menge pop ups und musik im hintergrund

Schahin · 10.09.2014, 22:01

ich habe FRST runtergeladen habe auch schon den scan durchgefürt und nu?

FRST Editor
FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-09-2014
Ran by Ya-Hü (administrator) on YA-HÜ-VAIO on 10-09-2014 22:27:07
Running from C:\Users\Ya-Hü\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Fuyu LIMITED) C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
() C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
(Just Develop It) C:\Program Files (x86)\MyPC Backup\BackupStack.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
() C:\Program Files\ShrewSoft\VPN Client\dtpd.exe
(Aladdin Knowledge Systems, Ltd.) C:\Program Files\Aladdin\eToken\PKIClient\x64\eTSrv.exe
() C:\Program Files\ShrewSoft\VPN Client\iked.exe
() C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe
() C:\Program Files (x86)\LPT\srpts.exe
() C:\Program Files (x86)\NewPlayer\NewVideoPlayerUpdaterService.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
() C:\Program Files (x86)\LPT\srptsl.exe
() C:\monitor.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe
() C:\Windows\score.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
() C:\Users\Ya-Hü\AppData\Roaming\VOPackage\VOsrv.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe
() C:\Program Files (x86)\ver0SpeedChecker\G9SpeedCheckerkX178.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(Sony Corporation) C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
(Sony Corporation) C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
(MyOSCompany) C:\Program Files (x86)\PCTRunner\MyOSProtect.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
(globalUpdate) C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe
(enter) C:\Program Files (x86)\videos+ MediaPlayer+\c213693f-6a72-4a60-89e2-c9c24cabae7d.exe
() C:\Program Files (x86)\ver0SpeedChecker\J3SpeedCheckerB.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
(Aladdin Knowledge Systems, Ltd.) C:\Program Files\Aladdin\eToken\PKIClient\x64\PKIMonitor.exe
(Sony Corporation) C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe
(Sony Corporation) C:\Program Files (x86)\Sony\Media Gallery\VRLPHelper.exe
(Smartbar) C:\Users\Ya-Hü\AppData\Local\Smartbar\Application\Smartbar.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe
() C:\Users\Ya-Hü\AppData\Roaming\InetStat\inetstat.exe
() C:\Program Files (x86)\ver0SpeedChecker\SpeedChecker.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Dropbox, Inc.) C:\Users\Ya-Hü\AppData\Roaming\Dropbox\bin\Dropbox.exe
() C:\Users\Ya-Hü\AppData\Local\Genesis_09091859\Genesis_09091859.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApntEx.exe
(ALPS) C:\Program Files\Apoint\Apvfb.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\AutoUpdate\ALMon.exe
(MyPCBackup.com) C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Personalization Manager\VpmIfPav.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCsystray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Sony of America Corporation) C:\Program Files\Sony\VAIO Care\listener.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\ielowutil.exe
(enter) C:\Program Files (x86)\videos+ MediaPlayer+\00a03ed6-a505-4050-9fc4-b0739bf6fab1-6.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(smart-saverplus) C:\Program Files (x86)\ss8\bf1a449c-8356-402e-9ecc-44015185bae6-64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Users\Ya-Hü\AppData\Local\Smartbar\Application\Lrcnta.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10775584 2010-06-21] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2040352 2010-06-21] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint\Apoint.exe [212480 2010-05-14] (Alps Electric Co., Ltd.)
HKLM\...\Run: [eTMonitor] => C:\Program Files\Aladdin\eToken\PKIClient\x64\PKIMonitor.exe [192000 2008-11-03] (Aladdin Knowledge Systems, Ltd.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-04] (Intel Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [600928 2010-06-01] (Sony Corporation)
HKLM-x32\...\Run: [SHTtray.exe] => C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe [99696 2010-06-20] (Sony Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [ApnUpdater] => "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [TkBellExe] => c:\program files (x86)\real\realplayer\Update\realsched.exe [295512 2013-06-15] (RealNetworks, Inc.)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-12-23] (DivX, LLC)
HKLM-x32\...\Run: [SearchProtectAll] => C:\Program Files (x86)\SearchProtect\bin\cltmng.exe
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2013-11-15] ()
HKLM-x32\...\Run: [Sophos AutoUpdate Monitor] => C:\Program Files (x86)\Sophos\AutoUpdate\almon.exe [1617704 2014-05-21] (Sophos Limited)
HKU\S-1-5-21-2343719655-606922816-1584496895-1000\...\Run: [Elbserver] => C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe [81264 2010-06-22] (Sony Corporation)
HKU\S-1-5-21-2343719655-606922816-1584496895-1000\...\Run: [VRLPHelper] => C:\Program Files (x86)\Sony\Media Gallery\VRLPHelper.exe [183152 2010-06-22] (Sony Corporation)
HKU\S-1-5-21-2343719655-606922816-1584496895-1000\...\Run: [Facebook Update] => C:\Users\Ya-Hü\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-07-12] (Facebook Inc.)
HKU\S-1-5-21-2343719655-606922816-1584496895-1000\...\Run: [APISupport] => "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\Ya-Hü\AppData\Local\Conduit\APISupport\APISupport.dll",DLLRunAPISupport <===== ATTENTION
HKU\S-1-5-21-2343719655-606922816-1584496895-1000\...\Run: [SearchProtect] => C:\Users\Ya-Hü\AppData\Roaming\SearchProtect\bin\cltmng.exe
HKU\S-1-5-21-2343719655-606922816-1584496895-1000\...\Run: [BackgroundContainer] => "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\Ya-Hü\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun <===== ATTENTION
HKU\S-1-5-21-2343719655-606922816-1584496895-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-11-07] (Google Inc.)
HKU\S-1-5-21-2343719655-606922816-1584496895-1000\...\Run: [genesis_09091859] => c:\users\ya-hü\appdata\local\genesis_09091859\genesis_09091859.exe [1642496 2014-09-09] ()
HKU\S-1-5-21-2343719655-606922816-1584496895-1000\...\Run: [Browser Infrastructure Helper] => C:\Users\Ya-Hü\AppData\Local\Smartbar\Application\Smartbar.exe [28192 2014-08-27] (Smartbar)
HKU\S-1-5-21-2343719655-606922816-1584496895-1000\...\Run: [InetStat] => C:\Users\Ya-Hü\AppData\Roaming\InetStat\inetstat.exe [700430 2014-09-09] ()
HKU\S-1-5-21-2343719655-606922816-1584496895-1000\...\MountPoints2: {a2bb5f40-7701-11e0-8347-18f46af09ee2} - D:\LaunchU3.exe -a
AppInit_DLLs: C:\PROGRA~2\Sophos\SOPHOS~1\SOPHOS~2.DLL => C:\Program Files (x86)\Sophos\Sophos Anti-Virus\sophos_detoured_x64.dll [217160 2014-05-21] (Sophos Limited)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\Ya-Hü\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Ya-Hü\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Ya-Hü\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\genesis_09091859.lnk
ShortcutTarget: genesis_09091859.lnk -> C:\Users\Ya-Hü\AppData\Local\Genesis_09091859\Genesis_09091859.exe ()
Startup: C:\Users\Ya-Hü\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
ShortcutTarget: MyPC Backup.lnk -> C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)
Startup: C:\Users\Ya-Hü\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:14124;https=127.0.0.1:14124
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=4a462bdd-4c3a-402c-8ce3-d37e0174272f&searchtype=ds&q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.istartsurf.com/?type=hp&ts=1410289207&from=tugs&uid=HitachiXHTS545050B9SA00_101011PBN475B70JY7BLX
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hp&ts=1410289207&from=tugs&uid=HitachiXHTS545050B9SA00_101011PBN475B70JY7BLX
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=4a462bdd-4c3a-402c-8ce3-d37e0174272f&searchtype=ds&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.istartsurf.com/?type=hp&ts=1410289207&from=tugs&uid=HitachiXHTS545050B9SA00_101011PBN475B70JY7BLX
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hp&ts=1410289207&from=tugs&uid=HitachiXHTS545050B9SA00_101011PBN475B70JY7BLX
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.istartsurf.com/?type=hp&ts=1410289207&from=tugs&uid=HitachiXHTS545050B9SA00_101011PBN475B70JY7BLX
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hp&ts=1410289207&from=tugs&uid=HitachiXHTS545050B9SA00_101011PBN475B70JY7BLX
URLSearchHook: HKLM-x32 - (No Name) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - No File
URLSearchHook: HKLM-x32 - (No Name) - {51a86bb3-6602-4c85-92a5-130ee4864f13} - No File
URLSearchHook: HKLM-x32 - (No Name) - {8686b6b5-4734-4d4a-a246-5efbd9ebb200} - No File
URLSearchHook: HKLM-x32 - (No Name) - {6dad39c6-f4ac-4984-8e9b-f666269b9eb1} - No File
URLSearchHook: HKCU - (No Name) - {90eee664-34b1-422a-a782-779af65cdf6d} - No File
URLSearchHook: HKCU - (No Name) - {8686b6b5-4734-4d4a-a246-5efbd9ebb200} - No File
URLSearchHook: HKCU - (No Name) - {6dad39c6-f4ac-4984-8e9b-f666269b9eb1} - No File
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1410289207&from=tugs&uid=HitachiXHTS545050B9SA00_101011PBN475B70JY7BLX&q={searchTerms}
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1410289207&from=tugs&uid=HitachiXHTS545050B9SA00_101011PBN475B70JY7BLX&q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1410289207&from=tugs&uid=HitachiXHTS545050B9SA00_101011PBN475B70JY7BLX&q={searchTerms}
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1410289207&from=tugs&uid=HitachiXHTS545050B9SA00_101011PBN475B70JY7BLX&q={searchTerms}
SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2776682
SearchScopes: HKCU - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1410289207&from=tugs&uid=HitachiXHTS545050B9SA00_101011PBN475B70JY7BLX&q={searchTerms}
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=4a462bdd-4c3a-402c-8ce3-d37e0174272f&searchtype=ds&q={searchTerms}
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1410289207&from=tugs&uid=HitachiXHTS545050B9SA00_101011PBN475B70JY7BLX&q={searchTerms}
SearchScopes: HKCU - {3BD798E4-1794-4D89-A407-2B4E9370A089} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-9/4?satitle={searchTerms}
SearchScopes: HKCU - {81C5F3D0-96DD-41A1-9AB0-34D3393ECD63} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=DVS2&o=1586&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=^AAA&apn_dtid=^YYYYYY^YY^DE&apn_uid=e830c422-06f7-4e86-bc8f-fdb5c9fb2577&apn_sauid=C7E5C00C-17D3-4B99-8C1B-0890731C94C7
SearchScopes: HKCU - {880A4506-D686-4F9D-99E6-AF7031E4954A} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3297265&CUI=UN35227522264557148&UM=2
SearchScopes: HKCU - {9ADADC8D-74CC-4107-8BFD-ED99FF1E596A} URL = hxxp://de.shopping.com/?linkin_id=8056363
SearchScopes: HKCU - {A37CD782-4560-4428-9464-96A78BBF90BF} URL = hxxp://services.zinio.com/search?s={searchTerms}&rf=sonyslices
SearchScopes: HKCU - {B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD} URL = hxxp://eu.ask.com/web?l=dis&o=APN10234&gct=sb&qsrc=2869&apn_dtid=^YYYYYY^YY^DE&apn_ptnrs=^A8B&apn_uid=4305474234194320&p2=^A8B^YYYYYY^YY^DE&q={searchTerms}
SearchScopes: HKCU - {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} URL = hxxp://mystart.incredimail.com/mb59/?search={searchTerms}&loc=search_box&u=92540554715559353
BHO: SpeedChecker -> {10C9DCE3-BD9B-A120-FEC6-BB46DD12DBE3} -> C:\Program Files (x86)\ver0SpeedChecker\178_x64.dll ()
BHO: Shopping Helper SmartbarEngine -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: SpeedChecker -> {10C9DCE3-BD9B-A120-FEC6-BB46DD12DBE3} -> C:\Program Files (x86)\ver0SpeedChecker\178.dll ()
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: Conduit Engine  -> {30F9B915-B755-4826-820B-08FBA6BD249D} -> C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
BHO-x32: Shopping Helper SmartbarEngine -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: No Name -> {51a86bb3-6602-4c85-92a5-130ee4864f13} ->  No File
BHO-x32: No Name -> {6dad39c6-f4ac-4984-8e9b-f666269b9eb1} ->  No File
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: No Name -> {8686b6b5-4734-4d4a-a246-5efbd9ebb200} ->  No File
BHO-x32: No Name -> {872b5b88-9db5-4310-bdd0-ac189557e5f5} ->  No File
BHO-x32: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Ask Toolbar -> {D4027C7F-154A-4066-A1AD-4243D8127440} -> C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - Shopping Helper Smartbar - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll No File
Toolbar: HKLM-x32 - Shopping Helper Smartbar - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKCU - No Name - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} -  No File
Toolbar: HKCU - No Name - {51A86BB3-6602-4C85-92A5-130EE4864F13} -  No File
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog9 01 C:\Windows\SysWOW64\MyOSProtect.dll [304776] (MyOSCompany)
Winsock: Catalog9 02 C:\Windows\SysWOW64\MyOSProtect.dll [304776] (MyOSCompany)
Winsock: Catalog9 03 C:\Windows\SysWOW64\MyOSProtect.dll [304776] (MyOSCompany)
Winsock: Catalog9 04 C:\Windows\SysWOW64\MyOSProtect.dll [304776] (MyOSCompany)
Winsock: Catalog9 05 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)
Winsock: Catalog9 06 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)
Winsock: Catalog9 07 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)
Winsock: Catalog9 08 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)
Winsock: Catalog9 09 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)
Winsock: Catalog9 10 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)
Winsock: Catalog9 11 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)
Winsock: Catalog9 12 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)
Winsock: Catalog9 24 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)
Winsock: Catalog9 25 C:\Windows\SysWOW64\MyOSProtect.dll [304776] (MyOSCompany)
Winsock: Catalog9-x64 01 C:\Windows\system32\MyOSProtect64.dll [350768] (MyOSCompany)
Winsock: Catalog9-x64 02 C:\Windows\system32\MyOSProtect64.dll [350768] (MyOSCompany)
Winsock: Catalog9-x64 03 C:\Windows\system32\MyOSProtect64.dll [350768] (MyOSCompany)
Winsock: Catalog9-x64 04 C:\Windows\system32\MyOSProtect64.dll [350768] (MyOSCompany)
Winsock: Catalog9-x64 05 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)
Winsock: Catalog9-x64 06 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)
Winsock: Catalog9-x64 07 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)
Winsock: Catalog9-x64 08 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)
Winsock: Catalog9-x64 09 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)
Winsock: Catalog9-x64 10 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)
Winsock: Catalog9-x64 11 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)
Winsock: Catalog9-x64 12 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)
Winsock: Catalog9-x64 24 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)
Winsock: Catalog9-x64 25 C:\Windows\system32\MyOSProtect64.dll [350768] (MyOSCompany)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{7F946169-BE2F-4A43-9CE3-A47B900F6482}: [NameServer] 193.175.112.3,195.37.168.3

FireFox:
========
FF ProfilePath: C:\Users\Ya-Hü\AppData\Roaming\Mozilla\Firefox\Profiles\19p6x7ry.default
FF NewTab: hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3eDgJ_l4M6Qi_XIb0P66FqniX_Zq-6GipubqDxVb8ws_AAPfM5cEqwcaEJF_T1ra5Aco7y49tktdZe898sD4-0E0SCeZz2BuCl3_o_ilrJ0hAFST5Tbrx0ssAjMlf03fyVZD71NuxnBHG1kuveYQgOhU5KiSG3g,,
FF DefaultSearchEngine: istartsurf
FF SearchEngineOrder.1: Ask.com
FF SelectedSearchEngine: Web Search
FF Homepage: hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3eDgJ_l4M6Qi_XIb0P66FqniX_Zq-6GipubqDxVb8ws_AAPfM5cEqwcaEJF_T1ra5Aco7y49tktdZe898sD4-0E0SCeZ1M_SaCuRUzTtnpeZWYE2Po_wsooij46HGJszt16fPom-49cTkr0aEIb7DmDY1vzwC_Q,,
FF Keyword.URL: hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3eDgJ_l4M6Qi_XIb0P66FqniX_Zq-6GipubqDxVb8ws_AAPfM5cEqwcaEJF_T1ra5Aco7y49tktdZe898sD4-0E0SCeZ5C3ow-P9wo8CdwOqKsM9c6ZJaGCmwttKkJ7K6Aspxa3d195XFsWhTHSFRHuADcyYNZw,,&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=16.0.2.32 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.2 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.2 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.2 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.2.32 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @veetle.com/veetleCorePlugin,version=0.9.18 -> C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF Plugin-x32: @veetle.com/veetlePlayerPlugin,version=0.9.18 -> C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Ya-Hü\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @www.flatcast.com/FlatViewer 5.2 -> C:\Users\YA-H~1\AppData\Roaming\Mozilla\Plugins\NpFv530.dll (1 mal 1 Software GmbH)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NpFv522.dll (1 mal 1 Software GmbH)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NpFv530.dll (1 mal 1 Software GmbH)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll (RealPlayer)
FF Plugin ProgramFiles/Appdata: C:\Users\Ya-Hü\AppData\Roaming\mozilla\plugins\NpFv530.dll (1 mal 1 Software GmbH)
FF SearchPlugin: C:\Users\Ya-Hü\AppData\Roaming\Mozilla\Firefox\Profiles\19p6x7ry.default\searchplugins\Web Search.xml
FF Extension: videos+ MediaPlayer+ - C:\Users\Ya-Hü\AppData\Roaming\Mozilla\Firefox\Profiles\19p6x7ry.default\Extensions\BHOKP84458125@VTA31058834.com [2014-09-09]
FF Extension: ss8 - C:\Users\Ya-Hü\AppData\Roaming\Mozilla\Firefox\Profiles\19p6x7ry.default\Extensions\KUKDSXGS67213349@EDCBUFV5900769.com [2014-09-09]
FF Extension: Shopping Helper Smartbar - C:\Users\Ya-Hü\AppData\Roaming\Mozilla\Firefox\Profiles\19p6x7ry.default\Extensions\{12a56fdd-c436-c3a4-d759-1d87535c7c9d} [2014-09-09]
FF Extension: IncrediMail MediaBar 4  - C:\Users\Ya-Hü\AppData\Roaming\Mozilla\Firefox\Profiles\19p6x7ry.default\Extensions\{90eee664-34b1-422a-a782-779af65cdf6d} [2014-07-06]
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Users\Ya-Hü\AppData\Roaming\Mozilla\Firefox\Profiles\19p6x7ry.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi [2012-11-26]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2011-05-13]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} [2011-09-15]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} [2012-01-26]
FF HKLM-x32\...\Firefox\Extensions: [{6904342A-8307-11DF-A508-4AE2DFD72085}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa
FF HKLM-x32\...\Firefox\Extensions: [{FCE04E1F-9378-4f39-96F6-5689A9159E45}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-06-15]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKCU\...\Firefox\Extensions: [{FA6048EE-7061-9EBE-B4B5-C7ECA466696E}] - C:\Program Files (x86)\ver0SpeedChecker\178.xpi
FF Extension: SpeedChecker - C:\Program Files (x86)\ver0SpeedChecker\178.xpi [2014-09-09]
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe hxxp://www.istartsurf.com/?type=sc&ts=1410289207&from=tugs&uid=HitachiXHTS545050B9SA00_101011PBN475B70JY7BLX

