B096B7705C69} 2014-07-03 17:36 - 2014-07-03 17:36 - 00000000 __HDC () C:\ProgramData\{9B09061B-0A4F-42DA-9987-7D3F452DCB09} 2014-07-03 17:36 - 2014-07-03 17:36 - 00000000 __HDC () C:\ProgramData\{9597097D-B8DC-4754-AF2D-CB61CCFC861A} 2014-07-03 17:36 - 2014-07-03 17:36 - 00000000 __HDC () C:\ProgramData\{662EAAEC-9E9A-4C69-A658-884E51E909BB} 2014-07-03 17:36 - 2014-07-03 17:36 - 00000000 __HDC () C:\ProgramData\{5EE4F9B1-7274-48A2-9C25-C287604C3058} 2014-07-03 17:36 - 2014-07-03 17:36 - 00000000 __HDC () C:\ProgramData\{219191E6-6846-4329-889D-7956C487D9A6} 2014-07-03 17:36 - 2014-07-03 17:36 - 00000000 __HDC () C:\ProgramData\{0CC85DFF-E70A-4AB0-968A-F1F98F4D0C67} 2014-07-03 17:36 - 2014-07-03 17:36 - 00000000 __HDC () C:\ProgramData\{018F1C44-00D1-417B-B251-92A5634F74AE} 2014-07-03 17:35 - 2014-07-03 17:35 - 00000000 __HDC () C:\ProgramData\{B7C85E99-2AC6-455D-B4D1-752A56403757} 2014-07-03 17:35 - 2014-07-03 17:35 - 00000000 __HDC () C:\ProgramData\{AF79C86B-2321-4D47-A168-2A24BA2B6A73} 2014-07-03 17:35 - 2014-07-03 17:35 - 00000000 __HDC () C:\ProgramData\{9F570B21-E27A-40BE-A508-292899A7D042} 2014-07-03 17:35 - 2014-07-03 17:35 - 00000000 __HDC () C:\ProgramData\{57B31BE2-3175-4425-9722-D2AC5F68C7BD} 2014-07-03 17:34 - 2014-07-03 17:34 - 00001063 _____ () C:\Users\Public\Desktop\Service Center.lnk 2014-07-03 17:34 - 2014-07-03 17:34 - 00000000 __HDC () C:\ProgramData\{C6A355F5-168B-4EEC-AB7C-75594F783EDB} 2014-07-03 17:26 - 2014-07-03 17:19 - 534450853 _____ () C:\Users\Markus\Downloads\Traktor_2_268_PC.zip 2014-07-03 15:54 - 2014-07-03 15:35 - 00000000 ____D () C:\Users\Markus\Desktop\Musik Markus 2014-07-03 15:07 - 2014-07-03 15:03 - 00000000 ____D () C:\Program Files (x86)\Optimizer Pro 2014-07-03 15:05 - 2014-07-03 15:05 - 00000000 ____D () C:\Users\Markus\AppData\Local\Smartbar 2014-07-03 15:05 - 2014-07-03 15:05 - 00000000 ____D () C:\Users\Markus\AppData\Local\LPT 2014-07-03 15:02 - 2014-07-03 15:02 - 00797384 _____ (Company limited) C:\Users\Markus\Downloads\Virtual DJ v7.0 PRO Crack [ChattChitto RG].exe 2014-07-03 14:54 - 2014-07-03 14:54 - 01250584 _____ () C:\Users\Markus\Downloads\jvlsetup.exe 2014-07-03 13:54 - 2014-07-03 13:40 - 00000000 ____D () C:\Users\Markus\AppData\Local\Genesis_07031140 2014-07-03 13:53 - 2014-07-03 13:53 - 00000000 ____D () C:\Program Files (x86)\predm 2014-07-03 13:47 - 2014-07-03 13:27 - 00000378 _____ () C:\Windows\Tasks\APSnotifierPP1.job 2014-07-03 13:41 - 2014-07-03 13:26 - 00000000 ____D () C:\Program Files (x86)\PC Speed Up 2014-07-03 13:40 - 2014-07-03 13:40 - 00000000 ____D () C:\Program Files\003 2014-07-03 13:37 - 2013-05-23 06:45 - 00000000 ____D () C:\ProgramData\McAfee 2014-07-03 13:36 - 2014-07-03 13:27 - 00000376 _____ () C:\Windows\Tasks\APSnotifierPP3.job 2014-07-03 13:36 - 2014-07-03 13:27 - 00000376 _____ () C:\Windows\Tasks\APSnotifierPP2.job 2014-07-03 13:35 - 2013-10-28 22:24 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-07-03 13:28 - 2014-07-03 13:27 - 00002808 _____ () C:\Windows\System32\Tasks\APSnotifierPP3 2014-07-03 13:28 - 2014-07-03 13:27 - 00002808 _____ () C:\Windows\System32\Tasks\APSnotifierPP2 2014-07-03 13:27 - 2014-07-03 13:27 - 00002810 _____ () C:\Windows\System32\Tasks\APSnotifierPP1 2014-07-03 13:27 - 2014-07-03 13:27 - 00000318 _____ () C:\Users\Markus\AppData\Roaming\aps.uninstall.scan.results 2014-07-03 13:26 - 2014-07-03 13:26 - 00623696 _____ (Click Me In Limited) C:\Users\Markus\AppData\Local\nsbB897.tmp 2014-07-03 13:26 - 2014-07-03 13:26 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\InetStat 2014-07-03 12:35 - 2014-07-03 12:35 - 00012800 ___SH () C:\Users\Markus\Documents\Thumbs.db 2014-07-03 12:22 - 2014-07-02 17:51 - 00000000 ____D () C:\Users\Markus\AppData\Local\Deployment 2014-07-02 17:51 - 2014-07-02 17:51 - 00000000 ____D () C:\Users\Markus\AppData\Local\Apps\2.0 2014-07-01 16:21 - 2013-10-26 15:34 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\Spotify 2014-07-01 15:23 - 2014-07-01 15:23 - 00002128 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk 2014-07-01 15:23 - 2014-07-01 15:23 - 00002128 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk 2014-07-01 15:23 - 2014-07-01 15:23 - 00000000 ___RD () C:\Users\Markus\SkyDrive 2014-07-01 15:23 - 2014-07-01 15:23 - 00000000 ____D () C:\ProgramData\Microsoft SkyDrive 2014-07-01 15:23 - 2014-07-01 15:23 - 00000000 ____D () C:\Program Files (x86)\Microsoft SkyDrive 2014-07-01 15:23 - 2013-10-26 15:28 - 00000000 ____D () C:\Users\Markus 2014-07-01 15:20 - 2014-07-01 15:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 2014-07-01 15:18 - 2013-10-26 15:29 - 00000000 ____D () C:\Users\Markus\AppData\Local\VirtualStore 2014-07-01 15:17 - 2014-07-01 15:17 - 00989376 _____ (Microsoft Corporation) C:\Users\Markus\Downloads\Setup.X86.de-DE_O365HomePremRetail_87ed99a4-6c59-4399-a86e-769502a1fec2_TX_DB_.exe 2014-07-01 10:48 - 2013-05-23 06:45 - 00000000 ____D () C:\Program Files\mcafee 2014-07-01 10:46 - 2014-07-01 10:46 - 00000000 ____D () C:\Users\Markus\AppData\Local\Tracker Software 2014-07-01 10:24 - 2013-10-26 15:34 - 00000000 ____D () C:\Users\Markus\AppData\Local\Spotify 2014-07-01 00:42 - 2014-07-09 00:37 - 00702464 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-07-01 00:42 - 2014-07-09 00:37 - 00394240 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2014-07-01 00:42 - 2014-07-09 00:37 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll Some content of TEMP: ==================== C:\Users\Markus\AppData\Local\Temp\BackupSetup.exe C:\Users\Markus\AppData\Local\Temp\COMAP.EXE C:\Users\Markus\AppData\Local\Temp\fp_pl_pfs_installer-1.exe C:\Users\Markus\AppData\Local\Temp\fp_pl_pfs_installer.exe C:\Users\Markus\AppData\Local\Temp\Installer.exe C:\Users\Markus\AppData\Local\Temp\MSETUP4.EXE C:\Users\Markus\AppData\Local\Temp\nsb6A5.exe C:\Users\Markus\AppData\Local\Temp\nsd3F29.exe C:\Users\Markus\AppData\Local\Temp\nsg467E.exe C:\Users\Markus\AppData\Local\Temp\nsiCC9.exe C:\Users\Markus\AppData\Local\Temp\nsk1026.exe C:\Users\Markus\AppData\Local\Temp\nsm93E.exe C:\Users\Markus\AppData\Local\Temp\nsz42B4.exe C:\Users\Markus\AppData\Local\Temp\OptimizerPro.exe C:\Users\Markus\AppData\Local\Temp\Setup.exe C:\Users\Markus\AppData\Local\Temp\UNT268F.exe C:\Users\Markus\AppData\Local\Temp\UNT26B0.exe C:\Users\Markus\AppData\Local\Temp\VOPackage.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-07-28 15:29 ==================== End Of Log ============================ Addition Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-07-2014 Ran by Markus at 2014-07-29 15:07:38 Running from C:\Users\Markus\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) clear.fi SDK - Video 2 (x32 Version: 2.1.2606 - CyberLink Corp.) Hidden clear.fi SDK- Movie 2 (x32 Version: 2.1.2606 - CyberLink Corp.) Hidden Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3013 - Acer Incorporated) Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3016 - Acer Incorporated) AcerCloud Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.01.2008 - Acer Incorporated) AcerCloud Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.02.2021 - Acer Incorporated) Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated) Apple Application Support (HKLM-x32\...\{21ECABC3-40B2-42DF-8E21-ACF3A4D0D95A}) (Version: 3.0.5 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.3.5.0 - Canon Inc.) Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.) Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.0.0 - Canon Inc.) Canon MG2200 series Benutzerregistrierung (HKLM-x32\...\Canon MG2200 series Benutzerregistrierung) (Version: - Canon Inc.) Canon MG2200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2200_series) (Version: 1.00 - Canon Inc.) Canon MG2200 series On-screen Manual (HKLM-x32\...\Canon MG2200 series On-screen Manual) (Version: 7.5.0 - Canon Inc.) Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 1.0.0 - Canon Inc.) Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 1.0.0 - Canon Inc.) Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.0.0 - Canon Inc.) Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.0.0 - Canon Inc.) clear.fi Media (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.02.2012 - Acer Incorporated) clear.fi Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.02.2016 - Acer Incorporated) Delicious: Emily's Childhood Memories Premium Edition (x32 Version: 3.0.2.32 - WildTangent) Hidden DENON DJ ASIO Driver (HKLM-x32\...\{E2BF2060-D1DB-441A-8739-30E7BAA534BA}) (Version: 1.0.0 - DENON_DJ) Dritek Radio Controller (HKLM-x32\...\RadioController) (Version: 2.02.2001.0803 - Dritek System Inc.) ETDWare PS/2-X64 11.6.16.003_WHQL (HKLM\...\Elantech) (Version: 11.6.16.003 - ELAN Microelectronic Corp.) Fast And Safe (HKLM-x32\...\{5F189DF5-2D05-472B-9091-84D9848AE48B}{64af91bf}) (Version: - GTgroup) <==== ATTENTION Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.125 - Google Inc.) Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3006 - Acer Incorporated) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2867 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.4.1001 - Intel Corporation) Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation) Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden iTunes (HKLM\...\{33E28B58-7BA0-47B7-AA01-9225ABA2B8A9}) (Version: 11.3.0.54 - Apple Inc.) Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden Launch Manager (HKLM-x32\...\LManager) (Version: 7.0.10 - Acer Inc.) Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.3010 - Acer Incorporated) Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden Microsoft App Update for microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe (x64) (Version: 1.0.0.0 - Microsoft Corporation) Hidden Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 15.0.4631.1002 - Microsoft Corporation) Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4041.0512 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual Studio 2005 Tools for Office Runtime (x32 Version: 8.0.60940.0 - Microsoft Corporation) Hidden Mozilla Firefox 30.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla) MuseScore 1.3 (HKLM-x32\...\MuseScore) (Version: 1.3.0 - Werner Schweer and Others) Native Instruments Audio 2 DJ Driver (HKLM-x32\...\Native Instruments Audio 2 DJ Driver) (Version: - Native Instruments) Native Instruments Audio 2 DJ Driver (Version: 3.1.0.761 - Native Instruments) Hidden Native Instruments Audio 4 DJ Driver (HKLM-x32\...\Native Instruments Audio 4 DJ Driver) (Version: - Native Instruments) Native Instruments Audio 4 DJ Driver (Version: 3.1.0.761 - Native Instruments) Hidden Native Instruments Audio 8 DJ Driver (HKLM-x32\...\Native Instruments Audio 8 DJ Driver) (Version: - Native Instruments) Native Instruments Audio 8 DJ Driver (Version: 3.1.0.761 - Native Instruments) Hidden Native Instruments Controller Editor (HKLM-x32\...\Native Instruments Controller Editor) (Version: 1.6.3.46 - Native Instruments) Native Instruments Controller Editor (Version: 1.6.3.46 - Native Instruments) Hidden Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version: 2.5.2.1549 - Native Instruments) Native Instruments Service Center (Version: 2.5.2.1549 - Native Instruments) Hidden Native Instruments Traktor 2 (HKLM-x32\...\Native Instruments Traktor 2) (Version: 2.6.8.382 - Native Instruments) Native Instruments Traktor 2 (Version: 2.6.8.382 - Native Instruments) Hidden Native Instruments Traktor Audio 10 Driver (HKLM-x32\...\Native Instruments Traktor Audio 10 Driver) (Version: - Native Instruments) Native Instruments Traktor Audio 10 Driver (Version: 3.1.0.761 - Native Instruments) Hidden Native Instruments Traktor Audio 2 Driver (HKLM-x32\...\Native Instruments Traktor Audio 2 Driver) (Version: - Native Instruments) Native Instruments Traktor Audio 2 Driver (Version: 3.1.0.761 - Native Instruments) Hidden Native Instruments Traktor Audio 2 MK2 Driver (HKLM-x32\...\Native Instruments Traktor Audio 2 MK2 Driver) (Version: - Native Instruments) Native Instruments Traktor Audio 2 MK2 Driver (Version: 3.1.3.804 - Native Instruments) Hidden Native Instruments Traktor Audio 6 Driver (HKLM-x32\...\Native Instruments Traktor Audio 6 Driver) (Version: - Native Instruments) Native Instruments Traktor Audio 6 Driver (Version: 3.1.0.761 - Native Instruments) Hidden Native Instruments Traktor Kontrol F1 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol F1 Driver) (Version: - Native Instruments) Native Instruments Traktor Kontrol F1 Driver (Version: 3.0.2.664 - Native Instruments) Hidden Native Instruments Traktor Kontrol S2 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol S2 Driver) (Version: - Native Instruments) Native Instruments Traktor Kontrol S2 Driver (Version: 3.1.0.761 - Native Instruments) Hidden Native Instruments Traktor Kontrol S2 MK2 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol S2 MK2 Driver) (Version: - Native Instruments) Native Instruments Traktor Kontrol S2 MK2 Driver (Version: 3.1.2.795 - Native Instruments) Hidden Native Instruments Traktor Kontrol S4 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol S4 Driver) (Version: - Native Instruments) Native Instruments Traktor Kontrol S4 Driver (Version: 3.1.0.761 - Native Instruments) Hidden Native Instruments Traktor Kontrol S4 MK2 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol S4 MK2 Driver) (Version: - Native Instruments) Native Instruments Traktor Kontrol S4 MK2 Driver (Version: 3.1.2.795 - Native Instruments) Hidden Native Instruments Traktor Kontrol X1 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol X1 Driver) (Version: - Native Instruments) Native Instruments Traktor Kontrol X1 Driver (Version: 3.0.1.648 - Native Instruments) Hidden Native Instruments Traktor Kontrol X1 MK2 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol X1 MK2 Driver) (Version: - Native Instruments) Native Instruments Traktor Kontrol X1 MK2 Driver (Version: 3.1.1.780 - Native Instruments) Hidden Native Instruments Traktor Kontrol Z1 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol Z1 Driver) (Version: - Native Instruments) Native Instruments Traktor Kontrol Z1 Driver (Version: 3.1.1.780 - Native Instruments) Hidden Native Instruments Traktor Kontrol Z2 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol Z2 Driver) (Version: - Native Instruments) Native Instruments Traktor Kontrol Z2 Driver (Version: 3.1.0.761 - Native Instruments) Hidden Nero BackItUp (x32 Version: 12.5.5000 - Nero AG) Hidden Nero BackItUp 12 Essentials OEM.a01 (HKLM-x32\...\{4CA8F973-6377-4ABF-9ED5-CC2323B3C000}) (Version: 12.5.00500 - Nero AG) Nero BackItUp Help (CHM) (x32 Version: 12.0.10000 - Nero AG) Hidden Nero ControlCenter (x32 Version: 11.0.15600 - Nero AG) Hidden Nero ControlCenter Help (CHM) (x32 Version: 12.0.7000 - Nero AG) Hidden Nero Core Components (x32 Version: 11.0.20200 - Nero AG) Hidden Nero Launcher (x32 Version: 12.2.7000 - Nero AG) Hidden Nero RescueAgent (x32 Version: 12.0.3001 - Nero AG) Hidden Nero RescueAgent Help (CHM) (x32 Version: 12.0.7000 - Nero AG) Hidden Nero Update (x32 Version: 11.0.11800.31.0 - Nero AG) Hidden Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.2.3.51r2 - Symantec Corporation) Norton Online Backup ARA (x32 Version: 4.1.0.14 - Symantec Corporation) Hidden NVIDIA Grafiktreiber 311.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.30 - NVIDIA Corporation) NVIDIA Install Application (Version: 2.1002.109.706 - NVIDIA Corporation) Hidden NVIDIA Optimus 1.11.3 (Version: 1.11.3 - NVIDIA Corporation) Hidden NVIDIA PhysX (x32 Version: 9.12.1031 - NVIDIA Corporation) Hidden NVIDIA PhysX-Systemsoftware 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation) NVIDIA Systemsteuerung 311.30 (Version: 311.30 - NVIDIA Corporation) Hidden NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation) NVIDIA Update Components (Version: 1.11.3 - NVIDIA Corporation) Hidden Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4631.1002 - Microsoft Corporation) Hidden Office 15 Click-to-Run Licensing Component (Version: 15.0.4631.1002 - Microsoft Corporation) Hidden Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4631.1002 - Microsoft Corporation) Hidden Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.02.2008 - Acer) Office Addin 2003 (HKLM-x32\...\{1FCC073B-CC01-4443-AD20-E559F66E6E83}) (Version: 2.02.2008 - Acer) PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.213.1 - Tracker Software Products Ltd) Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden Qualcomm Atheros WiFi Driver Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 11.39 - Qualcomm Atheros) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6657 - Realtek Semiconductor Corp.) Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee) Spotify (HKLM-x32\...\Spotify) (Version: 0.8.4.99.ga249b5f1 - Spotify AB) Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation) Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version: - Microsoft Corporation) Visual Studio Tools for the Office system 3.0 Runtime (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation) WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent) WildTangent Games App (x32 Version: 4.0.10.5 - WildTangent) Hidden Yahoo Community Smartbar (HKLM-x32\...