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.istartsurf.com/?type=hp&ts=1410289207&from=tugs&uid=HitachiXHTS545050B9SA00_101011PBN475B70JY7BLX
CHR StartupUrls: Default -> "hxxp://www.istartsurf.com/?type=hp&ts=1410289207&from=tugs&uid=HitachiXHTS545050B9SA00_101011PBN475B70JY7BLX"
CHR NewTab: Default -> "chrome-extension://pelmeidfhdlhlbjimpabfcbnnojbboma/index.html"
CHR DefaultSearchKeyword: Default -> search.snapdo.com
CHR DefaultSearchProvider: Default -> Web
CHR DefaultSearchURL: Default -> hxxp://feed.snapdo.com/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=4a462bdd-4c3a-402c-8ce3-d37e0174272f&searchtype=ds&q={searchTerms}&installDate=
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.270.7) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java(TM) Platform SE 6 U27) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Flatcast Viewer Plugin 5.2.2.454) - C:\Program Files (x86)\Mozilla Firefox\plugins\NpFv522.dll (1 mal 1 Software GmbH)
CHR Plugin: (Flatcast Viewer Plugin 5.3.0.784) - C:\Program Files (x86)\Mozilla Firefox\plugins\NpFv530.dll (1 mal 1 Software GmbH)
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\nprpjplug.dll No File
CHR Plugin: (RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll No File
CHR Plugin: (RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll No File
CHR Plugin: (RealJukebox NS Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\nprjplug.dll No File
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (DivX OVS Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Web Player) - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll No File
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Veetle TV Player) - C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc)
CHR Plugin: (Veetle TV Core) - C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)
CHR Plugin: (Windows Live? Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\Ya-H?\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Profile: C:\Users\Ya-Hü\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Snap.Do ) - C:\Users\Ya-Hü\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl [2013-08-23]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Ya-Hü\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-03]
CHR Extension: (YouTube) - C:\Users\Ya-Hü\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-16]
CHR Extension: (videos+ MediaPlayer+) - C:\Users\Ya-Hü\AppData\Local\Google\Chrome\User Data\Default\Extensions\bonfagbdfepfbhjgolfalmgldfbgjodi [2014-09-09]
CHR Extension: (Google-Suche) - C:\Users\Ya-Hü\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-16]
CHR Extension: (RealDownloader) - C:\Users\Ya-Hü\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2013-06-15]
CHR Extension: (SpeedChecker) - C:\Users\Ya-Hü\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljjfjeaipffngjnnodhdkhcbkimfomlg [2014-09-09]
CHR Extension: (Google Wallet) - C:\Users\Ya-Hü\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-01]
CHR Extension: (Quick start) - C:\Users\Ya-Hü\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma [2014-09-09]
CHR Extension: (Google Mail) - C:\Users\Ya-Hü\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-16]
CHR HKCU\...\Chrome\Extension: [amfclgbdpgndipgoegfpkkgobahigbcl] - C:\Users\Ya-Hü\AppData\Local\Smartbar/Application\1Extension.crx []
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Users\Ya-Hü\AppData\Roaming\DVDVideoSoft\dvsYoutubeDownload.crx [2012-10-25]
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-04-16]
CHR HKLM-x32\...\Chrome\Extension: [pelmeidfhdlhlbjimpabfcbnnojbboma] - C:\Users\Ya-Hü\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv3.crx [2014-09-09]
CHR StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe hxxp://www.istartsurf.com/?type=sc&ts=1410289207&from=tugs&uid=HitachiXHTS545050B9SA00_101011PBN475B70JY7BLX
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AAV UpdateService; C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [36936 2014-09-03] (Just Develop It)
R2 dtpd; C:\Program Files\ShrewSoft\VPN Client\dtpd.exe [56592 2010-10-08] ()
R2 eTSrv; C:\Program Files\Aladdin\eToken\PKIClient\x64\eTSrv.exe [8192 2008-11-03] (Aladdin Knowledge Systems, Ltd.) [File not signed]
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-09-09] (globalUpdate) [File not signed]
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-09-09] (globalUpdate) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 iked; C:\Program Files\ShrewSoft\VPN Client\iked.exe [957712 2010-10-08] ()
R2 ipsecd; C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe [697616 2010-10-08] ()
R2 LPTSystemUpdater; C:\Program Files (x86)\LPT\srpts.exe [32800 2014-08-27] ()
R3 MyOSProtect; C:\Program Files (x86)\PCTRunner\MyOSProtect.exe [1317096 2014-09-01] (MyOSCompany) [File not signed]
R2 NewVideoPlayerUpdaterService; C:\Program Files (x86)\NewPlayer\NewVideoPlayerUpdaterService.exe [11776 2014-08-12] () [File not signed]
S2 ProtectMonitor; C:\monitorsvc.exe [34244 2014-09-02] () [File not signed]
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-04-16] ()
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [259192 2011-01-29] (Sony Corporation)
R2 SAVAdminService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe [288552 2014-05-21] (Sophos Limited)
R2 SAVService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe [205096 2014-05-21] (Sophos Limited)
R2 scores; C:\Windows\score.exe [4823040 2014-09-09] () [File not signed]
R2 servervo; C:\Users\Ya-Hü\AppData\Roaming\VOPackage\VOsrv.exe [71680 2014-09-09] () [File not signed]
R2 Sophos AutoUpdate Service; C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe [341800 2014-05-21] (Sophos Limited)
R2 Sophos Web Control Service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe [355624 2014-05-21] (Sophos Limited)
R2 SpeedChecker; C:\Program Files (x86)\ver0SpeedChecker\G9SpeedCheckerkX178.exe [306688 2014-09-09] () [File not signed]
R2 swi_service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe [3174696 2014-05-21] (Sophos Limited)
S2 swi_update_64; C:\ProgramData\Sophos\Web Intelligence\swi_update_64.exe [2065704 2014-05-21] (Sophos Limited)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2402080 2013-01-28] (TuneUp Software)
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [104960 2008-09-18] (ArcSoft, Inc.)
R2 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [851824 2010-06-17] (Sony Corporation)
R2 VSNService; C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [845312 2010-08-11] (Sony Corporation) [File not signed]
R3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1286784 2012-10-26] (Sony Corporation)
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [528896 2014-09-09] (Fuyu LIMITED) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 AKSIFDH; C:\Windows\System32\DRIVERS\aksifdh.sys [62632 2008-07-30] (Aladdin Knowledge Systems, Ltd.)
R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R1 SAVOnAccess; C:\Windows\System32\DRIVERS\savonaccess.sys [158976 2014-05-21] (Sophos Limited)
S3 sdcfilter; C:\Windows\System32\DRIVERS\sdcfilter.sys [38144 2014-05-21] (Sophos Limited)
S4 SophosBootDriver; C:\Windows\System32\DRIVERS\SophosBootDriver.sys [27904 2014-05-21] (Sophos Limited)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [11880 2012-09-19] (TuneUp Software)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-10 22:27 - 2014-09-10 22:29 - 00046398 _____ () C:\Users\Ya-Hü\Desktop\FRST.txt
2014-09-10 22:26 - 2014-09-10 22:28 - 00000000 ____D () C:\FRST
2014-09-10 22:26 - 2014-09-10 22:26 - 02105856 _____ (Farbar) C:\Users\Ya-Hü\Desktop\FRST64.exe
2014-09-10 22:14 - 2014-09-10 22:14 - 25092156 _____ () C:\Users\Ya-Hü\Desktop\mse46.zip
2014-09-10 22:09 - 2014-09-10 22:09 - 17903792 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-09-10 22:04 - 2014-09-10 22:04 - 01339632 _____ () C:\Users\Ya-Hü\Desktop\Player Setup.exe
2014-09-10 21:45 - 2014-09-10 21:45 - 00754752 _____ () C:\Windows\Minidump\091014-19484-01.dmp
2014-09-09 22:33 - 2014-09-10 22:17 - 00000000 ____D () C:\Users\Ya-Hü\AppData\Roaming\InetStat
2014-09-09 22:33 - 2014-09-09 22:33 - 00000000 ____D () C:\Users\Ya-Hü\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\InetStat
2014-09-09 22:33 - 2014-09-09 22:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InetStat
2014-09-09 21:19 - 2014-09-10 21:50 - 00002444 _____ () C:\Windows\Tasks\00a03ed6-a505-4050-9fc4-b0739bf6fab1-5.job
2014-09-09 21:19 - 2014-09-10 21:50 - 00001502 _____ () C:\Windows\Tasks\c213693f-6a72-4a60-89e2-c9c24cabae7d.job
2014-09-09 21:19 - 2014-09-09 21:20 - 00000000 ____D () C:\Program Files (x86)\LPT
2014-09-09 21:19 - 2014-09-09 21:19 - 00005474 _____ () C:\Windows\System32\Tasks\00a03ed6-a505-4050-9fc4-b0739bf6fab1-5
2014-09-09 21:19 - 2014-09-09 21:19 - 00004532 _____ () C:\Windows\System32\Tasks\c213693f-6a72-4a60-89e2-c9c24cabae7d
2014-09-09 21:19 - 2014-09-09 21:19 - 00002788 _____ () C:\Windows\Tasks\00a03ed6-a505-4050-9fc4-b0739bf6fab1-5_user.job
2014-09-09 21:19 - 2014-09-09 21:19 - 00002412 _____ () C:\Users\Ya-Hü\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-09-09 21:18 - 2014-09-10 21:50 - 00003812 _____ () C:\Windows\Tasks\00a03ed6-a505-4050-9fc4-b0739bf6fab1-4.job
2014-09-09 21:18 - 2014-09-10 21:50 - 00002782 _____ () C:\Windows\Tasks\00a03ed6-a505-4050-9fc4-b0739bf6fab1-1.job
2014-09-09 21:18 - 2014-09-10 21:50 - 00002714 _____ () C:\Windows\Tasks\bf1a449c-8356-402e-9ecc-44015185bae6-1.job
2014-09-09 21:18 - 2014-09-10 21:50 - 00002410 _____ () C:\Windows\Tasks\bf1a449c-8356-402e-9ecc-44015185bae6-5.job
2014-09-09 21:18 - 2014-09-09 21:18 - 01536928 _____ (smart-saverplus) C:\Users\Ya-Hü\AppData\Roaming\UQH.exe
2014-09-09 21:18 - 2014-09-09 21:18 - 01484704 _____ (enter) C:\Users\Ya-Hü\AppData\Roaming\DYISTEC.exe
2014-09-09 21:18 - 2014-09-09 21:18 - 00006842 _____ () C:\Windows\System32\Tasks\00a03ed6-a505-4050-9fc4-b0739bf6fab1-4
2014-09-09 21:18 - 2014-09-09 21:18 - 00005812 _____ () C:\Windows\System32\Tasks\00a03ed6-a505-4050-9fc4-b0739bf6fab1-1
2014-09-09 21:18 - 2014-09-09 21:18 - 00005744 _____ () C:\Windows\System32\Tasks\bf1a449c-8356-402e-9ecc-44015185bae6-1
2014-09-09 21:18 - 2014-09-09 21:18 - 00005440 _____ () C:\Windows\System32\Tasks\bf1a449c-8356-402e-9ecc-44015185bae6-5
2014-09-09 21:18 - 2014-09-09 21:18 - 00002410 _____ () C:\Windows\Tasks\bf1a449c-8356-402e-9ecc-44015185bae6-5_user.job
2014-09-09 21:18 - 2014-09-09 21:18 - 00001340 _____ () C:\Windows\Tasks\DYISTEC.job
2014-09-09 21:18 - 2014-09-09 21:18 - 00001332 _____ () C:\Windows\Tasks\UQH.job
2014-09-09 21:17 - 2014-09-10 22:18 - 00003434 _____ () C:\Windows\Tasks\bf1a449c-8356-402e-9ecc-44015185bae6-6.job
2014-09-09 21:17 - 2014-09-10 22:17 - 00003468 _____ () C:\Windows\Tasks\00a03ed6-a505-4050-9fc4-b0739bf6fab1-6.job
2014-09-09 21:17 - 2014-09-10 21:50 - 00004494 _____ () C:\Windows\Tasks\00a03ed6-a505-4050-9fc4-b0739bf6fab1-11.job
2014-09-09 21:17 - 2014-09-10 21:50 - 00004460 _____ () C:\Windows\Tasks\bf1a449c-8356-402e-9ecc-44015185bae6-11.job
2014-09-09 21:17 - 2014-09-10 21:50 - 00003778 _____ () C:\Windows\Tasks\bf1a449c-8356-402e-9ecc-44015185bae6-4.job
2014-09-09 21:17 - 2014-09-10 21:50 - 00003468 _____ () C:\Windows\Tasks\00a03ed6-a505-4050-9fc4-b0739bf6fab1-7.job
2014-09-09 21:17 - 2014-09-10 21:50 - 00003098 _____ () C:\Windows\Tasks\bf1a449c-8356-402e-9ecc-44015185bae6-7.job
2014-09-09 21:17 - 2014-09-10 21:50 - 00002754 _____ () C:\Windows\Tasks\bf1a449c-8356-402e-9ecc-44015185bae6-3.job
2014-09-09 21:17 - 2014-09-10 21:50 - 00000898 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2014-09-09 21:17 - 2014-09-09 21:17 - 01984928 _____ (smart-saverplus) C:\Users\Ya-Hü\AppData\Roaming\ICLHS.exe
2014-09-09 21:17 - 2014-09-09 21:17 - 01927072 _____ (enter) C:\Users\Ya-Hü\AppData\Roaming\EVIBZ.exe
2014-09-09 21:17 - 2014-09-09 21:17 - 00007524 _____ () C:\Windows\System32\Tasks\00a03ed6-a505-4050-9fc4-b0739bf6fab1-11
2014-09-09 21:17 - 2014-09-09 21:17 - 00007490 _____ () C:\Windows\System32\Tasks\bf1a449c-8356-402e-9ecc-44015185bae6-11
2014-09-09 21:17 - 2014-09-09 21:17 - 00006808 _____ () C:\Windows\System32\Tasks\bf1a449c-8356-402e-9ecc-44015185bae6-4
2014-09-09 21:17 - 2014-09-09 21:17 - 00006498 _____ () C:\Windows\System32\Tasks\00a03ed6-a505-4050-9fc4-b0739bf6fab1-7
2014-09-09 21:17 - 2014-09-09 21:17 - 00006496 _____ () C:\Windows\System32\Tasks\00a03ed6-a505-4050-9fc4-b0739bf6fab1-6
2014-09-09 21:17 - 2014-09-09 21:17 - 00006462 _____ () C:\Windows\System32\Tasks\bf1a449c-8356-402e-9ecc-44015185bae6-6
2014-09-09 21:17 - 2014-09-09 21:17 - 00006128 _____ () C:\Windows\System32\Tasks\bf1a449c-8356-402e-9ecc-44015185bae6-7
2014-09-09 21:17 - 2014-09-09 21:17 - 00005784 _____ () C:\Windows\System32\Tasks\bf1a449c-8356-402e-9ecc-44015185bae6-3
2014-09-09 21:17 - 2014-09-09 21:17 - 00003646 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore
2014-09-09 21:17 - 2014-09-09 21:17 - 00001336 _____ () C:\Windows\Tasks\ICLHS.job
2014-09-09 21:17 - 2014-09-09 21:17 - 00001336 _____ () C:\Windows\Tasks\EVIBZ.job
2014-09-09 21:17 - 2014-09-09 21:17 - 00000644 _____ () C:\Windows\Tasks\c4d6105a-7082-428e-b9a9-49d062b1b8cc.job
2014-09-09 21:17 - 2014-09-09 21:17 - 00000000 ____D () C:\Users\Ya-Hü\AppData\Local\LPT
2014-09-09 21:16 - 2014-09-10 21:50 - 00003812 _____ () C:\Windows\Tasks\00a03ed6-a505-4050-9fc4-b0739bf6fab1-3.job
2014-09-09 21:16 - 2014-09-09 21:19 - 00000000 ____D () C:\Program Files (x86)\videos+ MediaPlayer+
2014-09-09 21:16 - 2014-09-09 21:18 - 00000000 ____D () C:\Program Files (x86)\ss8
2014-09-09 21:16 - 2014-09-09 21:17 - 00006842 _____ () C:\Windows\System32\Tasks\00a03ed6-a505-4050-9fc4-b0739bf6fab1-3
2014-09-09 21:16 - 2014-09-09 21:17 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-09-09 21:16 - 2014-09-09 21:16 - 00000000 ____D () C:\Users\Ya-Hü\AppData\Roaming\Activeris
2014-09-09 21:16 - 2014-09-09 21:16 - 00000000 ____D () C:\Users\Ya-Hü\AppData\Local\globalUpdate
2014-09-09 21:16 - 2014-09-09 21:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FastAgain PC Booster
2014-09-09 21:16 - 2014-09-09 21:16 - 00000000 ____D () C:\Program Files (x86)\FastAgain PC Booster
2014-09-09 21:16 - 2014-05-08 12:31 - 00019968 _____ (Activeris) C:\Windows\system32\roboot64.exe
2014-09-09 21:10 - 2014-09-09 21:10 - 00000000 ____D () C:\Users\Ya-Hü\AppData\Local\com
2014-09-09 21:05 - 2014-09-09 21:05 - 00004432 _____ () C:\Windows\SysWOW64\MyOSProtect.ini
2014-09-09 21:05 - 2014-09-09 21:05 - 00002384 _____ () C:\Windows\SysWOW64\MyOSProtectOff.ini
2014-09-09 21:05 - 2014-09-09 21:05 - 00002384 _____ () C:\Windows\system32\MyOSProtectOff.ini
2014-09-09 21:04 - 2014-09-01 20:28 - 00350768 _____ (MyOSCompany) C:\Windows\system32\MyOSProtect64.dll
2014-09-09 21:04 - 2014-09-01 20:28 - 00304776 _____ (MyOSCompany) C:\Windows\SysWOW64\MyOSProtect.dll
2014-09-09 21:03 - 2014-09-09 21:03 - 00000000 ____D () C:\Users\Ya-Hü\AppData\Local\newplayer
2014-09-09 21:02 - 2014-09-10 22:02 - 00000278 _____ () C:\Windows\Tasks\SpeedUpMyPC Maintenance.job
2014-09-09 21:02 - 2014-09-10 21:53 - 00000272 _____ () C:\Windows\Tasks\SpeedUpMyPC Startup.job
2014-09-09 21:02 - 2014-09-10 14:33 - 00000000 ___HD () C:\Users\Public\Temp
2014-09-09 21:02 - 2014-09-09 21:02 - 00003220 _____ () C:\Windows\System32\Tasks\SpeedUpMyPC Maintenance
2014-09-09 21:02 - 2014-09-09 21:02 - 00002508 _____ () C:\Windows\System32\Tasks\SpeedUpMyPC Startup
2014-09-09 21:02 - 2014-09-09 21:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewPlayer
2014-09-09 21:01 - 2014-09-09 21:04 - 00000000 ____D () C:\Users\Ya-Hü\AppData\Roaming\VOPackage
2014-09-09 21:01 - 2014-09-09 21:01 - 00004030 _____ () C:\Windows\System32\Tasks\LaunchSignup
2014-09-09 21:01 - 2014-09-09 21:01 - 00002992 _____ () C:\Windows\System32\Tasks\SpeedChecker_wd
2014-09-09 21:01 - 2014-09-09 21:01 - 00000000 ____D () C:\Users\Ya-Hü\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
2014-09-09 21:01 - 2014-09-09 21:01 - 00000000 ____D () C:\Users\Ya-Hü\AppData\Roaming\istartsurf
2014-09-09 21:01 - 2014-09-09 21:01 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-09-09 21:01 - 2014-09-09 21:01 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-09-09 21:00 - 2014-09-10 21:50 - 00000424 _____ () C:\Windows\Tasks\SpeedChecker Update.job
2014-09-09 21:00 - 2014-09-10 21:50 - 00000404 _____ () C:\Windows\Tasks\SpeedChecker_wd.job
2014-09-09 21:00 - 2014-09-09 21:26 - 00000000 ____D () C:\Program Files (x86)\MyPC Backup
2014-09-09 21:00 - 2014-09-09 21:16 - 00000000 ____D () C:\Program Files (x86)\NewPlayer
2014-09-09 21:00 - 2014-09-09 21:00 - 00003072 _____ () C:\Windows\System32\Tasks\SpeedChecker Update
2014-09-09 21:00 - 2014-09-09 21:00 - 00000000 ____D () C:\Users\Ya-Hü\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PepperZip
2014-09-09 21:00 - 2014-09-09 21:00 - 00000000 ____D () C:\Users\Ya-Hü\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
2014-09-09 21:00 - 2014-09-09 21:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue
2014-09-09 21:00 - 2014-09-09 21:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PepperZip
2014-09-09 21:00 - 2014-09-09 21:00 - 00000000 ____D () C:\Program Files (x86)\PepperZip
2014-09-09 21:00 - 2014-09-09 13:41 - 04823040 _____ () C:\Windows\score.exe
2014-09-09 20:59 - 2014-09-10 22:28 - 00000000 ____D () C:\Users\Ya-Hü\AppData\Local\Genesis_09091859
2014-09-09 20:59 - 2014-09-10 21:47 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-09-09 20:59 - 2014-09-09 21:05 - 00000000 ____D () C:\Program Files (x86)\PCTRunner
2014-09-09 20:59 - 2014-09-09 21:00 - 00000000 ____D () C:\Program Files (x86)\ver0SpeedChecker
2014-09-09 20:59 - 2014-09-09 20:59 - 00000000 ____D () C:\Users\Ya-Hü\AppData\Roaming\Uniblue
2014-09-09 20:59 - 2014-09-09 20:59 - 00000000 ____D () C:\Program Files (x86)\Uniblue
2014-09-09 17:04 - 2014-09-09 17:13 - 00000000 ____D () C:\Users\Ya-Hü\Desktop\FormelD
2014-09-07 13:58 - 2014-09-08 23:21 - 00000000 ____D () C:\Users\Ya-Hü\Desktop\Thyssen Krupp - Yakup Sahin Van
2014-09-02 21:55 - 2014-09-02 21:55 - 00487483 _____ () C:\monitor.exe
2014-09-02 21:55 - 2014-09-02 21:55 - 00034244 _____ () C:\monitorsvc.exe
2014-09-02 13:03 - 2014-09-02 13:04 - 00000000 ____D () C:\Users\Ya-Hü\.tfo4
2014-09-02 13:03 - 2014-09-02 13:03 - 00000000 ____D () C:\Users\Ya-Hü\4.0
2014-09-01 19:07 - 2014-09-01 19:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Split And Merge Basic
2014-09-01 19:07 - 2014-09-01 19:07 - 00000000 ____D () C:\Program Files\plugins
2014-09-01 19:07 - 2014-09-01 19:07 - 00000000 ____D () C:\Program Files\lib
2014-09-01 19:07 - 2014-09-01 19:07 - 00000000 ____D () C:\Program Files\ext
2014-09-01 19:07 - 2014-09-01 19:07 - 00000000 ____D () C:\Program Files\doc
2014-09-01 19:07 - 2014-09-01 19:07 - 00000000 ____D () C:\Program Files\bin
2014-09-01 18:54 - 2014-09-01 18:55 - 00000000 ____D () C:\Users\Ya-Hü\Desktop\ADOBE ZUSAMMENFÜGEN
2014-09-01 10:18 - 2014-09-01 10:18 - 00002086 _____ () C:\Users\Ya-Hü\AppData\Roaming\UQH
2014-09-01 10:18 - 2014-09-01 10:18 - 00002086 _____ () C:\Users\Ya-Hü\AppData\Roaming\DYISTEC
2014-09-01 10:18 - 2014-09-01 10:18 - 00001248 _____ () C:\Users\Ya-Hü\AppData\Roaming\ICLHS
2014-09-01 10:18 - 2014-09-01 10:18 - 00001248 _____ () C:\Users\Ya-Hü\AppData\Roaming\EVIBZ
2014-08-28 16:01 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-28 16:01 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-28 16:01 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-26 23:27 - 2014-09-01 23:06 - 00000000 ____D () C:\Users\Ya-Hü\Desktop\Yakup Bewerbung
2014-08-21 19:31 - 2014-08-21 19:31 - 00000000 ____D () C:\Users\Ya-Hü\Documents\Fax
2014-08-21 16:09 - 2014-05-14 18:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-21 16:09 - 2014-05-14 18:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-21 16:09 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-08-21 16:09 - 2014-05-14 18:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-21 16:09 - 2014-05-14 18:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-21 16:09 - 2014-05-14 18:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-21 16:09 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-08-21 16:09 - 2014-05-14 18:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-21 16:09 - 2014-05-14 18:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-21 16:09 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-08-21 16:08 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-21 16:08 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-21 16:08 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-21 16:08 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-08-14 18:15 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-14 18:15 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-14 18:15 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-14 18:15 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-14 18:15 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-14 18:15 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-14 18:14 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-14 18:14 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-14 10:06 - 2014-07-24 21:12 - 02339328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-14 10:06 - 2014-07-24 21:04 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-14 10:06 - 2014-07-24 21:04 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-14 10:06 - 2014-07-24 21:03 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-14 10:06 - 2014-07-24 21:03 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-14 10:06 - 2014-07-24 19:58 - 01810432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-14 10:06 - 2014-07-24 19:51 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-14 10:06 - 2014-07-24 19:49 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-14 10:06 - 2014-07-24 19:48 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-14 10:06 - 2014-07-24 19:48 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-14 10:06 - 2014-07-24 19:48 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-14 10:06 - 2014-07-24 19:48 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-14 10:06 - 2014-07-24 19:47 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-14 10:06 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-08-14 10:06 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-08-14 10:06 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-08-14 10:06 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-08-14 10:06 - 2014-07-09 04:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-08-14 10:06 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-08-14 10:06 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-08-14 10:06 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-08-14 10:06 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-08-14 10:06 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-08-14 10:06 - 2014-07-09 00:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-08-14 10:06 - 2014-07-09 00:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2014-08-14 10:05 - 2014-07-24 21:28 - 17861120 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-14 10:05 - 2014-07-24 21:10 - 10920960 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-14 10:05 - 2014-07-24 21:07 - 01384960 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-14 10:05 - 2014-07-24 21:06 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-14 10:05 - 2014-07-24 21:05 - 01494016 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-14 10:05 - 2014-07-24 21:05 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-08-14 10:05 - 2014-07-24 21:05 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-14 10:05 - 2014-07-24 21:04 - 02155520 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-14 10:05 - 2014-07-24 21:04 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-08-14 10:05 - 2014-07-24 21:04 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-14 10:05 - 2014-07-24 21:04 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-14 10:05 - 2014-07-24 21:03 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-14 10:05 - 2014-07-24 21:03 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-08-14 10:05 - 2014-07-24 21:03 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-08-14 10:05 - 2014-07-24 21:03 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-08-14 10:05 - 2014-07-24 21:02 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-14 10:05 - 2014-07-24 20:07 - 12356608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-14 10:05 - 2014-07-24 19:57 - 09739264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-14 10:05 - 2014-07-24 19:52 - 01137664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-14 10:05 - 2014-07-24 19:51 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-14 10:05 - 2014-07-24 19:50 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-08-14 10:05 - 2014-07-24 19:50 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-14 10:05 - 2014-07-24 19:49 - 01802240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-14 10:05 - 2014-07-24 19:49 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-08-14 10:05 - 2014-07-24 19:49 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-14 10:05 - 2014-07-24 19:49 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-14 10:05 - 2014-07-24 19:48 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-08-14 10:05 - 2014-07-24 19:48 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-08-14 10:05 - 2014-07-24 19:48 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-08-14 10:05 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-14 10:05 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-14 10:05 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-14 10:05 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-14 10:05 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-14 10:05 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-14 10:05 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-14 10:05 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-14 10:05 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-14 10:04 - 2014-08-07 04:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-14 10:04 - 2014-08-07 04:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-14 10:04 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-14 10:04 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-14 10:04 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-14 10:04 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-14 10:04 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-10 22:29 - 2014-09-10 22:27 - 00046398 _____ () C:\Users\Ya-Hü\Desktop\FRST.txt
2014-09-10 22:29 - 2009-07-14 06:45 - 00018704 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-10 22:29 - 2009-07-14 06:45 - 00018704 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-10 22:28 - 2014-09-10 22:26 - 00000000 ____D () C:\FRST
2014-09-10 22:28 - 2014-09-09 20:59 - 00000000 ____D () C:\Users\Ya-Hü\AppData\Local\Genesis_09091859
2014-09-10 22:26 - 2014-09-10 22:26 - 02105856 _____ (Farbar) C:\Users\Ya-Hü\Desktop\FRST64.exe
2014-09-10 22:18 - 2014-09-09 21:17 - 00003434 _____ () C:\Windows\Tasks\bf1a449c-8356-402e-9ecc-44015185bae6-6.job
2014-09-10 22:17 - 2014-09-09 22:33 - 00000000 ____D () C:\Users\Ya-Hü\AppData\Roaming\InetStat
2014-09-10 22:17 - 2014-09-09 21:17 - 00003468 _____ () C:\Windows\Tasks\00a03ed6-a505-4050-9fc4-b0739bf6fab1-6.job
2014-09-10 22:14 - 2014-09-10 22:14 - 25092156 _____ () C:\Users\Ya-Hü\Desktop\mse46.zip
2014-09-10 22:09 - 2014-09-10 22:09 - 17903792 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-09-10 22:09 - 2013-03-01 23:17 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-10 22:09 - 2013-03-01 23:17 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-10 22:09 - 2013-03-01 23:17 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-10 22:09 - 2013-03-01 23:17 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-10 22:07 - 2011-01-04 22:27 - 00003938 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{2AFB6A0C-FBFD-44D8-A38B-EF01CE6CE147}
2014-09-10 22:04 - 2014-09-10 22:04 - 01339632 _____ () C:\Users\Ya-Hü\Desktop\Player Setup.exe
2014-09-10 22:04 - 2010-11-07 23:28 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-10 22:02 - 2014-09-09 21:02 - 00000278 _____ () C:\Windows\Tasks\SpeedUpMyPC Maintenance.job
2014-09-10 21:59 - 2010-11-07 23:20 - 01423669 _____ () C:\Windows\WindowsUpdate.log
2014-09-10 21:53 - 2014-09-09 21:02 - 00000272 _____ () C:\Windows\Tasks\SpeedUpMyPC Startup.job
2014-09-10 21:52 - 2012-01-04 19:41 - 00000000 ___RD () C:\Users\Ya-Hü\Dropbox
2014-09-10 21:52 - 2012-01-04 19:39 - 00000000 ____D () C:\Users\Ya-Hü\AppData\Roaming\Dropbox
2014-09-10 21:50 - 2014-09-09 21:19 - 00002444 _____ () C:\Windows\Tasks\00a03ed6-a505-4050-9fc4-b0739bf6fab1-5.job
2014-09-10 21:50 - 2014-09-09 21:19 - 00001502 _____ () C:\Windows\Tasks\c213693f-6a72-4a60-89e2-c9c24cabae7d.job
2014-09-10 21:50 - 2014-09-09 21:18 - 00003812 _____ () C:\Windows\Tasks\00a03ed6-a505-4050-9fc4-b0739bf6fab1-4.job
2014-09-10 21:50 - 2014-09-09 21:18 - 00002782 _____ () C:\Windows\Tasks\00a03ed6-a505-4050-9fc4-b0739bf6fab1-1.job
2014-09-10 21:50 - 2014-09-09 21:18 - 00002714 _____ () C:\Windows\Tasks\bf1a449c-8356-402e-9ecc-44015185bae6-1.job
2014-09-10 21:50 - 2014-09-09 21:18 - 00002410 _____ () C:\Windows\Tasks\bf1a449c-8356-402e-9ecc-44015185bae6-5.job
2014-09-10 21:50 - 2014-09-09 21:17 - 00004494 _____ () C:\Windows\Tasks\00a03ed6-a505-4050-9fc4-b0739bf6fab1-11.job
2014-09-10 21:50 - 2014-09-09 21:17 - 00004460 _____ () C:\Windows\Tasks\bf1a449c-8356-402e-9ecc-44015185bae6-11.job
2014-09-10 21:50 - 2014-09-09 21:17 - 00003778 _____ () C:\Windows\Tasks\bf1a449c-8356-402e-9ecc-44015185bae6-4.job
2014-09-10 21:50 - 2014-09-09 21:17 - 00003468 _____ () C:\Windows\Tasks\00a03ed6-a505-4050-9fc4-b0739bf6fab1-7.job
2014-09-10 21:50 - 2014-09-09 21:17 - 00003098 _____ () C:\Windows\Tasks\bf1a449c-8356-402e-9ecc-44015185bae6-7.job
2014-09-10 21:50 - 2014-09-09 21:17 - 00002754 _____ () C:\Windows\Tasks\bf1a449c-8356-402e-9ecc-44015185bae6-3.job
2014-09-10 21:50 - 2014-09-09 21:17 - 00000898 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2014-09-10 21:50 - 2014-09-09 21:16 - 00003812 _____ () C:\Windows\Tasks\00a03ed6-a505-4050-9fc4-b0739bf6fab1-3.job
2014-09-10 21:50 - 2014-09-09 21:00 - 00000424 _____ () C:\Windows\Tasks\SpeedChecker Update.job
2014-09-10 21:50 - 2014-09-09 21:00 - 00000404 _____ () C:\Windows\Tasks\SpeedChecker_wd.job
2014-09-10 21:50 - 2010-11-07 23:28 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-10 21:47 - 2014-09-09 20:59 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-09-10 21:46 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-10 21:45 - 2014-09-10 21:45 - 00754752 _____ () C:\Windows\Minidump\091014-19484-01.dmp
2014-09-10 21:45 - 2011-06-07 13:13 - 530712586 _____ () C:\Windows\MEMORY.DMP
2014-09-10 21:45 - 2011-06-07 13:13 - 00000000 ____D () C:\Windows\Minidump
2014-09-10 21:45 - 2009-07-14 06:51 - 00193230 _____ () C:\Windows\setupact.log
2014-09-10 15:51 - 2013-01-02 16:19 - 01695744 ___SH () C:\Users\Ya-Hü\Desktop\Thumbs.db
2014-09-10 14:58 - 2011-10-14 23:43 - 00001138 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2343719655-606922816-1584496895-1000UA.job
2014-09-10 14:33 - 2014-09-09 21:02 - 00000000 ___HD () C:\Users\Public\Temp
2014-09-09 22:51 - 2013-07-16 23:07 - 00000000 _____ () C:\Windows\system32\vireng.log
2014-09-09 22:33 - 2014-09-09 22:33 - 00000000 ____D () C:\Users\Ya-Hü\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\InetStat
2014-09-09 22:33 - 2014-09-09 22:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InetStat
2014-09-09 21:26 - 2014-09-09 21:00 - 00000000 ____D () C:\Program Files (x86)\MyPC Backup
2014-09-09 21:23 - 2010-10-11 22:06 - 00235222 _____ () C:\Windows\PFRO.log
2014-09-09 21:20 - 2014-09-09 21:19 - 00000000 ____D () C:\Program Files (x86)\LPT
2014-09-09 21:19 - 2014-09-09 21:19 - 00005474 _____ () C:\Windows\System32\Tasks\00a03ed6-a505-4050-9fc4-b0739bf6fab1-5
2014-09-09 21:19 - 2014-09-09 21:19 - 00004532 _____ () C:\Windows\System32\Tasks\c213693f-6a72-4a60-89e2-c9c24cabae7d
2014-09-09 21:19 - 2014-09-09 21:19 - 00002788 _____ () C:\Windows\Tasks\00a03ed6-a505-4050-9fc4-b0739bf6fab1-5_user.job
2014-09-09 21:19 - 2014-09-09 21:19 - 00002412 _____ () C:\Users\Ya-Hü\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-09-09 21:19 - 2014-09-09 21:16 - 00000000 ____D () C:\Program Files (x86)\videos+ MediaPlayer+
2014-09-09 21:18 - 2014-09-09 21:18 - 01536928 _____ (smart-saverplus) C:\Users\Ya-Hü\AppData\Roaming\UQH.exe
2014-09-09 21:18 - 2014-09-09 21:18 - 01484704 _____ (enter) C:\Users\Ya-Hü\AppData\Roaming\DYISTEC.exe
2014-09-09 21:18 - 2014-09-09 21:18 - 00006842 _____ () C:\Windows\System32\Tasks\00a03ed6-a505-4050-9fc4-b0739bf6fab1-4
2014-09-09 21:18 - 2014-09-09 21:18 - 00005812 _____ () C:\Windows\System32\Tasks\00a03ed6-a505-4050-9fc4-b0739bf6fab1-1
2014-09-09 21:18 - 2014-09-09 21:18 - 00005744 _____ () C:\Windows\System32\Tasks\bf1a449c-8356-402e-9ecc-44015185bae6-1
2014-09-09 21:18 - 2014-09-09 21:18 - 00005440 _____ () C:\Windows\System32\Tasks\bf1a449c-8356-402e-9ecc-44015185bae6-5
2014-09-09 21:18 - 2014-09-09 21:18 - 00002410 _____ () C:\Windows\Tasks\bf1a449c-8356-402e-9ecc-44015185bae6-5_user.job
2014-09-09 21:18 - 2014-09-09 21:18 - 00001340 _____ () C:\Windows\Tasks\DYISTEC.job
2014-09-09 21:18 - 2014-09-09 21:18 - 00001332 _____ () C:\Windows\Tasks\UQH.job
2014-09-09 21:18 - 2014-09-09 21:16 - 00000000 ____D () C:\Program Files (x86)\ss8
2014-09-09 21:18 - 2011-07-14 12:26 - 00000000 ____D () C:\Program Files (x86)\Ask.com
2014-09-09 21:18 - 2011-03-13 00:26 - 00000000 ____D () C:\Users\Ya-Hü\AppData\Local\Conduit
2014-09-09 21:17 - 2014-09-09 21:17 - 01984928 _____ (smart-saverplus) C:\Users\Ya-Hü\AppData\Roaming\ICLHS.exe
2014-09-09 21:17 - 2014-09-09 21:17 - 01927072 _____ (enter) C:\Users\Ya-Hü\AppData\Roaming\EVIBZ.exe
2014-09-09 21:17 - 2014-09-09 21:17 - 00007524 _____ () C:\Windows\System32\Tasks\00a03ed6-a505-4050-9fc4-b0739bf6fab1-11
2014-09-09 21:17 - 2014-09-09 21:17 - 00007490 _____ () C:\Windows\System32\Tasks\bf1a449c-8356-402e-9ecc-44015185bae6-11
2014-09-09 21:17 - 2014-09-09 21:17 - 00006808 _____ () C:\Windows\System32\Tasks\bf1a449c-8356-402e-9ecc-44015185bae6-4
2014-09-09 21:17 - 2014-09-09 21:17 - 00006498 _____ () C:\Windows\System32\Tasks\00a03ed6-a505-4050-9fc4-b0739bf6fab1-7
2014-09-09 21:17 - 2014-09-09 21:17 - 00006496 _____ () C:\Windows\System32\Tasks\00a03ed6-a505-4050-9fc4-b0739bf6fab1-6
2014-09-09 21:17 - 2014-09-09 21:17 - 00006462 _____ () C:\Windows\System32\Tasks\bf1a449c-8356-402e-9ecc-44015185bae6-6
2014-09-09 21:17 - 2014-09-09 21:17 - 00006128 _____ () C:\Windows\System32\Tasks\bf1a449c-8356-402e-9ecc-44015185bae6-7
2014-09-09 21:17 - 2014-09-09 21:17 - 00005784 _____ () C:\Windows\System32\Tasks\bf1a449c-8356-402e-9ecc-44015185bae6-3
2014-09-09 21:17 - 2014-09-09 21:17 - 00003646 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore
2014-09-09 21:17 - 2014-09-09 21:17 - 00001336 _____ () C:\Windows\Tasks\ICLHS.job
2014-09-09 21:17 - 2014-09-09 21:17 - 00001336 _____ () C:\Windows\Tasks\EVIBZ.job
2014-09-09 21:17 - 2014-09-09 21:17 - 00000644 _____ () C:\Windows\Tasks\c4d6105a-7082-428e-b9a9-49d062b1b8cc.job
2014-09-09 21:17 - 2014-09-09 21:17 - 00000000 ____D () C:\Users\Ya-Hü\AppData\Local\LPT
2014-09-09 21:17 - 2014-09-09 21:16 - 00006842 _____ () C:\Windows\System32\Tasks\00a03ed6-a505-4050-9fc4-b0739bf6fab1-3
2014-09-09 21:17 - 2014-09-09 21:16 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-09-09 21:17 - 2012-10-25 15:45 - 00000000 ____D () C:\Users\Ya-Hü\AppData\Local\Smartbar
2014-09-09 21:16 - 2014-09-09 21:16 - 00000000 ____D () C:\Users\Ya-Hü\AppData\Roaming\Activeris
2014-09-09 21:16 - 2014-09-09 21:16 - 00000000 ____D () C:\Users\Ya-Hü\AppData\Local\globalUpdate
2014-09-09 21:16 - 2014-09-09 21:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FastAgain PC Booster
2014-09-09 21:16 - 2014-09-09 21:16 - 00000000 ____D () C:\Program Files (x86)\FastAgain PC Booster
2014-09-09 21:16 - 2014-09-09 21:00 - 00000000 ____D () C:\Program Files (x86)\NewPlayer
2014-09-09 21:10 - 2014-09-09 21:10 - 00000000 ____D () C:\Users\Ya-Hü\AppData\Local\com
2014-09-09 21:05 - 2014-09-09 21:05 - 00004432 _____ () C:\Windows\SysWOW64\MyOSProtect.ini
2014-09-09 21:05 - 2014-09-09 21:05 - 00002384 _____ () C:\Windows\SysWOW64\MyOSProtectOff.ini
2014-09-09 21:05 - 2014-09-09 21:05 - 00002384 _____ () C:\Windows\system32\MyOSProtectOff.ini
2014-09-09 21:05 - 2014-09-09 20:59 - 00000000 ____D () C:\Program Files (x86)\PCTRunner
2014-09-09 21:04 - 2014-09-09 21:01 - 00000000 ____D () C:\Users\Ya-Hü\AppData\Roaming\VOPackage
2014-09-09 21:03 - 2014-09-09 21:03 - 00000000 ____D () C:\Users\Ya-Hü\AppData\Local\newplayer
2014-09-09 21:02 - 2014-09-09 21:02 - 00003220 _____ () C:\Windows\System32\Tasks\SpeedUpMyPC Maintenance
2014-09-09 21:02 - 2014-09-09 21:02 - 00002508 _____ () C:\Windows\System32\Tasks\SpeedUpMyPC Startup
2014-09-09 21:02 - 2014-09-09 21:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewPlayer
2014-09-09 21:01 - 2014-09-09 21:01 - 00004030 _____ () C:\Windows\System32\Tasks\LaunchSignup
2014-09-09 21:01 - 2014-09-09 21:01 - 00002992 _____ () C:\Windows\System32\Tasks\SpeedChecker_wd
2014-09-09 21:01 - 2014-09-09 21:01 - 00000000 ____D () C:\Users\Ya-Hü\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
2014-09-09 21:01 - 2014-09-09 21:01 - 00000000 ____D () C:\Users\Ya-Hü\AppData\Roaming\istartsurf
2014-09-09 21:01 - 2014-09-09 21:01 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-09-09 21:01 - 2014-09-09 21:01 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-09-09 21:00 - 2014-09-09 21:00 - 00003072 _____ () C:\Windows\System32\Tasks\SpeedChecker Update
2014-09-09 21:00 - 2014-09-09 21:00 - 00000000 ____D () C:\Users\Ya-Hü\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PepperZip
2014-09-09 21:00 - 2014-09-09 21:00 - 00000000 ____D () C:\Users\Ya-Hü\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
2014-09-09 21:00 - 2014-09-09 21:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue
2014-09-09 21:00 - 2014-09-09 21:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PepperZip
2014-09-09 21:00 - 2014-09-09 21:00 - 00000000 ____D () C:\Program Files (x86)\PepperZip
2014-09-09 21:00 - 2014-09-09 20:59 - 00000000 ____D () C:\Program Files (x86)\ver0SpeedChecker
2014-09-09 21:00 - 2011-03-26 10:52 - 00001364 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-09-09 21:00 - 2011-03-26 10:52 - 00001352 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-09-09 20:59 - 2014-09-09 20:59 - 00000000 ____D () C:\Users\Ya-Hü\AppData\Roaming\Uniblue
2014-09-09 20:59 - 2014-09-09 20:59 - 00000000 ____D () C:\Program Files (x86)\Uniblue
2014-09-09 20:59 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-09-09 20:59 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-09-09 17:13 - 2014-09-09 17:04 - 00000000 ____D () C:\Users\Ya-Hü\Desktop\FormelD
2014-09-09 13:41 - 2014-09-09 21:00 - 04823040 _____ () C:\Windows\score.exe
2014-09-08 23:58 - 2011-10-14 23:43 - 00001116 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2343719655-606922816-1584496895-1000Core.job
2014-09-08 23:21 - 2014-09-07 13:58 - 00000000 ____D () C:\Users\Ya-Hü\Desktop\Thyssen Krupp - Yakup Sahin Van
2014-09-07 13:05 - 2011-01-07 12:34 - 00000000 ____D () C:\Users\Ya-Hü\AppData\Roaming\SoftGrid Client
2014-09-04 00:35 - 2013-04-15 14:15 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-09-03 16:21 - 2011-01-08 14:28 - 00000000 ____D () C:\ProgramData\Norton
2014-09-03 16:21 - 2010-11-07 23:33 - 00000000 ____D () C:\ProgramData\Symantec
2014-09-02 21:55 - 2014-09-02 21:55 - 00487483 _____ () C:\monitor.exe
2014-09-02 21:55 - 2014-09-02 21:55 - 00034244 _____ () C:\monitorsvc.exe
2014-09-02 13:04 - 2014-09-02 13:03 - 00000000 ____D () C:\Users\Ya-Hü\.tfo4
2014-09-02 13:03 - 2014-09-02 13:03 - 00000000 ____D () C:\Users\Ya-Hü\4.0
2014-09-02 13:03 - 2011-01-04 22:22 - 00000000 ____D () C:\Users\Ya-Hü
2014-09-01 23:06 - 2014-08-26 23:27 - 00000000 ____D () C:\Users\Ya-Hü\Desktop\Yakup Bewerbung
2014-09-01 20:28 - 2014-09-09 21:04 - 00350768 _____ (MyOSCompany) C:\Windows\system32\MyOSProtect64.dll
2014-09-01 20:28 - 2014-09-09 21:04 - 00304776 _____ (MyOSCompany) C:\Windows\SysWOW64\MyOSProtect.dll
2014-09-01 19:07 - 2014-09-01 19:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Split And Merge Basic
2014-09-01 19:07 - 2014-09-01 19:07 - 00000000 ____D () C:\Program Files\plugins
2014-09-01 19:07 - 2014-09-01 19:07 - 00000000 ____D () C:\Program Files\lib
2014-09-01 19:07 - 2014-09-01 19:07 - 00000000 ____D () C:\Program Files\ext
2014-09-01 19:07 - 2014-09-01 19:07 - 00000000 ____D () C:\Program Files\doc
2014-09-01 19:07 - 2014-09-01 19:07 - 00000000 ____D () C:\Program Files\bin
2014-09-01 19:07 - 2014-06-25 09:52 - 00000653 _____ () C:\Program Files\pdfsam-config.xml
2014-09-01 18:55 - 2014-09-01 18:54 - 00000000 ____D () C:\Users\Ya-Hü\Desktop\ADOBE ZUSAMMENFÜGEN
2014-09-01 10:18 - 2014-09-01 10:18 - 00002086 _____ () C:\Users\Ya-Hü\AppData\Roaming\UQH
2014-09-01 10:18 - 2014-09-01 10:18 - 00002086 _____ () C:\Users\Ya-Hü\AppData\Roaming\DYISTEC
2014-09-01 10:18 - 2014-09-01 10:18 - 00001248 _____ () C:\Users\Ya-Hü\AppData\Roaming\ICLHS
2014-09-01 10:18 - 2014-09-01 10:18 - 00001248 _____ () C:\Users\Ya-Hü\AppData\Roaming\EVIBZ
2014-08-29 03:21 - 2009-07-14 06:45 - 00778352 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-27 00:38 - 2013-12-01 22:55 - 00000000 ____D () C:\Users\Ya-Hü\Desktop\camii
2014-08-26 23:31 - 2014-03-19 15:43 - 00000000 ____D () C:\Users\Ya-Hü\Desktop\Bachelorarbeit
2014-08-26 23:31 - 2013-02-03 21:37 - 00000000 ____D () C:\Users\Ya-Hü\Desktop\Diverse Schreiben bzw. Briefe
2014-08-26 23:31 - 2012-06-07 13:35 - 00000000 ____D () C:\Users\Ya-Hü\Desktop\Karsik
2014-08-24 12:26 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-08-23 04:07 - 2014-08-28 16:01 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 03:45 - 2014-08-28 16:01 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-23 02:59 - 2014-08-28 16:01 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-21 21:50 - 2011-07-29 22:45 - 00142848 ___SH () C:\Users\Ya-Hü\Documents\Thumbs.db
2014-08-21 19:31 - 2014-08-21 19:31 - 00000000 ____D () C:\Users\Ya-Hü\Documents\Fax
2014-08-19 19:39 - 2013-01-02 00:28 - 00001141 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Update.lnk
2014-08-19 19:39 - 2010-11-08 08:15 - 00700134 _____ () C:\Windows\system32\perfh007.dat
2014-08-19 19:39 - 2010-11-08 08:15 - 00149984 _____ () C:\Windows\system32\perfc007.dat
2014-08-19 19:39 - 2009-07-14 07:13 - 01622236 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-17 00:52 - 2012-01-04 19:39 - 00000000 ____D () C:\Users\Ya-Hü\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-08-14 18:38 - 2011-04-12 20:24 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-14 18:29 - 2013-08-16 16:39 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-14 18:21 - 2011-02-27 01:08 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-14 18:13 - 2014-05-07 02:19 - 00000000 ___SD () C:\Windows\system32\CompatTel