\{3BC7022B-CDE0-4664-9AB6-E3EC25CE644A}) (Version: 11.63.66.17714 - Linkury Inc.) <==== ATTENTION ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-3478845354-2299671783-2462539787-1002_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Markus\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3478845354-2299671783-2462539787-1002_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Markus\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3478845354-2299671783-2462539787-1002_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Markus\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3478845354-2299671783-2462539787-1002_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Markus\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3478845354-2299671783-2462539787-1002_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Markus\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64\FileSyncApi64.dll (Microsoft Corporation) ==================== Restore Points ========================= 08-07-2014 22:50:54 Windows Update 18-07-2014 10:30:50 Geplanter Prüfpunkt 28-07-2014 13:27:40 Geplanter Prüfpunkt ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {05213698-A30E-4087-A857-31B7B60B5F25} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2013-03-13] () Task: {12421D3C-85C4-48C8-9352-53C1AC3B0385} - System32\Tasks\APSnotifierPP1 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe Task: {1A15979C-EE4A-4CF4-8CF5-4D52683E0C06} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask Task: {1BA20418-F45D-4183-A8A4-9192CAC32CD6} - System32\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-5_user => C:\Program Files (x86)\video MediaPlay-Air\c421907c-8d5f-4b54-af6e-98e6584c00d7-5.exe [2014-07-25] (enter) <==== ATTENTION Task: {20850515-6079-456E-AB44-DCEBB8D45EF1} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2013-01-22] () Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList Task: {24E43C6C-F3AC-463B-8C4B-0B2053EDFC8F} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-06-19] (Microsoft Corporation) Task: {39CE24A0-32CB-4D61-8019-FEF551B287F2} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2013-01-23] (Acer Incorporated) Task: {4586CBE0-97ED-4137-A2C6-712A2A5C4805} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-07-09] (Microsoft Corporation) Task: {4C5BD0C1-8937-43CB-B64F-9120AA18F3B8} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2014-04-19] (Microsoft Corporation) Task: {4FB017EE-E51B-40C1-A86A-5F5DC43A7801} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2013-03-15] (Acer Incorporated) Task: {545A398B-78E7-464F-A80E-3A033AD37198} - System32\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-1 => C:\Program Files (x86)\video MediaPlay-Air\video MediaPlay-Air-codedownloader.exe [2014-07-25] (enter) <==== ATTENTION Task: {5FDBD969-AC66-42BA-B22F-58849328109C} - System32\Tasks\APSnotifierPP2 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe Task: {744490FD-A8F4-4CC0-878F-02D587DA55F1} - System32\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-4 => C:\Program Files (x86)\video MediaPlay-Air\c421907c-8d5f-4b54-af6e-98e6584c00d7-4.exe [2014-07-25] (enter) <==== ATTENTION Task: {9174E7C1-BD86-402F-A9A3-A50B8AB03EEE} - System32\Tasks\APSnotifierPP3 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe Task: {A198AA06-64A7-4996-A258-2E17F6098A91} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState Task: {E80D32C7-3C42-4C4E-B26A-F5B8567B330D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: {E85FF466-D7B9-4206-8906-1898F42B0397} - System32\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-5 => C:\Program Files (x86)\video MediaPlay-Air\c421907c-8d5f-4b54-af6e-98e6584c00d7-5.exe [2014-07-25] (enter) <==== ATTENTION Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask Task: {EC07CB73-2C28-41A7-AD5F-140BA260C200} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09] (Adobe Systems Incorporated) Task: {EC2BCA28-D75E-477D-A070-22C6183A4EE7} - System32\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-2 => C:\Program Files (x86)\video MediaPlay-Air\c421907c-8d5f-4b54-af6e-98e6584c00d7-2.exe [2014-07-25] (enter) <==== ATTENTION Task: {FDDCCCB6-C4DD-4184-AE57-C7D07889303D} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-06-10] (Microsoft Corporation) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\APSnotifierPP1.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION Task: C:\Windows\Tasks\APSnotifierPP2.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION Task: C:\Windows\Tasks\APSnotifierPP3.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION Task: C:\Windows\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-1.job => C:\Program Files (x86)\video MediaPlay-Air\video MediaPlay-Air-codedownloader.exe Task: C:\Windows\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-2.job => C:\Program Files (x86)\video MediaPlay-Air\c421907c-8d5f-4b54-af6e-98e6584c00d7-2.exe Task: C:\Windows\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-4.job => C:\Program Files (x86)\video MediaPlay-Air\c421907c-8d5f-4b54-af6e-98e6584c00d7-4.exe Task: C:\Windows\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-5.job => C:\Program Files (x86)\video MediaPlay-Air\c421907c-8d5f-4b54-af6e-98e6584c00d7-5.exe Task: C:\Windows\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-5_user.job => C:\Program Files (x86)\video MediaPlay-Air\c421907c-8d5f-4b54-af6e-98e6584c00d7-5.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2014-07-02 10:01 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll 2013-11-18 02:03 - 2012-03-28 14:49 - 00140456 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE 2014-07-23 16:32 - 2014-07-25 15:21 - 00106376 _____ () C:\Program Files (x86)\SupTab\WindowsSupportDll64.dll 2014-07-23 16:32 - 2014-07-25 15:21 - 00732040 _____ () C:\Program Files (x86)\SupTab\HpUI.exe 2014-07-16 11:16 - 2014-07-16 11:16 - 00064000 _____ () C:\Program Files (x86)\SupTab\Loader32.exe 2014-07-16 10:55 - 2014-07-16 10:55 - 00073216 _____ () C:\Program Files (x86)\SupTab\Loader64.exe 2013-05-23 07:06 - 2012-10-23 20:37 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2014-06-11 15:27 - 2014-06-11 15:27 - 00024344 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\Lrcnta.exe 2014-07-24 07:05 - 2014-07-24 07:05 - 00186192 _____ () c:\ProgramData\Fast And Safe\FastAndSafeSvc.dll 2014-07-24 07:05 - 2014-07-24 07:05 - 04125696 _____ () c:\ProgramData\Fast And Safe\FastAndSafe.dll 2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2014-07-23 16:32 - 2014-07-25 15:21 - 00093576 _____ () C:\Program Files (x86)\SupTab\WindowsSupportDll32.dll 2014-06-11 15:28 - 2014-06-11 15:28 - 00045848 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Core.dll 2014-06-11 15:28 - 2014-06-11 15:28 - 00070936 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\srau.dll 2014-06-11 15:28 - 2014-06-11 15:28 - 00166680 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Utilities.dll 2014-06-11 15:28 - 2014-06-11 15:28 - 02337048 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\Smartbar.GUI.MainClient.dll 2014-06-11 15:28 - 2014-06-11 15:28 - 00067864 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\spbl.dll 2014-06-11 15:28 - 2014-06-11 15:28 - 00156952 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\Smartbar.Resources.HistoryAndStatsWrapper.dll 2014-06-11 15:28 - 2014-06-11 15:28 - 00015128 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\siem.dll 2014-06-11 15:28 - 2014-06-11 15:28 - 00066840 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\sppsm.dll 2014-06-11 15:28 - 2014-06-11 15:28 - 00697624 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\Smartbar.GUI.Controls.dll 2014-06-11 15:28 - 2014-06-11 15:28 - 00015640 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.BusinessEntities.dll 2014-06-11 15:28 - 2014-06-11 15:28 - 00079640 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\Smartbar.GUI.Docking.dll 2014-06-11 15:28 - 2014-06-11 15:28 - 00027928 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\Smartbar.Personalization.Common.dll 2014-06-11 15:29 - 2014-06-11 15:29 - 00060184 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\srut.dll 2014-06-11 15:28 - 2014-06-11 15:28 - 00030488 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\srsbs.dll 2014-06-11 15:28 - 2014-06-11 15:28 - 00066328 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.InternetExplorerLocalPlugin.dll 2014-06-11 15:28 - 2014-06-11 15:28 - 00150296 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\smti.dll 2014-06-11 15:28 - 2014-06-11 15:28 - 00032024 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\srom.dll 2014-06-11 15:28 - 2014-06-11 15:28 - 00031512 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\smtu.dll 2014-06-11 15:28 - 2014-06-11 15:28 - 00040216 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\smta.dll 2014-06-11 15:28 - 2014-06-11 15:28 - 00046872 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\srbu.dll 2014-06-11 15:28 - 2014-06-11 15:28 - 00024856 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\sgml.dll 2014-06-11 15:28 - 2014-06-11 15:28 - 00062744 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\Smartbar.Resources.LanguageSettings.dll 2014-06-11 15:28 - 2014-06-11 15:28 - 00025368 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\srpdm.dll 2014-06-11 15:27 - 2014-06-11 15:27 - 00044312 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\MACTrackBarLib.dll 2014-06-11 15:27 - 2014-06-11 15:27 - 00025880 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\de\Smartbar.Resources.LanguageSettings.resources.dll 2014-06-11 15:28 - 2014-06-11 15:28 - 00036120 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.dll 2014-06-11 15:28 - 2014-06-11 15:28 - 00256280 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\srns.dll 2014-06-24 21:41 - 2014-06-24 21:41 - 03852912 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll 2014-06-11 15:27 - 2014-06-11 15:27 - 00034072 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\lrcnt.dll 2013-07-30 17:40 - 2012-06-25 19:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="" ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) ==================== Faulty Device Manager Devices ============= Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (07/28/2014 03:35:54 PM) (Source: SideBySide) (EventID: 72) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3. Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird. Error: (07/28/2014 03:35:54 PM) (Source: SideBySide) (EventID: 72) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3. Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird. Error: (07/28/2014 03:35:54 PM) (Source: SideBySide) (EventID: 72) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3. Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird. Error: (07/28/2014 03:18:20 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: Umbrella210.exe, Version: 4.29.0.1, Zeitstempel: 0x53c89bf9 Name des fehlerhaften Moduls: Umbrella210.exe, Version: 4.29.0.1, Zeitstempel: 0x53c89bf9 Ausnahmecode: 0x40000015 Fehleroffset: 0x001c05a9 ID des fehlerhaften Prozesses: 0xe2c Startzeit der fehlerhaften Anwendung: 0xUmbrella210.exe0 Pfad der fehlerhaften Anwendung: Umbrella210.exe1 Pfad des fehlerhaften Moduls: Umbrella210.exe2 Berichtskennung: Umbrella210.exe3 Vollständiger Name des fehlerhaften Pakets: Umbrella210.exe4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Umbrella210.exe5 Error: (07/28/2014 10:10:42 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 15594 Error: (07/28/2014 10:10:42 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 15594 Error: (07/28/2014 10:10:42 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (07/26/2014 07:24:33 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 12265 Error: (07/26/2014 07:24:33 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 12265 Error: (07/26/2014 07:24:33 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second System errors: ============= Error: (07/29/2014 02:53:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error: (07/29/2014 02:51:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "McAfee SiteAdvisor Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error: (07/29/2014 00:29:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error: (07/29/2014 00:26:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "McAfee SiteAdvisor Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error: (07/28/2014 03:18:23 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "SProtection" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (07/25/2014 03:28:26 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error: (07/25/2014 03:26:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "McAfee SiteAdvisor Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error: (07/25/2014 03:26:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "Computer Backup (MyPC Backup)" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error: (07/25/2014 03:26:17 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Computer Backup (MyPC Backup) erreicht. Error: (07/22/2014 01:40:25 PM) (Source: Tcpip) (EventID: 4199) (User: ) Description: Das System hat einen Adressenkonflikt der IP-Adresse 192.168.2.100 mit dem Computer mit der Netzwerkhardwareadresse 00-26-AB-68-ED-8E ermittelt. Netzwerkvorgänge könnten daher auf diesem System unterbrochen werden. Microsoft Office Sessions: ========================= Error: (07/28/2014 03:35:54 PM) (Source: SideBySide) (EventID: 72) (User: ) Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\WordAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\WordAddIn2003.dll.Manifest4 Error: (07/28/2014 03:35:54 PM) (Source: SideBySide) (EventID: 72) (User: ) Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\PowerPointAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\PowerPointAddIn2003.dll.Manifest4 Error: (07/28/2014 03:35:54 PM) (Source: SideBySide) (EventID: 72) (User: ) Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\ExcelAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\ExcelAddIn2003.dll.Manifest4 Error: (07/28/2014 03:18:20 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Umbrella210.exe4.29.0.153c89bf9Umbrella210.exe4.29.0.153c89bf940000015001c05a9e2c01cfa80c05658c6eC:\Program Files (x86)\Common Files\Umbrella\Umbrella210.exeC:\Program Files (x86)\Common Files\Umbrella\Umbrella210.exea45faa4e-1659-11e4-be8c-208984ce3dc2 Error: (07/28/2014 10:10:42 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 15594 Error: (07/28/2014 10:10:42 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 15594 Error: (07/28/2014 10:10:42 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (07/26/2014 07:24:33 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 12265 Error: (07/26/2014 07:24:33 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 12265 Error: (07/26/2014 07:24:33 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second ==================== Memory info =========================== Percentage of memory in use: 26% Total physical RAM: 8007.27 MB Available physical RAM: 5922.41 MB Total Pagefile: 11463.27 MB Available Pagefile: 9320.42 MB Total Virtual: 8192 MB Available Virtual: 8191.76 MB ==================== Drives ================================ Drive c: (Acer) (Fixed) (Total:682.19 GB) (Free:598.92 GB) NTFS Drive d: (27 Jun 2014) (CDROM) (Total:0.69 GB) (Free:0.3 GB) UDF ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 699 GB) (Disk ID: B716F7A2) Partition: GPT Partition Type. ==================== End Of Log ============================ |
|
29.07.2014, 14:25
| #2 |
| /// the machine /// TB-Ausbilder    | Mozilla öffnet von alleine neue Tabs hi,
__________________ So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Scan mit Combofix
__________________ |
|
29.07.2014, 14:32
| #3 |
| | Mozilla öffnet von alleine neue Tabs Entschuldigung, hier noch mal:
__________________FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-07-2014
Ran by Markus (administrator) on MORGAN on 29-07-2014 15:06:36
Running from C:\Users\Markus\Downloads
Platform: Windows 8 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Cherished Technololgy LIMITED) C:\ProgramData\IePluginServices\PluginService.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(SIEN S.A.) C:\Program Files (x86)\Common Files\IMGUpdater\IMGUpdater.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(Iminent) C:\Program Files (x86)\Common Files\Umbrella\Umbrella210.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Iminent) C:\Program Files (x86)\Common Files\Umbrella\Umbrella210.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
() C:\Program Files (x86)\SupTab\HpUI.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
() C:\Program Files (x86)\SupTab\Loader32.exe
() C:\Program Files (x86)\SupTab\Loader64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Spotify Ltd) C:\Users\Markus\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Smartbar) C:\Users\Markus\AppData\Local\Smartbar\Application\Smartbar.exe
(Dritek System Inc.) C:\Program Files (x86)\RadioController\RfBtnHelper.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
() C:\Users\Markus\AppData\Local\Smartbar\Application\Lrcnta.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.EXE
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2873744 2012-11-20] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM-x32\...\Run: [LManager] => [X]
HKLM-x32\...\Run: [RadioController] => C:\Program Files (x86)\RadioController\RfBtnHelper.exe [111216 2013-07-30] (Dritek System Inc.)
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2994880 2012-08-15] (Symantec Corporation)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1273448 2012-04-03] (CANON INC.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-03] (Apple Inc.)
HKLM-x32\...\Run: [mobilegeni daemon] => C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
HKLM-x32\...\Run: [AnyProtect Scanner] => "C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe"
HKLM-x32\...\Run: [AnyProtect Tray] => "C:\Program Files (x86)\AnyProtectEx\AnyProtectTrayIcon.exe"
HKLM-x32\...\Run: [fst_de_75] => [X]
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-07-08] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3478845354-2299671783-2462539787-1002\...\Run: [Spotify Web Helper] => C:\Users\Markus\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1176632 2014-07-01] (Spotify Ltd)
HKU\S-1-5-21-3478845354-2299671783-2462539787-1002\...\Run: [NextLive] => C:\Windows\SysWOW64\rundll32.exe "C:\Users\Markus\AppData\Roaming\newnext.me\nengine.dll",EntryPoint (the data entry has 6 more characters).
HKU\S-1-5-21-3478845354-2299671783-2462539787-1002\...\Run: [Browser Infrastructure Helper] => C:\Users\Markus\AppData\Local\Smartbar\Application\Smartbar.exe [28952 2014-06-11] (Smartbar)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [245872 2013-02-21] (NVIDIA Corporation)
AppInit_DLLs: C:\PROGRA~3\FASTAN~1\FASTAN~2.DLL => C:\ProgramData\Fast And Safe\FastAndSafe_x64.dll [4302848 2014-07-24] ()
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [201576 2013-02-21] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\progra~3\fastan~1\fastan~1.dll => c:\ProgramData\Fast And Safe\FastAndSafe.dll [4125696 2014-07-24] ()
IFEO\DatamngrCoordinator.exe: [Debugger] tasklist.exe
ShellIconOverlayIdentifiers: SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Markus\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64\SkyDriveShell64.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Markus\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64\SkyDriveShell64.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Markus\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64\SkyDriveShell64.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Markus\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\SkyDriveShell.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Markus\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\SkyDriveShell.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Markus\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\SkyDriveShell.dll (Microsoft Corporation)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StLKYZZHUxozG7WbG8M4ZbpPFmdMdnxsM5TEzN82KrkxsAMQ2M_ucVyCiDfMqKfi8T7o6SfBNWAvVd3w2NVqtHbXB1QakofDqcezBu_mD55W29eHDqrmLA4QENdiskQFZ9MXzGUVgXaO89kx2x4S_Z5s01KLxwlX2MKGCdRC8T6vB2LLtpkVhp-9MmOw9z9BVWT2uaNGlcpA,,&q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://myhome.vi-view.com/?type=hp&ts=1406294425&from=tugs&uid=TOSHIBAXMQ01ABD075_53L8P7KXTXX53L8P7KXT
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StLKYZZHUxozG7WbG8M4ZbpPFmdMdnxsM5TEzN82KrkxsAMQ2M_ucVyCiDfMqKfi8T7o6SfBNWAvVd3w2NVqtHbXB1QakofDqcezBu_mD55W29eHDqrmLA4QENdiskQFZ9MXzGUVgXaO89kx2x4S_Z5s01KLxwlX2MKGCdRC8T6vB2LLtpkVhp-9MmOw9z9BVWT2uaNGlcpA,,&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://myhome.vi-view.com/web/?type=ds&ts=1406294425&from=tugs&uid=TOSHIBAXMQ01ABD075_53L8P7KXTXX53L8P7KXT&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://myhome.vi-view.com/?type=hp&ts=1406294425&from=tugs&uid=TOSHIBAXMQ01ABD075_53L8P7KXTXX53L8P7KXT
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://myhome.vi-view.com/?type=hp&ts=1406294425&from=tugs&uid=TOSHIBAXMQ01ABD075_53L8P7KXTXX53L8P7KXT
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://myhome.vi-view.com/web/?type=ds&ts=1406294425&from=tugs&uid=TOSHIBAXMQ01ABD075_53L8P7KXTXX53L8P7KXT&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://myhome.vi-view.com/web/?type=ds&ts=1406294425&from=tugs&uid=TOSHIBAXMQ01ABD075_53L8P7KXTXX53L8P7KXT&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://myhome.vi-view.com/?type=hp&ts=1406294425&from=tugs&uid=TOSHIBAXMQ01ABD075_53L8P7KXTXX53L8P7KXT
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://myhome.vi-view.com/?type=hp&ts=1406294425&from=tugs&uid=TOSHIBAXMQ01ABD075_53L8P7KXTXX53L8P7KXT
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://myhome.vi-view.com/web/?type=ds&ts=1406294425&from=tugs&uid=TOSHIBAXMQ01ABD075_53L8P7KXTXX53L8P7KXT&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.nationzoom.com/?type=sc&ts=1388195262&from=tugs&uid=TOSHIBAXMQ01ABD075_53L8P7KXTXX53L8P7KXT
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM - {A33DB9FD-7A8A-496E-92D3-9CFCF9D9E1C9} URL = hxxp://myhome.vi-view.com/web/?type=ds&ts=1406294425&from=tugs&uid=TOSHIBAXMQ01ABD075_53L8P7KXTXX53L8P7KXT&q={searchTerms}
SearchScopes: HKLM - {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKLM - {D5D69A15-4A00-4858-A6FD-DD708ED1681B} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://myhome.vi-view.com/web/?type=ds&ts=1406294425&from=tugs&uid=TOSHIBAXMQ01ABD075_53L8P7KXTXX53L8P7KXT&q={searchTerms}
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StLKYZZHUxozG7WbG8M4ZbpPFmdMdnxsM5TEzN82KrkxsAMQ2M_ucVyCiDfMqKfi8T7o6SfBNWAvVd3w2NVqtHbXB1QakofDqcezBu_mD55W29eHDqrmLA4QENdiskQFZ9MXzGUVgXaO89kx2x4S_Z5s01KLxwlX2MKGCdRC8T6vB2LLtpkVhp-9Mly-dU_lgAWBeU3Pfbag,,&q={searchTerms}
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://myhome.vi-view.com/web/?type=ds&ts=1406294425&from=tugs&uid=TOSHIBAXMQ01ABD075_53L8P7KXTXX53L8P7KXT&q={searchTerms}
SearchScopes: HKCU - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://start.iminent.com/?appId=DDDAC049-75D2-4819-AE02-A28036A20839&ref=toolbox&q={searchTerms}
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://start.iminent.com/?appId=DDDAC049-75D2-4819-AE02-A28036A20839&ref=toolbox&q={searchTerms}
SearchScopes: HKCU - {460C3D19-B3D4-4964-A550-77D263B0CCCB} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StLKYZZHUxozG7WbG8M4ZbpPFmdMdnxsM5TEzN82KrkxsAMQ2M_ucVyCiDfMqKfi8T7o6SfBNWAvVd3w2NVqtHbXB1QakofDqcezBu_mD55W29eHDqrmLA4QENdiskQFZ9MXzGUVgXaO89kx2x4S_Z5s01KLxwlX2MKGCdRC8T6vB2LLtpkVhp-9MmOw9z9BVWT2uaNGlcpA,,&q={searchTerms}
SearchScopes: HKCU - {A33DB9FD-7A8A-496E-92D3-9CFCF9D9E1C9} URL = hxxp://myhome.vi-view.com/web/?type=ds&ts=1406294425&from=tugs&uid=TOSHIBAXMQ01ABD075_53L8P7KXTXX53L8P7KXT&q={searchTerms}
BHO: video MediaPlay-Air -> {11111111-1111-1111-1111-110611171199} -> C:\Program Files (x86)\video MediaPlay-Air\video MediaPlay-Air-bho64.dll (enter)
BHO: Yahoo Community Smartbar (by Linkury)Engine -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: video MediaPlay-Air -> {11111111-1111-1111-1111-110611171199} -> C:\Program Files (x86)\video MediaPlay-Air\video MediaPlay-Air-bho.dll (enter)
BHO-x32: Yahoo Community Smartbar (by Linkury)Engine -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: IETabPage Class -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -> C:\Program Files (x86)\SupTab\SupTab.dll (Thinknice Co. Limited)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: No Name -> {84FF7BD6-B47F-46F8-9130-01B2696B36CB} -> No File
Toolbar: HKLM - Yahoo Community Smartbar (by Linkury) - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKLM-x32 - Yahoo Community Smartbar (by Linkury) - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\ppfgea47.default
FF NewTab: chrome://quick_start/content/index.html
FF DefaultSearchEngine: StartWeb
FF SearchEngineOrder.1: Sichere Suche
FF SelectedSearchEngine: StartWeb
FF Homepage: www.google.de
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin HKCU: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF SearchPlugin: C:\Users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\ppfgea47.default\searchplugins\Web Search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\nationzoom.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\StartWeb.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\vi-view.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: video MediaPlay-Air - C:\Users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\ppfgea47.default\Extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com [2014-07-25]
FF Extension: HQPureQualV1.8 - C:\Users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\ppfgea47.default\Extensions\d55cd0d7-9f24-4660-95b3-188599e8e4f8@6b2faf04-e86f-4bcf-a878-632814acf518.com [2014-07-25]
FF Extension: cosstminn - C:\Users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\ppfgea47.default\Extensions\eeoaaaye@o-qjgl.edu [2014-07-25]
FF Extension: Fast Start - C:\Users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\ppfgea47.default\Extensions\faststartff@gmail.com [2014-07-25]
FF Extension: WOwCiouuppon - C:\Users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\ppfgea47.default\Extensions\rhooy@kafnvxxz.co.uk [2014-07-24]
FF Extension: Iminent - C:\Users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\ppfgea47.default\Extensions\webbooster@iminent.com.xpi [2014-07-03]
FF HKLM-x32\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\ppfgea47.default\extensions\faststartff@gmail.com
Chrome:
=======
CHR HomePage: hxxp://start.iminent.com/?appId=DDDAC049-75D2-4819-AE02-A28036A20839
CHR StartupUrls: "https://www.google.de/?gws_rd=ssl"
CHR DefaultSearchKeyword: start.iminent.com
CHR DefaultNewTabURL:
CHR Extension: (Google Docs) - C:\Users\Markus\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-26]
CHR Extension: (Google Drive) - C:\Users\Markus\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-26]
CHR Extension: (YouTube) - C:\Users\Markus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-26]
CHR Extension: (Google-Suche) - C:\Users\Markus\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-26]
CHR Extension: (cosstminn) - C:\Users\Markus\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf [2014-07-25]
CHR Extension: (Google Wallet) - C:\Users\Markus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-26]
CHR Extension: (Quick start) - C:\Users\Markus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma [2014-07-25]
CHR Extension: (Google Mail) - C:\Users\Markus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-26]
CHR Extension: (cosstminn) - C:\Users\Markus\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0 [2014-07-25]
CHR HKLM-x32\...\Chrome\Extension: [igdhbblpcellaljokkpfhcjlagemhgjl] - "C:\Program Files (x86)\Iminent\Iminent.crx" [2014-07-25]
CHR HKLM-x32\...\Chrome\Extension: [pelmeidfhdlhlbjimpabfcbnnojbboma] - C:\Users\Markus\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv3.crx [2014-07-25]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 64af91bf; c:\ProgramData\Fast And Safe\FastAndSafeSvc.dll [186192 2014-07-24] () [File not signed]
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2615368 2013-02-19] (Acer Incorporated)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2356408 2014-06-19] (Microsoft Corporation)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [662088 2013-03-15] (Acer Incorporated)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [100752 2012-11-20] (ELAN Microelectronics Corp.)
R2 GlobalUpdater; C:\Program Files (x86)\Common Files\IMGUpdater\IMGUpdater.exe [378152 2014-06-18] (SIEN S.A.)
R2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe [702344 2014-07-25] (Cherished Technololgy LIMITED)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [3943104 2012-08-15] (Symantec Corporation)
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [96880 2013-07-30] (Dritek System INC.)
R2 SProtection; C:\Program Files (x86)\Common Files\Umbrella\Umbrella210.exe [3209024 2014-07-18] (Iminent)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
S2 McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [5139968 2012-06-02] (Broadcom Corporation)
R1 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0401000.00E\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2013-07-30] (Dritek System Inc.)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-07-29 15:06 - 2014-07-29 15:07 - 00026731 _____ () C:\Users\Markus\Downloads\FRST.txt
2014-07-29 15:05 - 2014-07-29 15:06 - 00000000 ____D () C:\FRST
2014-07-29 15:05 - 2014-07-29 15:05 - 02093568 _____ (Farbar) C:\Users\Markus\Downloads\FRST64.exe
2014-07-29 14:49 - 2014-07-16 00:51 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
2014-07-29 14:49 - 2014-05-29 06:04 - 00094552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2014-07-29 14:49 - 2014-05-08 03:34 - 00328024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2014-07-28 15:32 - 2014-07-28 15:32 - 00000000 ____D () C:\Program Files (x86)\WowCouponn
2014-07-25 15:29 - 2014-07-25 15:29 - 00003118 _____ () C:\Windows\System32\Tasks\{D0140B21-80DB-4F5B-9F90-290E5EA14860}
2014-07-25 15:26 - 2014-07-25 15:28 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\Probit Software
2014-07-25 15:23 - 2014-07-25 15:23 - 00000000 ____D () C:\Users\Markus\AppData\Local\com
2014-07-25 15:22 - 2014-07-29 14:52 - 00001732 _____ () C:\Windows\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-1.job
2014-07-25 15:22 - 2014-07-29 14:52 - 00001566 _____ () C:\Windows\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-5_user.job
2014-07-25 15:22 - 2014-07-29 14:52 - 00001550 _____ () C:\Windows\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-5.job
2014-07-25 15:22 - 2014-07-29 14:52 - 00001478 _____ () C:\Windows\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-2.job
2014-07-25 15:22 - 2014-07-25 15:22 - 00004736 _____ () C:\Windows\System32\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-1
2014-07-25 15:22 - 2014-07-25 15:22 - 00004554 _____ () C:\Windows\System32\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-5
2014-07-25 15:22 - 2014-07-25 15:22 - 00004482 _____ () C:\Windows\System32\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-2
2014-07-25 15:21 - 2014-07-29 14:52 - 00002366 _____ () C:\Windows\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-4.job
2014-07-25 15:21 - 2014-07-25 15:23 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-07-25 15:21 - 2014-07-25 15:22 - 00005370 _____ () C:\Windows\System32\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-4
2014-07-25 15:21 - 2014-07-25 15:21 - 00000000 ____D () C:\ProgramData\IePluginServices
2014-07-25 15:21 - 2014-07-25 15:21 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-07-25 15:20 - 2014-07-28 15:26 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-07-25 15:20 - 2014-07-25 15:25 - 00000000 ____D () C:\ProgramData\cosstminn
2014-07-25 15:20 - 2014-07-25 15:22 - 00000000 ____D () C:\Program Files (x86)\video MediaPlay-Air
2014-07-25 15:20 - 2014-07-25 15:21 - 00000000 ____D () C:\Program Files (x86)\cosstminn
2014-07-25 15:20 - 2014-07-25 15:20 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-07-25 15:20 - 2014-07-25 15:20 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Chromatic Browser
2014-07-25 15:20 - 2014-07-25 15:20 - 00000000 ____D () C:\Users\Markus\AppData\Local\globalUpdate
2014-07-25 15:20 - 2014-07-25 15:20 - 00000000 ____D () C:\Users\Markus\AppData\Local\Chromatic Browser
2014-07-25 15:20 - 2014-07-25 15:20 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser
2014-07-25 15:20 - 2014-07-25 15:20 - 00000000 ____D () C:\Users\Gast\AppData\Local\Chromatic Browser
2014-07-25 15:20 - 2014-07-25 15:20 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Chromatic Browser
2014-07-25 15:19 - 2014-07-25 15:28 - 00000000 ____D () C:\Program Files (x86)\Probit Software
2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Torch
2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Google
2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Comodo
2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\Markus\AppData\Local\Torch
2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\Markus\AppData\Local\SearchProtect
2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\Markus\AppData\Local\Comodo
2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Torch
2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\Gast\AppData\Local\Torch
2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google
2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\Gast\AppData\Local\Comodo
2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\Gast
2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Torch
2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\Administrator
2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 _____ () C:\END
2014-07-25 15:18 - 2014-07-25 15:18 - 01399360 _____ () C:\Users\Markus\Downloads\Setup.exe
2014-07-24 07:26 - 2014-07-28 15:32 - 00000000 ____D () C:\ProgramData\7a791e75f7c17ac
2014-07-24 07:25 - 2014-07-29 12:26 - 00000000 ____D () C:\ProgramData\WowCouponn
2014-07-24 07:05 - 2014-07-24 07:05 - 00000000 ____D () C:\ProgramData\Fast And Safe
2014-07-11 14:53 - 2014-07-11 14:53 - 00001787 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-07-11 14:53 - 2014-07-11 14:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-07-11 14:53 - 2014-07-11 14:53 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-07-11 14:53 - 2014-07-11 14:53 - 00000000 ____D () C:\Program Files\iTunes
2014-07-11 14:53 - 2014-07-11 14:53 - 00000000 ____D () C:\Program Files\iPod
2014-07-11 14:53 - 2014-07-11 14:53 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-07-11 13:42 - 2014-07-11 13:42 - 00000000 ____D () C:\ProgramData\Microsoft OneDrive
2014-07-11 13:30 - 2014-07-11 13:30 - 00000000 __RHD () C:\MSOCache
2014-07-10 20:35 - 2014-07-10 20:35 - 00421880 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-10 11:37 - 2014-06-26 22:53 - 00703968 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-07-10 11:37 - 2014-06-26 22:53 - 00105440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-10 11:34 - 2014-07-10 11:35 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-09 00:38 - 2014-06-18 01:27 - 01440256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-07-09 00:38 - 2014-06-18 01:24 - 01557504 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-09 00:38 - 2014-06-11 06:18 - 04038144 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-09 00:38 - 2014-06-03 00:33 - 00265216 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2014-07-09 00:38 - 2014-05-30 01:31 - 00452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2014-07-09 00:38 - 2014-05-30 01:03 - 00588288 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2014-07-09 00:38 - 2014-05-30 01:02 - 01281536 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-09 00:38 - 2014-05-30 01:02 - 00439808 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll
2014-07-09 00:38 - 2014-05-03 08:34 - 06974808 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-07-09 00:38 - 2014-05-03 08:33 - 01824808 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-07-09 00:38 - 2014-05-03 06:51 - 01408976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-07-09 00:38 - 2014-05-02 00:37 - 01023488 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-07-09 00:38 - 2014-04-30 00:32 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\Robocopy.exe
2014-07-09 00:38 - 2014-04-30 00:32 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Robocopy.exe
2014-07-09 00:38 - 2014-04-24 01:51 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-07-09 00:38 - 2014-04-24 01:51 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-09 00:38 - 2014-04-24 01:38 - 00693760 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-07-09 00:38 - 2014-04-24 01:38 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-09 00:37 - 2014-07-01 00:42 - 00702464 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-09 00:37 - 2014-07-01 00:42 - 00394240 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-07-09 00:37 - 2014-07-01 00:42 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-07-09 00:37 - 2014-06-28 05:35 - 00556544 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-07-09 00:37 - 2014-06-19 04:12 - 02239488 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-09 00:37 - 2014-06-19 04:12 - 01366528 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-09 00:37 - 2014-06-19 04:12 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-07-09 00:37 - 2014-06-19 04:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-07-09 00:37 - 2014-06-19 04:12 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-09 00:37 - 2014-06-19 04:11 - 19277312 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-09 00:37 - 2014-06-19 04:11 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-09 00:37 - 2014-06-19 04:11 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-09 00:37 - 2014-06-19 04:10 - 15369728 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-09 00:37 - 2014-06-19 04:10 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-09 00:37 - 2014-06-19 04:10 - 02650624 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-09 00:37 - 2014-06-19 04:10 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-07-09 00:37 - 2014-06-19 04:10 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-09 00:37 - 2014-06-19 04:10 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-09 00:37 - 2014-06-19 04:10 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-09 00:37 - 2014-06-19 04:10 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-09 00:37 - 2014-06-19 04:10 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-07-09 00:37 - 2014-06-19 04:10 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-09 00:37 - 2014-06-19 04:10 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-09 00:37 - 2014-06-19 04:10 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-09 00:37 - 2014-06-19 04:09 - 01508864 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-09 00:37 - 2014-06-19 02:53 - 14368768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-09 00:37 - 2014-06-19 02:53 - 01766400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-09 00:37 - 2014-06-19 02:53 - 01141760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-09 00:37 - 2014-06-19 02:53 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-09 00:37 - 2014-06-19 02:53 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-09 00:37 - 2014-06-19 02:53 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-09 00:37 - 2014-06-19 02:53 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-07-09 00:37 - 2014-06-19 02:52 - 13732352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-09 00:37 - 2014-06-19 02:52 - 02863616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-09 00:37 - 2014-06-19 02:52 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-09 00:37 - 2014-06-19 02:52 - 01440768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-09 00:37 - 2014-06-19 02:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-07-09 00:37 - 2014-06-19 02:52 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-09 00:37 - 2014-06-19 02:52 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-09 00:37 - 2014-06-19 02:52 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-09 00:37 - 2014-06-19 02:52 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-07-09 00:37 - 2014-06-19 02:52 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-09 00:37 - 2014-06-19 02:52 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-09 00:37 - 2014-06-19 02:52 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-09 00:37 - 2014-06-19 02:33 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-09 00:37 - 2014-06-19 02:30 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-09 00:37 - 2014-06-19 00:05 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2014-07-09 00:37 - 2014-06-06 16:06 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-09 00:37 - 2014-06-06 12:17 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-07-09 00:37 - 2014-05-30 00:24 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-03 18:50 - 2014-07-03 18:50 - 00001077 _____ () C:\Users\Markus\Desktop\DENON DJ ASIO Driver.lnk
2014-07-03 18:50 - 2014-07-03 18:50 - 00000000 ____D () C:\Program Files (x86)\DENON_DJ
2014-07-03 18:49 - 2014-07-03 18:49 - 00435075 _____ () C:\Users\Markus\Downloads\DDJAsioDrv101.zip
2014-07-03 17:52 - 2014-07-03 17:52 - 00001098 _____ () C:\Users\Public\Desktop\Controller Editor.lnk
2014-07-03 17:52 - 2014-07-03 17:52 - 00000000 __HDC () C:\ProgramData\{FA277A43-401F-4EAE-9068-FCDF88DB3EA9}
2014-07-03 17:45 - 2014-07-03 17:46 - 00000000 ____D () C:\Users\Markus\Documents\Native Instruments
2014-07-03 17:41 - 2014-07-03 17:41 - 00001006 _____ () C:\Users\Public\Desktop\Traktor 2.lnk