Some content of TEMP:
====================
C:\Users\Ya-Hü\AppData\Local\Temp\AskSLib.dll
C:\Users\Ya-Hü\AppData\Local\Temp\BackupSetup.exe
C:\Users\Ya-Hü\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmprt4ghh.dll
C:\Users\Ya-Hü\AppData\Local\Temp\DWPUpgradeInstaller.exe
C:\Users\Ya-Hü\AppData\Local\Temp\FileSystemView.dll
C:\Users\Ya-Hü\AppData\Local\Temp\nsaE836.exe
C:\Users\Ya-Hü\AppData\Local\Temp\nsf135B.exe
C:\Users\Ya-Hü\AppData\Local\Temp\nsfD7DE.exe
C:\Users\Ya-Hü\AppData\Local\Temp\nsk5113.exe
C:\Users\Ya-Hü\AppData\Local\Temp\nsk87F.exe
C:\Users\Ya-Hü\AppData\Local\Temp\nsu8AEA.exe
C:\Users\Ya-Hü\AppData\Local\Temp\post1.exe
C:\Users\Ya-Hü\AppData\Local\Temp\post2.dll
C:\Users\Ya-Hü\AppData\Local\Temp\post2.exe
C:\Users\Ya-Hü\AppData\Local\Temp\setup_337.exe
C:\Users\Ya-Hü\AppData\Local\Temp\SHelp2.exe
C:\Users\Ya-Hü\AppData\Local\Temp\SpOrder.dll
C:\Users\Ya-Hü\AppData\Local\Temp\SPStub.exe
C:\Users\Ya-Hü\AppData\Local\Temp\stubhelper.dll
C:\Users\Ya-Hü\AppData\Local\Temp\vcredist_x64.exe
C:\Users\Ya-Hü\AppData\Local\Temp\wmdjug6e.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-07 15:36