2014-07-03 17:41 - 2014-07-03 17:41 - 00000000 __HDC () C:\ProgramData\{05C334F7-C2A4-418A-9BC8-1542AE38D62B}
2014-07-03 17:37 - 2014-07-03 17:37 - 00000000 __HDC () C:\ProgramData\{D2030082-F62A-402A-9456-8009276FD896}
2014-07-03 17:37 - 2014-07-03 17:37 - 00000000 __HDC () C:\ProgramData\{B3478C15-588A-4968-AD66-76AA98803A28}
2014-07-03 17:37 - 2014-07-03 17:37 - 00000000 __HDC () C:\ProgramData\{4682E4CB-7209-4099-8AA1-580ABCCCE731}
2014-07-03 17:37 - 2014-07-03 17:37 - 00000000 __HDC () C:\ProgramData\{033B4844-E9C3-45D2-88D9-34DDF3F91100}
2014-07-03 17:36 - 2014-07-03 17:36 - 00000000 __HDC () C:\ProgramData\{EB21323D-3F46-4EF0-B849-B096B7705C69}
2014-07-03 17:36 - 2014-07-03 17:36 - 00000000 __HDC () C:\ProgramData\{9B09061B-0A4F-42DA-9987-7D3F452DCB09}
2014-07-03 17:36 - 2014-07-03 17:36 - 00000000 __HDC () C:\ProgramData\{9597097D-B8DC-4754-AF2D-CB61CCFC861A}
2014-07-03 17:36 - 2014-07-03 17:36 - 00000000 __HDC () C:\ProgramData\{662EAAEC-9E9A-4C69-A658-884E51E909BB}
2014-07-03 17:36 - 2014-07-03 17:36 - 00000000 __HDC () C:\ProgramData\{5EE4F9B1-7274-48A2-9C25-C287604C3058}
2014-07-03 17:36 - 2014-07-03 17:36 - 00000000 __HDC () C:\ProgramData\{219191E6-6846-4329-889D-7956C487D9A6}
2014-07-03 17:36 - 2014-07-03 17:36 - 00000000 __HDC () C:\ProgramData\{0CC85DFF-E70A-4AB0-968A-F1F98F4D0C67}
2014-07-03 17:36 - 2014-07-03 17:36 - 00000000 __HDC () C:\ProgramData\{018F1C44-00D1-417B-B251-92A5634F74AE}
2014-07-03 17:35 - 2014-07-03 17:35 - 00000000 __HDC () C:\ProgramData\{B7C85E99-2AC6-455D-B4D1-752A56403757}
2014-07-03 17:35 - 2014-07-03 17:35 - 00000000 __HDC () C:\ProgramData\{AF79C86B-2321-4D47-A168-2A24BA2B6A73}
2014-07-03 17:35 - 2014-07-03 17:35 - 00000000 __HDC () C:\ProgramData\{9F570B21-E27A-40BE-A508-292899A7D042}
2014-07-03 17:35 - 2014-07-03 17:35 - 00000000 __HDC () C:\ProgramData\{57B31BE2-3175-4425-9722-D2AC5F68C7BD}
2014-07-03 17:34 - 2014-07-03 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments
2014-07-03 17:34 - 2014-07-03 17:52 - 00000000 ____D () C:\Program Files\Native Instruments
2014-07-03 17:34 - 2014-07-03 17:52 - 00000000 ____D () C:\Program Files\Common Files\Native Instruments
2014-07-03 17:34 - 2014-07-03 17:37 - 00000000 ____D () C:\ProgramData\Native Instruments
2014-07-03 17:34 - 2014-07-03 17:34 - 00001063 _____ () C:\Users\Public\Desktop\Service Center.lnk
2014-07-03 17:34 - 2014-07-03 17:34 - 00000000 __HDC () C:\ProgramData\{C6A355F5-168B-4EEC-AB7C-75594F783EDB}
2014-07-03 17:19 - 2014-07-03 17:26 - 534450853 _____ () C:\Users\Markus\Downloads\Traktor_2_268_PC.zip
2014-07-03 15:36 - 2014-07-11 13:25 - 00000000 ____D () C:\Users\Markus\Desktop\Noten
2014-07-03 15:35 - 2014-07-03 15:54 - 00000000 ____D () C:\Users\Markus\Desktop\Musik Markus
2014-07-03 15:07 - 2014-07-24 07:05 - 00000000 ____D () C:\ProgramData\374311380
2014-07-03 15:05 - 2014-07-03 15:05 - 00000000 ____D () C:\Users\Markus\AppData\Local\Smartbar
2014-07-03 15:05 - 2014-07-03 15:05 - 00000000 ____D () C:\Users\Markus\AppData\Local\LPT
2014-07-03 15:03 - 2014-07-03 15:07 - 00000000 ____D () C:\Program Files (x86)\Optimizer Pro
2014-07-03 15:02 - 2014-07-03 15:02 - 00797384 _____ (Company limited) C:\Users\Markus\Downloads\Virtual DJ v7.0 PRO Crack [ChattChitto RG].exe
2014-07-03 14:54 - 2014-07-03 14:54 - 01250584 _____ () C:\Users\Markus\Downloads\jvlsetup.exe
2014-07-03 13:53 - 2014-07-03 13:53 - 00000000 ____D () C:\Program Files (x86)\predm
2014-07-03 13:41 - 2014-06-18 09:54 - 00000000 ____D () C:\Program Files (x86)\Iminent
2014-07-03 13:40 - 2014-07-03 13:54 - 00000000 ____D () C:\Users\Markus\AppData\Local\Genesis_07031140
2014-07-03 13:40 - 2014-07-03 13:40 - 00000000 ____D () C:\Program Files\003
2014-07-03 13:27 - 2014-07-03 13:47 - 00000378 _____ () C:\Windows\Tasks\APSnotifierPP1.job
2014-07-03 13:27 - 2014-07-03 13:36 - 00000376 _____ () C:\Windows\Tasks\APSnotifierPP3.job
2014-07-03 13:27 - 2014-07-03 13:36 - 00000376 _____ () C:\Windows\Tasks\APSnotifierPP2.job
2014-07-03 13:27 - 2014-07-03 13:28 - 00002808 _____ () C:\Windows\System32\Tasks\APSnotifierPP3
2014-07-03 13:27 - 2014-07-03 13:28 - 00002808 _____ () C:\Windows\System32\Tasks\APSnotifierPP2
2014-07-03 13:27 - 2014-07-03 13:27 - 00002810 _____ () C:\Windows\System32\Tasks\APSnotifierPP1
2014-07-03 13:27 - 2014-07-03 13:27 - 00000318 _____ () C:\Users\Markus\AppData\Roaming\aps.uninstall.scan.results
2014-07-03 13:26 - 2014-07-03 13:41 - 00000000 ____D () C:\Program Files (x86)\PC Speed Up
2014-07-03 13:26 - 2014-07-03 13:26 - 00623696 _____ (Click Me In Limited) C:\Users\Markus\AppData\Local\nsbB897.tmp
2014-07-03 13:26 - 2014-07-03 13:26 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\InetStat
2014-07-03 12:35 - 2014-07-03 12:35 - 00012800 ___SH () C:\Users\Markus\Documents\Thumbs.db
2014-07-02 17:51 - 2014-07-03 12:22 - 00000000 ____D () C:\Users\Markus\AppData\Local\Deployment
2014-07-02 17:51 - 2014-07-02 17:51 - 00000000 ____D () C:\Users\Markus\AppData\Local\Apps\2.0
2014-07-01 15:23 - 2014-07-01 15:23 - 00002128 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2014-07-01 15:23 - 2014-07-01 15:23 - 00002128 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2014-07-01 15:23 - 2014-07-01 15:23 - 00000000 ___RD () C:\Users\Markus\SkyDrive
2014-07-01 15:23 - 2014-07-01 15:23 - 00000000 ____D () C:\ProgramData\Microsoft SkyDrive
2014-07-01 15:23 - 2014-07-01 15:23 - 00000000 ____D () C:\Program Files (x86)\Microsoft SkyDrive
2014-07-01 15:18 - 2014-07-01 15:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-07-01 15:17 - 2014-07-10 12:04 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-07-01 15:17 - 2014-07-01 15:17 - 00989376 _____ (Microsoft Corporation) C:\Users\Markus\Downloads\Setup.X86.de-DE_O365HomePremRetail_87ed99a4-6c59-4399-a86e-769502a1fec2_TX_DB_.exe
2014-07-01 10:46 - 2014-07-01 10:46 - 00000000 ____D () C:\Users\Markus\AppData\Local\Tracker Software
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-07-29 15:07 - 2014-07-29 15:06 - 00026731 _____ () C:\Users\Markus\Downloads\FRST.txt
2014-07-29 15:06 - 2014-07-29 15:05 - 00000000 ____D () C:\FRST
2014-07-29 15:05 - 2014-07-29 15:05 - 02093568 _____ (Farbar) C:\Users\Markus\Downloads\FRST64.exe
2014-07-29 15:00 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\sru
2014-07-29 14:58 - 2013-07-31 03:19 - 00753134 _____ () C:\Windows\system32\perfh007.dat
2014-07-29 14:58 - 2013-07-31 03:19 - 00155826 _____ () C:\Windows\system32\perfc007.dat
2014-07-29 14:58 - 2012-07-26 09:28 - 01745416 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-29 14:52 - 2014-07-25 15:22 - 00001732 _____ () C:\Windows\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-1.job
2014-07-29 14:52 - 2014-07-25 15:22 - 00001566 _____ () C:\Windows\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-5_user.job
2014-07-29 14:52 - 2014-07-25 15:22 - 00001550 _____ () C:\Windows\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-5.job
2014-07-29 14:52 - 2014-07-25 15:22 - 00001478 _____ () C:\Windows\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-2.job
2014-07-29 14:52 - 2014-07-25 15:21 - 00002366 _____ () C:\Windows\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-4.job
2014-07-29 14:52 - 2014-03-26 21:09 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-29 14:52 - 2013-12-28 03:48 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\newnext.me
2014-07-29 14:51 - 2012-07-26 09:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-29 14:50 - 2013-10-28 22:33 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-29 14:50 - 2013-07-30 17:35 - 01098036 _____ () C:\Windows\WindowsUpdate.log
2014-07-29 14:50 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-07-29 14:49 - 2012-07-26 09:59 - 00000000 ____D () C:\Windows\CbsTemp
2014-07-29 14:35 - 2014-03-26 21:09 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-29 12:26 - 2014-07-24 07:25 - 00000000 ____D () C:\ProgramData\WowCouponn
2014-07-29 12:26 - 2013-05-23 06:13 - 00042110 _____ () C:\Windows\PFRO.log
2014-07-28 16:01 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-07-28 15:32 - 2014-07-28 15:32 - 00000000 ____D () C:\Program Files (x86)\WowCouponn
2014-07-28 15:32 - 2014-07-24 07:26 - 00000000 ____D () C:\ProgramData\7a791e75f7c17ac
2014-07-28 15:26 - 2014-07-25 15:20 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-07-25 15:29 - 2014-07-25 15:29 - 00003118 _____ () C:\Windows\System32\Tasks\{D0140B21-80DB-4F5B-9F90-290E5EA14860}
2014-07-25 15:28 - 2014-07-25 15:26 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\Probit Software
2014-07-25 15:28 - 2014-07-25 15:19 - 00000000 ____D () C:\Program Files (x86)\Probit Software
2014-07-25 15:26 - 2014-03-26 21:09 - 00002237 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-07-25 15:25 - 2014-07-25 15:20 - 00000000 ____D () C:\ProgramData\cosstminn
2014-07-25 15:23 - 2014-07-25 15:23 - 00000000 ____D () C:\Users\Markus\AppData\Local\com
2014-07-25 15:23 - 2014-07-25 15:21 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-07-25 15:22 - 2014-07-25 15:22 - 00004736 _____ () C:\Windows\System32\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-1
2014-07-25 15:22 - 2014-07-25 15:22 - 00004554 _____ () C:\Windows\System32\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-5
2014-07-25 15:22 - 2014-07-25 15:22 - 00004482 _____ () C:\Windows\System32\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-2
2014-07-25 15:22 - 2014-07-25 15:21 - 00005370 _____ () C:\Windows\System32\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-4
2014-07-25 15:22 - 2014-07-25 15:20 - 00000000 ____D () C:\Program Files (x86)\video MediaPlay-Air
2014-07-25 15:21 - 2014-07-25 15:21 - 00000000 ____D () C:\ProgramData\IePluginServices
2014-07-25 15:21 - 2014-07-25 15:21 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-07-25 15:21 - 2014-07-25 15:20 - 00000000 ____D () C:\Program Files (x86)\cosstminn
2014-07-25 15:21 - 2014-03-26 21:09 - 00000000 ____D () C:\Program Files (x86)\Google
2014-07-25 15:20 - 2014-07-25 15:20 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-07-25 15:20 - 2014-07-25 15:20 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Chromatic Browser
2014-07-25 15:20 - 2014-07-25 15:20 - 00000000 ____D () C:\Users\Markus\AppData\Local\globalUpdate
2014-07-25 15:20 - 2014-07-25 15:20 - 00000000 ____D () C:\Users\Markus\AppData\Local\Chromatic Browser
2014-07-25 15:20 - 2014-07-25 15:20 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser
2014-07-25 15:20 - 2014-07-25 15:20 - 00000000 ____D () C:\Users\Gast\AppData\Local\Chromatic Browser
2014-07-25 15:20 - 2014-07-25 15:20 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Chromatic Browser
2014-07-25 15:20 - 2012-07-26 10:12 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-07-25 15:20 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Torch
2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Google
2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Comodo
2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\Markus\AppData\Local\Torch
2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\Markus\AppData\Local\SearchProtect
2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\Markus\AppData\Local\Comodo
2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Torch
2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\Gast\AppData\Local\Torch
2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google
2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\Gast\AppData\Local\Comodo
2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\Gast
2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Torch
2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 ____D () C:\Users\Administrator
2014-07-25 15:19 - 2014-07-25 15:19 - 00000000 _____ () C:\END
2014-07-25 15:19 - 2014-03-26 21:09 - 00000000 ____D () C:\Users\Markus\AppData\Local\Google
2014-07-25 15:18 - 2014-07-25 15:18 - 01399360 _____ () C:\Users\Markus\Downloads\Setup.exe
2014-07-24 07:05 - 2014-07-24 07:05 - 00000000 ____D () C:\ProgramData\Fast And Safe
2014-07-24 07:05 - 2014-07-03 15:07 - 00000000 ____D () C:\ProgramData\374311380
2014-07-20 16:25 - 2012-07-26 09:21 - 00036379 _____ () C:\Windows\setupact.log
2014-07-16 00:51 - 2014-07-29 14:49 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
2014-07-11 17:54 - 2013-10-26 15:38 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3478845354-2299671783-2462539787-1002
2014-07-11 14:53 - 2014-07-11 14:53 - 00001787 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-07-11 14:53 - 2014-07-11 14:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-07-11 14:53 - 2014-07-11 14:53 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-07-11 14:53 - 2014-07-11 14:53 - 00000000 ____D () C:\Program Files\iTunes
2014-07-11 14:53 - 2014-07-11 14:53 - 00000000 ____D () C:\Program Files\iPod
2014-07-11 14:53 - 2014-07-11 14:53 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-07-11 13:42 - 2014-07-11 13:42 - 00000000 ____D () C:\ProgramData\Microsoft OneDrive
2014-07-11 13:30 - 2014-07-11 13:30 - 00000000 __RHD () C:\MSOCache
2014-07-11 13:25 - 2014-07-03 15:36 - 00000000 ____D () C:\Users\Markus\Desktop\Noten
2014-07-11 13:20 - 2014-01-06 00:33 - 00083456 ___SH () C:\Users\Markus\Desktop\Thumbs.db
2014-07-10 20:35 - 2014-07-10 20:35 - 00421880 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-10 13:22 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\rescache
2014-07-10 12:04 - 2014-07-01 15:17 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-07-10 11:35 - 2014-07-10 11:34 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-10 11:35 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-10 11:35 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-10 11:34 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\WinStore
2014-07-10 11:34 - 2012-07-26 09:52 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-09 12:21 - 2013-10-27 04:04 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-09 12:18 - 2013-10-27 04:04 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-07-09 00:50 - 2013-10-28 22:33 - 00003772 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-07-04 16:36 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-07-04 01:19 - 2013-11-18 02:03 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-07-04 01:11 - 2013-12-04 22:06 - 00036352 ___SH () C:\Users\Markus\Downloads\Thumbs.db
2014-07-03 18:50 - 2014-07-03 18:50 - 00001077 _____ () C:\Users\Markus\Desktop\DENON DJ ASIO Driver.lnk
2014-07-03 18:50 - 2014-07-03 18:50 - 00000000 ____D () C:\Program Files (x86)\DENON_DJ
2014-07-03 18:49 - 2014-07-03 18:49 - 00435075 _____ () C:\Users\Markus\Downloads\DDJAsioDrv101.zip
2014-07-03 17:52 - 2014-07-03 17:52 - 00001098 _____ () C:\Users\Public\Desktop\Controller Editor.lnk
2014-07-03 17:52 - 2014-07-03 17:52 - 00000000 __HDC () C:\ProgramData\{FA277A43-401F-4EAE-9068-FCDF88DB3EA9}
2014-07-03 17:52 - 2014-07-03 17:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments
2014-07-03 17:52 - 2014-07-03 17:34 - 00000000 ____D () C:\Program Files\Native Instruments
2014-07-03 17:52 - 2014-07-03 17:34 - 00000000 ____D () C:\Program Files\Common Files\Native Instruments
2014-07-03 17:46 - 2014-07-03 17:45 - 00000000 ____D () C:\Users\Markus\Documents\Native Instruments
2014-07-03 17:41 - 2014-07-03 17:41 - 00001006 _____ () C:\Users\Public\Desktop\Traktor 2.lnk
2014-07-03 17:41 - 2014-07-03 17:41 - 00000000 __HDC () C:\ProgramData\{05C334F7-C2A4-418A-9BC8-1542AE38D62B}
2014-07-03 17:37 - 2014-07-03 17:37 - 00000000 __HDC () C:\ProgramData\{D2030082-F62A-402A-9456-8009276FD896}
2014-07-03 17:37 - 2014-07-03 17:37 - 00000000 __HDC () C:\ProgramData\{B3478C15-588A-4968-AD66-76AA98803A28}
2014-07-03 17:37 - 2014-07-03 17:37 - 00000000 __HDC () C:\ProgramData\{4682E4CB-7209-4099-8AA1-580ABCCCE731}
2014-07-03 17:37 - 2014-07-03 17:37 - 00000000 __HDC () C:\ProgramData\{033B4844-E9C3-45D2-88D9-34DDF3F91100}
2014-07-03 17:37 - 2014-07-03 17:34 - 00000000 ____D () C:\ProgramData\Native Instruments
2014-07-03 17:37 - 2013-07-30 17:48 - 00118426 _____ () C:\Windows\DPINST.LOG
2014-07-03 17:36 - 2014-07-03 17:36 - 00000000 __HDC () C:\ProgramData\{EB21323D-3F46-4EF0-B849-B096B7705C69}
2014-07-03 17:36 - 2014-07-03 17:36 - 00000000 __HDC () C:\ProgramData\{9B09061B-0A4F-42DA-9987-7D3F452DCB09}
2014-07-03 17:36 - 2014-07-03 17:36 - 00000000 __HDC () C:\ProgramData\{9597097D-B8DC-4754-AF2D-CB61CCFC861A}
2014-07-03 17:36 - 2014-07-03 17:36 - 00000000 __HDC () C:\ProgramData\{662EAAEC-9E9A-4C69-A658-884E51E909BB}
2014-07-03 17:36 - 2014-07-03 17:36 - 00000000 __HDC () C:\ProgramData\{5EE4F9B1-7274-48A2-9C25-C287604C3058}
2014-07-03 17:36 - 2014-07-03 17:36 - 00000000 __HDC () C:\ProgramData\{219191E6-6846-4329-889D-7956C487D9A6}
2014-07-03 17:36 - 2014-07-03 17:36 - 00000000 __HDC () C:\ProgramData\{0CC85DFF-E70A-4AB0-968A-F1F98F4D0C67}
2014-07-03 17:36 - 2014-07-03 17:36 - 00000000 __HDC () C:\ProgramData\{018F1C44-00D1-417B-B251-92A5634F74AE}
2014-07-03 17:35 - 2014-07-03 17:35 - 00000000 __HDC () C:\ProgramData\{B7C85E99-2AC6-455D-B4D1-752A56403757}
2014-07-03 17:35 - 2014-07-03 17:35 - 00000000 __HDC () C:\ProgramData\{AF79C86B-2321-4D47-A168-2A24BA2B6A73}
2014-07-03 17:35 - 2014-07-03 17:35 - 00000000 __HDC () C:\ProgramData\{9F570B21-E27A-40BE-A508-292899A7D042}
2014-07-03 17:35 - 2014-07-03 17:35 - 00000000 __HDC () C:\ProgramData\{57B31BE2-3175-4425-9722-D2AC5F68C7BD}
2014-07-03 17:34 - 2014-07-03 17:34 - 00001063 _____ () C:\Users\Public\Desktop\Service Center.lnk
2014-07-03 17:34 - 2014-07-03 17:34 - 00000000 __HDC () C:\ProgramData\{C6A355F5-168B-4EEC-AB7C-75594F783EDB}
2014-07-03 17:26 - 2014-07-03 17:19 - 534450853 _____ () C:\Users\Markus\Downloads\Traktor_2_268_PC.zip
2014-07-03 15:54 - 2014-07-03 15:35 - 00000000 ____D () C:\Users\Markus\Desktop\Musik Markus
2014-07-03 15:07 - 2014-07-03 15:03 - 00000000 ____D () C:\Program Files (x86)\Optimizer Pro
2014-07-03 15:05 - 2014-07-03 15:05 - 00000000 ____D () C:\Users\Markus\AppData\Local\Smartbar
2014-07-03 15:05 - 2014-07-03 15:05 - 00000000 ____D () C:\Users\Markus\AppData\Local\LPT
2014-07-03 15:02 - 2014-07-03 15:02 - 00797384 _____ (Company limited) C:\Users\Markus\Downloads\Virtual DJ v7.0 PRO Crack [ChattChitto RG].exe
2014-07-03 14:54 - 2014-07-03 14:54 - 01250584 _____ () C:\Users\Markus\Downloads\jvlsetup.exe
2014-07-03 13:54 - 2014-07-03 13:40 - 00000000 ____D () C:\Users\Markus\AppData\Local\Genesis_07031140
2014-07-03 13:53 - 2014-07-03 13:53 - 00000000 ____D () C:\Program Files (x86)\predm
2014-07-03 13:47 - 2014-07-03 13:27 - 00000378 _____ () C:\Windows\Tasks\APSnotifierPP1.job
2014-07-03 13:41 - 2014-07-03 13:26 - 00000000 ____D () C:\Program Files (x86)\PC Speed Up
2014-07-03 13:40 - 2014-07-03 13:40 - 00000000 ____D () C:\Program Files\003
2014-07-03 13:37 - 2013-05-23 06:45 - 00000000 ____D () C:\ProgramData\McAfee
2014-07-03 13:36 - 2014-07-03 13:27 - 00000376 _____ () C:\Windows\Tasks\APSnotifierPP3.job
2014-07-03 13:36 - 2014-07-03 13:27 - 00000376 _____ () C:\Windows\Tasks\APSnotifierPP2.job
2014-07-03 13:35 - 2013-10-28 22:24 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-07-03 13:28 - 2014-07-03 13:27 - 00002808 _____ () C:\Windows\System32\Tasks\APSnotifierPP3
2014-07-03 13:28 - 2014-07-03 13:27 - 00002808 _____ () C:\Windows\System32\Tasks\APSnotifierPP2
2014-07-03 13:27 - 2014-07-03 13:27 - 00002810 _____ () C:\Windows\System32\Tasks\APSnotifierPP1
2014-07-03 13:27 - 2014-07-03 13:27 - 00000318 _____ () C:\Users\Markus\AppData\Roaming\aps.uninstall.scan.results
2014-07-03 13:26 - 2014-07-03 13:26 - 00623696 _____ (Click Me In Limited) C:\Users\Markus\AppData\Local\nsbB897.tmp
2014-07-03 13:26 - 2014-07-03 13:26 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\InetStat
2014-07-03 12:35 - 2014-07-03 12:35 - 00012800 ___SH () C:\Users\Markus\Documents\Thumbs.db
2014-07-03 12:22 - 2014-07-02 17:51 - 00000000 ____D () C:\Users\Markus\AppData\Local\Deployment
2014-07-02 17:51 - 2014-07-02 17:51 - 00000000 ____D () C:\Users\Markus\AppData\Local\Apps\2.0
2014-07-01 16:21 - 2013-10-26 15:34 - 00000000 ____D () C:\Users\Markus\AppData\Roaming\Spotify
2014-07-01 15:23 - 2014-07-01 15:23 - 00002128 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2014-07-01 15:23 - 2014-07-01 15:23 - 00002128 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2014-07-01 15:23 - 2014-07-01 15:23 - 00000000 ___RD () C:\Users\Markus\SkyDrive
2014-07-01 15:23 - 2014-07-01 15:23 - 00000000 ____D () C:\ProgramData\Microsoft SkyDrive
2014-07-01 15:23 - 2014-07-01 15:23 - 00000000 ____D () C:\Program Files (x86)\Microsoft SkyDrive
2014-07-01 15:23 - 2013-10-26 15:28 - 00000000 ____D () C:\Users\Markus
2014-07-01 15:20 - 2014-07-01 15:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-07-01 15:18 - 2013-10-26 15:29 - 00000000 ____D () C:\Users\Markus\AppData\Local\VirtualStore
2014-07-01 15:17 - 2014-07-01 15:17 - 00989376 _____ (Microsoft Corporation) C:\Users\Markus\Downloads\Setup.X86.de-DE_O365HomePremRetail_87ed99a4-6c59-4399-a86e-769502a1fec2_TX_DB_.exe
2014-07-01 10:48 - 2013-05-23 06:45 - 00000000 ____D () C:\Program Files\mcafee
2014-07-01 10:46 - 2014-07-01 10:46 - 00000000 ____D () C:\Users\Markus\AppData\Local\Tracker Software
2014-07-01 10:24 - 2013-10-26 15:34 - 00000000 ____D () C:\Users\Markus\AppData\Local\Spotify
2014-07-01 00:42 - 2014-07-09 00:37 - 00702464 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-01 00:42 - 2014-07-09 00:37 - 00394240 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-07-01 00:42 - 2014-07-09 00:37 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
Some content of TEMP:
====================
C:\Users\Markus\AppData\Local\Temp\BackupSetup.exe
C:\Users\Markus\AppData\Local\Temp\COMAP.EXE
C:\Users\Markus\AppData\Local\Temp\fp_pl_pfs_installer-1.exe
C:\Users\Markus\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\Markus\AppData\Local\Temp\Installer.exe
C:\Users\Markus\AppData\Local\Temp\MSETUP4.EXE
C:\Users\Markus\AppData\Local\Temp\nsb6A5.exe
C:\Users\Markus\AppData\Local\Temp\nsd3F29.exe
C:\Users\Markus\AppData\Local\Temp\nsg467E.exe
C:\Users\Markus\AppData\Local\Temp\nsiCC9.exe
C:\Users\Markus\AppData\Local\Temp\nsk1026.exe
C:\Users\Markus\AppData\Local\Temp\nsm93E.exe
C:\Users\Markus\AppData\Local\Temp\nsz42B4.exe
C:\Users\Markus\AppData\Local\Temp\OptimizerPro.exe
C:\Users\Markus\AppData\Local\Temp\Setup.exe
C:\Users\Markus\AppData\Local\Temp\UNT268F.exe
C:\Users\Markus\AppData\Local\Temp\UNT26B0.exe
C:\Users\Markus\AppData\Local\Temp\VOPackage.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-07-28 15:29
==================== End Of Log ============================
--- --- --- --- --- --- Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-07-2014
Ran by Markus at 2014-07-29 15:07:38
Running from C:\Users\Markus\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
clear.fi SDK - Video 2 (x32 Version: 2.1.2606 - CyberLink Corp.) Hidden
clear.fi SDK- Movie 2 (x32 Version: 2.1.2606 - CyberLink Corp.) Hidden
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3013 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3016 - Acer Incorporated)
AcerCloud Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.01.2008 - Acer Incorporated)
AcerCloud Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.02.2021 - Acer Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{21ECABC3-40B2-42DF-8E21-ACF3A4D0D95A}) (Version: 3.0.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.3.5.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.0.0 - Canon Inc.)