==================== End Of Log ============================

--- --- ---

--- --- ---

Schahin · 10.09.2014, 22:03

FRST Additions Logfile:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-09-2014
Ran by Ya-Hü at 2014-09-10 22:31:32
Running from C:\Users\Ya-Hü\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Sophos Anti-Virus (Enabled - Up to date) {6BABF8F7-3EB6-BD1D-9167-8C5ECA060A29}
AS: Sophos Anti-Virus (Enabled - Up to date) {D0CA1913-188C-B293-ABD7-B72CB1814094}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AAVUpdateManager (HKLM-x32\...\{AFA42FE1-A5C3-485F-9180-BFCF5BF1F1C3}) (Version: 18.00.0000 - Wolters Kluwer Deutschland GmbH)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9130 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.3.9130 - Adobe Systems Inc.) Hidden
Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.0.45.2 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Alps Pointing-device for VAIO (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version:  - ALPS ELECTRIC CO., LTD.)
ArcSoft Magic-i Visual Effects 2 (HKLM-x32\...\{7BB90344-0647-468E-925A-7F69F7983421}) (Version: 2.0.1.115 - ArcSoft)
ArcSoft WebCam Companion 3 (HKLM-x32\...\{DE8AAC73-6D8D-483E-96EA-CAEDDADB9079}) (Version: 3.0.21.368 - ArcSoft)
Ask Toolbar (HKLM-x32\...\{86D4B82A-ABED-442A-BE86-96357B70F4FE}) (Version: 1.15.1.0 - Ask.com) <==== ATTENTION
Ask Toolbar Updater (HKCU\...\{79A765E1-C399-405B-85AF-466F52E918B0}) (Version: 1.2.1.22229 - Ask.com) <==== ATTENTION
AVS Screen Capture version 2.0.1 (HKLM-x32\...\AVS Screen Capture_is1) (Version:  - Online Media Technologies Ltd.)
AVS Update Manager 1.0 (HKLM-x32\...\AVS Update Manager_is1) (Version:  - Online Media Technologies Ltd.)
AVS Video Editor 6 (HKLM-x32\...\AVS Video Editor_is1) (Version:  - Online Media Technologies Ltd.)
AVS Video Recorder 2.4 (HKLM-x32\...\AVS Video Recorder_is1) (Version:  - Online Media Technologies Ltd.)
AVS4YOU Software Navigator 1.4 (HKLM-x32\...\AVS4YOU Software Navigator_is1) (Version:  - Online Media Technologies Ltd.)
Bing Bar (HKLM-x32\...\{77F8A71E-3515-4832-B8B2-2F1EDBD2E0F1}) (Version: 7.0.609.0 - Microsoft Corporation)
BrotherSoft Extreme Toolbar (HKLM-x32\...\BrotherSoft_Extreme Toolbar) (Version: 6.3.2.90 - BrotherSoft Extreme)
Corel VideoStudio 12 (HKLM-x32\...\InstallShield_{F0FDF9C9-1DDC-401F-B638-36F1CAE8A875}) (Version: 12.0.0.0000 - Corel Corporation)
Counter-Strike 1.6 DiGiTALZONE (HKLM-x32\...\{3EFF5902-2310-4F66-9144-1B11783A7E54}_is1) (Version:  - DiGiTALZONE)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{132D27B8-C656-44BD-8C16-73C54EA8A85F}) (Version:  - Microsoft)
DivX Browser Bar DE Toolbar for IE (HKLM-x32\...\IECT3297265) (Version: 6.17.2.8 - DivX Browser Bar DE) <==== ATTENTION
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.90 - DivX, LLC)
Dropbox (HKCU\...\Dropbox) (Version: 2.10.28 - Dropbox, Inc.)
DVDVideoSoftTB Toolbar (HKLM-x32\...\DVDVideoSoftTB Toolbar) (Version: 6.8.5.1 - DVDVideoSoftTB)
eToken PKI Client 5.0 SP1 (HKLM\...\{228FCCAD-F39C-45D5-968D-ED1C2DA1D3D5}) (Version: 5.00.0.65 - Aladdin Knowledge Systems Ltd.)
Evernote (HKLM-x32\...\{F761359C-9CED-45AE-9A51-9D6605CD55C4}) (Version: 3.5.4.2224 - Evernote Corp.)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
FastAgain PC Booster (HKLM-x32\...\FastAgain PC Booster_is1) (Version: 1.0 - Activeris) <==== ATTENTION
Flatcast Viewer Plugin 5.2.2.454 (HKLM-x32\...\Flatcast_is1) (Version:  - 1 mal 1 Software GmbH)
Flatcast Viewer Plugin 5.3.0.784 (HKLM-x32\...\Flatcast Viewer 5.3_is1) (Version:  - 1 mal 1 Software GmbH)
Free Audio CD Burner version 1.4.7 (HKLM-x32\...\Free Audio CD Burner_is1) (Version:  - DVDVideoSoft Limited.)
Free Studio version 5.3.1 (HKLM-x32\...\Free Studio_is1) (Version:  - DVDVideoSoft Ltd.)
Free YouTube Download version 2.10.30 (HKLM-x32\...\Free YouTube Download_is1) (Version:  - DVDVideoSoft Limited.)
Free YouTube to MP3 Converter version 3.11.34.1015 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.11.34.1015 - DVDVideoSoft Ltd.)
Genesis (HKCU\...\genesis_09091859) (Version:  - ) <==== ATTENTION
GIMP 2.6.11 (HKLM-x32\...\WinGimp-2.0_is1) (Version: 2.6.11 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.103 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
HP Deskjet 2050 J510 series - Grundlegende Software für das Gerät (HKLM\...\{C263ED32-78DB-40EB-8B12-2925C8213E28}) (Version: 22.0.334.0 - Hewlett-Packard Co.)
HP Deskjet 2050 J510 series Hilfe (HKLM-x32\...\{7A3DF2E2-CF13-44FB-A93E-F71D5381DB3F}) (Version: 140.0.61.61 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.3341 - HP Photo Creations Powered by RocketLife)
HP Update (HKLM-x32\...\{787D1A33-A97B-4245-87C0-7174609A540C}) (Version: 5.002.005.003 - Hewlett-Packard)
InetStat (HKCU\...\InetStat) (Version: 0.5b - InetStat)
Intel PROSet Wireless (Version:  - ) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi-Software (HKLM\...\{D16A2127-B927-4379-B153-3DEC091E4EEB}) (Version: 13.02.1000 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)
Intel(R) Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.01.01.1007 - Intel Corporation)
istartsurf uninstall (HKLM-x32\...\istartsurf uninstall) (Version:  - istartsurf) <==== ATTENTION
Java Auto Updater (x32 Version: 2.0.3.1 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 20 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416020FF}) (Version: 6.0.200 - Sun Microsystems, Inc.)
Java(TM) 6 Update 22 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216022F0}) (Version: 6.0.220 - Oracle)
Java(TM) 6 Update 27 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216020FF}) (Version: 6.0.270 - Sun Microsystems, Inc.)
Junk Mail filter update (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
LPT System Updater Service (x32 Version: 1.0.0.0 - LPT) Hidden <==== ATTENTION
Media Gallery (Version: 1.3.0 - Sony Corporation) Hidden
Media Gallery (x32 Version: 1.3.0.06230 - Sony Corporation) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (x32 Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Mozilla Firefox 4.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 4.0 (x86 de)) (Version: 4.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
MyPC Backup  (HKLM\...\MyPC Backup) (Version:  - JDi Backup Ltd) <==== ATTENTION
Need For Speed™ World (HKLM-x32\...\{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1) (Version: 1.0.0.659 - Electronic Arts)
NewPlayer (HKLM-x32\...\NewPlayer) (Version: v2.1.2.7 - ) <==== ATTENTION
Notepad++ (HKLM-x32\...\Notepad++) (Version: 5.9 - )
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5903 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.62.40 - NVIDIA Corporation)
OpenOffice.org 3.3 (HKLM-x32\...\{4286716B-1287-48E7-9078-3DC8248DBA96}) (Version: 3.3.9567 - OpenOffice.org)
PDF Split And Merge Basic (HKLM\...\{9A40D2F8-9458-458B-95E3-B57797C574E1}) (Version: 2.2.3 - Andrea Vacondio)
PepperZip 1.0 (HKLM-x32\...\PepperZip) (Version: 1.0 - PepperWare Co.)
PMB (HKLM-x32\...\{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}) (Version: 5.3.00.06040 - Sony Corporation)
PMB VAIO Edition Guide (x32 Version: 1.3.00.06040 - Sony Corporation) Hidden
PMB VAIO Edition plug-in (Click to Disc) (Version: 3.3.00 - Sony Corporation) Hidden
PMB VAIO Edition plug-in (Click to Disc) (x32 Version: 3.3.00 - Sony Corporation) Hidden
PMB VAIO Edition plug-in (Click to Disc) (x32 Version: 3.3.00.06180 - Sony Corporation) Hidden
PMB VAIO Edition plug-in (VAIO Image Optimizer) (x32 Version: 1.3.00.06110 - Sony Corporation) Hidden
PMB VAIO Edition plug-in (VAIO Movie Story) (Version: 2.3.00 - Sony Corporation) Hidden
PMB VAIO Edition plug-in (VAIO Movie Story) (x32 Version: 2.3.00 - Sony Corporation) Hidden
PMB VAIO Edition plug-in (VAIO Movie Story) (x32 Version: 2.3.00.06180 - Sony Corporation) Hidden
Pro Evolution Soccer 2011 (HKLM-x32\...\{1148E85C-E1AF-48E0-A29C-68DACE07E054}) (Version: 1.00.0000 - KONAMI)
PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden
RealDownloader (x32 Version: 1.3.2 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 16.0) (Version: 16.0.2 - RealNetworks)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6098 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Remote Desktop Access (VuuPC) (HKLM-x32\...\VOPackage) (Version: 1.0.0.0 - CMI Limited) <==== ATTENTION
Remote Play mit PlayStation®3 (HKLM-x32\...\{07441A52-E208-478A-92B7-5C337CA8C131}) (Version: 1.0.2.06210 - Sony Corporation)
Remote Play with PlayStation 3 (x32 Version: 1.0.2.06210 - Sony Corporation) Hidden
Remote-Tastatur mit PlayStation 3 (HKLM-x32\...\{65B138AE-F636-4D4C-BA5D-A06E21E47C53}) (Version: 1.0.2.06170 - Sony Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.4.1 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.4.1 - Renesas Electronics Corporation) Hidden
Scribus 1.3.8 (HKLM-x32\...\Scribus 1.3.8) (Version: 1.3.8 - The Scribus Team)
Search Protect by conduit (HKLM-x32\...\SearchProtect) (Version: 1.7.0.72 - Conduit) <==== ATTENTION
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
Shopping Helper Smartbar (HKLM-x32\...\{C64BEB42-B25D-4674-BB55-4099CB720110}) (Version: 11.113.63.19229 - ReSoft Ltd.) <==== ATTENTION
Shopping Helper Smartbar Engine (HKCU\...\{a0e32383-38ab-4169-836c-ca157c1a84a8}) (Version: 11.113.63.19229 - ReSoft Ltd.) <==== ATTENTION
Shrew Soft VPN Client (HKLM\...\Shrew Soft VPN Client) (Version:  - )
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Snap.Do Engine (HKCU\...\{e628c5aa-7c95-47e6-a6c6-e869584c531a}) (Version: 11.62.1.16545 - ReSoft Ltd.) <==== ATTENTION
SopCast 3.5.0 (HKLM-x32\...\SopCast) (Version: 3.5.0 - SopCast - Free P2P internet TV | live football, NBA, cricket)
Sophos Anti-Virus (HKLM-x32\...\{D929B3B5-56C6-46CC-B3A3-A1A784CBB8E4}) (Version: 10.3.7 - Sophos Limited)
Sophos AutoUpdate (HKLM-x32\...\{D924231F-D02D-4E0B-B511-CC4A0E3ED547}) (Version: 3.1.1.18 - Sophos Limited)
SpeedChecker (HKLM-x32\...\AD754AD8-63DC-B8C9-9661-146760DBD7A8) (Version:  - SpeedChecker-software)
SpeedUpMyPC (HKLM-x32\...\{E55B3271-7CA8-4D0C-AE06-69A24856E996}_is1) (Version: 6.0.4.2 - Uniblue Systems Limited) <==== ATTENTION
ss8 (HKLM-x32\...\ss8) (Version: 1.35.3.9 - smart-saverplus)
Steuer-Spar-Erklärung 2012 (HKLM-x32\...\{CCD2BAD2-0919-40CB-80CC-E9538B0E4C2E}) (Version: 17.11 - Wolters Kluwer Deutschland GmbH)
Studie zur Verbesserung von HP Deskjet 2050 J510 series Produkten (HKLM\...\{A1F8353C-39A2-4327-867E-C6714131BEFC}) (Version: 22.0.334.0 - Hewlett-Packard Co.)
TuneUp Utilities 2013 (HKLM-x32\...\TuneUp Utilities 2013) (Version: 13.0.3020.2 - TuneUp Software)
TuneUp Utilities 2013 (x32 Version: 13.0.3020.2 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (x32 Version: 13.0.3020.2 - TuneUp Software) Hidden
Uninstall 1.0.0.1 (HKLM-x32\...\Uninstall_is1) (Version:  - )
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Excel 2010 (KB2837600) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{4ACD847E-547D-493F-9A86-F73EAE1B5174}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2494150) (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2687502) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{7DE7DF97-82FE-4B3A-AB8D-1621F9CC464A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B0D672F7-883E-4279-8E75-D97A5445AB46}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUS_{EAD7BEF9-B28C-425F-B2C5-538CB27EF013}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUS_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUS_{40EC8FB1-5202-469D-9232-C28FB1C6FC64}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version:  - Microsoft)
VAIO - Media Gallery (HKLM-x32\...\{DD88F979-FA58-41AC-980C-A6E1A82B61D9}) (Version: 1.3.0.06230 - Sony Corporation)
VAIO - PMB VAIO Edition Guide (HKLM-x32\...\InstallShield_{88C252C8-A7EE-4B60-BF74-8E5919A8048F}) (Version: 1.3.00.06040 - Sony Corporation)
VAIO - PMB VAIO Edition plug-in (Click to Disc) (HKLM-x32\...\InstallShield_{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}) (Version: 3.3.00.06180 - Sony Corporation)
VAIO - PMB VAIO Edition plug-in (VAIO Image Optimizer) (HKLM-x32\...\InstallShield_{1873FFC1-FDCB-47E1-B7C7-F418211E3530}) (Version: 1.3.00.06110 - Sony Corporation)
VAIO - PMB VAIO Edition plug-in (VAIO Movie Story) (HKLM-x32\...\InstallShield_{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}) (Version: 2.3.00.06180 - Sony Corporation)
VAIO Care (HKLM-x32\...\{36C5BBF0-E5BF-4DE1-B684-7E90B0C93FB5}) (Version: 6.4.2.11150 - Sony Corporation)
VAIO Care (x32 Version: 6.4.2.11150 - Sony Corporation) Hidden
VAIO Control Center (HKLM-x32\...\{72042FA6-5609-489F-A8EA-3C2DD650F667}) (Version: 4.3.0.05310 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.4.0.05240 - Sony Corporation)
VAIO Data Restore Tool (x32 Version: 1.4.0.05240 - Sony Corporation) Hidden
VAIO DVD Menu Data (HKLM-x32\...\{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}) (Version: 2.2.00.05120 - Sony Corporation)
VAIO Gate (HKLM-x32\...\{A7C30414-2382-4086-B0D6-01A88ABA21C3}) (Version: 2.2.1.09131 - Sony Corporation)
VAIO Gate Default (HKLM-x32\...\{B7546697-2A80-4256-A24B-1C33163F535B}) (Version: 2.2.0.07020 - Sony Corporation)
VAIO Hardware Diagnostics (x32 Version: 4.0.0.06230 - Sony Corporation) Hidden
VAIO Media plus (HKLM-x32\...\{8DE50158-80AA-4FF2-9E9F-0A7C46F71FCD}) (Version: 2.1.0.18210 - Sony Corporation)
VAIO Media plus (Version: 2.1.0 - Sony Corporation) Hidden
VAIO Media plus (x32 Version: 2.1.0.18210 - Sony Corporation) Hidden
VAIO Media plus Opening Movie (HKLM-x32\...\{9238E8A4-BEBA-43A3-B926-769BDBF194C5}) (Version: 2.1.0.13220 - Sony Corporation)
VAIO Movie Story Template Data (HKLM-x32\...\InstallShield_{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}) (Version: 2.3.00.06040 - Sony Corporation)
VAIO Movie Story Template Data (x32 Version: 2.3.00.06040 - Sony Corporation) Hidden
VAIO Sample Contents (HKLM-x32\...\{547C9EB4-4CA6-402F-9D1B-8BD30DC71E44}) (Version: 1.3.0.06041 - Sony Corporation)
VAIO screensaver (HKLM-x32\...\VAIO screensaver) (Version: 1.0.0.0 - Sony Europe)
VAIO Smart Network (HKLM-x32\...\{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}) (Version: 3.3.1.08110 - Sony Corporation)
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 6.1.1.10250 - Sony Corporation)
VAIO-Handbuch (HKLM-x32\...\{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}) (Version: 1.1.0.05280 - Sony Corporation)
VAIO-Support für Übertragungen (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.2.0.06230 - Sony Corporation)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Veetle TV 0.9.18 (HKLM-x32\...\Veetle TV) (Version: 0.9.18 - Veetle, Inc)
Vgrabber v1.4 Toolbar (HKLM-x32\...\Vgrabber_v1.4 Toolbar) (Version: 6.10.3.27 - Vgrabber v1.4) <==== ATTENTION
videos+ MediaPlayer+ (HKLM-x32\...\videos+ MediaPlayer+) (Version: 1.35.3.9 - enter) <==== ATTENTION
VideoStudio (x32 Version: 12.0.0.0000 - Corel Corporation) Hidden
VU5x64 (Version: 1.1.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.1.0 - Sony Corporation ) Hidden
Web Protect for Windows (HKLM-x32\...\wp-dcollect-tgu) (Version: 10.0.0 - PC Publishing) <==== ATTENTION
WIDCOMM Bluetooth Software (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.5600 - Broadcom Corporation)
Windows Live Anmelde-Assistent (HKLM-x32\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Communications Platform (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{586509F0-350D-48B5-B763-9CC2F8D96C4C}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
WindowsMangerProtect20.0.0.722 (HKLM-x32\...\WindowsMangerProtect) (Version: 20.0.0.722 - WindowsProtect LIMITED) <==== ATTENTION
WinRAR (HKLM-x32\...\WinRAR archiver) (Version:  - )

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2343719655-606922816-1584496895-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Ya-Hü\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2343719655-606922816-1584496895-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ya-Hü\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2343719655-606922816-1584496895-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ya-Hü\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2343719655-606922816-1584496895-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ya-Hü\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2343719655-606922816-1584496895-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ya-Hü\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2343719655-606922816-1584496895-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ya-Hü\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2343719655-606922816-1584496895-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ya-Hü\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2343719655-606922816-1584496895-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ya-Hü\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2343719655-606922816-1584496895-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ya-Hü\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

==================== Restore Points  =========================

21-08-2014 14:07:58 Windows Update
22-08-2014 22:36:23 Windows Update
26-08-2014 12:47:11 Windows Update
29-08-2014 01:00:26 Windows Update
01-09-2014 16:55:58 Installed PDF Split And Merge Basic
01-09-2014 17:07:21 Installed PDF Split And Merge Basic
02-09-2014 08:33:46 Windows Update
05-09-2014 12:19:34 Windows Update
09-09-2014 12:36:54 Windows Update
09-09-2014 18:59:21 Uniblue SpeedUpMyPC installation

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0385F358-6004-4C8C-9A55-F0655DFBB44F} - System32\Tasks\DivX-Online-Aktualisierungsprogramm => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2013-11-15] ()
Task: {08E14D42-0BBA-4AD6-B45B-4383916272D5} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2012-10-26] (Sony Corporation)
Task: {0ECE77A3-108D-4236-8DEF-44D9A08A770D} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2343719655-606922816-1584496895-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-04-16] (RealNetworks, Inc.)
Task: {122B03C9-C63E-4978-B11A-FAB9473294CF} - System32\Tasks\SONY\SUS-BCF\Level4Month => C:\Program Files (x86)\Sony\Setting Utility Series\WBCBatteryCare.exe [2010-07-26] (Sony Corporation)
Task: {16B405D6-FFB2-4528-AE8E-5F1C7F9DE6C5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-10] (Adobe Systems Incorporated)
Task: {1D05A091-8552-4E89-8F04-ED9732469A72} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-11-07] (Google Inc.)
Task: {1FF50661-34A7-4AE1-8A92-0C330996F056} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21] (Adobe Systems Incorporated)
Task: {220DD877-D3C9-4B9A-9F87-1BFA1BC54C1F} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2343719655-606922816-1584496895-1000UA => C:\Users\Ya-Hü\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)
Task: {2422F514-A3E3-4A13-B4C8-E5F3E27A80DA} - System32\Tasks\bf1a449c-8356-402e-9ecc-44015185bae6-11 => C:\Program Files (x86)\ss8\bf1a449c-8356-402e-9ecc-44015185bae6-11.exe [2014-09-09] (smart-saverplus)
Task: {2922998E-D784-4DFA-BD13-95153E18C988} - System32\Tasks\00a03ed6-a505-4050-9fc4-b0739bf6fab1-1 => C:\Program Files (x86)\videos+ MediaPlayer+\videos+ MediaPlayer+-codedownloader.exe <==== ATTENTION
Task: {297DC6CA-BAAF-458A-8E11-6A19A2ECCB3D} - System32\Tasks\bf1a449c-8356-402e-9ecc-44015185bae6-3 => C:\Program Files (x86)\ss8\bf1a449c-8356-402e-9ecc-44015185bae6-3.exe [2014-09-09] (smart-saverplus)
Task: {2D498192-FFC6-46B7-9BAF-C5882A250F81} - System32\Tasks\SONY\VAIO Power Management\VPM Logon Start => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-06-21] (Sony Corporation)
Task: {31A3C6E3-DE91-4C86-9A07-941C63967B80} - System32\Tasks\Sony Corporation\VAIO Personalization Manager\VpmLM Task Music Ya-Hü => C:\Program Files\Sony\VAIO Personalization Manager\VpmLM.exe [2010-01-20] (Sony Corporation)
Task: {35CE63CD-156F-4483-ABBA-46D8F2DC7E0F} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2010-03-12] (Hewlett-Packard)
Task: {3AAF89DE-D9C4-483B-A6D6-32008C55DC7E} - System32\Tasks\SONY\SUS-BCF\Level4Daily => C:\Program Files (x86)\Sony\Setting Utility Series\WBCBatteryCare.exe [2010-07-26] (Sony Corporation)
Task: {3C622311-F0B6-49D5-96A9-5C7106E14CF4} - System32\Tasks\bf1a449c-8356-402e-9ecc-44015185bae6-1 => C:\Program Files (x86)\ss8\ss8-codedownloader.exe
Task: {3CC7D367-F0F8-4C4F-92B9-F24E26EABD0F} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2343719655-606922816-1584496895-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-04-16] (RealNetworks, Inc.)
Task: {3CEE61F9-5ACE-4FB6-A408-176F7A29DFE6} - System32\Tasks\SONY\Remote Keyboard with PlayStation 3\Remote Keyboard with PlayStation 3 => C:\Program Files\Sony\Remote Keyboard with PlayStation 3\VBTKBUtil.exe [2010-06-17] (Sony Corporation)
Task: {3F2A748B-6FB8-4328-BD26-2F9D477F8098} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2010-10-29] (Sun Microsystems, Inc.)
Task: {4E24A8D0-5FD6-49AE-AF20-B479087C2E96} - System32\Tasks\SpeedUpMyPC Startup => C:\Program Files (x86)\Uniblue\SpeedUpMyPC\speedupmypc.exe [2014-09-02] (Uniblue Systems Limited) <==== ATTENTION
Task: {4F22B1C6-FFA1-4DF2-97FC-160F4227B5D3} - System32\Tasks\SONY\VAIO Power Management\VPM Session Change => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-06-21] (Sony Corporation)
Task: {4FA749C5-5AD5-46A3-BB14-07A8DCFAF7AC} - System32\Tasks\SpeedChecker Update => C:\Program Files (x86)\ver0SpeedChecker\O0SpeedCheckerq40.exe [2014-09-09] ()
Task: {558A2B10-698E-48D4-936C-C6D1BB490CFC} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCsystray.exe [2011-02-16] (Sony Corporation)
Task: {5BD4D8B7-B5D7-42FE-8E91-626C4A91B804} - System32\Tasks\00a03ed6-a505-4050-9fc4-b0739bf6fab1-4 => C:\Program Files (x86)\videos+ MediaPlayer+\00a03ed6-a505-4050-9fc4-b0739bf6fab1-4.exe [2014-09-09] (enter) <==== ATTENTION
Task: {5C84ED96-F186-4F65-9B08-1A9B231B3214} - System32\Tasks\SONY\VAIO Wallpaper Setting Tool\VAIO Wallpaper Setting Tool => C:\Program Files (x86)\Sony\VAIO Wallpaper Setting Tool\VWSet.exe
Task: {6468566B-7267-4A8A-BA16-200004C4DFB5} - System32\Tasks\SpeedUpMyPC Maintenance => C:\Program Files (x86)\Uniblue\SpeedUpMyPC\speedupmypc.exe [2014-09-02] (Uniblue Systems Limited) <==== ATTENTION
Task: {6F277F25-6708-411A-99E2-0133C48D3B26} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCOneClick.exe [2011-02-16] (Sony Corporation)
Task: {7037338F-4763-4F70-8D55-48BE81B45598} - System32\Tasks\00a03ed6-a505-4050-9fc4-b0739bf6fab1-5 => C:\Program Files (x86)\videos+ MediaPlayer+\00a03ed6-a505-4050-9fc4-b0739bf6fab1-5.exe [2014-09-09] (enter) <==== ATTENTION
Task: {71A199CE-8564-4DAB-BE6A-EAFCF0EAF3AE} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-09-09] (globalUpdate) <==== ATTENTION
Task: {72ED094F-2CE9-4209-8596-BEF86298DCDA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-11-07] (Google Inc.)
Task: {787014DD-21E6-442D-A851-6DC05CBB2803} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe [2014-09-03] (MyPC Backup) <==== ATTENTION
Task: {7CBEB5F0-177E-4F7D-8657-9A3212654C0D} - System32\Tasks\SONY\VAIO Power Management\VPM Unlock => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-06-21] (Sony Corporation)
Task: {8647ED24-50BE-4E85-8D49-557C444D5DC5} - System32\Tasks\HPCustParticipation HP Deskjet 2050 J510 series => C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\HPCustPartic.exe [2010-06-14] (Hewlett-Packard Co.)
Task: {8AA95ADC-C765-4CE4-AB6E-A0E253CC087D} - System32\Tasks\bf1a449c-8356-402e-9ecc-44015185bae6-7 => C:\Program Files (x86)\ss8\bf1a449c-8356-402e-9ecc-44015185bae6-7.exe [2014-09-09] (smart-saverplus)
Task: {95A9EA77-34E9-4B49-800F-33035F9729E5} - System32\Tasks\SpeedChecker_wd => C:\Program Files (x86)\ver0SpeedChecker\J3SpeedCheckerB.exe
Task: {9D1ADDA6-D64D-465C-9043-E435D0FAFFFD} - System32\Tasks\Real Player-Online-Aktualisierungsprogramm => c:\program files (x86)\real\realplayer\Update\realsched.exe [2013-06-15] (RealNetworks, Inc.)
Task: {A17859C3-E69A-432B-BB6E-EAAD09FB7B6F} - System32\Tasks\c213693f-6a72-4a60-89e2-c9c24cabae7d => C:\Program Files (x86)\videos+ MediaPlayer+\c213693f-6a72-4a60-89e2-c9c24cabae7d.exe [2014-09-09] (enter) <==== ATTENTION
Task: {A3C02240-A07F-469C-BEC4-CEAF1CFA3E0C} - System32\Tasks\00a03ed6-a505-4050-9fc4-b0739bf6fab1-3 => C:\Program Files (x86)\videos+ MediaPlayer+\00a03ed6-a505-4050-9fc4-b0739bf6fab1-3.exe [2014-09-09] (enter) <==== ATTENTION
Task: {B1A99BD2-C75C-47AC-BF34-E7C43A6865DD} - System32\Tasks\00a03ed6-a505-4050-9fc4-b0739bf6fab1-11 => C:\Program Files (x86)\videos+ MediaPlayer+\00a03ed6-a505-4050-9fc4-b0739bf6fab1-11.exe [2014-09-09] (enter) <==== ATTENTION
Task: {B49CD378-C3E4-4E0B-AD87-E63F8C6D9033} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2343719655-606922816-1584496895-1000Core => C:\Users\Ya-Hü\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)
Task: {B4CE631B-DE67-4FE2-BF83-CCA3B8C23680} - System32\Tasks\bf1a449c-8356-402e-9ecc-44015185bae6-4 => C:\Program Files (x86)\ss8\bf1a449c-8356-402e-9ecc-44015185bae6-4.exe [2014-09-09] (smart-saverplus)
Task: {BC5F6E93-DA3D-4A68-8E04-57E956A7C9B2} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2343719655-606922816-1584496895-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-04-16] (RealNetworks, Inc.)
Task: {BF6746EB-8E9A-42A5-98D0-9B90AA2380E1} - System32\Tasks\bf1a449c-8356-402e-9ecc-44015185bae6-5 => C:\Program Files (x86)\ss8\bf1a449c-8356-402e-9ecc-44015185bae6-5.exe [2014-09-09] (smart-saverplus)
Task: {BF6BCE72-2256-4E6E-8C9A-1F325650031B} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files (x86)\Ask.com\UpdateTask.exe <==== ATTENTION
Task: {C0B0A485-9E2E-40A8-B502-E707F9E8A65D} - System32\Tasks\BackgroundContainer Startup Task => Rundll32.exe "C:\Users\Ya-Hü\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun <==== ATTENTION
Task: {CD7F1B9E-C426-4E6F-821F-FEF3F3884A7A} - System32\Tasks\bf1a449c-8356-402e-9ecc-44015185bae6-6 => C:\Program Files (x86)\ss8\bf1a449c-8356-402e-9ecc-44015185bae6-6.exe [2014-09-09] (smart-saverplus)
Task: {D3E6FDB1-BA82-4582-AF76-0F492F316114} - System32\Tasks\00a03ed6-a505-4050-9fc4-b0739bf6fab1-6 => C:\Program Files (x86)\videos+ MediaPlayer+\00a03ed6-a505-4050-9fc4-b0739bf6fab1-6.exe [2014-09-09] (enter) <==== ATTENTION
Task: {D4BD4947-5EF7-4B5E-8C88-65E93D1362C6} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2013\OneClick.exe [2013-01-28] (TuneUp Software)
Task: {D72C3984-2740-4AFB-B3F5-25F7BDE416A7} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2012-10-26] (Sony Corporation)
Task: {E807C1CF-4A93-42B3-B688-4B0AC029CF40} - System32\Tasks\SONY\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2010-10-25] (Sony Corporation)
Task: {EC98ADB9-36DF-4C35-BBA1-EB30C82F78F6} - System32\Tasks\SONY\VAIO Gate\StartExecuteProxy => C:\Program Files\Sony\VAIO Gate\ExecutionProxy.exe [2010-10-25] (Sony Corporation)
Task: {F2AC506A-9236-4E26-B30F-ACBD2121641A} - System32\Tasks\00a03ed6-a505-4050-9fc4-b0739bf6fab1-7 => C:\Program Files (x86)\videos+ MediaPlayer+\00a03ed6-a505-4050-9fc4-b0739bf6fab1-7.exe [2014-09-09] (enter) <==== ATTENTION
Task: {F360B412-AD9D-491E-81CE-5D987E85FD90} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2343719655-606922816-1584496895-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-04-16] (RealNetworks, Inc.)
Task: {F997CBF9-165B-4CBA-8D93-3E8434A628AD} - System32\Tasks\{7A5B3678-CC35-446C-8304-FBD0ECBAF419} => C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\FreeYouTubeToMP3Converter.exe [2012-10-15] (DVDVideoSoft Ltd.)
Task: C:\Windows\Tasks\00a03ed6-a505-4050-9fc4-b0739bf6fab1-1.job => C:\Program Files (x86)\videos+ MediaPlayer+\videos+ MediaPlayer+-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\00a03ed6-a505-4050-9fc4-b0739bf6fab1-11.job => C:\Program Files (x86)\videos+ MediaPlayer+\00a03ed6-a505-4050-9fc4-b0739bf6fab1-11.exe <==== ATTENTION
Task: C:\Windows\Tasks\00a03ed6-a505-4050-9fc4-b0739bf6fab1-3.job => C:\Program Files (x86)\videos+ MediaPlayer+\00a03ed6-a505-4050-9fc4-b0739bf6fab1-3.exe <==== ATTENTION
Task: C:\Windows\Tasks\00a03ed6-a505-4050-9fc4-b0739bf6fab1-4.job => C:\Program Files (x86)\videos+ MediaPlayer+\00a03ed6-a505-4050-9fc4-b0739bf6fab1-4.exe <==== ATTENTION
Task: C:\Windows\Tasks\00a03ed6-a505-4050-9fc4-b0739bf6fab1-5.job => C:\Program Files (x86)\videos+ MediaPlayer+\00a03ed6-a505-4050-9fc4-b0739bf6fab1-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\00a03ed6-a505-4050-9fc4-b0739bf6fab1-5_user.job => C:\Program Files (x86)\videos+ MediaPlayer+\00a03ed6-a505-4050-9fc4-b0739bf6fab1-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\00a03ed6-a505-4050-9fc4-b0739bf6fab1-6.job => C:\Program Files (x86)\videos+ MediaPlayer+\00a03ed6-a505-4050-9fc4-b0739bf6fab1-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\00a03ed6-a505-4050-9fc4-b0739bf6fab1-7.job => C:\Program Files (x86)\videos+ MediaPlayer+\00a03ed6-a505-4050-9fc4-b0739bf6fab1-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\bf1a449c-8356-402e-9ecc-44015185bae6-1.job => C:\Program Files (x86)\ss8\ss8-codedownloader.exe
Task: C:\Windows\Tasks\bf1a449c-8356-402e-9ecc-44015185bae6-11.job => C:\Program Files (x86)\ss8\bf1a449c-8356-402e-9ecc-44015185bae6-11.exe
Task: C:\Windows\Tasks\bf1a449c-8356-402e-9ecc-44015185bae6-3.job => C:\Program Files (x86)\ss8\bf1a449c-8356-402e-9ecc-44015185bae6-3.exe
Task: C:\Windows\Tasks\bf1a449c-8356-402e-9ecc-44015185bae6-4.job => C:\Program Files (x86)\ss8\bf1a449c-8356-402e-9ecc-44015185bae6-4.exe
Task: C:\Windows\Tasks\bf1a449c-8356-402e-9ecc-44015185bae6-5.job => C:\Program Files (x86)\ss8\bf1a449c-8356-402e-9ecc-44015185bae6-5.exe
Task: C:\Windows\Tasks\bf1a449c-8356-402e-9ecc-44015185bae6-5_user.job => C:\Program Files (x86)\ss8\bf1a449c-8356-402e-9ecc-44015185bae6-5.exe
Task: C:\Windows\Tasks\bf1a449c-8356-402e-9ecc-44015185bae6-6.job => C:\Program Files (x86)\ss8\bf1a449c-8356-402e-9ecc-44015185bae6-6.exe
Task: C:\Windows\Tasks\bf1a449c-8356-402e-9ecc-44015185bae6-7.job => C:\Program Files (x86)\ss8\bf1a449c-8356-402e-9ecc-44015185bae6-7.exe
Task: C:\Windows\Tasks\c213693f-6a72-4a60-89e2-c9c24cabae7d.job => C:\Program Files (x86)\videos+ MediaPlayer+\c213693f-6a72-4a60-89e2-c9c24cabae7d.exe <==== ATTENTION
Task: C:\Windows\Tasks\c4d6105a-7082-428e-b9a9-49d062b1b8cc.job => C:\Program Files (x86)\videos+ MediaPlayer+\c4d6105a-7082-428e-b9a9-49d062b1b8cc.exe <==== ATTENTION
Task: C:\Windows\Tasks\DYISTEC.job => C:\Users\Ya-Hýÿ\AppData\Roaming\DYISTEC.exe
Task: C:\Windows\Tasks\EVIBZ.job => C:\Users\Ya-Hýÿ\AppData\Roaming\EVIBZ.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2343719655-606922816-1584496895-1000Core.job => C:\Users\Ya-Hü\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2343719655-606922816-1584496895-1000UA.job => C:\Users\Ya-Hü\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\ICLHS.job => C:\Users\Ya-Hýÿ\AppData\Roaming\ICLHS.exe
Task: C:\Windows\Tasks\SpeedUpMyPC Maintenance.job => C:\Program Files (x86)\Uniblue\SpeedUpMyPC\speedupmypc.exe <==== ATTENTION
Task: C:\Windows\Tasks\SpeedUpMyPC Startup.job => C:\Program Files (x86)\Uniblue\SpeedUpMyPC\speedupmypc.exe <==== ATTENTION
Task: C:\Windows\Tasks\UQH.job => C:\Users\Ya-Hýÿ\AppData\Roaming\UQH.exe

==================== Loaded Modules (whitelisted) =============

2011-03-30 09:18 - 2011-03-30 09:18 - 00053760 _____ () C:\Windows\system32\msjet40d.dll
2010-03-05 10:21 - 2010-03-05 10:21 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2008-10-24 16:35 - 2008-10-24 16:35 - 00128296 _____ () C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
2014-09-03 19:34 - 2014-09-03 19:34 - 01102336 _____ () C:\Program Files (x86)\MyPC Backup\x64\System.Data.SQLite.dll
2010-10-08 07:18 - 2010-10-08 07:18 - 00056592 _____ () C:\Program Files\ShrewSoft\VPN Client\dtpd.exe
2010-09-02 09:24 - 2010-09-02 09:24 - 00017920 _____ () C:\Program Files\ShrewSoft\VPN Client\libith.dll
2010-09-02 09:24 - 2010-09-02 09:24 - 00019456 _____ () C:\Program Files\ShrewSoft\VPN Client\libdtp.dll
2010-09-02 09:24 - 2010-09-02 09:24 - 00026624 _____ () C:\Program Files\ShrewSoft\VPN Client\libidb.dll
2010-09-02 09:24 - 2010-09-02 09:24 - 00013312 _____ () C:\Program Files\ShrewSoft\VPN Client\liblog.dll
2010-09-02 09:24 - 2010-09-02 09:24 - 00035328 _____ () C:\Program Files\ShrewSoft\VPN Client\libvflt.dll
2010-09-02 09:24 - 2010-09-02 09:24 - 00119296 _____ () C:\Program Files\ShrewSoft\VPN Client\libip.dll
2010-10-08 07:18 - 2010-10-08 07:18 - 00957712 _____ () C:\Program Files\ShrewSoft\VPN Client\iked.exe
2010-09-02 09:24 - 2010-09-02 09:24 - 00028160 _____ () C:\Program Files\ShrewSoft\VPN Client\libike.dll
2010-09-02 09:25 - 2010-09-02 09:25 - 00040448 _____ () C:\Program Files\ShrewSoft\VPN Client\libvnet.dll
2010-09-02 09:24 - 2010-09-02 09:24 - 00030720 _____ () C:\Program Files\ShrewSoft\VPN Client\libpfk.dll
2010-10-08 07:18 - 2010-10-08 07:18 - 00697616 _____ () C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe
2014-08-27 16:34 - 2014-08-27 16:34 - 00032800 _____ () C:\Program Files (x86)\LPT\srpts.exe
2014-08-12 11:32 - 2014-08-12 11:32 - 00011776 _____ () C:\Program Files (x86)\NewPlayer\NewVideoPlayerUpdaterService.exe
2014-08-27 16:34 - 2014-08-27 16:34 - 00034848 _____ () C:\Program Files (x86)\LPT\srptsl.exe
2014-09-02 21:55 - 2014-09-02 21:55 - 00487483 _____ () C:\monitor.exe
2013-04-16 03:07 - 2013-04-16 03:07 - 00039056 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
2014-09-09 21:00 - 2014-09-09 13:41 - 04823040 _____ () C:\Windows\score.exe
2014-09-09 21:04 - 2014-09-09 21:04 - 00071680 _____ () C:\Users\Ya-Hü\AppData\Roaming\VOPackage\VOsrv.exe
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2007-03-27 20:03 - 2007-03-27 20:03 - 02173952 ____R () C:\Program Files\Aladdin\eToken\PKIClient\x64\QtCore4.dll
2007-03-27 20:03 - 2007-03-27 20:03 - 08048640 ____R () C:\Program Files\Aladdin\eToken\PKIClient\x64\QtGui4.dll
2007-03-29 15:11 - 2007-03-29 15:11 - 00317440 _____ () C:\Program Files\Aladdin\eToken\PKIClient\x64\QtXml4.dll
2007-03-27 20:03 - 2007-03-27 20:03 - 00175104 ____R () C:\Program Files\Aladdin\eToken\PKIClient\x64\plugins\imageformats\qjpeg1.dll
2014-09-09 22:33 - 2014-09-09 22:33 - 00700430 _____ () C:\Users\Ya-Hü\AppData\Roaming\InetStat\inetstat.exe
2014-09-09 20:59 - 2014-09-09 20:59 - 01642496 _____ () C:\Users\Ya-Hü\AppData\Local\Genesis_09091859\Genesis_09091859.exe
2013-11-15 02:48 - 2013-11-15 02:48 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2014-09-03 19:39 - 2014-09-03 19:39 - 00012288 _____ () C:\Program Files (x86)\MyPC Backup\GetText.dll
2011-12-05 00:17 - 2011-02-25 18:14 - 00297472 _____ () C:\Program Files\Sony\VAIO Care\CRM\ManagedVAIORecoveryMedia.dll
2011-12-05 00:17 - 2011-02-25 18:14 - 00192000 _____ () C:\Program Files\Sony\VAIO Care\CRM\VAIORecovery.dll
2011-12-05 00:17 - 2011-02-25 18:14 - 00070656 _____ () C:\Program Files\Sony\VAIO Care\CRM\Logging.dll
2011-12-05 00:17 - 2011-02-25 18:14 - 00063488 _____ () C:\Program Files\Sony\VAIO Care\CRM\VAIOCommon.dll
2011-12-05 00:17 - 2011-02-25 18:14 - 00215040 _____ () C:\Program Files\Sony\VAIO Care\CRM\OsServices.dll
2011-12-05 00:17 - 2011-02-25 18:14 - 00043008 _____ () C:\Program Files\Sony\VAIO Care\CRM\PluginFactory.dll
2011-12-05 00:17 - 2011-02-25 18:14 - 00260608 _____ () C:\Program Files\Sony\VAIO Care\CRM\RecoveryPartitionManager.dll
2011-12-05 00:17 - 2011-02-25 18:14 - 00043520 _____ () C:\Program Files\Sony\VAIO Care\CRM\XMLTools.dll
2011-12-05 00:17 - 2011-02-25 18:14 - 00059904 _____ () C:\Program Files\Sony\VAIO Care\CRM\VAIOInstallAppsDrivers.dll
2011-12-05 00:17 - 2011-02-25 18:14 - 00157696 _____ () C:\Program Files\Sony\VAIO Care\CRM\InstallDB.dll
2011-12-05 00:17 - 2011-02-25 18:14 - 00138752 _____ () C:\Program Files\Sony\VAIO Care\CRM\InstallationTools.dll
2011-12-05 00:17 - 2011-02-25 18:14 - 00025600 _____ () C:\Program Files\Sony\VAIO Care\CRM\VAIOUtility.dll
2014-08-27 16:33 - 2014-08-27 16:33 - 00023584 _____ () C:\Users\Ya-Hü\AppData\Local\Smartbar\Application\Lrcnta.exe
2014-08-27 16:34 - 2014-08-27 16:34 - 00042528 _____ () C:\Program Files (x86)\LPT\srptc.dll
2014-08-27 16:34 - 2014-08-27 16:34 - 00018976 _____ () C:\Program Files (x86)\LPT\Smartbar.Common.dll
2014-08-27 16:35 - 2014-08-27 16:35 - 00070176 _____ () C:\Program Files (x86)\LPT\srut.dll
2010-11-07 23:27 - 2010-05-31 20:18 - 00013824 _____ () C:\Program Files (x86)\Sony\VAIO Event Service\VESBasePS.dll
2010-11-07 23:27 - 2010-05-31 20:18 - 00013312 _____ () C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSubPS.dll
2014-09-04 01:24 - 2014-09-04 01:24 - 00827392 _____ () C:\Program Files (x86)\pctrunner\pcproxydll.dll
2014-08-15 15:25 - 2014-08-15 15:25 - 00170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\75f2f57b675dd733dda674d87e34c1be\IsdiInterop.ni.dll
2010-10-11 22:03 - 2010-03-04 05:08 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2010-01-20 14:57 - 2010-01-20 14:57 - 00495616 _____ () C:\Program Files\Sony\VAIO Personalization Manager\sqlite3.dll
2014-08-27 16:34 - 2014-08-27 16:34 - 00050208 _____ () C:\Users\Ya-Hü\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Core.dll
2014-08-27 16:34 - 2014-08-27 16:34 - 00086048 _____ () C:\Users\Ya-Hü\AppData\Local\Smartbar\Application\srau.dll
2014-08-27 16:34 - 2014-08-27 16:34 - 00165920 _____ () C:\Users\Ya-Hü\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Utilities.dll
2014-08-27 16:34 - 2014-08-27 16:34 - 02425376 _____ () C:\Users\Ya-Hü\AppData\Local\Smartbar\Application\Smartbar.GUI.MainClient.dll
2014-08-27 16:34 - 2014-08-27 16:34 - 00066592 _____ () C:\Users\Ya-Hü\AppData\Local\Smartbar\Application\spbl.dll
2014-08-27 16:34 - 2014-08-27 16:34 - 00158240 _____ () C:\Users\Ya-Hü\AppData\Local\Smartbar\Application\Smartbar.Resources.HistoryAndStatsWrapper.dll
2014-08-27 16:34 - 2014-08-27 16:34 - 00014368 _____ () C:\Users\Ya-Hü\AppData\Local\Smartbar\Application\siem.dll
2014-08-27 16:34 - 2014-08-27 16:34 - 00067616 _____ () C:\Users\Ya-Hü\AppData\Local\Smartbar\Application\sppsm.dll
2014-08-27 16:34 - 2014-08-27 16:34 - 00696864 _____ () C:\Users\Ya-Hü\AppData\Local\Smartbar\Application\Smartbar.GUI.Controls.dll
2014-08-27 16:34 - 2014-08-27 16:34 - 00014880 _____ () C:\Users\Ya-Hü\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.BusinessEntities.dll
2014-08-27 16:34 - 2014-08-27 16:34 - 00078880 _____ () C:\Users\Ya-Hü\AppData\Local\Smartbar\Application\Smartbar.GUI.Docking.dll
2014-08-27 16:34 - 2014-08-27 16:34 - 00027168 _____ () C:\Users\Ya-Hü\AppData\Local\Smartbar\Application\Smartbar.Personalization.Common.dll
2014-08-27 16:35 - 2014-08-27 16:35 - 00070176 _____ () C:\Users\Ya-Hü\AppData\Local\Smartbar\Application\srut.dll
2014-08-27 16:34 - 2014-08-27 16:34 - 00029216 _____ () C:\Users\Ya-Hü\AppData\Local\Smartbar\Application\srsbs.dll
2014-08-27 16:34 - 2014-08-27 16:34 - 00065568 _____ () C:\Users\Ya-Hü\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.InternetExplorerLocalPlugin.dll
2014-08-27 16:34 - 2014-08-27 16:34 - 00150560 _____ () C:\Users\Ya-Hü\AppData\Local\Smartbar\Application\smti.dll
2014-08-27 16:34 - 2014-08-27 16:34 - 00073760 _____ () C:\Users\Ya-Hü\AppData\Local\Smartbar\Application\smsp.dll
2014-08-27 16:34 - 2014-08-27 16:34 - 00011808 _____ () C:\Users\Ya-Hü\AppData\Local\Smartbar\Application\sidc.dll
2014-08-27 16:34 - 2014-08-27 16:34 - 00030752 _____ () C:\Users\Ya-Hü\AppData\Local\Smartbar\Application\smtu.dll
2014-08-27 16:34 - 2014-08-27 16:34 - 00038432 _____ () C:\Users\Ya-Hü\AppData\Local\Smartbar\Application\smta.dll
2014-08-27 16:34 - 2014-08-27 16:34 - 00031264 _____ () C:\Users\Ya-Hü\AppData\Local\Smartbar\Application\srom.dll
2014-08-27 16:34 - 2014-08-27 16:34 - 00047136 _____ () C:\Users\Ya-Hü\AppData\Local\Smartbar\Application\srbu.dll
2014-08-27 16:34 - 2014-08-27 16:34 - 00024096 _____ () C:\Users\Ya-Hü\AppData\Local\Smartbar\Application\sgml.dll
2014-08-27 16:34 - 2014-08-27 16:34 - 00061984 _____ () C:\Users\Ya-Hü\AppData\Local\Smartbar\Application\Smartbar.Resources.LanguageSettings.dll
2014-08-27 16:34 - 2014-08-27 16:34 - 00024608 _____ () C:\Users\Ya-Hü\AppData\Local\Smartbar\Application\srpdm.dll
2014-08-27 16:33 - 2014-08-27 16:33 - 00043552 _____ () C:\Users\Ya-Hü\AppData\Local\Smartbar\Application\MACTrackBarLib.dll
2014-08-27 16:33 - 2014-08-27 16:33 - 00026656 _____ () C:\Users\Ya-Hü\AppData\Local\Smartbar\Application\de\Smartbar.Resources.LanguageSettings.resources.dll
2014-08-27 16:34 - 2014-08-27 16:34 - 00035360 _____ () C:\Users\Ya-Hü\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.dll
2014-08-27 16:34 - 2014-08-27 16:34 - 00193056 _____ () C:\Users\Ya-Hü\AppData\Local\Smartbar\Application\sgmu.dll
2014-05-12 11:21 - 2014-05-12 11:21 - 00061440 _____ () C:\Users\Ya-Hü\AppData\Local\Smartbar\Application\AxInterop.WMPLib.dll
2014-08-27 16:34 - 2014-08-27 16:34 - 00255008 _____ () C:\Users\Ya-Hü\AppData\Local\Smartbar\Application\srns.dll
2014-09-10 21:51 - 2014-09-10 21:51 - 00043008 _____ () c:\users\ya-h~1\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmprt4ghh.dll
2013-08-23 21:01 - 2013-08-23 21:01 - 25100288 _____ () C:\Users\Ya-Hü\AppData\Roaming\Dropbox\bin\libcef.dll
2013-11-15 02:49 - 2013-11-15 02:49 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2011-01-17 16:19 - 2011-05-13 16:49 - 00985088 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
2014-08-27 16:34 - 2014-08-27 16:34 - 00023072 _____ () C:\Program Files (x86)\LPT\srptm.exe
2014-08-27 16:34 - 2014-08-27 16:34 - 00081952 _____ () C:\Program Files (x86)\LPT\srpt.dll
2014-08-27 16:33 - 2014-08-27 16:33 - 00032800 _____ () C:\Users\Ya-Hü\AppData\Local\Smartbar\Application\lrcnt.dll
2014-09-10 22:32 - 2014-09-09 20:59 - 01600896 ____N () C:\Users\YA-H~1\AppData\Local\Temp\_iu14D2N.tmp

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SAVService => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MyOSProtect => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SAVService => ""="service"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


==================== Faulty Device Manager Devices =============

Name: Shrew Soft Virtual Adapter
Description: Shrew Soft Virtual Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Shrew Soft
Service: vnet
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (09/10/2014 10:17:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: chrome.exe, Version: 37.0.2062.103, Zeitstempel: 0x54011f26
Name des fehlerhaften Moduls: 033d9b8c-5b5c-4b81-b872-75bc061d998c.dll, Version: 0.0.0.0, Zeitstempel: 0x540ed0c9
Ausnahmecode: 0xc00000fd
Fehleroffset: 0x00001871
ID des fehlerhaften Prozesses: 0x1e90
Startzeit der fehlerhaften Anwendung: 0xchrome.exe0
Pfad der fehlerhaften Anwendung: chrome.exe1
Pfad des fehlerhaften Moduls: chrome.exe2
Berichtskennung: chrome.exe3

Error: (09/10/2014 10:17:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: chrome.exe, Version: 37.0.2062.103, Zeitstempel: 0x54011f26
Name des fehlerhaften Moduls: bfc86444-19c2-471f-bb5d-6fd34eb2e3ad.dll, Version: 0.0.0.0, Zeitstempel: 0x540e280d
Ausnahmecode: 0xc00000fd
Fehleroffset: 0x0000ead7
ID des fehlerhaften Prozesses: 0x1e90
Startzeit der fehlerhaften Anwendung: 0xchrome.exe0
Pfad der fehlerhaften Anwendung: chrome.exe1
Pfad des fehlerhaften Moduls: chrome.exe2
Berichtskennung: chrome.exe3

Error: (09/10/2014 09:58:53 PM) (Source: MsiInstaller) (EventID: 11730) (User: Ya-Hü-VAIO)
Description: Produkt: Ask Toolbar -- Fehler 1730. Sie müssen über Administratorrechte verfügen, um diese Anwendung entfernen zu können. Melden Sie sich als Administrator an oder wenden Sie sich an den technischen Support, um Unterstützung zu erhalten.

Error: (09/10/2014 03:18:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: chrome.exe, Version: 37.0.2062.103, Zeitstempel: 0x54011f26
Name des fehlerhaften Moduls: bfc86444-19c2-471f-bb5d-6fd34eb2e3ad.dll, Version: 0.0.0.0, Zeitstempel: 0x540e280d
Ausnahmecode: 0xc00000fd
Fehleroffset: 0x0000ead7
ID des fehlerhaften Prozesses: 0x1e18
Startzeit der fehlerhaften Anwendung: 0xchrome.exe0
Pfad der fehlerhaften Anwendung: chrome.exe1
Pfad des fehlerhaften Moduls: chrome.exe2
Berichtskennung: chrome.exe3

Error: (09/10/2014 03:18:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: chrome.exe, Version: 37.0.2062.103, Zeitstempel: 0x54011f26
Name des fehlerhaften Moduls: 033d9b8c-5b5c-4b81-b872-75bc061d998c.dll, Version: 0.0.0.0, Zeitstempel: 0x540ed0c9
Ausnahmecode: 0xc00000fd
Fehleroffset: 0x00001871
ID des fehlerhaften Prozesses: 0x238c
Startzeit der fehlerhaften Anwendung: 0xchrome.exe0
Pfad der fehlerhaften Anwendung: chrome.exe1
Pfad des fehlerhaften Moduls: chrome.exe2
Berichtskennung: chrome.exe3

Error: (09/10/2014 03:17:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: chrome.exe, Version: 37.0.2062.103, Zeitstempel: 0x54011f26
Name des fehlerhaften Moduls: bfc86444-19c2-471f-bb5d-6fd34eb2e3ad.dll, Version: 0.0.0.0, Zeitstempel: 0x540e280d
Ausnahmecode: 0xc00000fd
Fehleroffset: 0x0000ead7
ID des fehlerhaften Prozesses: 0x238c
Startzeit der fehlerhaften Anwendung: 0xchrome.exe0
Pfad der fehlerhaften Anwendung: chrome.exe1
Pfad des fehlerhaften Moduls: chrome.exe2
Berichtskennung: chrome.exe3

Error: (09/10/2014 02:52:04 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm VAIO Gate.exe, Version 2.2.1.9130 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: a70

Startzeit: 01cfccf2e7a6b9ad

Endzeit: 428

Anwendungspfad: C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe

Berichts-ID: 38d8caee-38e9-11e4-ba48-18f46af09ee2

Error: (09/10/2014 02:49:32 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm speedupmypc.exe, Version 6.0.4.2 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: b64

Startzeit: 01cfccf2e598a990

Endzeit: 743

Anwendungspfad: C:\Program Files (x86)\Uniblue\SpeedUpMyPC\speedupmypc.exe

Berichts-ID:

Error: (09/09/2014 10:51:51 PM) (Source: Application Virtualization Client) (EventID: 5009) (User: )
Description: {tid=2320}
Application Virtualization Client konnte keine Verbindung mit der Datenstrom-URL 'hxxp://c2r.microsoft.com/ConsumerC2R/de-de/14.0.4763.1000/ConsumerC2R.de-de_14.0.7130.5000.sft' herstellen (Rückgabecode 14C0160A-000001C0, ursprünglicher Rückgabecode 14C0160A-000001C0).