Canon MG2200 series Benutzerregistrierung (HKLM-x32\...\Canon MG2200 series Benutzerregistrierung) (Version: - Canon Inc.)
Canon MG2200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2200_series) (Version: 1.00 - Canon Inc.)
Canon MG2200 series On-screen Manual (HKLM-x32\...\Canon MG2200 series On-screen Manual) (Version: 7.5.0 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 1.0.0 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 1.0.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.0.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.0.0 - Canon Inc.)
clear.fi Media (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.02.2012 - Acer Incorporated)
clear.fi Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.02.2016 - Acer Incorporated)
Delicious: Emily's Childhood Memories Premium Edition (x32 Version: 3.0.2.32 - WildTangent) Hidden
DENON DJ ASIO Driver (HKLM-x32\...\{E2BF2060-D1DB-441A-8739-30E7BAA534BA}) (Version: 1.0.0 - DENON_DJ)
Dritek Radio Controller (HKLM-x32\...\RadioController) (Version: 2.02.2001.0803 - Dritek System Inc.)
ETDWare PS/2-X64 11.6.16.003_WHQL (HKLM\...\Elantech) (Version: 11.6.16.003 - ELAN Microelectronic Corp.)
Fast And Safe (HKLM-x32\...\{5F189DF5-2D05-472B-9091-84D9848AE48B}{64af91bf}) (Version: - GTgroup) <==== ATTENTION
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.125 - Google Inc.)
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3006 - Acer Incorporated)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2867 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.4.1001 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
iTunes (HKLM\...\{33E28B58-7BA0-47B7-AA01-9225ABA2B8A9}) (Version: 11.3.0.54 - Apple Inc.)
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 7.0.10 - Acer Inc.)
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.3010 - Acer Incorporated)
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Microsoft App Update for microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe (x64) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 15.0.4631.1002 - Microsoft Corporation)
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4041.0512 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2005 Tools for Office Runtime (x32 Version: 8.0.60940.0 - Microsoft Corporation) Hidden
Mozilla Firefox 30.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MuseScore 1.3 (HKLM-x32\...\MuseScore) (Version: 1.3.0 - Werner Schweer and Others)
Native Instruments Audio 2 DJ Driver (HKLM-x32\...\Native Instruments Audio 2 DJ Driver) (Version: - Native Instruments)
Native Instruments Audio 2 DJ Driver (Version: 3.1.0.761 - Native Instruments) Hidden
Native Instruments Audio 4 DJ Driver (HKLM-x32\...\Native Instruments Audio 4 DJ Driver) (Version: - Native Instruments)
Native Instruments Audio 4 DJ Driver (Version: 3.1.0.761 - Native Instruments) Hidden
Native Instruments Audio 8 DJ Driver (HKLM-x32\...\Native Instruments Audio 8 DJ Driver) (Version: - Native Instruments)
Native Instruments Audio 8 DJ Driver (Version: 3.1.0.761 - Native Instruments) Hidden
Native Instruments Controller Editor (HKLM-x32\...\Native Instruments Controller Editor) (Version: 1.6.3.46 - Native Instruments)
Native Instruments Controller Editor (Version: 1.6.3.46 - Native Instruments) Hidden
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version: 2.5.2.1549 - Native Instruments)
Native Instruments Service Center (Version: 2.5.2.1549 - Native Instruments) Hidden
Native Instruments Traktor 2 (HKLM-x32\...\Native Instruments Traktor 2) (Version: 2.6.8.382 - Native Instruments)
Native Instruments Traktor 2 (Version: 2.6.8.382 - Native Instruments) Hidden
Native Instruments Traktor Audio 10 Driver (HKLM-x32\...\Native Instruments Traktor Audio 10 Driver) (Version: - Native Instruments)
Native Instruments Traktor Audio 10 Driver (Version: 3.1.0.761 - Native Instruments) Hidden
Native Instruments Traktor Audio 2 Driver (HKLM-x32\...\Native Instruments Traktor Audio 2 Driver) (Version: - Native Instruments)
Native Instruments Traktor Audio 2 Driver (Version: 3.1.0.761 - Native Instruments) Hidden
Native Instruments Traktor Audio 2 MK2 Driver (HKLM-x32\...\Native Instruments Traktor Audio 2 MK2 Driver) (Version: - Native Instruments)
Native Instruments Traktor Audio 2 MK2 Driver (Version: 3.1.3.804 - Native Instruments) Hidden
Native Instruments Traktor Audio 6 Driver (HKLM-x32\...\Native Instruments Traktor Audio 6 Driver) (Version: - Native Instruments)
Native Instruments Traktor Audio 6 Driver (Version: 3.1.0.761 - Native Instruments) Hidden
Native Instruments Traktor Kontrol F1 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol F1 Driver) (Version: - Native Instruments)
Native Instruments Traktor Kontrol F1 Driver (Version: 3.0.2.664 - Native Instruments) Hidden
Native Instruments Traktor Kontrol S2 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol S2 Driver) (Version: - Native Instruments)
Native Instruments Traktor Kontrol S2 Driver (Version: 3.1.0.761 - Native Instruments) Hidden
Native Instruments Traktor Kontrol S2 MK2 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol S2 MK2 Driver) (Version: - Native Instruments)
Native Instruments Traktor Kontrol S2 MK2 Driver (Version: 3.1.2.795 - Native Instruments) Hidden
Native Instruments Traktor Kontrol S4 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol S4 Driver) (Version: - Native Instruments)
Native Instruments Traktor Kontrol S4 Driver (Version: 3.1.0.761 - Native Instruments) Hidden
Native Instruments Traktor Kontrol S4 MK2 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol S4 MK2 Driver) (Version: - Native Instruments)
Native Instruments Traktor Kontrol S4 MK2 Driver (Version: 3.1.2.795 - Native Instruments) Hidden
Native Instruments Traktor Kontrol X1 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol X1 Driver) (Version: - Native Instruments)
Native Instruments Traktor Kontrol X1 Driver (Version: 3.0.1.648 - Native Instruments) Hidden
Native Instruments Traktor Kontrol X1 MK2 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol X1 MK2 Driver) (Version: - Native Instruments)
Native Instruments Traktor Kontrol X1 MK2 Driver (Version: 3.1.1.780 - Native Instruments) Hidden
Native Instruments Traktor Kontrol Z1 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol Z1 Driver) (Version: - Native Instruments)
Native Instruments Traktor Kontrol Z1 Driver (Version: 3.1.1.780 - Native Instruments) Hidden
Native Instruments Traktor Kontrol Z2 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol Z2 Driver) (Version: - Native Instruments)
Native Instruments Traktor Kontrol Z2 Driver (Version: 3.1.0.761 - Native Instruments) Hidden
Nero BackItUp (x32 Version: 12.5.5000 - Nero AG) Hidden
Nero BackItUp 12 Essentials OEM.a01 (HKLM-x32\...\{4CA8F973-6377-4ABF-9ED5-CC2323B3C000}) (Version: 12.5.00500 - Nero AG)
Nero BackItUp Help (CHM) (x32 Version: 12.0.10000 - Nero AG) Hidden
Nero ControlCenter (x32 Version: 11.0.15600 - Nero AG) Hidden
Nero ControlCenter Help (CHM) (x32 Version: 12.0.7000 - Nero AG) Hidden
Nero Core Components (x32 Version: 11.0.20200 - Nero AG) Hidden
Nero Launcher (x32 Version: 12.2.7000 - Nero AG) Hidden
Nero RescueAgent (x32 Version: 12.0.3001 - Nero AG) Hidden
Nero RescueAgent Help (CHM) (x32 Version: 12.0.7000 - Nero AG) Hidden
Nero Update (x32 Version: 11.0.11800.31.0 - Nero AG) Hidden
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.2.3.51r2 - Symantec Corporation)
Norton Online Backup ARA (x32 Version: 4.1.0.14 - Symantec Corporation) Hidden
NVIDIA Grafiktreiber 311.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.30 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.109.706 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.11.3 (Version: 1.11.3 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.12.1031 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Systemsteuerung 311.30 (Version: 311.30 - NVIDIA Corporation) Hidden
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.11.3 - NVIDIA Corporation) Hidden
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4631.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4631.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4631.1002 - Microsoft Corporation) Hidden
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.02.2008 - Acer)
Office Addin 2003 (HKLM-x32\...\{1FCC073B-CC01-4443-AD20-E559F66E6E83}) (Version: 2.02.2008 - Acer)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.213.1 - Tracker Software Products Ltd)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
Qualcomm Atheros WiFi Driver Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 11.39 - Qualcomm Atheros)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6657 - Realtek Semiconductor Corp.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Spotify (HKLM-x32\...\Spotify) (Version: 0.8.4.99.ga249b5f1 - Spotify AB)
Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.10.5 - WildTangent) Hidden
Yahoo Community Smartbar (HKLM-x32\...\{3BC7022B-CDE0-4664-9AB6-E3EC25CE644A}) (Version: 11.63.66.17714 - Linkury Inc.) <==== ATTENTION
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-3478845354-2299671783-2462539787-1002_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Markus\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3478845354-2299671783-2462539787-1002_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Markus\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3478845354-2299671783-2462539787-1002_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Markus\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3478845354-2299671783-2462539787-1002_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Markus\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3478845354-2299671783-2462539787-1002_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Markus\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64\FileSyncApi64.dll (Microsoft Corporation)
==================== Restore Points =========================
08-07-2014 22:50:54 Windows Update
18-07-2014 10:30:50 Geplanter Prüfpunkt
28-07-2014 13:27:40 Geplanter Prüfpunkt
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {05213698-A30E-4087-A857-31B7B60B5F25} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2013-03-13] ()
Task: {12421D3C-85C4-48C8-9352-53C1AC3B0385} - System32\Tasks\APSnotifierPP1 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe
Task: {1A15979C-EE4A-4CF4-8CF5-4D52683E0C06} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {1BA20418-F45D-4183-A8A4-9192CAC32CD6} - System32\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-5_user => C:\Program Files (x86)\video MediaPlay-Air\c421907c-8d5f-4b54-af6e-98e6584c00d7-5.exe [2014-07-25] (enter) <==== ATTENTION
Task: {20850515-6079-456E-AB44-DCEBB8D45EF1} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2013-01-22] ()
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {24E43C6C-F3AC-463B-8C4B-0B2053EDFC8F} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-06-19] (Microsoft Corporation)
Task: {39CE24A0-32CB-4D61-8019-FEF551B287F2} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2013-01-23] (Acer Incorporated)
Task: {4586CBE0-97ED-4137-A2C6-712A2A5C4805} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-07-09] (Microsoft Corporation)
Task: {4C5BD0C1-8937-43CB-B64F-9120AA18F3B8} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2014-04-19] (Microsoft Corporation)
Task: {4FB017EE-E51B-40C1-A86A-5F5DC43A7801} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2013-03-15] (Acer Incorporated)
Task: {545A398B-78E7-464F-A80E-3A033AD37198} - System32\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-1 => C:\Program Files (x86)\video MediaPlay-Air\video MediaPlay-Air-codedownloader.exe [2014-07-25] (enter) <==== ATTENTION
Task: {5FDBD969-AC66-42BA-B22F-58849328109C} - System32\Tasks\APSnotifierPP2 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe
Task: {744490FD-A8F4-4CC0-878F-02D587DA55F1} - System32\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-4 => C:\Program Files (x86)\video MediaPlay-Air\c421907c-8d5f-4b54-af6e-98e6584c00d7-4.exe [2014-07-25] (enter) <==== ATTENTION
Task: {9174E7C1-BD86-402F-A9A3-A50B8AB03EEE} - System32\Tasks\APSnotifierPP3 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe
Task: {A198AA06-64A7-4996-A258-2E17F6098A91} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {E80D32C7-3C42-4C4E-B26A-F5B8567B330D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {E85FF466-D7B9-4206-8906-1898F42B0397} - System32\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-5 => C:\Program Files (x86)\video MediaPlay-Air\c421907c-8d5f-4b54-af6e-98e6584c00d7-5.exe [2014-07-25] (enter) <==== ATTENTION
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {EC07CB73-2C28-41A7-AD5F-140BA260C200} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09] (Adobe Systems Incorporated)
Task: {EC2BCA28-D75E-477D-A070-22C6183A4EE7} - System32\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-2 => C:\Program Files (x86)\video MediaPlay-Air\c421907c-8d5f-4b54-af6e-98e6584c00d7-2.exe [2014-07-25] (enter) <==== ATTENTION
Task: {FDDCCCB6-C4DD-4184-AE57-C7D07889303D} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-06-10] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\APSnotifierPP1.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP2.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP3.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-1.job => C:\Program Files (x86)\video MediaPlay-Air\video MediaPlay-Air-codedownloader.exe
Task: C:\Windows\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-2.job => C:\Program Files (x86)\video MediaPlay-Air\c421907c-8d5f-4b54-af6e-98e6584c00d7-2.exe
Task: C:\Windows\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-4.job => C:\Program Files (x86)\video MediaPlay-Air\c421907c-8d5f-4b54-af6e-98e6584c00d7-4.exe
Task: C:\Windows\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-5.job => C:\Program Files (x86)\video MediaPlay-Air\c421907c-8d5f-4b54-af6e-98e6584c00d7-5.exe
Task: C:\Windows\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-5_user.job => C:\Program Files (x86)\video MediaPlay-Air\c421907c-8d5f-4b54-af6e-98e6584c00d7-5.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2014-07-02 10:01 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-11-18 02:03 - 2012-03-28 14:49 - 00140456 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2014-07-23 16:32 - 2014-07-25 15:21 - 00106376 _____ () C:\Program Files (x86)\SupTab\WindowsSupportDll64.dll
2014-07-23 16:32 - 2014-07-25 15:21 - 00732040 _____ () C:\Program Files (x86)\SupTab\HpUI.exe
2014-07-16 11:16 - 2014-07-16 11:16 - 00064000 _____ () C:\Program Files (x86)\SupTab\Loader32.exe
2014-07-16 10:55 - 2014-07-16 10:55 - 00073216 _____ () C:\Program Files (x86)\SupTab\Loader64.exe
2013-05-23 07:06 - 2012-10-23 20:37 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-06-11 15:27 - 2014-06-11 15:27 - 00024344 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\Lrcnta.exe
2014-07-24 07:05 - 2014-07-24 07:05 - 00186192 _____ () c:\ProgramData\Fast And Safe\FastAndSafeSvc.dll
2014-07-24 07:05 - 2014-07-24 07:05 - 04125696 _____ () c:\ProgramData\Fast And Safe\FastAndSafe.dll
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-07-23 16:32 - 2014-07-25 15:21 - 00093576 _____ () C:\Program Files (x86)\SupTab\WindowsSupportDll32.dll
2014-06-11 15:28 - 2014-06-11 15:28 - 00045848 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Core.dll
2014-06-11 15:28 - 2014-06-11 15:28 - 00070936 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\srau.dll
2014-06-11 15:28 - 2014-06-11 15:28 - 00166680 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Utilities.dll
2014-06-11 15:28 - 2014-06-11 15:28 - 02337048 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\Smartbar.GUI.MainClient.dll
2014-06-11 15:28 - 2014-06-11 15:28 - 00067864 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\spbl.dll
2014-06-11 15:28 - 2014-06-11 15:28 - 00156952 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\Smartbar.Resources.HistoryAndStatsWrapper.dll
2014-06-11 15:28 - 2014-06-11 15:28 - 00015128 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\siem.dll
2014-06-11 15:28 - 2014-06-11 15:28 - 00066840 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\sppsm.dll
2014-06-11 15:28 - 2014-06-11 15:28 - 00697624 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\Smartbar.GUI.Controls.dll
2014-06-11 15:28 - 2014-06-11 15:28 - 00015640 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.BusinessEntities.dll
2014-06-11 15:28 - 2014-06-11 15:28 - 00079640 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\Smartbar.GUI.Docking.dll
2014-06-11 15:28 - 2014-06-11 15:28 - 00027928 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\Smartbar.Personalization.Common.dll
2014-06-11 15:29 - 2014-06-11 15:29 - 00060184 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\srut.dll
2014-06-11 15:28 - 2014-06-11 15:28 - 00030488 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\srsbs.dll
2014-06-11 15:28 - 2014-06-11 15:28 - 00066328 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.InternetExplorerLocalPlugin.dll
2014-06-11 15:28 - 2014-06-11 15:28 - 00150296 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\smti.dll
2014-06-11 15:28 - 2014-06-11 15:28 - 00032024 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\srom.dll
2014-06-11 15:28 - 2014-06-11 15:28 - 00031512 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\smtu.dll
2014-06-11 15:28 - 2014-06-11 15:28 - 00040216 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\smta.dll
2014-06-11 15:28 - 2014-06-11 15:28 - 00046872 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\srbu.dll
2014-06-11 15:28 - 2014-06-11 15:28 - 00024856 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\sgml.dll
2014-06-11 15:28 - 2014-06-11 15:28 - 00062744 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\Smartbar.Resources.LanguageSettings.dll
2014-06-11 15:28 - 2014-06-11 15:28 - 00025368 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\srpdm.dll
2014-06-11 15:27 - 2014-06-11 15:27 - 00044312 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\MACTrackBarLib.dll
2014-06-11 15:27 - 2014-06-11 15:27 - 00025880 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\de\Smartbar.Resources.LanguageSettings.resources.dll
2014-06-11 15:28 - 2014-06-11 15:28 - 00036120 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.dll
2014-06-11 15:28 - 2014-06-11 15:28 - 00256280 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\srns.dll
2014-06-24 21:41 - 2014-06-24 21:41 - 03852912 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-06-11 15:27 - 2014-06-11 15:27 - 00034072 _____ () C:\Users\Markus\AppData\Local\Smartbar\Application\lrcnt.dll
2013-07-30 17:40 - 2012-06-25 19:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
==================== Faulty Device Manager Devices =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (07/28/2014 03:35:54 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3.
Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird.
Error: (07/28/2014 03:35:54 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3.
Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird.
Error: (07/28/2014 03:35:54 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3.
Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird.
Error: (07/28/2014 03:18:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Umbrella210.exe, Version: 4.29.0.1, Zeitstempel: 0x53c89bf9
Name des fehlerhaften Moduls: Umbrella210.exe, Version: 4.29.0.1, Zeitstempel: 0x53c89bf9
Ausnahmecode: 0x40000015
Fehleroffset: 0x001c05a9
ID des fehlerhaften Prozesses: 0xe2c
Startzeit der fehlerhaften Anwendung: 0xUmbrella210.exe0
Pfad der fehlerhaften Anwendung: Umbrella210.exe1
Pfad des fehlerhaften Moduls: Umbrella210.exe2
Berichtskennung: Umbrella210.exe3
Vollständiger Name des fehlerhaften Pakets: Umbrella210.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Umbrella210.exe5
Error: (07/28/2014 10:10:42 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15594
Error: (07/28/2014 10:10:42 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15594
Error: (07/28/2014 10:10:42 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (07/26/2014 07:24:33 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 12265
Error: (07/26/2014 07:24:33 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 12265
Error: (07/26/2014 07:24:33 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
System errors:
=============
Error: (07/29/2014 02:53:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (07/29/2014 02:51:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "McAfee SiteAdvisor Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (07/29/2014 00:29:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (07/29/2014 00:26:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "McAfee SiteAdvisor Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (07/28/2014 03:18:23 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "SProtection" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (07/25/2014 03:28:26 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (07/25/2014 03:26:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "McAfee SiteAdvisor Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (07/25/2014 03:26:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Computer Backup (MyPC Backup)" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (07/25/2014 03:26:17 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Computer Backup (MyPC Backup) erreicht.
Error: (07/22/2014 01:40:25 PM) (Source: Tcpip) (EventID: 4199) (User: )
Description: Das System hat einen Adressenkonflikt der IP-Adresse 192.168.2.100 mit dem Computer mit der
Netzwerkhardwareadresse 00-26-AB-68-ED-8E ermittelt. Netzwerkvorgänge könnten daher auf diesem
System unterbrochen werden.
Microsoft Office Sessions:
=========================
Error: (07/28/2014 03:35:54 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\WordAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\WordAddIn2003.dll.Manifest4
Error: (07/28/2014 03:35:54 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\PowerPointAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\PowerPointAddIn2003.dll.Manifest4
Error: (07/28/2014 03:35:54 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\ExcelAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\ExcelAddIn2003.dll.Manifest4
Error: (07/28/2014 03:18:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Umbrella210.exe4.29.0.153c89bf9Umbrella210.exe4.29.0.153c89bf940000015001c05a9e2c01cfa80c05658c6eC:\Program Files (x86)\Common Files\Umbrella\Umbrella210.exeC:\Program Files (x86)\Common Files\Umbrella\Umbrella210.exea45faa4e-1659-11e4-be8c-208984ce3dc2
Error: (07/28/2014 10:10:42 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15594
Error: (07/28/2014 10:10:42 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15594
Error: (07/28/2014 10:10:42 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (07/26/2014 07:24:33 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 12265
Error: (07/26/2014 07:24:33 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 12265
Error: (07/26/2014 07:24:33 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
==================== Memory info ===========================
Percentage of memory in use: 26%
Total physical RAM: 8007.27 MB
Available physical RAM: 5922.41 MB
Total Pagefile: 11463.27 MB
Available Pagefile: 9320.42 MB
Total Virtual: 8192 MB
Available Virtual: 8191.76 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:682.19 GB) (Free:598.92 GB) NTFS
Drive d: (27 Jun 2014) (CDROM) (Total:0.69 GB) (Free:0.3 GB) UDF
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 699 GB) (Disk ID: B716F7A2)
Partition: GPT Partition Type.
==================== End Of Log ============================
|
|
29.07.2014, 14:53
| #4 |
| | Mozilla öffnet von alleine neue TabsCode:
ATTFilter Combofix Logfile: |
|
30.07.2014, 11:44
| #5 |
| /// the machine /// TB-Ausbilder | Mozilla öffnet von alleine neue Tabs Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
30.07.2014, 13:02
| #6 |
| | Mozilla öffnet von alleine neue Tabs So, alles erledigt. Ich hoffe, dass das so richtig war. Malwarebytes Code:
ATTFilter *{font-family: Verdana, Arial;} .BlackNormal{font-size:12px; color:#000000;}
.BlackNormalBold{font-size:11px; color:#000000; font-weight:bold;}
.BlackNormal1{font-size:13px; color:#000000;} .BlackNormal1Bold{font-size:13px;
color:#000000; font-weight:bold;} .BlackMedium{font-size:15px; color:#000000;}
.BlackMediumBold{font-size:15px; color:#000000; font-weight:bold;}
Nico Mak Computing
WinZip Malware Protector
Datum der ÜberprüfungMittwoch, 30. Juli 2014
Datenbankversion1899
Gefundene Elemente insgesamt187
Überprüfte Objekte:282705
Abgelaufene Zeit:00:15:41
NameGefundene Elemente
Name der Infektiontrojan-backdoor.bifrose
KategorieBackdoor
BedrohungsstufeSevere
Durchgeführte AktionNoActionTaken
Elemente gefunden1
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_current_user
software\wget
Name der Infektionroguesecurityprogram.winantivirus-pro-2006
KategorieRogue Antispyware Program
BedrohungsstufeSevere
Durchgeführte AktionNoActionTaken
Elemente gefunden6
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_classes_root
*\shellex\contextmenuhandlers\shellextension
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_classes_root
directory\shellex\contextmenuhandlers\shellextension
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_classes_root
drive\shellex\contextmenuhandlers\shellextension
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_local_machine
software\classes\*\shellex\contextmenuhandlers\shellextension
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_local_machine
software\classes\directory\shellex\contextmenuhandlers\shellextension
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_local_machine
software\classes\drive\shellex\contextmenuhandlers\shellextension
Name der Infektionroguesecurityprogram.pro-antispyware-2009
KategorieRogue Antispyware Program
BedrohungsstufeSevere
Durchgeführte AktionNoActionTaken
Elemente gefunden2
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_current_user
software\microsoft\windows\currentversion\drivers\video
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_current_user
software\microsoft\windows\currentversion\drivers\video\options
Name der Infektionroguesecurityprogram.ms-antispyware-2009
KategorieRogue Antispyware Program
BedrohungsstufeSevere
Durchgeführte AktionNoActionTaken
Elemente gefunden1
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_current_user
software\microsoft\windows\currentversion\drivers
Name der Infektiontrojan-spy.banker
KategorieTrojan Spy
BedrohungsstufeElevated
Durchgeführte AktionNoActionTaken
Elemente gefunden6
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_local_machine
system\currentcontrolset\services\catchme
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_local_machine
system\currentcontrolset\services\catchme
type
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_local_machine
system\currentcontrolset\services\catchme
errorcontrol
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_local_machine
system\currentcontrolset\services\catchme
start
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_local_machine
system\currentcontrolset\services\catchme
imagepath
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_local_machine
system\currentcontrolset\services\catchme
group
Name der Infektionpup.optional-nz
KategoriePotentially Unwanted Application
BedrohungsstufeHigh
Durchgeführte AktionNoActionTaken
Elemente gefunden12
Gefundener BereichFileSystem
Details
Dateinamec:\program files (x86)\mozilla
firefox\browser\searchplugins\nationzoom.xml
MD50
Signatur0
Md5hash: 119eeba271e1e58102ae975f412e32cd
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_current_user
software\microsoft\internet
explorer\searchscopes\{33bb0a4e-99af-4226-bdf6-49120163de86}
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_current_user
software\microsoft\internet
explorer\searchscopes\{33bb0a4e-99af-4226-bdf6-49120163de86}
url
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_current_user
software\microsoft\internet
explorer\searchscopes\{33bb0a4e-99af-4226-bdf6-49120163de86}
displayname
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_current_user
software\microsoft\internet
explorer\searchscopes\{33bb0a4e-99af-4226-bdf6-49120163de86}
faviconpath
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_local_machine
software\microsoft\internet
explorer\searchscopes\{33bb0a4e-99af-4226-bdf6-49120163de86}
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_local_machine
software\microsoft\internet
explorer\searchscopes\{33bb0a4e-99af-4226-bdf6-49120163de86}
displayname
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_local_machine
software\microsoft\internet
explorer\searchscopes\{33bb0a4e-99af-4226-bdf6-49120163de86}
url
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_local_machine
software\nationzoomsoftware
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_local_machine
software\nationzoomsoftware\nationzoomhp
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_local_machine
software\nationzoomsoftware\nationzoomhp
time
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_local_machine
software\nationzoomsoftware\nationzoomhp
oem
Name der Infektionpup.optional
KategoriePotentially Unwanted Application
BedrohungsstufeHigh
Durchgeführte AktionNoActionTaken
Elemente gefunden8
Gefundener BereichFileSystem
Details
Dateinamec:\users\markus\appdata\local\genienext\nengine.dll
MD50
Signatur15833803041516330828
Md5hash: 366bfbc6a6a9de3204b410b696e03b11
Gefundener BereichFileSystem
Details
Dateinamec:\users\markus\appdata\roaming\newnext.me\nengine.dll
MD50
Signatur15833803041516330828
Md5hash: 366bfbc6a6a9de3204b410b696e03b11
Gefundener BereichFileSystem
Details
Dateinamec:\users\markus\downloads\setup_v2.1.exe
MD50
Signatur13111136400101991285
Md5hash: 290860bff0321b068cbffbe858c37476
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_local_machine
software\{6791a2f3-fc80-475c-a002-c014af797e9c}
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_local_machine
software\{6791a2f3-fc80-475c-a002-c014af797e9c}
n
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_local_machine
software\classes\clsid\{1aa60054-57d9-4f99-9a55-d0fbfbe7ecd3}
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_local_machine
software\classes\clsid\{e5a7a645-8318-4895-b85c-edc606b80db6}
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_local_machine
software\classes\clsid\{e5a7a645-8318-4895-b85c-edc606b80db6}
id
Name der Infektionmalware.agent
KategorieGeneric Malware
BedrohungsstufeHigh
Durchgeführte AktionNoActionTaken
Elemente gefunden1
Gefundener BereichFileSystem
Details
Dateinamec:\users\markus\downloads\frst64.exe
MD50
Signatur6259540866098186490
Md5hash: ad1a336beee75032a9e07dbbe6f30372
Name der Infektiontrojan.agent
KategorieTrojan
BedrohungsstufeHigh
Durchgeführte AktionNoActionTaken
Elemente gefunden1
Gefundener BereichFileSystem
Details
Dateinamec:\users\markus\downloads\jvlsetup.exe
MD50
Signatur1756531133504620710
Md5hash: 472c38a08a15e764d7f3b3f50472237e
Name der Infektionmonitoring.employees-pc-monitor
KategorieMonitoring Tool
BedrohungsstufeHigh
Durchgeführte AktionNoActionTaken
Elemente gefunden1
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_users
s-1-5-18\software\microsoft\windows\currentversion\policies\system
Name der Infektionpup.optional-jw
KategoriePotentially Unwanted Application
BedrohungsstufeHigh
Durchgeführte AktionNoActionTaken
Elemente gefunden7
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_current_user
software\installedbrowserextensions
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_current_user
software\installedbrowserextensions\21636
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_current_user
software\installedbrowserextensions\21636
61799
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_current_user
software\installedbrowserextensions\21636\status
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_current_user
software\installedbrowserextensions\21636\status
installed
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_current_user
software\installedbrowserextensions\enter
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_current_user
software\installedbrowserextensions\enter
61799
Name der Infektionpup.optional-snk
KategoriePotentially Unwanted Application
BedrohungsstufeHigh
Durchgeführte AktionNoActionTaken
Elemente gefunden137
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_current_user
software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_current_user
software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_current_user
software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf
date
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_current_user
software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf
data.0
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_current_user
software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf
data.1
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_current_user
software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf
usr.0
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_current_user
software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf
usr.1
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_current_user
software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf
uuid
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_current_user
software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf
lrts
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_current_user
software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf
mode
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_current_user
software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf
iiid
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_current_user
software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\00000000
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_current_user
software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\00000000
370856c7
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_current_user
software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\00000000
493c7345
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_current_user
software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\00000000
3efeb33e
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_current_user
software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\00000000
a47da861
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_current_user
software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\00000000
4a40bed9
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_current_user
software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_current_user
software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
51d2f2ea
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_current_user
software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
a2e3b941
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_current_user
software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
bbf88800
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_current_user
software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
a1dcff5b
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_current_user
software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
340d3099
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_current_user
software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
0e93c3f3
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_current_user
software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
0c230bcb
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_current_user
software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
27ddcf6f
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_current_user
software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
414bc593
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_current_user
software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
f0bf0bde
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_current_user
software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
c99a5f5c
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_current_user
software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
72758a5d
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_current_user
software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
e46c271e
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_current_user
software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
7f69fa1f
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_current_user
software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
3c09c42b
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_current_user
software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
7367429f
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_current_user
software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
0dc3ee96
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_current_user
software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
d1abcdb6
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_current_user
software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
38583bc3
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_current_user
software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
c24899a6
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_current_user
software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
65114b36
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_current_user
software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
f1f24e29
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_current_user
software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
6185d035
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_current_user
software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
c5705860
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_current_user
software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
a0743acc
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_current_user
software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
c6c5dd44
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_current_user
software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
1520c6f1
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_current_user
software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
2d71d5ab
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_current_user
software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
8b9e4cbc
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_current_user
software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
fe94ce1e
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_current_user
software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
587b5709
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_current_user
software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
2e22d94e
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_current_user
software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
48bd1aff
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_current_user
software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
f6ad6fa6
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_current_user
software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
d94388d2
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_current_user
software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
37b7a6d8
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_current_user
software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
060df2cd
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_current_user
software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
e8f9dcc7
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_current_user
software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
1c311243
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_current_user
software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
f2c53c49
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_current_user
software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
c59938ae
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_current_user
software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\evq
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_current_user
software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\ext
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_current_user
software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\ini
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_current_user
software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\ini
187326178244532
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_current_user
software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\ini
287326178244532
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_current_user
software\appdatalow\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\ini
72368436527346
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_local_machine
software\{3a7d3e19-1b79-4e4e-bd96-5467da2c4ef0}
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_local_machine
software\{3a7d3e19-1b79-4e4e-bd96-5467da2c4ef0}
n
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_local_machine
software\{5f189df5-2d05-472b-9091-84d9848ae48b}
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_local_machine
software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_local_machine
software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf
date
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_local_machine
software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf
data.0
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_local_machine
software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf
data.1
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_local_machine
software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf
usr.0
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_local_machine
software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf
usr.1
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_local_machine
software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf
version
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_local_machine
software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf
uuid
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_local_machine
software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf
state
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_local_machine
software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf
lrts
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_local_machine
software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf
mode
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_local_machine
software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf
svn
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_local_machine
software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf
svx
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_local_machine
software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf
svi
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_local_machine
software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf
svt
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_local_machine
software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf
iiid
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_local_machine
software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf
dlpath
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_local_machine
software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf
svpath
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_local_machine
software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf
install_dir
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_local_machine
software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\00000000
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_local_machine
software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\00000000
370856c7
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_local_machine
software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\00000000
493c7345
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_local_machine
software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\00000000
3efeb33e
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_local_machine
software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\00000000
a47da861
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_local_machine
software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\00000000
4a40bed9
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_local_machine
software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_local_machine
software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
51d2f2ea
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_local_machine
software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
a2e3b941
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_local_machine
software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
bbf88800
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_local_machine
software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
a1dcff5b
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_local_machine
software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
340d3099
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_local_machine
software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
0e93c3f3
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_local_machine
software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
0c230bcb
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_local_machine
software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
27ddcf6f
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_local_machine
software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
414bc593
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_local_machine
software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
f0bf0bde
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_local_machine
software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
c99a5f5c
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_local_machine
software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
72758a5d
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_local_machine
software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
e46c271e
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_local_machine
software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
7f69fa1f
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_local_machine
software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
3c09c42b
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_local_machine
software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
7367429f
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_local_machine
software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
0dc3ee96
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_local_machine
software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
d1abcdb6
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_local_machine
software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
38583bc3
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_local_machine
software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
c24899a6
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_local_machine
software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
65114b36
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_local_machine
software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
f1f24e29
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_local_machine
software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
6185d035
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_local_machine
software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
c5705860
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_local_machine
software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
a0743acc
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_local_machine
software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
c6c5dd44
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_local_machine
software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
1520c6f1
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_local_machine
software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
2d71d5ab
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_local_machine
software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
8b9e4cbc
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_local_machine
software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
fe94ce1e
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_local_machine
software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
587b5709
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_local_machine
software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
2e22d94e
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_local_machine
software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
48bd1aff
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_local_machine
software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
f6ad6fa6
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_local_machine
software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
d94388d2
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_local_machine
software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
37b7a6d8
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_local_machine
software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
060df2cd
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_local_machine
software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
e8f9dcc7
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_local_machine
software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
1c311243
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_local_machine
software\{5f189df5-2d05-472b-9091-84d9848ae48b}\_64af91bf\eae10f9d
f2c53c49
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_local_machine
software\{77d46e27-0e41-4478-87a6-aabe6fbcf252}
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_local_machine
software\{77d46e27-0e41-4478-87a6-aabe6fbcf252}
64af91bf
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_local_machine
software\{77d46e27-0e41-4478-87a6-aabe6fbcf252}
n
Name der Infektionpup.optional-sd
KategoriePotentially Unwanted Application
BedrohungsstufeHigh
Durchgeführte AktionNoActionTaken
Elemente gefunden4
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_classes_root
clsid\{e5a7a645-8318-4895-b85c-edc606b80db6}
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_classes_root
clsid\{e5a7a645-8318-4895-b85c-edc606b80db6}
id
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_current_user
software\appdatalow\software\dynconie
Gefundener BereichRegistry
Details
Registrierungsschlüsselhkey_current_user
software\appdatalow\software\dynconie
id
© 2013 WinZip International LLC. All rights reserved.