Error: (09/09/2014 03:06:07 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.


System errors:
=============
Error: (09/10/2014 09:57:20 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.

Error: (09/10/2014 09:51:16 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "VAIO Care Performance Service" wurde nicht richtig gestartet.

Error: (09/10/2014 09:46:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Protect Monitor" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (09/10/2014 09:46:50 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Protect Monitor erreicht.

Error: (09/10/2014 09:45:57 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x0000009f (0x0000000000000003, 0xfffffa800441ba10, 0xfffff80000b9c518, 0xfffffa8008a0d010)C:\Windows\MEMORY.DMP091014-19484-01

Error: (09/10/2014 09:45:43 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎10.‎09.‎2014 um 15:55:59 unerwartet heruntergefahren.

Error: (09/10/2014 02:44:34 PM) (Source: SAVOnAccess) (EventID: 85) (User: )
Description: Der Scan von Datei [...gram files\Sophos\Sophos Anti-Virus\Web Control\WCPResCht.dll] wurde nach einer Zeitüberschreitung/Auslastung durchgeführt. Sie wird protokolliert. Prozess ALUpdate.exe, (Überprüfung des Zeitstempels [ 1cfccf4f9626c96]).

Error: (09/10/2014 02:44:34 PM) (Source: SAVOnAccess) (EventID: 85) (User: )
Description: Der Scan von Datei [...s\Sophos\Sophos Anti-Virus\Web Intelligence\swi_ifslsp_64.dll] wurde nach einer Zeitüberschreitung/Auslastung durchgeführt. Sie wird protokolliert. Prozess ALUpdate.exe, (Überprüfung des Zeitstempels [ 1cfccf4f8f7c256]).

Error: (09/10/2014 02:44:34 PM) (Source: SAVOnAccess) (EventID: 85) (User: )
Description: Der Scan von Datei [...Microsoft\Windows Live\SOXE\Extractor Definitions Update Task] wurde nach einer Zeitüberschreitung/Auslastung durchgeführt. Sie wird protokolliert. Prozess taskeng.exe, (Überprüfung des Zeitstempels [ 1cfccf4f936ef23]).

Error: (09/10/2014 02:44:33 PM) (Source: SAVOnAccess) (EventID: 85) (User: )
Description: Der Scan von Datei [...rogram files\Sophos\Sophos Anti-Virus\WSC_Win32\WSCClient.exe] wurde nach einer Zeitüberschreitung/Auslastung durchgeführt. Sie wird protokolliert. Prozess ALUpdate.exe, (Überprüfung des Zeitstempels [ 1cfccf4f87dd59d]).


Microsoft Office Sessions:
=========================
Error: (09/10/2014 10:17:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: chrome.exe37.0.2062.10354011f26033d9b8c-5b5c-4b81-b872-75bc061d998c.dll0.0.0.0540ed0c9c00000fd000018711e9001cfcd3130ec6fbdC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\videos+ MediaPlayer+\033d9b8c-5b5c-4b81-b872-75bc061d998c.dll8e227ffe-3927-11e4-be43-18f46af09ee2

Error: (09/10/2014 10:17:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: chrome.exe37.0.2062.10354011f26bfc86444-19c2-471f-bb5d-6fd34eb2e3ad.dll0.0.0.0540e280dc00000fd0000ead71e9001cfcd3130ec6fbdC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\ss8\bfc86444-19c2-471f-bb5d-6fd34eb2e3ad.dll8b4e1fb3-3927-11e4-be43-18f46af09ee2

Error: (09/10/2014 09:58:53 PM) (Source: MsiInstaller) (EventID: 11730) (User: Ya-Hü-VAIO)
Description: Produkt: Ask Toolbar -- Fehler 1730. Sie müssen über Administratorrechte verfügen, um diese Anwendung entfernen zu können. Melden Sie sich als Administrator an oder wenden Sie sich an den technischen Support, um Unterstützung zu erhalten.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (09/10/2014 03:18:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: chrome.exe37.0.2062.10354011f26bfc86444-19c2-471f-bb5d-6fd34eb2e3ad.dll0.0.0.0540e280dc00000fd0000ead71e1801cfccf41d2358d1C:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\ss8\bfc86444-19c2-471f-bb5d-6fd34eb2e3ad.dllfbbbb971-38ec-11e4-ba48-18f46af09ee2

Error: (09/10/2014 03:18:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: chrome.exe37.0.2062.10354011f26033d9b8c-5b5c-4b81-b872-75bc061d998c.dll0.0.0.0540ed0c9c00000fd00001871238c01cfccf3aa25c209C:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\videos+ MediaPlayer+\033d9b8c-5b5c-4b81-b872-75bc061d998c.dlle28865aa-38ec-11e4-ba48-18f46af09ee2

Error: (09/10/2014 03:17:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: chrome.exe37.0.2062.10354011f26bfc86444-19c2-471f-bb5d-6fd34eb2e3ad.dll0.0.0.0540e280dc00000fd0000ead7238c01cfccf3aa25c209C:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\ss8\bfc86444-19c2-471f-bb5d-6fd34eb2e3ad.dlle0af0adc-38ec-11e4-ba48-18f46af09ee2

Error: (09/10/2014 02:52:04 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: VAIO Gate.exe2.2.1.9130a7001cfccf2e7a6b9ad428C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe38d8caee-38e9-11e4-ba48-18f46af09ee2

Error: (09/10/2014 02:49:32 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: speedupmypc.exe6.0.4.2b6401cfccf2e598a990743C:\Program Files (x86)\Uniblue\SpeedUpMyPC\speedupmypc.exe

Error: (09/09/2014 10:51:51 PM) (Source: Application Virtualization Client) (EventID: 5009) (User: )
Description: {tid=2320}
hxxp://c2r.microsoft.com/ConsumerC2R/de-de/14.0.4763.1000/ConsumerC2R.de-de_14.0.7130.5000.sft14C0160A-000001C014C0160A-000001C0

Error: (09/09/2014 03:06:07 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5 CPU M 460 @ 2.53GHz
Percentage of memory in use: 56%
Total physical RAM: 4012.96 MB
Available physical RAM: 1763.73 MB
Total Pagefile: 8024.1 MB
Available Pagefile: 5084.61 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:455.46 GB) (Free:332.93 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: E87E09B7)
Partition 1: (Not Active) - (Size=10.2 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=455.5 GB) - (Type=07 NTFS)

==================== End Of Log ============================

--- --- ---

schrauber · 15.09.2014, 15:09

Adware & Co. deinstallieren

Lade Dir bitte von hier Revo Uninstaller herunter.
Installiere und starte das Programm.
Suche im Uninstallerfeld nach den Programmen, die unter:

diesen Zusatz haben:
Wähle die Programme nacheinander aus und klicke jedesmal auf Uninstall.
Wähle anschließend den Modus "Moderat" aus.
Reste löschen:
Klicke auf dann auf und dann auf .

Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

WICHTIG: Speichere Combofix auf deinem Desktop.

Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!

Wenn Combofix fertig ist, wird es ein Logfile erstellen.

Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

Schahin · 16.09.2014, 14:47

Combofix.txt finde ich nicht.. combo-fix.sys

MZ ÿÿ ¸ @ ° º ´ Í!¸LÍ!Duh!Don't be silly. This isn't malware.

$ i
Û-zcˆ-zcˆ-zcˆ+Yiˆ,zcˆRich-zcˆ PE L @òcF à € @ À ² * @ T .text h.rdata T @ ` @ @ H.reloc * * @ B3ÀÂ @òcF À @òcF Ð @òcF à o\i386\d.sys NB10 @òcF T:\o\i386\d.pdb

schrauber · 17.09.2014, 05:51

Frisches FRST log bitte.

Schahin · 18.09.2014, 14:34

can result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-09-2014 (ATTENTION: ====> FRST version is 8 days old and could be outdated)
Ran by Ya-Hü (administrator) on YA-HÜ-VAIO on 18-09-2014 13:46:25
Running from C:\Users\Ya-Hü\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: Downloading Farbar Recovery Scan Tool
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
() C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
() C:\Program Files\ShrewSoft\VPN Client\dtpd.exe
(Aladdin Knowledge Systems, Ltd.) C:\Program Files\Aladdin\eToken\PKIClient\x64\eTSrv.exe
() C:\Program Files\ShrewSoft\VPN Client\iked.exe
() C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe
() C:\Program Files (x86)\OfferBoulevard\OfferBoulevard.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
() C:\Program Files (x86)\OfferBoulevard\OfferBoulevardW.exe
() C:\monitor.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe
() C:\Windows\score.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe
(Term Tutor) C:\Program Files (x86)\TermTutor\Service\ttsvc.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(Sony Corporation) C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
(Sony Corporation) C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(CinemaHQ01Video Plus) C:\Program Files (x86)\CinPlusHQ01-2.5cV15.09\fa50a323-b173-42a7-ad68-a45d88bc41ec.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
(Aladdin Knowledge Systems, Ltd.) C:\Program Files\Aladdin\eToken\PKIClient\x64\PKIMonitor.exe
(Sony Corporation) C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe
(Sony Corporation) C:\Program Files (x86)\Sony\Media Gallery\VRLPHelper.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Dropbox, Inc.) C:\Users\Ya-Hü\AppData\Roaming\Dropbox\bin\Dropbox.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\AutoUpdate\ALMon.exe
() C:\Program Files (x86)\OfferBoulevard\OfferBoulevardW.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(ALPS) C:\Program Files\Apoint\Apvfb.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApntEx.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\ielowutil.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Personalization Manager\VpmIfPav.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE
() C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\OFFICEVIRT.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCsystray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Sony of America Corporation) C:\Program Files\Sony\VAIO Care\listener.exe
(CinemaHQ01Video Plus) C:\Program Files (x86)\CinPlusHQ01-2.5cV15.09\98ed4270-7785-4165-abad-58c3f4f52fee-6.exe
(smart-saverplus) C:\Program Files (x86)\ss8\bf1a449c-8356-402e-9ecc-44015185bae6-6.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\Admload.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10775584 2010-06-21] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2040352 2010-06-21] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint\Apoint.exe [212480 2010-05-14] (Alps Electric Co., Ltd.)
HKLM\...\Run: [eTMonitor] => C:\Program Files\Aladdin\eToken\PKIClient\x64\PKIMonitor.exe [192000 2008-11-03] (Aladdin Knowledge Systems, Ltd.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-04] (Intel Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [600928 2010-06-01] (Sony Corporation)
HKLM-x32\...\Run: [SHTtray.exe] => C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe [99696 2010-06-20] (Sony Corporation)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [TkBellExe] => c:\program files (x86)\real\realplayer\Update\realsched.exe [295512 2013-06-15] (RealNetworks, Inc.)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-12-23] (DivX, LLC)
HKLM-x32\...\Run: [SearchProtectAll] => C:\Program Files (x86)\SearchProtect\bin\cltmng.exe
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2013-11-15] ()
HKLM-x32\...\Run: [Sophos AutoUpdate Monitor] => C:\Program Files (x86)\Sophos\AutoUpdate\almon.exe [1617704 2014-05-21] (Sophos Limited)
HKLM-x32\...\Run: [OfferBoulevard] => C:\Program Files (x86)\OfferBoulevard\OfferBoulevardW.exe [378888 2014-09-09] ()
HKU\S-1-5-21-2343719655-606922816-1584496895-1000\...\Run: [Elbserver] => C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe [81264 2010-06-22] (Sony Corporation)
HKU\S-1-5-21-2343719655-606922816-1584496895-1000\...\Run: [VRLPHelper] => C:\Program Files (x86)\Sony\Media Gallery\VRLPHelper.exe [183152 2010-06-22] (Sony Corporation)
HKU\S-1-5-21-2343719655-606922816-1584496895-1000\...\Run: [Facebook Update] => C:\Users\Ya-Hü\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-07-12] (Facebook Inc.)
HKU\S-1-5-21-2343719655-606922816-1584496895-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-11-07] (Google Inc.)
HKU\S-1-5-21-2343719655-606922816-1584496895-1000\...\MountPoints2: {a2bb5f40-7701-11e0-8347-18f46af09ee2} - D:\LaunchU3.exe -a
AppInit_DLLs: C:\PROGRA~2\Sophos\SOPHOS~1\SOPHOS~2.DLL => C:\Program Files (x86)\Sophos\Sophos Anti-Virus\sophos_detoured_x64.dll [217160 2014-05-21] (Sophos Limited)
AppInit_DLLs-x32: C:\PROGRA~2\Sophos\SOPHOS~1\SOPHOS~1.DLL => C:\Program Files (x86)\Sophos\Sophos Anti-Virus\sophos_detoured.dll [275352 2014-05-21] (Sophos Limited)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\Ya-Hü\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Ya-Hü\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Ya-Hü\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:50542;https=127.0.0.1:50542
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=4a462bdd-4c3a-402c-8ce3-d37e0174272f&searchtype=ds&q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = iStartSurf
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = iStartSurf
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=4a462bdd-4c3a-402c-8ce3-d37e0174272f&searchtype=ds&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = iStartSurf
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = iStartSurf
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = iStartSurf
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = iStartSurf
URLSearchHook: HKLM-x32 - (No Name) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - No File
URLSearchHook: HKLM-x32 - (No Name) - {51a86bb3-6602-4c85-92a5-130ee4864f13} - No File
URLSearchHook: HKLM-x32 - (No Name) - {8686b6b5-4734-4d4a-a246-5efbd9ebb200} - No File
URLSearchHook: HKLM-x32 - (No Name) - {6dad39c6-f4ac-4984-8e9b-f666269b9eb1} - No File
URLSearchHook: HKCU - (No Name) - {90eee664-34b1-422a-a782-779af65cdf6d} - No File
URLSearchHook: HKCU - (No Name) - {8686b6b5-4734-4d4a-a246-5efbd9ebb200} - No File
URLSearchHook: HKCU - (No Name) - {6dad39c6-f4ac-4984-8e9b-f666269b9eb1} - No File
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1410289207&from=tugs&uid=HitachiXHTS545050B9SA00_101011PBN475B70JY7BLX&q={searchTerms}
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1410289207&from=tugs&uid=HitachiXHTS545050B9SA00_101011PBN475B70JY7BLX&q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1410289207&from=tugs&uid=HitachiXHTS545050B9SA00_101011PBN475B70JY7BLX&q={searchTerms}
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1410289207&from=tugs&uid=HitachiXHTS545050B9SA00_101011PBN475B70JY7BLX&q={searchTerms}
SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2776682
SearchScopes: HKCU - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1410289207&from=tugs&uid=HitachiXHTS545050B9SA00_101011PBN475B70JY7BLX&q={searchTerms}
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=4a462bdd-4c3a-402c-8ce3-d37e0174272f&searchtype=ds&q={searchTerms}
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1410289207&from=tugs&uid=HitachiXHTS545050B9SA00_101011PBN475B70JY7BLX&q={searchTerms}
SearchScopes: HKCU - {3BD798E4-1794-4D89-A407-2B4E9370A089} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-9/4?satitle={searchTerms}
SearchScopes: HKCU - {81C5F3D0-96DD-41A1-9AB0-34D3393ECD63} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=DVS2&o=1586&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=^AAA&apn_dtid=^YYYYYY^YY^DE&apn_uid=e830c422-06f7-4e86-bc8f-fdb5c9fb2577&apn_sauid=C7E5C00C-17D3-4B99-8C1B-0890731C94C7
SearchScopes: HKCU - {880A4506-D686-4F9D-99E6-AF7031E4954A} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3297265&CUI=UN35227522264557148&UM=2
SearchScopes: HKCU - {9ADADC8D-74CC-4107-8BFD-ED99FF1E596A} URL = Shopping.com Deutschland - der große Produkt- und Preisvergleich
SearchScopes: HKCU - {A37CD782-4560-4428-9464-96A78BBF90BF} URL = hxxp://services.zinio.com/search?s={searchTerms}&rf=sonyslices
SearchScopes: HKCU - {B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD} URL = hxxp://eu.ask.com/web?l=dis&o=APN10234&gct=sb&qsrc=2869&apn_dtid=^YYYYYY^YY^DE&apn_ptnrs=^A8B&apn_uid=4305474234194320&p2=^A8B^YYYYYY^YY^DE&q={searchTerms}
SearchScopes: HKCU - {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} URL = hxxp://mystart.incredimail.com/mb59/?search={searchTerms}&loc=search_box&u=92540554715559353
BHO: CinPlusHQ01-2.5c -> {11111111-1111-1111-1111-110611411141} -> C:\Program Files (x86)\CinPlusHQ01-2.5cV15.09\CinPlusHQ01-2.5cV15.09-bho64.dll (CinemaHQ01Video Plus)
BHO: Shopping Helper SmartbarEngine -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
BHO: TermTutor -> {6CB99040-7828-4C37-AC01-F15758F43E4D} -> C:\Program Files\TermTutor\IE\TermTutorClientIE.dll (Term Tutor)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: CinPlusHQ01-2.5c -> {11111111-1111-1111-1111-110611411141} -> C:\Program Files (x86)\CinPlusHQ01-2.5cV15.09\CinPlusHQ01-2.5cV15.09-bho.dll (CinemaHQ01Video Plus)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: Conduit Engine -> {30F9B915-B755-4826-820B-08FBA6BD249D} -> C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
BHO-x32: Shopping Helper SmartbarEngine -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: No Name -> {51a86bb3-6602-4c85-92a5-130ee4864f13} -> No File
BHO-x32: TermTutor -> {6CB99040-7828-4C37-AC01-F15758F43E4D} -> C:\Program Files (x86)\TermTutor\IE\TermTutorClientIE.dll (Term Tutor)
BHO-x32: No Name -> {6dad39c6-f4ac-4984-8e9b-f666269b9eb1} -> No File
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: No Name -> {8686b6b5-4734-4d4a-a246-5efbd9ebb200} -> No File
BHO-x32: No Name -> {872b5b88-9db5-4310-bdd0-ac189557e5f5} -> No File
BHO-x32: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Ask Toolbar -> {D4027C7F-154A-4066-A1AD-4243D8127440} -> C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - Shopping Helper Smartbar - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll No File
Toolbar: HKLM-x32 - Shopping Helper Smartbar - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKCU - No Name - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - No File
Toolbar: HKCU - No Name - {51A86BB3-6602-4C85-92A5-130EE4864F13} - No File
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog9 01 C:\Windows\SysWOW64\MyOSProtect.dll [304776] (MyOSCompany)
Winsock: Catalog9 02 C:\Windows\SysWOW64\MyOSProtect.dll [304776] (MyOSCompany)
Winsock: Catalog9 03 C:\Windows\SysWOW64\MyOSProtect.dll [304776] (MyOSCompany)
Winsock: Catalog9 04 C:\Windows\SysWOW64\MyOSProtect.dll [304776] (MyOSCompany)
Winsock: Catalog9 05 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)
Winsock: Catalog9 06 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)
Winsock: Catalog9 07 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)
Winsock: Catalog9 08 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)
Winsock: Catalog9 09 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)
Winsock: Catalog9 10 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)
Winsock: Catalog9 11 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)
Winsock: Catalog9 12 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)
Winsock: Catalog9 24 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)
Winsock: Catalog9 25 C:\Windows\SysWOW64\MyOSProtect.dll [304776] (MyOSCompany)
Winsock: Catalog9-x64 01 C:\Windows\system32\MyOSProtect64.dll [350768] (MyOSCompany)
Winsock: Catalog9-x64 02 C:\Windows\system32\MyOSProtect64.dll [350768] (MyOSCompany)
Winsock: Catalog9-x64 03 C:\Windows\system32\MyOSProtect64.dll [350768] (MyOSCompany)
Winsock: Catalog9-x64 04 C:\Windows\system32\MyOSProtect64.dll [350768] (MyOSCompany)
Winsock: Catalog9-x64 05 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)
Winsock: Catalog9-x64 06 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)
Winsock: Catalog9-x64 07 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)
Winsock: Catalog9-x64 08 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)
Winsock: Catalog9-x64 09 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)
Winsock: Catalog9-x64 10 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)
Winsock: Catalog9-x64 11 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)
Winsock: Catalog9-x64 12 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)
Winsock: Catalog9-x64 24 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)
Winsock: Catalog9-x64 25 C:\Windows\system32\MyOSProtect64.dll [350768] (MyOSCompany)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{7F946169-BE2F-4A43-9CE3-A47B900F6482}: [NameServer] 193.175.112.3,195.37.168.3

FireFox:
========
FF ProfilePath: C:\Users\Ya-Hü\AppData\Roaming\Mozilla\Firefox\Profiles\19p6x7ry.default
FF NewTab: about:newtab
FF DefaultSearchEngine: istartsurf
FF SearchEngineOrder.1: Ask.com
FF SelectedSearchEngine: Web Search
FF Homepage: hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3eDgJ_l4M6Qi_XIb0P66FqniX_Zq-6GipubqDxVb8ws_AAPfM5cEqwcaEJF_T1ra5Aco7y49tktdZe898sD4-0E0SCeZ1M_SaCuRUzTtnpeZWYE2Po_wsooij46HGJszt16fPom-49cTkr0aEIb7DmDY1vzwC-g,,
FF Keyword.URL: hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3eDgJ_l4M6Qi_XIb0P66FqniX_Zq-6GipubqDxVb8ws_AAPfM5cEqwcaEJF_T1ra5Aco7y49tktdZe898sD4-0E0SCeZ5C3ow-P9wo8CdwOqKsM9c6ZJaGCmwttKkJ7K6Aspxa3d195XFsWhTHSFRHuADcyYNYA,,&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=16.0.2.32 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.2 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.2 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.2 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.2.32 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @veetle.com/veetleCorePlugin,version=0.9.18 -> C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF Plugin-x32: @veetle.com/veetlePlayerPlugin,version=0.9.18 -> C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Ya-Hü\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @www.flatcast.com/FlatViewer 5.2 -> C:\Users\YA-H~1\AppData\Roaming\Mozilla\Plugins\NpFv530.dll (1 mal 1 Software GmbH)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NpFv522.dll (1 mal 1 Software GmbH)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NpFv530.dll (1 mal 1 Software GmbH)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll (RealPlayer)
FF Plugin ProgramFiles/Appdata: C:\Users\Ya-Hü\AppData\Roaming\mozilla\plugins\NpFv530.dll (1 mal 1 Software GmbH)
FF SearchPlugin: C:\Users\Ya-Hü\AppData\Roaming\Mozilla\Firefox\Profiles\19p6x7ry.default\searchplugins\Web Search.xml
FF Extension: CinPlusHQ01-2.5cV15.09 - C:\Users\Ya-Hü\AppData\Roaming\Mozilla\Firefox\Profiles\19p6x7ry.default\Extensions\BGKGT66124770@ZYFBNPM50498512.com [2014-09-16]
FF Extension: ss8 - C:\Users\Ya-Hü\AppData\Roaming\Mozilla\Firefox\Profiles\19p6x7ry.default\Extensions\KUKDSXGS67213349@EDCBUFV5900769.com [2014-09-09]
FF Extension: IncrediMail MediaBar 4 - C:\Users\Ya-Hü\AppData\Roaming\Mozilla\Firefox\Profiles\19p6x7ry.default\Extensions\{90eee664-34b1-422a-a782-779af65cdf6d} [2014-07-06]
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Users\Ya-Hü\AppData\Roaming\Mozilla\Firefox\Profiles\19p6x7ry.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi [2012-11-26]
FF Extension: Term Tutor - C:\Program Files (x86)\Mozilla Firefox\extensions\termtutor@termtutor.com [2014-09-15]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2011-05-13]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} [2011-09-15]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} [2012-01-26]
FF HKLM-x32\...\Firefox\Extensions: [{6904342A-8307-11DF-A508-4AE2DFD72085}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa
FF HKLM-x32\...\Firefox\Extensions: [{FCE04E1F-9378-4f39-96F6-5689A9159E45}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-06-15]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM-x32\...\Firefox\Extensions: [termtutor@termtutor.com] - C:\Program Files (x86)\Mozilla Firefox\extensions\termtutor@termtutor.com
FF StartMenuInternet: FIREFOX.EXE - firefox.exe

Chrome:
=======
CHR HomePage: Default -> hxxp://www.istartsurf.com/?type=hp&ts=1410289207&from=tugs&uid=HitachiXHTS545050B9SA00_101011PBN475B70JY7BLX
CHR StartupUrls: Default -> "hxxp://www.google.com/webhp?nord=1"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google :inputType}{google:cursorPosition}{google:currentPageUrl}{google

ageClassification}{google:searchVersion}{google:sessionToken}sugkey={google:suggestA PIKeyParameter}
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.270.7) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java(TM) Platform SE 6 U27) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Flatcast Viewer Plugin 5.2.2.454) - C:\Program Files (x86)\Mozilla Firefox\plugins\NpFv522.dll (1 mal 1 Software GmbH)
CHR Plugin: (Flatcast Viewer Plugin 5.3.0.784) - C:\Program Files (x86)\Mozilla Firefox\plugins\NpFv530.dll (1 mal 1 Software GmbH)
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\nprpjplug.dll No File
CHR Plugin: (RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll No File
CHR Plugin: (RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll No File
CHR Plugin: (RealJukebox NS Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\nprjplug.dll No File
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (DivX OVS Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Web Player) - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll No File
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Veetle TV Player) - C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc)
CHR Plugin: (Veetle TV Core) - C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)
CHR Plugin: (Windows Live? Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\Ya-H?\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Profile: C:\Users\Ya-Hü\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Snap.Do ) - C:\Users\Ya-Hü\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl [2013-08-23]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Ya-Hü\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-03]
CHR Extension: (YouTube) - C:\Users\Ya-Hü\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-16]
CHR Extension: (View GPU Info) - C:\Users\Ya-Hü\AppData\Local\Google\Chrome\User Data\Default\Extensions\bonfagbdfepfbhjgolfalmgldfbgjodi [2014-09-15]
CHR Extension: (Google-Suche) - C:\Users\Ya-Hü\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-16]
CHR Extension: (RealDownloader) - C:\Users\Ya-Hü\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2013-06-15]
CHR Extension: (Google Wallet) - C:\Users\Ya-Hü\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-01]
CHR Extension: (Quick start) - C:\Users\Ya-Hü\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma [2014-09-09]
CHR Extension: (Google Mail) - C:\Users\Ya-Hü\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-16]
CHR Extension: (CinPlusHQ01-2.5cV15.09) - C:\Users\Ya-Hü\AppData\Local\Google\Chrome\User Data\Default\Extensions\pldeppocfnbnopadlkalkhefdhglkijd [2014-09-16]
CHR Extension: (ss8) - C:\Users\Ya-Hü\AppData\Local\Google\Chrome\User Data\Default\Extensions\plofenifjagmdikfcobngnfmmnfmphin [2014-09-15]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Users\Ya-Hü\AppData\Roaming\DVDVideoSoft\dvsYoutubeDownload.crx [2012-10-25]
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-04-16]
CHR HKLM-x32\...\Chrome\Extension: [pelmeidfhdlhlbjimpabfcbnnojbboma] - C:\Users\Ya-Hü\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv3.crx [2014-09-09]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AAV UpdateService; C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 dtpd; C:\Program Files\ShrewSoft\VPN Client\dtpd.exe [56592 2010-10-08] ()
R2 eTSrv; C:\Program Files\Aladdin\eToken\PKIClient\x64\eTSrv.exe [8192 2008-11-03] (Aladdin Knowledge Systems, Ltd.) [File not signed]
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-09-16] (globalUpdate) [File not signed]
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-09-16] (globalUpdate) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 iked; C:\Program Files\ShrewSoft\VPN Client\iked.exe [957712 2010-10-08] ()
R2 ipsecd; C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe [697616 2010-10-08] ()
R2 OfferBoulevard; C:\Program Files (x86)\OfferBoulevard\OfferBoulevard.exe [23040 2014-09-09] () [File not signed]
S2 ProtectMonitor; C:\monitorsvc.exe [34244 2014-09-02] () [File not signed]
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-04-16] ()
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [259192 2011-01-29] (Sony Corporation)
R2 SAVAdminService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe [288552 2014-05-21] (Sophos Limited)
R2 SAVService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe [205096 2014-05-21] (Sophos Limited)
R2 scores; C:\Windows\score.exe [4823040 2014-09-09] () [File not signed]
R2 Sophos AutoUpdate Service; C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe [341800 2014-05-21] (Sophos Limited)
R2 Sophos Web Control Service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe [355624 2014-05-21] (Sophos Limited)
R2 swi_service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe [3174696 2014-05-21] (Sophos Limited)
S2 swi_update_64; C:\ProgramData\Sophos\Web Intelligence\swi_update_64.exe [2065704 2014-05-21] (Sophos Limited)
R2 ttsvc; C:\Program Files (x86)\TermTutor\Service\ttsvc.exe [276048 2014-09-04] (Term Tutor)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2402080 2013-01-28] (TuneUp Software)
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [104960 2008-09-18] (ArcSoft, Inc.)
R2 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [851824 2010-06-17] (Sony Corporation)
R2 VSNService; C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [845312 2010-08-11] (Sony Corporation) [File not signed]
R3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1286784 2012-10-26] (Sony Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 AKSIFDH; C:\Windows\System32\DRIVERS\aksifdh.sys [62632 2008-07-30] (Aladdin Knowledge Systems, Ltd.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R1 SAVOnAccess; C:\Windows\System32\DRIVERS\savonaccess.sys [158976 2014-05-21] (Sophos Limited)
S3 sdcfilter; C:\Windows\System32\DRIVERS\sdcfilter.sys [38144 2014-05-21] (Sophos Limited)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S4 SophosBootDriver; C:\Windows\System32\DRIVERS\SophosBootDriver.sys [27904 2014-05-21] (Sophos Limited)
R1 ttnfd; C:\Windows\System32\drivers\ttnfd.sys [58232 2014-09-04] (Term Tutor)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [11880 2012-09-19] (TuneUp Software)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-18 13:46 - 2014-09-18 13:49 - 00042897 _____ () C:\Users\Ya-Hü\Desktop\FRST.txt
2014-09-18 10:06 - 2014-09-18 10:06 - 00000000 ____D () C:\Users\Ya-Hü\AppData\Local\ICSharpCode.net
2014-09-17 14:50 - 2014-09-18 13:33 - 00000294 _____ () C:\Windows\Tasks\PennyBee.job
2014-09-17 14:50 - 2014-09-17 14:50 - 00003238 _____ () C:\Windows\System32\Tasks\PennyBee
2014-09-17 14:50 - 2014-09-17 14:50 - 00000000 ____D () C:\Users\Ya-Hü\AppData\Roaming\PennyBee
2014-09-17 14:50 - 2014-09-17 14:50 - 00000000 ____D () C:\Program Files (x86)\OfferBoulevard
2014-09-16 15:15 - 2014-09-16 15:15 - 00000000 ___SD () C:\ComboFix
2014-09-16 15:01 - 2014-09-16 15:01 - 00000000 ____D () C:\ProgramData\374311380
2014-09-16 14:57 - 2014-09-16 14:57 - 00000000 ____D () C:\Users\Ya-Hü\Documents\Optimizer Pro
2014-09-16 14:55 - 2014-09-18 10:07 - 00002448 _____ () C:\Windows\Tasks\98ed4270-7785-4165-abad-58c3f4f52fee-5.job
2014-09-16 14:55 - 2014-09-18 10:06 - 00002790 _____ () C:\Windows\Tasks\98ed4270-7785-4165-abad-58c3f4f52fee-1.job
2014-09-16 14:55 - 2014-09-18 10:06 - 00002112 _____ () C:\Windows\Tasks\98ed4270-7785-4165-abad-58c3f4f52fee-2.job
2014-09-16 14:55 - 2014-09-18 10:06 - 00001486 _____ () C:\Windows\Tasks\fa50a323-b173-42a7-ad68-a45d88bc41ec.job
2014-09-16 14:55 - 2014-09-16 14:55 - 01484664 _____ (CinemaHQ01Video Plus) C:\Users\Ya-Hü\AppData\Roaming\TCHMVBY.exe
2014-09-16 14:55 - 2014-09-16 14:55 - 00005820 _____ () C:\Windows\System32\Tasks\98ed4270-7785-4165-abad-58c3f4f52fee-1
2014-09-16 14:55 - 2014-09-16 14:55 - 00005478 _____ () C:\Windows\System32\Tasks\98ed4270-7785-4165-abad-58c3f4f52fee-5
2014-09-16 14:55 - 2014-09-16 14:55 - 00005142 _____ () C:\Windows\System32\Tasks\98ed4270-7785-4165-abad-58c3f4f52fee-2
2014-09-16 14:55 - 2014-09-16 14:55 - 00004516 _____ () C:\Windows\System32\Tasks\fa50a323-b173-42a7-ad68-a45d88bc41ec
2014-09-16 14:55 - 2014-09-16 14:55 - 00002448 _____ () C:\Windows\Tasks\98ed4270-7785-4165-abad-58c3f4f52fee-5_user.job
2014-09-16 14:55 - 2014-09-16 14:55 - 00001340 _____ () C:\Windows\Tasks\TCHMVBY.job
2014-09-16 14:54 - 2014-09-18 13:32 - 00003472 _____ () C:\Windows\Tasks\98ed4270-7785-4165-abad-58c3f4f52fee-6.job
2014-09-16 14:54 - 2014-09-18 10:06 - 00003816 _____ () C:\Windows\Tasks\98ed4270-7785-4165-abad-58c3f4f52fee-4.job
2014-09-16 14:54 - 2014-09-18 10:06 - 00003472 _____ () C:\Windows\Tasks\98ed4270-7785-4165-abad-58c3f4f52fee-7.job
2014-09-16 14:54 - 2014-09-18 10:06 - 00000364 _____ () C:\Windows\Tasks\AmiUpdXp.job
2014-09-16 14:54 - 2014-09-16 14:54 - 00006846 _____ () C:\Windows\System32\Tasks\98ed4270-7785-4165-abad-58c3f4f52fee-4
2014-09-16 14:54 - 2014-09-16 14:54 - 00006502 _____ () C:\Windows\System32\Tasks\98ed4270-7785-4165-abad-58c3f4f52fee-7
2014-09-16 14:54 - 2014-09-16 14:54 - 00006500 _____ () C:\Windows\System32\Tasks\98ed4270-7785-4165-abad-58c3f4f52fee-6
2014-09-16 14:54 - 2014-09-16 14:54 - 00004144 _____ () C:\Windows\System32\Tasks\RocketTab Update Task
2014-09-16 14:54 - 2014-09-16 14:54 - 00003406 _____ () C:\Windows\System32\Tasks\AmiUpdXp
2014-09-16 14:54 - 2014-09-16 14:54 - 00000652 _____ () C:\Windows\Tasks\59acbb01-4eb7-481b-b3f6-a4eec89c18c5.job
2014-09-16 14:54 - 2014-09-16 14:54 - 00000000 ____D () C:\Users\Ya-Hü\AppData\Local\2698
2014-09-16 14:53 - 2014-09-18 10:06 - 00004498 _____ () C:\Windows\Tasks\98ed4270-7785-4165-abad-58c3f4f52fee-11.job
2014-09-16 14:53 - 2014-09-16 20:58 - 00001028 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2014-09-16 14:53 - 2014-09-16 14:54 - 00007528 _____ () C:\Windows\System32\Tasks\98ed4270-7785-4165-abad-58c3f4f52fee-11
2014-09-16 14:53 - 2014-09-16 14:54 - 00000000 ____D () C:\Program Files (x86)\RocketTab
2014-09-16 14:53 - 2014-09-16 14:53 - 01929080 _____ (CinemaHQ01Video Plus) C:\Users\Ya-Hü\AppData\Roaming\YJGWRXDI.exe
2014-09-16 14:53 - 2014-09-16 14:53 - 00004026 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA
2014-09-16 14:53 - 2014-09-16 14:53 - 00003358 _____ () C:\Windows\System32\Tasks\RocketTab
2014-09-16 14:53 - 2014-09-16 14:53 - 00001686 _____ () C:\Windows\Tasks\YJGWRXDI.job
2014-09-16 14:52 - 2014-09-18 10:06 - 00003816 _____ () C:\Windows\Tasks\98ed4270-7785-4165-abad-58c3f4f52fee-3.job
2014-09-16 14:52 - 2014-09-16 14:55 - 00000000 ____D () C:\Program Files (x86)\CinPlusHQ01-2.5cV15.09
2014-09-16 14:52 - 2014-09-16 14:53 - 00006846 _____ () C:\Windows\System32\Tasks\98ed4270-7785-4165-abad-58c3f4f52fee-3
2014-09-15 23:49 - 2014-09-17 14:32 - 00000000 ____D () C:\Users\Ya-Hü\Desktop\Berwerbungen
2014-09-15 22:07 - 2014-09-18 13:43 - 00001128 _____ () C:\Users\Ya-Hü\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-09-15 21:51 - 2014-09-15 21:51 - 00000047 _____ () C:\Users\Ya-Hü\AppData\Roaming\WB.CFG
2014-09-15 21:18 - 2014-09-16 15:15 - 00000000 ____D () C:\Qoobox
2014-09-15 21:16 - 2014-09-15 21:16 - 00000000 ____D () C:\Windows\erdnt
2014-09-15 21:15 - 2014-09-15 21:15 - 05579386 ____R (Swearware) C:\Users\Ya-Hü\Desktop\ComboFix.exe
2014-09-15 20:51 - 2014-09-18 13:32 - 00000290 _____ () C:\Windows\Tasks\FoxTab.job
2014-09-15 20:51 - 2014-09-15 21:33 - 00000000 ____D () C:\Users\Ya-Hü\AppData\Local\Gameo
2014-09-15 20:51 - 2014-09-15 20:51 - 00003234 _____ () C:\Windows\System32\Tasks\FoxTab
2014-09-15 20:51 - 2014-09-15 20:51 - 00000171 _____ () C:\Users\Ya-Hü\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Play Games Online.url
2014-09-15 20:51 - 2014-09-15 20:51 - 00000000 ___HD () C:\Users\Ya-Hü\AppData\Roaming\GoldenGate
2014-09-15 20:50 - 2014-09-15 20:57 - 00000000 ____D () C:\Users\Ya-Hü\AppData\Roaming\Systweak
2014-09-15 20:50 - 2014-09-15 20:50 - 00003306 _____ () C:\Windows\System32\Tasks\ASP
2014-09-15 20:50 - 2014-09-15 20:50 - 00000000 ____D () C:\Users\Ya-Hü\AppData\Roaming\ASP
2014-09-15 20:50 - 2014-09-15 20:50 - 00000000 ____D () C:\Program Files\TermTutor
2014-09-15 20:50 - 2014-09-15 20:50 - 00000000 ____D () C:\Program Files (x86)\TermTutor
2014-09-15 16:43 - 2014-09-15 16:43 - 00003266 _____ () C:\Windows\System32\Tasks\{1B816FFC-80F0-4780-A674-5B4756611473}
2014-09-15 16:13 - 2014-09-15 16:13 - 00001264 _____ () C:\Users\Ya-Hü\Desktop\Revo Uninstaller.lnk
2014-09-15 16:13 - 2014-09-15 16:13 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-09-13 01:17 - 2014-08-15 17:48 - 17868288 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-13 01:17 - 2014-08-15 17:36 - 10920960 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-13 01:17 - 2014-08-15 17:35 - 02339328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-13 01:17 - 2014-08-15 17:31 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-13 01:17 - 2014-08-15 17:31 - 01384960 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-13 01:17 - 2014-08-15 17:30 - 01494016 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-13 01:17 - 2014-08-15 17:30 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-09-13 01:17 - 2014-08-15 17:30 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-13 01:17 - 2014-08-15 17:29 - 02156032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-13 01:17 - 2014-08-15 17:29 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-13 01:17 - 2014-08-15 17:29 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-13 01:17 - 2014-08-15 17:29 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-13 01:17 - 2014-08-15 17:29 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-09-13 01:17 - 2014-08-15 17:29 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-13 01:17 - 2014-08-15 17:29 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-13 01:17 - 2014-08-15 17:29 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-13 01:17 - 2014-08-15 17:29 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-09-13 01:17 - 2014-08-15 17:28 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-13 01:17 - 2014-08-15 17:28 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-13 01:17 - 2014-08-15 17:28 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-09-13 01:17 - 2014-08-15 17:28 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-09-13 01:17 - 2014-08-15 16:51 - 12363264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-13 01:17 - 2014-08-15 16:42 - 09739776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-13 01:17 - 2014-08-15 16:42 - 01810432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-13 01:17 - 2014-08-15 16:37 - 01137664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-13 01:17 - 2014-08-15 16:37 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-13 01:17 - 2014-08-15 16:36 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-13 01:17 - 2014-08-15 16:35 - 01802240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-13 01:17 - 2014-08-15 16:35 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-09-13 01:17 - 2014-08-15 16:35 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-13 01:17 - 2014-08-15 16:35 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-13 01:17 - 2014-08-15 16:35 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-13 01:17 - 2014-08-15 16:35 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-09-13 01:17 - 2014-08-15 16:35 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-13 01:17 - 2014-08-15 16:35 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-13 01:17 - 2014-08-15 16:35 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-13 01:17 - 2014-08-15 16:35 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-09-13 01:17 - 2014-08-15 16:34 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-13 01:17 - 2014-08-15 16:34 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-09-13 01:17 - 2014-08-15 16:34 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-13 01:17 - 2014-08-15 16:34 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-09-13 01:17 - 2014-08-15 16:34 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-09-13 00:23 - 2014-08-01 13:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-13 00:23 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-09-13 00:22 - 2014-09-05 04:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-13 00:22 - 2014-09-05 04:05 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-13 00:22 - 2014-07-07 04:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-13 00:22 - 2014-07-07 04:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-13 00:22 - 2014-07-07 03:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-13 00:22 - 2014-07-07 03:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-09-13 00:22 - 2014-07-07 03:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-09-10 22:26 - 2014-09-18 13:47 - 00000000 ____D () C:\FRST
2014-09-10 22:26 - 2014-09-10 22:26 - 02105856 _____ (Farbar) C:\Users\Ya-Hü\Desktop\FRST64.exe
2014-09-10 22:14 - 2014-09-10 22:14 - 25092156 _____ () C:\Users\Ya-Hü\Desktop\mse46.zip
2014-09-10 22:09 - 2014-09-10 22:09 - 17903792 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-09-10 21:45 - 2014-09-10 21:45 - 00754752 _____ () C:\Windows\Minidump\091014-19484-01.dmp
2014-09-09 22:33 - 2014-09-15 20:43 - 00000000 ____D () C:\Users\Ya-Hü\AppData\Roaming\InetStat
2014-09-09 22:33 - 2014-09-09 22:33 - 00000000 ____D () C:\Users\Ya-Hü\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\InetStat
2014-09-09 22:33 - 2014-09-09 22:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InetStat
2014-09-09 21:19 - 2014-09-18 13:43 - 00002066 _____ () C:\Users\Ya-Hü\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-09-09 21:18 - 2014-09-18 10:06 - 00002714 _____ () C:\Windows\Tasks\bf1a449c-8356-402e-9ecc-44015185bae6-1.job
2014-09-09 21:18 - 2014-09-18 10:06 - 00002410 _____ () C:\Windows\Tasks\bf1a449c-8356-402e-9ecc-44015185bae6-5.job
2014-09-09 21:18 - 2014-09-09 21:18 - 01536928 _____ (smart-saverplus) C:\Users\Ya-Hü\AppData\Roaming\UQH.exe
2014-09-09 21:18 - 2014-09-09 21:18 - 01484704 _____ (enter) C:\Users\Ya-Hü\AppData\Roaming\DYISTEC.exe
2014-09-09 21:18 - 2014-09-09 21:18 - 00005744 _____ () C:\Windows\System32\Tasks\bf1a449c-8356-402e-9ecc-44015185bae6-1
2014-09-09 21:18 - 2014-09-09 21:18 - 00005440 _____ () C:\Windows\System32\Tasks\bf1a449c-8356-402e-9ecc-44015185bae6-5
2014-09-09 21:18 - 2014-09-09 21:18 - 00002410 _____ () C:\Windows\Tasks\bf1a449c-8356-402e-9ecc-44015185bae6-5_user.job
2014-09-09 21:18 - 2014-09-09 21:18 - 00001340 _____ () C:\Windows\Tasks\DYISTEC.job
2014-09-09 21:18 - 2014-09-09 21:18 - 00001332 _____ () C:\Windows\Tasks\UQH.job
2014-09-09 21:17 - 2014-09-18 13:32 - 00003434 _____ () C:\Windows\Tasks\bf1a449c-8356-402e-9ecc-44015185bae6-6.job
2014-09-09 21:17 - 2014-09-18 10:06 - 00004460 _____ () C:\Windows\Tasks\bf1a449c-8356-402e-9ecc-44015185bae6-11.job
2014-09-09 21:17 - 2014-09-18 10:06 - 00003778 _____ () C:\Windows\Tasks\bf1a449c-8356-402e-9ecc-44015185bae6-4.job
2014-09-09 21:17 - 2014-09-18 10:06 - 00003098 _____ () C:\Windows\Tasks\bf1a449c-8356-402e-9ecc-44015185bae6-7.job
2014-09-09 21:17 - 2014-09-18 10:06 - 00002754 _____ () C:\Windows\Tasks\bf1a449c-8356-402e-9ecc-44015185bae6-3.job
2014-09-09 21:17 - 2014-09-18 10:06 - 00001024 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2014-09-09 21:17 - 2014-09-16 14:53 - 00003772 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore
2014-09-09 21:17 - 2014-09-09 21:17 - 01984928 _____ (smart-saverplus) C:\Users\Ya-Hü\AppData\Roaming\ICLHS.exe
2014-09-09 21:17 - 2014-09-09 21:17 - 01927072 _____ (enter) C:\Users\Ya-Hü\AppData\Roaming\EVIBZ.exe
2014-09-09 21:17 - 2014-09-09 21:17 - 00007490 _____ () C:\Windows\System32\Tasks\bf1a449c-8356-402e-9ecc-44015185bae6-11
2014-09-09 21:17 - 2014-09-09 21:17 - 00006808 _____ () C:\Windows\System32\Tasks\bf1a449c-8356-402e-9ecc-44015185bae6-4
2014-09-09 21:17 - 2014-09-09 21:17 - 00006462 _____ () C:\Windows\System32\Tasks\bf1a449c-8356-402e-9ecc-44015185bae6-6
2014-09-09 21:17 - 2014-09-09 21:17 - 00006128 _____ () C:\Windows\System32\Tasks\bf1a449c-8356-402e-9ecc-44015185bae6-7
2014-09-09 21:17 - 2014-09-09 21:17 - 00005784 _____ () C:\Windows\System32\Tasks\bf1a449c-8356-402e-9ecc-44015185bae6-3
2014-09-09 21:17 - 2014-09-09 21:17 - 00001336 _____ () C:\Windows\Tasks\ICLHS.job
2014-09-09 21:17 - 2014-09-09 21:17 - 00001336 _____ () C:\Windows\Tasks\EVIBZ.job
2014-09-09 21:16 - 2014-09-15 20:42 - 00000000 ____D () C:\Users\Ya-Hü\AppData\Roaming\Activeris
2014-09-09 21:16 - 2014-09-09 21:18 - 00000000 ____D () C:\Program Files (x86)\ss8
2014-09-09 21:16 - 2014-09-09 21:17 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-09-09 21:16 - 2014-09-09 21:16 - 00000000 ____D () C:\Users\Ya-Hü\AppData\Local\globalUpdate
2014-09-09 21:16 - 2014-08-05 19:14 - 00020328 _____ () C:\Windows\system32\roboot64.exe