AdwCleaner Logfile: Code:
ATTFilter # AdwCleaner v3.301 - Bericht erstellt am 30/07/2014 um 13:34:49
# Aktualisiert 28/07/2014 von Xplode
# Betriebssystem : Windows 8 (64 bits)
# Benutzername : Markus - MORGAN
# Gestartet von : C:\Users\Markus\Downloads\adwcleaner_3.301.exe
# Option : Löschen
***** [ Dienste ] *****
[#] Dienst Gelöscht : 64af91bf
Dienst Gelöscht : GlobalUpdater
Dienst Gelöscht : IePluginServices
Dienst Gelöscht : SProtection
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\IePluginServices
Ordner Gelöscht : C:\ProgramData\WindowsMangerProtect
Ordner Gelöscht : C:\ProgramData\WPM
Ordner Gelöscht : C:\ProgramData\cosstminn
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip Malware Protector
Ordner Gelöscht : C:\Program Files (x86)\globalUpdate
Ordner Gelöscht : C:\Program Files (x86)\Iminent
Ordner Gelöscht : C:\Program Files (x86)\Optimizer Pro
Ordner Gelöscht : C:\Program Files (x86)\pc speed up
Ordner Gelöscht : C:\Program Files (x86)\predm
Ordner Gelöscht : C:\Program Files (x86)\SupTab
Ordner Gelöscht : C:\Program Files (x86)\WinZip Malware Protector
Ordner Gelöscht : C:\Program Files (x86)\cosstminn
Ordner Gelöscht : C:\Program Files (x86)\Common Files\IMGUpdater
Ordner Gelöscht : C:\Program Files (x86)\Common Files\Umbrella
Ordner Gelöscht : C:\Program Files\003
Ordner Gelöscht : C:\Users\Administrator\AppData\Local\Chromatic Browser
Ordner Gelöscht : C:\Users\Administrator\AppData\Local\torch
Ordner Gelöscht : C:\Users\Gast\AppData\Local\Chromatic Browser
Ordner Gelöscht : C:\Users\Gast\AppData\Local\torch
Ordner Gelöscht : C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser
Ordner Gelöscht : C:\Users\HomeGroupUser$\AppData\Local\torch
Ordner Gelöscht : C:\Users\Markus\AppData\Local\Chromatic Browser
Ordner Gelöscht : C:\Users\Markus\AppData\Local\genienext
Ordner Gelöscht : C:\Users\Markus\AppData\Local\globalUpdate
Ordner Gelöscht : C:\Users\Markus\AppData\Local\LPT
Ordner Gelöscht : C:\Users\Markus\AppData\Local\Mobogenie
Ordner Gelöscht : C:\Users\Markus\AppData\Local\SearchProtect
Ordner Gelöscht : C:\Users\Markus\AppData\Local\Smartbar
Ordner Gelöscht : C:\Users\Markus\AppData\Local\torch
Ordner Gelöscht : C:\Users\Markus\AppData\Roaming\InetStat
Ordner Gelöscht : C:\Users\Markus\AppData\Roaming\newnext.me
Ordner Gelöscht : C:\Users\Markus\Documents\Mobogenie
Ordner Gelöscht : C:\Users\UpdatusUser\AppData\Local\Chromatic Browser
Ordner Gelöscht : C:\Users\UpdatusUser\AppData\Local\torch
Ordner Gelöscht : C:\Users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\ppfgea47.default\Extensions\faststartff@gmail.com
Ordner Gelöscht : C:\Users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\ppfgea47.default\Extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com
Ordner Gelöscht : C:\Users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\ppfgea47.default\Extensions\d55cd0d7-9f24-4660-95b3-188599e8e4f8@6b2faf04-e86f-4bcf-a878-632814acf518.com
Ordner Gelöscht : C:\Users\Markus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma
Datei Gelöscht : C:\Users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\ppfgea47.default\Extensions\webbooster@iminent.com.xpi
Datei Gelöscht : C:\END
Datei Gelöscht : C:\Users\Markus\daemonprocess.txt
Datei Gelöscht : C:\Users\Markus\AppData\Roaming\aps.uninstall.scan.results
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\defaults\pref\all-iminent.js
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\nationzoom.xml
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\StartWeb.xml
Datei Gelöscht : C:\Users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\ppfgea47.default\searchplugins\Web Search.xml
Datei Gelöscht : C:\Users\Markus\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv3.crx
Datei Gelöscht : C:\Users\Markus\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage
Datei Gelöscht : C:\Users\Markus\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
Datei Gelöscht : C:\Users\Markus\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
***** [ Tasks ] *****
Task Gelöscht : c421907c-8d5f-4b54-af6e-98e6584c00d7-1
Task Gelöscht : c421907c-8d5f-4b54-af6e-98e6584c00d7-2
Task Gelöscht : c421907c-8d5f-4b54-af6e-98e6584c00d7-4
Task Gelöscht : c421907c-8d5f-4b54-af6e-98e6584c00d7-5
Task Gelöscht : c421907c-8d5f-4b54-af6e-98e6584c00d7-5_user
***** [ Verknüpfungen ] *****
Verknüpfung Desinfiziert : C:\Users\Public\Desktop\Mozilla Firefox.lnk
Verknüpfung Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
Verknüpfung Desinfiziert : C:\Users\Markus\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Verknüpfung Desinfiziert : C:\Users\Markus\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk
***** [ Registrierungsdatenbank ] *****
Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [faststartff@gmail.com]
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Browser Infrastructure Helper]
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [NextLive]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.bandobjectattribute
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.bho
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.dockingpanel
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbarbandobject
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.smartbardisplaystate
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.smartbarmenuform
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\speedupmypc
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\NewPlayer_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\NewPlayer_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\smartbar_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\smartbar_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Schlüssel Gelöscht : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5F189DF5-2D05-472B-9091-84D9848AE48B}{64af91bf}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0061799.BHO
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0061799.BHO.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0061799.Sandbox
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0061799.Sandbox.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611171199}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622172299}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655175599}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666176699}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611171199}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110611171199}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110611171199}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{460C3D19-B3D4-4964-A550-77D263B0CCCB}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{A33DB9FD-7A8A-496E-92D3-9CFCF9D9E1C9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611171199}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622172299}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655175599}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666176699}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611171199}
Wert Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A33DB9FD-7A8A-496E-92D3-9CFCF9D9E1C9}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}
Schlüssel Gelöscht : HKCU\Software\AnyProtect
Schlüssel Gelöscht : HKCU\Software\APN PIP
Schlüssel Gelöscht : HKCU\Software\genesis
Schlüssel Gelöscht : HKCU\Software\GlobalUpdate
Schlüssel Gelöscht : HKCU\Software\Iminent
Schlüssel Gelöscht : HKCU\Software\InstalledBrowserExtensions
Schlüssel Gelöscht : HKCU\Software\Optimizer Pro
Schlüssel Gelöscht : HKCU\Software\SmartBar
Schlüssel Gelöscht : HKCU\Software\smartbarbackup
Schlüssel Gelöscht : HKCU\Software\smartbarlog
Schlüssel Gelöscht : HKCU\Software\SupHpUISoft
Schlüssel Gelöscht : HKCU\Software\TutoTag
Schlüssel Gelöscht : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Crossrider
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\DynConIE
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Re_Markit
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\suprasavings
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\video MediaPlay-Air
Schlüssel Gelöscht : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Schlüssel Gelöscht : HKLM\Software\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Schlüssel Gelöscht : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Schlüssel Gelöscht : HKLM\Software\{77D46E27-0E41-4478-87A6-AABE6FBCF252}
Schlüssel Gelöscht : HKLM\Software\FrEeSoFtOdAy
Schlüssel Gelöscht : HKLM\Software\GlobalUpdate
Schlüssel Gelöscht : HKLM\Software\IMGUPDATER
Schlüssel Gelöscht : HKLM\Software\Iminent
Schlüssel Gelöscht : HKLM\Software\InstalledBrowserExtensions
Schlüssel Gelöscht : HKLM\Software\nationzoomSoftware
Schlüssel Gelöscht : HKLM\Software\PIP
Schlüssel Gelöscht : HKLM\Software\SupDp
Schlüssel Gelöscht : HKLM\Software\SupTab
Schlüssel Gelöscht : HKLM\Software\supWindowsMangerProtect
Schlüssel Gelöscht : HKLM\Software\supWPM
Schlüssel Gelöscht : HKLM\Software\Tutorials
Schlüssel Gelöscht : HKLM\Software\Umbrella
Schlüssel Gelöscht : HKLM\Software\Uniblue
Schlüssel Gelöscht : HKLM\Software\video MediaPlay-Air
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1B8A71D1-31D4-EE6A-C32F-836E0BFFA6D3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3BC7022B-CDE0-4664-9AB6-E3EC25CE644A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\DomaIQ
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\suprasavings
***** [ Browser ] *****
-\\ Internet Explorer v10.0.9200.17028
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default]
-\\ Mozilla Firefox v30.0 (de)
[ Datei : C:\Users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\ppfgea47.default\prefs.js ]
Zeile gelöscht : user_pref("CT3309350.searchProtector.notifyChanges", "{\"dataType\":\"string\",\"data\":\"false\"}");
Zeile gelöscht : user_pref("extensions.UOcWq12EbL.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1||url.indexOf(\"sumor[...]
Zeile gelöscht : user_pref("extensions.Wiz.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1||url.indexOf(\"sumorobo.net[...]
Zeile gelöscht : user_pref("extensions.a5c8764929678437cbd90994a5a82ac863d978ade40948f4c7f15bb3c4com61799.61799.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssfiles.co[...]
Zeile gelöscht : user_pref("extensions.crossrider.bic", "14336e4927061dfdedccdfadf5ddb426");
Zeile gelöscht : user_pref("extensions.enabledAddons", "webbooster%40iminent.com:8.26.4.1,faststartff%40gmail.com:4.3.0,5c8764929678437cbd90994a5a82%40ac863d978ade40948f4c7f15bb3c4.com:0.95.7,%7B972ce4c6-7e08-4474-a28[...]
Zeile gelöscht : user_pref("iminent.LayoutId", "1");
Zeile gelöscht : user_pref("iminent.ShowThankyouPixel", "0");
Zeile gelöscht : user_pref("iminent._oaZGabJJ8Q_", "{\"cpt\":0,\"cpr\":0,\"s\":0,\"es\":1}");
Zeile gelöscht : user_pref("iminent.adapters", "{\"www.v9.com\":{\"CountryCode\":\"DE\",\"NoAds\":false,\"Status\":1,\"AdapterKey\":\"v9\",\"v\":true,\"p\":0,\"t\":1,\"th\":1.1,\"expireTime\":\"140438806398286400\"},\[...]
Zeile gelöscht : user_pref("iminent.enableToolbar", "false");
Zeile gelöscht : user_pref("iminent.enabledAds", "obsolete");
Zeile gelöscht : user_pref("iminent.externalScripts", "{\"value\":[{\"addonUid\":\"b7110a40-a16f-4a12-a411-bd0b6014905a\",\"name\":\"Superfish\",\"addonId\":2,\"url\":\"//www.superfish.com/ws/sf_main.jsp\",\"queryStri[...]
Zeile gelöscht : user_pref("iminent.newtabredirect", "true");
Zeile gelöscht : user_pref("iminent.nomsi", "true");
Zeile gelöscht : user_pref("iminent.registerToolbarEvent101", "1406280040897");
Zeile gelöscht : user_pref("iminent.registerToolbarEvent102", "1406644516774");
Zeile gelöscht : user_pref("iminent.registerToolbarEvent105", "1405612585743");
Zeile gelöscht : user_pref("iminent.registerToolbarEvent109", "1406642069810");
Zeile gelöscht : user_pref("iminent.registerToolbarEvent110", "1406642278681");
Zeile gelöscht : user_pref("iminent.registerToolbarEvent111", "1406642069453");
Zeile gelöscht : user_pref("iminent.registerToolbarEvent112", "1406642070172");
Zeile gelöscht : user_pref("iminent.registerToolbarEvent122", "1406642069897");
Zeile gelöscht : user_pref("iminent.registerToolbarEvent140", "1406642795714");
Zeile gelöscht : user_pref("iminent.searchindex", "1");
Zeile gelöscht : user_pref("iminent.trackingInfo", "{\"state\":0,\"samplingRate\":0}");
Zeile gelöscht : user_pref("iminent.version", "8.26.4.1");
Zeile gelöscht : user_pref("iminent.versioning", "{\"CurrentVersion\":\"8.26.4.1\",\"InstallEventCTime\":1406719772885,\"InstallEvent\":\"True\"}");
-\\ Google Chrome v36.0.1985.125
*************************
AdwCleaner[R0].txt - [21412 octets] - [30/07/2014 13:33:50]
AdwCleaner[S0].txt - [18695 octets] - [30/07/2014 13:34:49]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [18756 octets] ##########
[/CODE] Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 8 x64
Ran by Markus on 30.07.2014 at 13:39:40,00
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{44444444-4444-4444-4444-440644174499}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{44444444-4444-4444-4444-440644174499}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\TypeLib\{44444444-4444-4444-4444-440644174499}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\TypeLib\{44444444-4444-4444-4444-440644174499}
~~~ Files
~~~ Folders
Failed to delete: [Folder] "C:\ProgramData\boost_interprocess"
~~~ FireFox
Emptied folder: C:\Users\Markus\AppData\Roaming\mozilla\firefox\profiles\ppfgea47.default\minidumps [6 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 30.07.2014 at 13:44:37,09
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter Combofix Logfile: |
|
30.07.2014, 15:30
| #7 |
| /// the machine /// TB-Ausbilder | Mozilla öffnet von alleine neue TabsESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme? 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
31.07.2014, 00:09
| #8 |
| | Mozilla öffnet von alleine neue Tabs Hier den log für ESET Online Scanner Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=7dbe5cd94780e24ba72e8f4da73d8378
# engine=19424
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=false
# utc_time=2014-07-30 10:45:47
# local_time=2014-07-31 12:45:47 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 40544 11151236 0 0
# scanned=237207
# found=132
# cleaned=0
# scan_time=7702
sh=A914E18AFBB41E13112B14D7CE24FA92018073E0 ft=1 fh=a41c62051e0d20f3 vn="Variante von MSIL/Solimba.AC evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\pc speed up\Uninstall_PCSpeedUp.exe.vir"
sh=E0D486C68536C75A4716672AA52802EE493F5DA1 ft=1 fh=cff95027911011e3 vn="Win32/Thinknice.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SupTab.dll.vir"
sh=7560ADB6881D658A46F52AD1DCDF667B615F6EDE ft=1 fh=19f14dde2ee67322 vn="Variante von MSIL/AdvancedSystemProtector.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\WinZip Malware Protector\WinZipMalwareProtector.exe.vir"
sh=8E6A6992A3C7FEC4000FA1A4D764DD597109E0B5 ft=1 fh=c71c0011cd00713e vn="Win32/NextLive.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\genienext\nengine.dll.vir"
sh=A48F78E3190E0426CAB7017C85D371A0B2515CE9 ft=1 fh=678a4d58de41779d vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\LPT\lrrot.dll.vir"
sh=402E3F17023EC662028C5C419DF48D31B4C47954 ft=1 fh=86c7edc6432607ef vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\LPT\Newtonsoft.Json.dll.vir"
sh=821846614584D57FC24BB86CF24C5B044C3A5AB0 ft=1 fh=38f8d8ab5d5f7ec8 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\LPT\Proxy.Lib.dll.vir"
sh=5D592B28A47C58385B38BF5BE85B9522912BC10A ft=1 fh=3b5e61ca8a8504aa vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\LPT\ProxySettings.dll.vir"
sh=B4878E4D93560399EE0DC807D08C50BEB6761808 ft=1 fh=69632074c0150e80 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\LPT\Smartbar.Common.dll.vir"
sh=DF700E3E3451218A58F0353A32510F8634D296BA ft=1 fh=b309d8039acdc591 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\LPT\Smartbar.Communication.dll.vir"
sh=6C259E1D637082DF6DA4D6B398F82FDCABB8B765 ft=1 fh=4acbf6ce984aa41c vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\LPT\Smartbar.Communication.NamedPipe.dll.vir"
sh=5AC61EEEFD4864B54ADD4859705CAAFA6C4CF5A2 ft=1 fh=d729506a85ba5934 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\LPT\Smartbar.Infrastructure.Utilities.dll.vir"
sh=FBCF47C3668D6C9145A1DF8256F9121D15B31E7F ft=1 fh=a050f1bff8747171 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\LPT\Smartbar.Monetization.Proxy.ProxyService.dll.vir"
sh=985F7D915121BCC1622053A4E733017C79B30730 ft=1 fh=32db1fe504d77fbd vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\LPT\Smartbar.Personalization.Common.dll.vir"
sh=F954138CC8E03FB04A455990DE15E0338D6AB912 ft=1 fh=36f8e81135ac0afb vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\LPT\Smartbar.Resources.HistoryAndStatsWrapper.dll.vir"
sh=282C3784574E4D63842B459989D58D9A01FDE6AF ft=1 fh=acb2d21d2c2498cd vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\LPT\sppsm.dll.vir"
sh=719A34FC1A21E40761C045E0C52F8855E80CDCCF ft=1 fh=c81f8f636f5132a4 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\LPT\spusm.dll.vir"
sh=CF4B12FE9E659B034ECB77641D0DC5363767BDFA ft=1 fh=b2fc897ff3c3a9c1 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\LPT\srbs.dll.vir"
sh=3401A6D9D8AF4649034F7F8656061193AA03465C ft=1 fh=8db55f9452f6901a vn="Variante von MSIL/Toolbar.Linkury.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\LPT\srbu.dll.vir"
sh=43F238352B0408FAEB2C4F0913D466BF5ED00FAD ft=1 fh=134f92e041cba1a2 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\LPT\sreu.dll.vir"
sh=6B3C75BCF39B5C7C513E9E8F7002C1E7DFF0FD92 ft=1 fh=3acc90857f6076ca vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\LPT\srpdm.dll.vir"
sh=02AC509D825A3429FD8DA7598346097157010284 ft=1 fh=77f0c1495b29d1a6 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\LPT\srprl.dll.vir"
sh=3FDA5C133E6451D7FD25E35279A38DE0C966D4F8 ft=1 fh=70c5ecb890da71d8 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\LPT\srpt.dll.vir"
sh=C44EC6E4DC487DFC18CB5A5B2795E02579F47C8B ft=1 fh=843f1902f422e7c7 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\LPT\srptc.dll.vir"
sh=CCBE054E6D592E0B63726E204F78350068612669 ft=1 fh=01825806541cfe88 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\LPT\srut.dll.vir"
sh=26399AE8BDC2D7215045EACBE0422111C796DFC4 ft=1 fh=c8795392d93927f2 vn="Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\amfclgbdpgndipgoegfpkkgobahigbcl\GoogleChromeRemotePlugin.dll.vir"
sh=5D0FF82E89BC0A4963B3FD2CF51F514250A3E4DF ft=1 fh=8b6bc8b332059833 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\ar\Smartbar.Resources.LanguageSettings.resources.dll.vir"
sh=DAB0DB732EF1B3148F2A8409C69693A8BC0F668D ft=1 fh=4741d303503cb92b vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\de\Smartbar.Resources.LanguageSettings.resources.dll.vir"
sh=59C517C8E1476806AC0B4453C863381F877C7E59 ft=1 fh=44fb8e74d96dfeb6 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\es\Smartbar.Resources.LanguageSettings.resources.dll.vir"
sh=9FB49C995BBC6508CC80D88EE251DE926201BE6B ft=1 fh=ab88d352dd6d144d vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\fr\Smartbar.Resources.LanguageSettings.resources.dll.vir"
sh=EF09058F1A8249F38882470126CBBE1B927788C4 ft=1 fh=7c3bb5a116a7be08 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\he\Smartbar.Resources.LanguageSettings.resources.dll.vir"
sh=C88DAF3FB5D3FEC090233FF251F7F0CFC73EF4CD ft=1 fh=b74c7f4df627386b vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_25.dll.vir"
sh=4B9D59EFA89F628628CE74083961743D56E460C7 ft=1 fh=8e9074b2b2075a48 vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_26.dll.vir"
sh=7290509DD9B7F8DCFA781334EBEFF3E5D4C58C5C ft=1 fh=0aae782d31fb93bd vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_27.dll.vir"
sh=32602D4077332EE0F75304C87434755510F768FD ft=1 fh=4d22cbd3b33f2e9e vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_28.dll.vir"
sh=A5517659524BFD05ABEF457FE26F1D0E80D3EF85 ft=1 fh=af4585d56f4a69b5 vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_29.dll.vir"
sh=36E31354BDEA960B9E966413460C3CB81036C629 ft=1 fh=107c58d6ba93a4af vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_30.dll.vir"
sh=7D1FEDA559B59DBFF01C4B4F53134F121D4377C1 ft=1 fh=c2a5d07a8b4f82a0 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\it\Smartbar.Resources.LanguageSettings.resources.dll.vir"
sh=D3558CD8505E43CC94A8BE5A1FFC2C3D39409CD9 ft=1 fh=9bada0f6814a3287 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\nl\Smartbar.Resources.LanguageSettings.resources.dll.vir"
sh=370E12565221A99CA327F8FB1EAAF243856E879C ft=1 fh=f6cdb3ec75080afe vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\pt\Smartbar.Resources.LanguageSettings.resources.dll.vir"
sh=E733700395C6E285DF6D36C59D119CADF14EC136 ft=1 fh=f3d835ac74302d04 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\ru\Smartbar.Resources.LanguageSettings.resources.dll.vir"
sh=20E137221A0CD062EE988380349F197FF6156CA2 ft=1 fh=8e867a7f15acd36f vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\tr\Smartbar.Resources.LanguageSettings.resources.dll.vir"
sh=44341AC3075A630346D44C97F22FE3B8DB90A2C8 ft=1 fh=03026ae03c5e9bfc vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\Interop.SHDocVw.dll.vir"
sh=B8321125D3DD8FBE693497FD476804986E8D5443 ft=1 fh=e0c870c40d823fbd vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\lrcnt.dll.vir"
sh=A48F78E3190E0426CAB7017C85D371A0B2515CE9 ft=1 fh=678a4d58de41779d vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\lrrot.dll.vir"
sh=B30DAF63ED6EE63AB6B70F4BDE3982F40E0AF319 ft=1 fh=d31df0d3b3772a4f vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\MACTrackBarLib.dll.vir"
sh=0D421B32AD2D65114D3F7CF09D33BF1D3600F960 ft=1 fh=5baaf36006c8ac9a vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\NDde.dll.vir"
sh=402E3F17023EC662028C5C419DF48D31B4C47954 ft=1 fh=86c7edc6432607ef vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\Newtonsoft.Json.dll.vir"
sh=821846614584D57FC24BB86CF24C5B044C3A5AB0 ft=1 fh=38f8d8ab5d5f7ec8 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\Proxy.Lib.dll.vir"
sh=5D592B28A47C58385B38BF5BE85B9522912BC10A ft=1 fh=3b5e61ca8a8504aa vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\ProxySettings.dll.vir"
sh=67EB8AF8E2C8ED10D29364A3927AAC8E376B7870 ft=1 fh=d0245071c2cee8ce vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\sgml.dll.vir"
sh=1BD8C2722CFC9112780B116B32E241CA56FED378 ft=1 fh=ccbd55e792ffd4a5 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\sidb.dll.vir"
sh=550E36B251DA813A5FB075D4DDBE728B5FC7786D ft=1 fh=ca67ef67b5a5be99 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\siem.dll.vir"
sh=46296181E78D3B1F6A53F1CACDD6035B02B57E1D ft=1 fh=9d321d3b0a34bff2 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\sipb.dll.vir"
sh=7BC6332DBC2D5DF45298C0575AA545798AF8ECB2 ft=1 fh=6170fef5860c8c93 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\sismlp.dll.vir"
sh=B4878E4D93560399EE0DC807D08C50BEB6761808 ft=1 fh=69632074c0150e80 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\Smartbar.Common.dll.vir"
sh=DF700E3E3451218A58F0353A32510F8634D296BA ft=1 fh=b309d8039acdc591 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\Smartbar.Communication.dll.vir"
sh=6C259E1D637082DF6DA4D6B398F82FDCABB8B765 ft=1 fh=4acbf6ce984aa41c vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\Smartbar.Communication.NamedPipe.dll.vir"
sh=B0AC0139021B61046A6BF011D95E0779DAD11F99 ft=1 fh=7df27588bb9c1087 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\Smartbar.GUI.Controls.dll.vir"
sh=50AD95CE5FD82838E19D7174B549A7BD0E4FB40A ft=1 fh=ddaa5a6a231246ec vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\Smartbar.GUI.Docking.dll.vir"
sh=14882A6F182465C0DD57555D82C894950BECA3C4 ft=1 fh=fb51d2b4c8bc4b88 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\Smartbar.GUI.MainClient.dll.vir"
sh=99AF6ECDEBB152B3A2C967F80FFA90E9168A671D ft=1 fh=85a6bd0378e94ee9 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.BusinessEntities.dll.vir"
sh=1E09548020705131357796B6F68AC61B5180CC86 ft=1 fh=7cd8f36d1f3f4f4e vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Core.dll.vir"
sh=B83094E276B956450B7ACF68CE93DCD85D95362F ft=1 fh=81a29741229eb52a vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.ChromeLocalPlugin.dll.vir"
sh=893F4D87D875F6B5F5565F6A86DCAA4729D16712 ft=1 fh=f255c18676cf4594 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.FireFoxLocalPlugin.dll.vir"
sh=71D7A552FF38B19CD9E29AC73F660BE4DF75B31A ft=1 fh=8fcfed294dd9d419 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.InternetExplorerLocalPlugin.dll.vir"
sh=5AC61EEEFD4864B54ADD4859705CAAFA6C4CF5A2 ft=1 fh=d729506a85ba5934 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Utilities.dll.vir"
sh=FBCF47C3668D6C9145A1DF8256F9121D15B31E7F ft=1 fh=a050f1bff8747171 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\Smartbar.Monetization.Proxy.ProxyService.dll.vir"
sh=985F7D915121BCC1622053A4E733017C79B30730 ft=1 fh=32db1fe504d77fbd vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\Smartbar.Personalization.Common.dll.vir"
sh=F954138CC8E03FB04A455990DE15E0338D6AB912 ft=1 fh=36f8e81135ac0afb vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\Smartbar.Resources.HistoryAndStatsWrapper.dll.vir"
sh=FD8009322EFE5C62E162BC6E88023EF8BA339E7F ft=1 fh=583143ef04de1314 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\Smartbar.Resources.LanguageSettings.dll.vir"
sh=8ED02920C203A906B1B2BCA267CC1ADF91805DC6 ft=1 fh=1ed4e1b87baac737 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.dll.vir"
sh=8175A8AE1F2DB1A34AF959A9A7FC08C61E2551BE ft=1 fh=2803c3b5568a6e48 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.XmlSerializers.dll.vir"
sh=6AC9D369C7B58F5BE35AF423774D6F350BFD0561 ft=1 fh=1cb38c3299e1660f vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\Smartbar.Resources.Translations.dll.vir"
sh=9FFF858BF9B8A2A552539E1E0C198E25C7D2B3EF ft=1 fh=1a46c8b2595d1a09 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\SmartbarInternetExplorerBHO.dll.vir"
sh=9FFF858BF9B8A2A552539E1E0C198E25C7D2B3EF ft=1 fh=1a46c8b2595d1a09 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\SmartbarInternetExplorerBHO2.dll.vir"
sh=4B53AC771E2C80681A15C73F08D3F30CA2590975 ft=1 fh=15c935441a7e65bb vn="Variante von MSIL/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\SmartbarInternetExplorerExtension.dll.vir"
sh=4B53AC771E2C80681A15C73F08D3F30CA2590975 ft=1 fh=15c935441a7e65bb vn="Variante von MSIL/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\SmartbarInternetExplorerExtension2.dll.vir"
sh=AA36575A40264209CC6F99345542FC841BA626B0 ft=1 fh=4d304fca6bb460c9 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\smta.dll.vir"
sh=7B7980FE9F0A9488AD49CC74956634F74AB55E51 ft=1 fh=eef88e5d9859c86e vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\smti.dll.vir"
sh=734715A3C53478C47B667F2687DF1693B022D529 ft=1 fh=61538d6f9e36af3a vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\smtu.dll.vir"
sh=34A1BB19F84A433CCF57DB94EF3A9BE732F714DA ft=1 fh=6a35be02fe18f9e5 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\spbe.dll.vir"
sh=00DEECDF3C98B4858DBFF5DE0EA4A52A4F645C89 ft=1 fh=759597e18afc46cb vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\spbl.dll.vir"
sh=282C3784574E4D63842B459989D58D9A01FDE6AF ft=1 fh=acb2d21d2c2498cd vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\sppsm.dll.vir"
sh=67D92E10B0698D5FEBC4F9A462236BD8BEB9C7A4 ft=1 fh=fc04499782a79bec vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\spsm.dll.vir"
sh=719A34FC1A21E40761C045E0C52F8855E80CDCCF ft=1 fh=c81f8f636f5132a4 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\spusm.dll.vir"
sh=F8DECDAD3EB07DFB736A5134E14A1A5F03077B77 ft=1 fh=c5b89d195122ef24 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\srau.dll.vir"
sh=0A02C60CA9DF48818A811160A46DA8891A3DFC79 ft=1 fh=9ed14ed1c43085ca vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\srbhu.dll.vir"
sh=CF4B12FE9E659B034ECB77641D0DC5363767BDFA ft=1 fh=b2fc897ff3c3a9c1 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\srbs.dll.vir"
sh=3401A6D9D8AF4649034F7F8656061193AA03465C ft=1 fh=8db55f9452f6901a vn="Variante von MSIL/Toolbar.Linkury.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\srbu.dll.vir"
sh=43F238352B0408FAEB2C4F0913D466BF5ED00FAD ft=1 fh=134f92e041cba1a2 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\sreu.dll.vir"
sh=4ADEED9853020E9C608517699CE35E4AB46B1A6F ft=1 fh=f17c6a58ae8e51e6 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\srgu.dll.vir"
sh=37EB6534E3D8B753F98A41BC16F402C909B39ED2 ft=1 fh=d9ccf5dc08eaea01 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\srns.dll.vir"
sh=481E78E7AC2D66FA47CA2473B92DF87834912EB1 ft=1 fh=11859c11abe34608 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\srom.dll.vir"
sh=6B3C75BCF39B5C7C513E9E8F7002C1E7DFF0FD92 ft=1 fh=3acc90857f6076ca vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\srpdm.dll.vir"
sh=02AC509D825A3429FD8DA7598346097157010284 ft=1 fh=77f0c1495b29d1a6 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\srprl.dll.vir"
sh=B5190936D771F4F95AF1D6D25A1AFD4CA442FE4C ft=1 fh=c84bd411ffb6f50c vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\srpu.dll.vir"
sh=E64D27FE025476730144D7CB1FB88351523DAFE3 ft=1 fh=f62074867e208329 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\srsbs.dll.vir"
sh=28B8C47DB9B0E9EC2EFE464D7F8A1342A0E8C7B8 ft=1 fh=52bfb6a85f371785 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\srsbsau.dll.vir"
sh=482BB3D3E448D54A6520E973CF271961B32ED4F6 ft=1 fh=4ddb6dcafd630cb2 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\srsl.dll.vir"
sh=2268FF7CE8C0FBA5212C1974FD64A659B67B698F ft=1 fh=24d569904a6990c9 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\sruhs.dll.vir"
sh=CC140B2680061037EE0A8E09FFD1DF589E31D02B ft=1 fh=9a344598546bc5c8 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\srus.dll.vir"
sh=CCBE054E6D592E0B63726E204F78350068612669 ft=1 fh=01825806541cfe88 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Application\srut.dll.vir"
sh=C5C86F4CA1F5F7B36C36BD55A380F8A7E0900AFA ft=1 fh=6115a62324625876 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.DMP.dll.vir"
sh=B306BBBE7DA3A3E94C53FEA930B0D0D75760AD6E ft=1 fh=747ce14d1d26f6e8 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.MessengerPlugin.dll.vir"
sh=410DC598705896D3DE77227B5335B4AB9B8EB05A ft=1 fh=c570c8d373d9e5f9 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.WeatherPlugin.dll.vir"
sh=6FA22D3A68DADF536EECCEEAFCAB689880E6872A ft=1 fh=d9b41938fdd5406b vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.WordPlugin.dll.vir"
sh=8BABEC12F2F3F54CA21B0D09D81A98D70D1C99BC ft=1 fh=ab077553fefabf92 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.YoutubeDownloadPlugin.dll.vir"
sh=F6CD5612F2EB91C6031CC873C21CF8C81D803097 ft=1 fh=f7f54b067bbc5a98 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Local\Smartbar\Common\ServicesPlugins\spup.dll.vir"
sh=81447912A34F2B17146525275592838967D4FFF7 ft=1 fh=e9acee4b46b6c119 vn="Variante von Win32/RiskWare.Astori.A Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Roaming\InetStat\inetstat.exe.vir"
sh=336F3BCB48ECB1F5B206A8B1BCBD184D6AA9E8B4 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\ppfgea47.default\Extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\extensionData\plugins\91.js.vir"
sh=BB613799215BA3B68D44449FBE2941E9F9EB5E42 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\ppfgea47.default\Extensions\d55cd0d7-9f24-4660-95b3-188599e8e4f8@6b2faf04-e86f-4bcf-a878-632814acf518.com\extensionData\plugins\91.js.vir"
sh=8E6A6992A3C7FEC4000FA1A4D764DD597109E0B5 ft=1 fh=c71c0011cd00713e vn="Win32/NextLive.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Markus\AppData\Roaming\newnext.me\nengine.dll.vir"
sh=4A453378C9443670BBB123CC7162BB3C1BA7878D ft=1 fh=cc2ccd571fb766b7 vn="Variante von Win32/Toolbar.CrossRider.AJ evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\video MediaPlay-Air\c421907c-8d5f-4b54-af6e-98e6584c00d7-2.exe"
sh=9380ED412E0ED1AB53B9AC4147A5E8518F2733E5 ft=1 fh=cf556ea92d8d7a9e vn="Variante von Win32/Toolbar.CrossRider.AK evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\video MediaPlay-Air\c421907c-8d5f-4b54-af6e-98e6584c00d7-4.exe"
sh=5CE086B59D5A823641BB4DCCC52F546C9F530963 ft=1 fh=2e0d3509e7954017 vn="Variante von Win32/Toolbar.CrossRider.AH evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\video MediaPlay-Air\c421907c-8d5f-4b54-af6e-98e6584c00d7-5.exe"
sh=2C4D6EF9B56F78E65FCEAC65E6C2EE2B82234710 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\video MediaPlay-Air\c421907c-8d5f-4b54-af6e-98e6584c00d7.xpi"
sh=5A4912EC0392BAFD6EC106381D9157F40792D4A5 ft=1 fh=8d7828411ae558cf vn="Variante von Win32/Toolbar.CrossRider.AL evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\video MediaPlay-Air\video MediaPlay-Air-bg.exe"
sh=7F2FF61B3763DB9D1F51E445A22052871D55AAC3 ft=1 fh=24997d5d4edeebc9 vn="Variante von Win32/Toolbar.CrossRider.AF evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\video MediaPlay-Air\video MediaPlay-Air-bho.dll"
sh=C292C9454D0AF7E67A043D37A1C72158A1F8C3A3 ft=1 fh=fed90379974948fd vn="Variante von Win64/Toolbar.Crossrider.F evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\video MediaPlay-Air\video MediaPlay-Air-bho64.dll"
sh=4424FE8C41FBAF5FF75CC29106CBF1D76FC6BE82 ft=1 fh=331d5ac52443d014 vn="Variante von Win32/Toolbar.CrossRider.AJ evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\video MediaPlay-Air\video MediaPlay-Air-codedownloader.exe"
sh=E3B202651C97FD7241F76EB147B5CD163DFD7078 ft=1 fh=c71c00117859331c vn="Variante von Win32/SProtector.D evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\ProgramData\Fast And Safe\FastAndSafe.dll.vir"
sh=D3E58DA9FB271D4BCA31AEBD45748F5AFE1B491E ft=1 fh=8419c0bdb0e5b97e vn="Variante von Win32/SProtector.D evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\ProgramData\Fast And Safe\FastAndSafeSvc.dll.vir"
sh=A0D52DCF369EF5A26EDD02F381A30BC06D6159F1 ft=1 fh=c71c00110a80296a vn="Variante von Win64/SProtector.B evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\ProgramData\Fast And Safe\FastAndSafe_x64.dll.vir"
sh=336F3BCB48ECB1F5B206A8B1BCBD184D6AA9E8B4 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PYYWYCL\91[1].js"
sh=836CEABE6A4D7178F7BE9FC56FB9C70071260CE0 ft=1 fh=1650ddb5623e84e1 vn="Variante von Win32/SoftPulse.F evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus\Downloads\jvlsetup.exe"
sh=3BC8ED9B8E94D86A11A9BE4067D4CA539898D3B6 ft=1 fh=d2bd1ef5e865ce1c vn="Variante von Win32/SoftPulse.H evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus\Downloads\Setup.exe"
sh=FF03CD55A17A0304C08EE3C759740ADA3A5340F3 ft=1 fh=92794a186f977033 vn="Variante von MSIL/DomaIQ.N evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus\Downloads\Setup_V2.1.exe"
sh=177E910063A87B4C6E2DE4069C9401D95E73CC21 ft=1 fh=ec3123f74738cdb1 vn="Variante von Win32/4Shared.W evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus\Downloads\Virtual DJ v7.0 PRO Crack [ChattChitto RG].exe"
sh=A981E3D6F03D3BD57D1472F33A4093A01533F8A8 ft=1 fh=7aaf7b3d0491af48 vn="Variante von MSIL/AdvancedSystemProtector.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Markus\Downloads\wzmp_8.exe"
sh=44341AC3075A630346D44C97F22FE3B8DB90A2C8 ft=1 fh=03026ae03c5e9bfc vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\assembly\GAC_MSIL\Interop.SHDocVw\1.1.0.0__84542ff99aed6a4d\Interop.SHDocVw.dll"
sh=5BA2A1AB903E6B0FAC7FD1B0BC4B4F32262BAC67 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\3df9ac.msi"
Der SecurityCheck hat leider mehrmals nicht funktioniert. Siehe hier: Code:
ATTFilter UNSUPPORTED OPERATING SYSTEM! ABORTED!
Code:
ATTFilter Combofix Logfile: Was mache ich mit den ganzen Downloads un? TXT Dateien? Benötige ich vielleicht ein derartiges Scan Programm oder ist jedes individuell? Vielen lieben Dank aber schon mal vorab. Das hat sehr geholfen und ich bin sehr dankbar dafür !!!! Liebe Grüße |
|
31.07.2014, 21:00
| #9 |
| /// the machine /// TB-Ausbilder | Mozilla öffnet von alleine neue Tabs Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter C:\Program Files (x86)\video MediaPlay-Air
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Frisches FRST log bitte. Und lösch die Cracks aus deinem Download Ordner....
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
Linear-Darstellung