2014-09-09 21:10 - 2014-09-09 21:10 - 00000000 ____D () C:\Users\Ya-Hü\AppData\Local\com
2014-09-09 21:05 - 2014-09-09 21:05 - 00004432 _____ () C:\Windows\SysWOW64\MyOSProtect.ini
2014-09-09 21:05 - 2014-09-09 21:05 - 00002384 _____ () C:\Windows\SysWOW64\MyOSProtectOff.ini
2014-09-09 21:05 - 2014-09-09 21:05 - 00002384 _____ () C:\Windows\system32\MyOSProtectOff.ini
2014-09-09 21:04 - 2014-09-01 20:28 - 00350768 _____ (MyOSCompany) C:\Windows\system32\MyOSProtect64.dll
2014-09-09 21:04 - 2014-09-01 20:28 - 00304776 _____ (MyOSCompany) C:\Windows\SysWOW64\MyOSProtect.dll
2014-09-09 21:02 - 2014-09-17 14:50 - 00000000 ___HD () C:\Users\Public\Temp
2014-09-09 21:01 - 2014-09-15 21:01 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-09-09 21:01 - 2014-09-09 21:01 - 00004030 _____ () C:\Windows\System32\Tasks\LaunchSignup
2014-09-09 21:01 - 2014-09-09 21:01 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-09-09 21:00 - 2014-09-09 21:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PepperZip
2014-09-09 21:00 - 2014-09-09 13:41 - 04823040 _____ () C:\Windows\score.exe
2014-09-09 20:59 - 2014-09-18 10:04 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-09-09 20:59 - 2014-09-16 14:52 - 00000000 ____D () C:\Program Files (x86)\PCTRunner
2014-09-09 20:59 - 2014-09-15 20:43 - 00000000 ____D () C:\Users\Ya-Hü\AppData\Local\Genesis_09091859
2014-09-04 19:22 - 2014-09-04 19:22 - 00058232 _____ (Term Tutor) C:\Windows\system32\Drivers\ttnfd.sys
2014-09-02 21:55 - 2014-09-02 21:55 - 00487483 _____ () C:\monitor.exe
2014-09-02 21:55 - 2014-09-02 21:55 - 00034244 _____ () C:\monitorsvc.exe
2014-09-02 20:16 - 2014-09-02 20:16 - 00634880 _____ () C:\DirectControl.exe
2014-09-02 13:03 - 2014-09-02 13:04 - 00000000 ____D () C:\Users\Ya-Hü\.tfo4
2014-09-02 13:03 - 2014-09-02 13:03 - 00000000 ____D () C:\Users\Ya-Hü\4.0
2014-09-01 19:07 - 2014-09-01 19:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Split And Merge Basic
2014-09-01 19:07 - 2014-09-01 19:07 - 00000000 ____D () C:\Program Files\plugins
2014-09-01 19:07 - 2014-09-01 19:07 - 00000000 ____D () C:\Program Files\lib
2014-09-01 19:07 - 2014-09-01 19:07 - 00000000 ____D () C:\Program Files\ext
2014-09-01 19:07 - 2014-09-01 19:07 - 00000000 ____D () C:\Program Files\doc
2014-09-01 19:07 - 2014-09-01 19:07 - 00000000 ____D () C:\Program Files\bin
2014-09-01 10:18 - 2014-09-01 10:18 - 00002086 _____ () C:\Users\Ya-Hü\AppData\Roaming\UQH
2014-09-01 10:18 - 2014-09-01 10:18 - 00002086 _____ () C:\Users\Ya-Hü\AppData\Roaming\TCHMVBY
2014-09-01 10:18 - 2014-09-01 10:18 - 00002086 _____ () C:\Users\Ya-Hü\AppData\Roaming\DYISTEC
2014-09-01 10:18 - 2014-09-01 10:18 - 00001248 _____ () C:\Users\Ya-Hü\AppData\Roaming\YJGWRXDI
2014-09-01 10:18 - 2014-09-01 10:18 - 00001248 _____ () C:\Users\Ya-Hü\AppData\Roaming\ICLHS
2014-09-01 10:18 - 2014-09-01 10:18 - 00001248 _____ () C:\Users\Ya-Hü\AppData\Roaming\EVIBZ
2014-08-28 16:01 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-28 16:01 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-28 16:01 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-21 19:31 - 2014-08-21 19:31 - 00000000 ____D () C:\Users\Ya-Hü\Documents\Fax
2014-08-21 16:09 - 2014-05-14 18:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-21 16:09 - 2014-05-14 18:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-21 16:09 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-08-21 16:09 - 2014-05-14 18:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-21 16:09 - 2014-05-14 18:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-21 16:09 - 2014-05-14 18:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-21 16:09 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-08-21 16:09 - 2014-05-14 18:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-21 16:09 - 2014-05-14 18:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-21 16:09 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-08-21 16:08 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-21 16:08 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-21 16:08 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-21 16:08 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-18 13:49 - 2014-09-18 13:46 - 00042897 _____ () C:\Users\Ya-Hü\Desktop\FRST.txt
2014-09-18 13:47 - 2014-09-10 22:26 - 00000000 ____D () C:\FRST
2014-09-18 13:43 - 2014-09-15 22:07 - 00001128 _____ () C:\Users\Ya-Hü\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-09-18 13:43 - 2014-09-09 21:19 - 00002066 _____ () C:\Users\Ya-Hü\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-09-18 13:43 - 2011-03-26 10:52 - 00001146 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-09-18 13:43 - 2011-03-26 10:52 - 00001134 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-09-18 13:34 - 2011-01-04 22:27 - 00003938 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{2AFB6A0C-FBFD-44D8-A38B-EF01CE6CE147}
2014-09-18 13:33 - 2014-09-17 14:50 - 00000294 _____ () C:\Windows\Tasks\PennyBee.job
2014-09-18 13:33 - 2013-03-01 23:17 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-18 13:33 - 2011-10-14 23:43 - 00001138 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2343719655-606922816-1584496895-1000UA.job
2014-09-18 13:32 - 2014-09-16 14:54 - 00003472 _____ () C:\Windows\Tasks\98ed4270-7785-4165-abad-58c3f4f52fee-6.job
2014-09-18 13:32 - 2014-09-15 20:51 - 00000290 _____ () C:\Windows\Tasks\FoxTab.job
2014-09-18 13:32 - 2014-09-09 21:17 - 00003434 _____ () C:\Windows\Tasks\bf1a449c-8356-402e-9ecc-44015185bae6-6.job
2014-09-18 13:32 - 2010-11-07 23:28 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-18 13:32 - 2010-11-07 23:20 - 01485196 _____ () C:\Windows\WindowsUpdate.log
2014-09-18 10:14 - 2009-07-14 06:45 - 00018704 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-18 10:14 - 2009-07-14 06:45 - 00018704 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-18 10:07 - 2014-09-16 14:55 - 00002448 _____ () C:\Windows\Tasks\98ed4270-7785-4165-abad-58c3f4f52fee-5.job
2014-09-18 10:06 - 2014-09-18 10:06 - 00000000 ____D () C:\Users\Ya-Hü\AppData\Local\ICSharpCode.net
2014-09-18 10:06 - 2014-09-16 14:55 - 00002790 _____ () C:\Windows\Tasks\98ed4270-7785-4165-abad-58c3f4f52fee-1.job
2014-09-18 10:06 - 2014-09-16 14:55 - 00002112 _____ () C:\Windows\Tasks\98ed4270-7785-4165-abad-58c3f4f52fee-2.job
2014-09-18 10:06 - 2014-09-16 14:55 - 00001486 _____ () C:\Windows\Tasks\fa50a323-b173-42a7-ad68-a45d88bc41ec.job
2014-09-18 10:06 - 2014-09-16 14:54 - 00003816 _____ () C:\Windows\Tasks\98ed4270-7785-4165-abad-58c3f4f52fee-4.job
2014-09-18 10:06 - 2014-09-16 14:54 - 00003472 _____ () C:\Windows\Tasks\98ed4270-7785-4165-abad-58c3f4f52fee-7.job
2014-09-18 10:06 - 2014-09-16 14:54 - 00000364 _____ () C:\Windows\Tasks\AmiUpdXp.job
2014-09-18 10:06 - 2014-09-16 14:53 - 00004498 _____ () C:\Windows\Tasks\98ed4270-7785-4165-abad-58c3f4f52fee-11.job
2014-09-18 10:06 - 2014-09-16 14:52 - 00003816 _____ () C:\Windows\Tasks\98ed4270-7785-4165-abad-58c3f4f52fee-3.job
2014-09-18 10:06 - 2014-09-09 21:18 - 00002714 _____ () C:\Windows\Tasks\bf1a449c-8356-402e-9ecc-44015185bae6-1.job
2014-09-18 10:06 - 2014-09-09 21:18 - 00002410 _____ () C:\Windows\Tasks\bf1a449c-8356-402e-9ecc-44015185bae6-5.job
2014-09-18 10:06 - 2014-09-09 21:17 - 00004460 _____ () C:\Windows\Tasks\bf1a449c-8356-402e-9ecc-44015185bae6-11.job
2014-09-18 10:06 - 2014-09-09 21:17 - 00003778 _____ () C:\Windows\Tasks\bf1a449c-8356-402e-9ecc-44015185bae6-4.job
2014-09-18 10:06 - 2014-09-09 21:17 - 00003098 _____ () C:\Windows\Tasks\bf1a449c-8356-402e-9ecc-44015185bae6-7.job
2014-09-18 10:06 - 2014-09-09 21:17 - 00002754 _____ () C:\Windows\Tasks\bf1a449c-8356-402e-9ecc-44015185bae6-3.job
2014-09-18 10:06 - 2014-09-09 21:17 - 00001024 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2014-09-18 10:06 - 2010-11-07 23:28 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-18 10:04 - 2014-09-09 20:59 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-09-18 10:03 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-18 10:03 - 2009-07-14 06:51 - 00194462 _____ () C:\Windows\setupact.log
2014-09-17 14:55 - 2011-01-07 12:34 - 00000000 ____D () C:\Users\Ya-Hü\AppData\Roaming\SoftGrid Client
2014-09-17 14:50 - 2014-09-17 14:50 - 00003238 _____ () C:\Windows\System32\Tasks\PennyBee
2014-09-17 14:50 - 2014-09-17 14:50 - 00000000 ____D () C:\Users\Ya-Hü\AppData\Roaming\PennyBee
2014-09-17 14:50 - 2014-09-17 14:50 - 00000000 ____D () C:\Program Files (x86)\OfferBoulevard
2014-09-17 14:50 - 2014-09-09 21:02 - 00000000 ___HD () C:\Users\Public\Temp
2014-09-17 14:32 - 2014-09-15 23:49 - 00000000 ____D () C:\Users\Ya-Hü\Desktop\Berwerbungen
2014-09-17 12:06 - 2010-10-11 22:06 - 00241650 _____ () C:\Windows\PFRO.log
2014-09-16 23:58 - 2011-10-14 23:43 - 00001116 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2343719655-606922816-1584496895-1000Core.job
2014-09-16 20:58 - 2014-09-16 14:53 - 00001028 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2014-09-16 16:47 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-09-16 15:15 - 2014-09-16 15:15 - 00000000 ___SD () C:\ComboFix
2014-09-16 15:15 - 2014-09-15 21:18 - 00000000 ____D () C:\Qoobox
2014-09-16 15:01 - 2014-09-16 15:01 - 00000000 ____D () C:\ProgramData\374311380
2014-09-16 14:57 - 2014-09-16 14:57 - 00000000 ____D () C:\Users\Ya-Hü\Documents\Optimizer Pro
2014-09-16 14:55 - 2014-09-16 14:55 - 01484664 _____ (CinemaHQ01Video Plus) C:\Users\Ya-Hü\AppData\Roaming\TCHMVBY.exe
2014-09-16 14:55 - 2014-09-16 14:55 - 00005820 _____ () C:\Windows\System32\Tasks\98ed4270-7785-4165-abad-58c3f4f52fee-1
2014-09-16 14:55 - 2014-09-16 14:55 - 00005478 _____ () C:\Windows\System32\Tasks\98ed4270-7785-4165-abad-58c3f4f52fee-5
2014-09-16 14:55 - 2014-09-16 14:55 - 00005142 _____ () C:\Windows\System32\Tasks\98ed4270-7785-4165-abad-58c3f4f52fee-2
2014-09-16 14:55 - 2014-09-16 14:55 - 00004516 _____ () C:\Windows\System32\Tasks\fa50a323-b173-42a7-ad68-a45d88bc41ec
2014-09-16 14:55 - 2014-09-16 14:55 - 00002448 _____ () C:\Windows\Tasks\98ed4270-7785-4165-abad-58c3f4f52fee-5_user.job
2014-09-16 14:55 - 2014-09-16 14:55 - 00001340 _____ () C:\Windows\Tasks\TCHMVBY.job
2014-09-16 14:55 - 2014-09-16 14:52 - 00000000 ____D () C:\Program Files (x86)\CinPlusHQ01-2.5cV15.09
2014-09-16 14:54 - 2014-09-16 14:54 - 00006846 _____ () C:\Windows\System32\Tasks\98ed4270-7785-4165-abad-58c3f4f52fee-4
2014-09-16 14:54 - 2014-09-16 14:54 - 00006502 _____ () C:\Windows\System32\Tasks\98ed4270-7785-4165-abad-58c3f4f52fee-7
2014-09-16 14:54 - 2014-09-16 14:54 - 00006500 _____ () C:\Windows\System32\Tasks\98ed4270-7785-4165-abad-58c3f4f52fee-6
2014-09-16 14:54 - 2014-09-16 14:54 - 00004144 _____ () C:\Windows\System32\Tasks\RocketTab Update Task
2014-09-16 14:54 - 2014-09-16 14:54 - 00003406 _____ () C:\Windows\System32\Tasks\AmiUpdXp
2014-09-16 14:54 - 2014-09-16 14:54 - 00000652 _____ () C:\Windows\Tasks\59acbb01-4eb7-481b-b3f6-a4eec89c18c5.job
2014-09-16 14:54 - 2014-09-16 14:54 - 00000000 ____D () C:\Users\Ya-Hü\AppData\Local\2698
2014-09-16 14:54 - 2014-09-16 14:53 - 00007528 _____ () C:\Windows\System32\Tasks\98ed4270-7785-4165-abad-58c3f4f52fee-11
2014-09-16 14:54 - 2014-09-16 14:53 - 00000000 ____D () C:\Program Files (x86)\RocketTab
2014-09-16 14:53 - 2014-09-16 14:53 - 01929080 _____ (CinemaHQ01Video Plus) C:\Users\Ya-Hü\AppData\Roaming\YJGWRXDI.exe
2014-09-16 14:53 - 2014-09-16 14:53 - 00004026 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA
2014-09-16 14:53 - 2014-09-16 14:53 - 00003358 _____ () C:\Windows\System32\Tasks\RocketTab
2014-09-16 14:53 - 2014-09-16 14:53 - 00001686 _____ () C:\Windows\Tasks\YJGWRXDI.job
2014-09-16 14:53 - 2014-09-16 14:52 - 00006846 _____ () C:\Windows\System32\Tasks\98ed4270-7785-4165-abad-58c3f4f52fee-3
2014-09-16 14:53 - 2014-09-09 21:17 - 00003772 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore
2014-09-16 14:52 - 2014-09-09 20:59 - 00000000 ____D () C:\Program Files (x86)\PCTRunner
2014-09-16 14:42 - 2012-01-04 19:41 - 00000000 ___RD () C:\Users\Ya-Hü\Dropbox
2014-09-16 14:41 - 2012-01-04 19:39 - 00000000 ____D () C:\Users\Ya-Hü\AppData\Roaming\Dropbox
2014-09-15 23:52 - 2013-10-14 00:22 - 00000000 ____D () C:\Users\Ya-Hü\Desktop\LAST Semester insa'ALLAH
2014-09-15 23:27 - 2010-11-07 23:28 - 00000000 ____D () C:\Program Files (x86)\Google
2014-09-15 21:51 - 2014-09-15 21:51 - 00000047 _____ () C:\Users\Ya-Hü\AppData\Roaming\WB.CFG
2014-09-15 21:33 - 2014-09-15 20:51 - 00000000 ____D () C:\Users\Ya-Hü\AppData\Local\Gameo
2014-09-15 21:25 - 2013-07-16 23:07 - 00000000 _____ () C:\Windows\system32\vireng.log
2014-09-15 21:16 - 2014-09-15 21:16 - 00000000 ____D () C:\Windows\erdnt
2014-09-15 21:15 - 2014-09-15 21:15 - 05579386 ____R (Swearware) C:\Users\Ya-Hü\Desktop\ComboFix.exe
2014-09-15 21:01 - 2014-09-09 21:01 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-09-15 20:57 - 2014-09-15 20:50 - 00000000 ____D () C:\Users\Ya-Hü\AppData\Roaming\Systweak
2014-09-15 20:51 - 2014-09-15 20:51 - 00003234 _____ () C:\Windows\System32\Tasks\FoxTab
2014-09-15 20:51 - 2014-09-15 20:51 - 00000171 _____ () C:\Users\Ya-Hü\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Play Games Online.url
2014-09-15 20:51 - 2014-09-15 20:51 - 00000000 ___HD () C:\Users\Ya-Hü\AppData\Roaming\GoldenGate
2014-09-15 20:50 - 2014-09-15 20:50 - 00003306 _____ () C:\Windows\System32\Tasks\ASP
2014-09-15 20:50 - 2014-09-15 20:50 - 00000000 ____D () C:\Users\Ya-Hü\AppData\Roaming\ASP
2014-09-15 20:50 - 2014-09-15 20:50 - 00000000 ____D () C:\Program Files\TermTutor
2014-09-15 20:50 - 2014-09-15 20:50 - 00000000 ____D () C:\Program Files (x86)\TermTutor
2014-09-15 20:50 - 2011-03-26 10:52 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-15 20:43 - 2014-09-09 22:33 - 00000000 ____D () C:\Users\Ya-Hü\AppData\Roaming\InetStat
2014-09-15 20:43 - 2014-09-09 20:59 - 00000000 ____D () C:\Users\Ya-Hü\AppData\Local\Genesis_09091859
2014-09-15 20:42 - 2014-09-09 21:16 - 00000000 ____D () C:\Users\Ya-Hü\AppData\Roaming\Activeris
2014-09-15 16:43 - 2014-09-15 16:43 - 00003266 _____ () C:\Windows\System32\Tasks\{1B816FFC-80F0-4780-A674-5B4756611473}
2014-09-15 16:13 - 2014-09-15 16:13 - 00001264 _____ () C:\Users\Ya-Hü\Desktop\Revo Uninstaller.lnk
2014-09-15 16:13 - 2014-09-15 16:13 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-09-14 01:26 - 2013-01-02 16:19 - 01710080 ___SH () C:\Users\Ya-Hü\Desktop\Thumbs.db
2014-09-13 01:17 - 2011-04-12 20:24 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-13 01:15 - 2011-01-07 12:33 - 01596516 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-09-13 01:15 - 2010-11-08 08:15 - 00700134 _____ () C:\Windows\system32\perfh007.dat
2014-09-13 01:15 - 2010-11-08 08:15 - 00149984 _____ () C:\Windows\system32\perfc007.dat
2014-09-13 01:15 - 2009-07-14 07:13 - 01596516 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-13 01:14 - 2013-08-16 16:39 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-13 01:01 - 2011-02-27 01:08 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-13 01:00 - 2014-05-07 02:19 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-09-10 22:39 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-09-10 22:26 - 2014-09-10 22:26 - 02105856 _____ (Farbar) C:\Users\Ya-Hü\Desktop\FRST64.exe
2014-09-10 22:14 - 2014-09-10 22:14 - 25092156 _____ () C:\Users\Ya-Hü\Desktop\mse46.zip
2014-09-10 22:09 - 2014-09-10 22:09 - 17903792 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-09-10 22:09 - 2013-03-01 23:17 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-10 22:09 - 2013-03-01 23:17 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-10 22:09 - 2013-03-01 23:17 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-10 21:45 - 2014-09-10 21:45 - 00754752 _____ () C:\Windows\Minidump\091014-19484-01.dmp
2014-09-10 21:45 - 2011-06-07 13:13 - 530712586 _____ () C:\Windows\MEMORY.DMP
2014-09-10 21:45 - 2011-06-07 13:13 - 00000000 ____D () C:\Windows\Minidump
2014-09-09 22:33 - 2014-09-09 22:33 - 00000000 ____D () C:\Users\Ya-Hü\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\InetStat
2014-09-09 22:33 - 2014-09-09 22:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InetStat
2014-09-09 21:18 - 2014-09-09 21:18 - 01536928 _____ (smart-saverplus) C:\Users\Ya-Hü\AppData\Roaming\UQH.exe
2014-09-09 21:18 - 2014-09-09 21:18 - 01484704 _____ (enter) C:\Users\Ya-Hü\AppData\Roaming\DYISTEC.exe
2014-09-09 21:18 - 2014-09-09 21:18 - 00005744 _____ () C:\Windows\System32\Tasks\bf1a449c-8356-402e-9ecc-44015185bae6-1
2014-09-09 21:18 - 2014-09-09 21:18 - 00005440 _____ () C:\Windows\System32\Tasks\bf1a449c-8356-402e-9ecc-44015185bae6-5
2014-09-09 21:18 - 2014-09-09 21:18 - 00002410 _____ () C:\Windows\Tasks\bf1a449c-8356-402e-9ecc-44015185bae6-5_user.job
2014-09-09 21:18 - 2014-09-09 21:18 - 00001340 _____ () C:\Windows\Tasks\DYISTEC.job
2014-09-09 21:18 - 2014-09-09 21:18 - 00001332 _____ () C:\Windows\Tasks\UQH.job
2014-09-09 21:18 - 2014-09-09 21:16 - 00000000 ____D () C:\Program Files (x86)\ss8
2014-09-09 21:18 - 2011-03-13 00:26 - 00000000 ____D () C:\Users\Ya-Hü\AppData\Local\Conduit
2014-09-09 21:17 - 2014-09-09 21:17 - 01984928 _____ (smart-saverplus) C:\Users\Ya-Hü\AppData\Roaming\ICLHS.exe
2014-09-09 21:17 - 2014-09-09 21:17 - 01927072 _____ (enter) C:\Users\Ya-Hü\AppData\Roaming\EVIBZ.exe
2014-09-09 21:17 - 2014-09-09 21:17 - 00007490 _____ () C:\Windows\System32\Tasks\bf1a449c-8356-402e-9ecc-44015185bae6-11
2014-09-09 21:17 - 2014-09-09 21:17 - 00006808 _____ () C:\Windows\System32\Tasks\bf1a449c-8356-402e-9ecc-44015185bae6-4
2014-09-09 21:17 - 2014-09-09 21:17 - 00006462 _____ () C:\Windows\System32\Tasks\bf1a449c-8356-402e-9ecc-44015185bae6-6
2014-09-09 21:17 - 2014-09-09 21:17 - 00006128 _____ () C:\Windows\System32\Tasks\bf1a449c-8356-402e-9ecc-44015185bae6-7
2014-09-09 21:17 - 2014-09-09 21:17 - 00005784 _____ () C:\Windows\System32\Tasks\bf1a449c-8356-402e-9ecc-44015185bae6-3
2014-09-09 21:17 - 2014-09-09 21:17 - 00001336 _____ () C:\Windows\Tasks\ICLHS.job
2014-09-09 21:17 - 2014-09-09 21:17 - 00001336 _____ () C:\Windows\Tasks\EVIBZ.job
2014-09-09 21:17 - 2014-09-09 21:16 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-09-09 21:16 - 2014-09-09 21:16 - 00000000 ____D () C:\Users\Ya-Hü\AppData\Local\globalUpdate
2014-09-09 21:10 - 2014-09-09 21:10 - 00000000 ____D () C:\Users\Ya-Hü\AppData\Local\com
2014-09-09 21:05 - 2014-09-09 21:05 - 00004432 _____ () C:\Windows\SysWOW64\MyOSProtect.ini
2014-09-09 21:05 - 2014-09-09 21:05 - 00002384 _____ () C:\Windows\SysWOW64\MyOSProtectOff.ini
2014-09-09 21:05 - 2014-09-09 21:05 - 00002384 _____ () C:\Windows\system32\MyOSProtectOff.ini
2014-09-09 21:01 - 2014-09-09 21:01 - 00004030 _____ () C:\Windows\System32\Tasks\LaunchSignup
2014-09-09 21:01 - 2014-09-09 21:01 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-09-09 21:00 - 2014-09-09 21:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PepperZip
2014-09-09 20:59 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-09-09 20:59 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-09-09 13:41 - 2014-09-09 21:00 - 04823040 _____ () C:\Windows\score.exe
2014-09-05 04:10 - 2014-09-13 00:22 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-05 04:05 - 2014-09-13 00:22 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-04 19:22 - 2014-09-04 19:22 - 00058232 _____ (Term Tutor) C:\Windows\system32\Drivers\ttnfd.sys
2014-09-04 00:35 - 2013-04-15 14:15 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-09-03 16:21 - 2011-01-08 14:28 - 00000000 ____D () C:\ProgramData\Norton
2014-09-03 16:21 - 2010-11-07 23:33 - 00000000 ____D () C:\ProgramData\Symantec
2014-09-02 21:55 - 2014-09-02 21:55 - 00487483 _____ () C:\monitor.exe
2014-09-02 21:55 - 2014-09-02 21:55 - 00034244 _____ () C:\monitorsvc.exe
2014-09-02 20:16 - 2014-09-02 20:16 - 00634880 _____ () C:\DirectControl.exe
2014-09-02 13:04 - 2014-09-02 13:03 - 00000000 ____D () C:\Users\Ya-Hü\.tfo4
2014-09-02 13:03 - 2014-09-02 13:03 - 00000000 ____D () C:\Users\Ya-Hü\4.0
2014-09-02 13:03 - 2011-01-04 22:22 - 00000000 ____D () C:\Users\Ya-Hü
2014-09-01 20:28 - 2014-09-09 21:04 - 00350768 _____ (MyOSCompany) C:\Windows\system32\MyOSProtect64.dll
2014-09-01 20:28 - 2014-09-09 21:04 - 00304776 _____ (MyOSCompany) C:\Windows\SysWOW64\MyOSProtect.dll
2014-09-01 19:07 - 2014-09-01 19:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Split And Merge Basic
2014-09-01 19:07 - 2014-09-01 19:07 - 00000000 ____D () C:\Program Files\plugins
2014-09-01 19:07 - 2014-09-01 19:07 - 00000000 ____D () C:\Program Files\lib
2014-09-01 19:07 - 2014-09-01 19:07 - 00000000 ____D () C:\Program Files\ext
2014-09-01 19:07 - 2014-09-01 19:07 - 00000000 ____D () C:\Program Files\doc
2014-09-01 19:07 - 2014-09-01 19:07 - 00000000 ____D () C:\Program Files\bin
2014-09-01 19:07 - 2014-06-25 09:52 - 00000653 _____ () C:\Program Files\pdfsam-config.xml
2014-09-01 10:18 - 2014-09-01 10:18 - 00002086 _____ () C:\Users\Ya-Hü\AppData\Roaming\UQH
2014-09-01 10:18 - 2014-09-01 10:18 - 00002086 _____ () C:\Users\Ya-Hü\AppData\Roaming\TCHMVBY
2014-09-01 10:18 - 2014-09-01 10:18 - 00002086 _____ () C:\Users\Ya-Hü\AppData\Roaming\DYISTEC
2014-09-01 10:18 - 2014-09-01 10:18 - 00001248 _____ () C:\Users\Ya-Hü\AppData\Roaming\YJGWRXDI
2014-09-01 10:18 - 2014-09-01 10:18 - 00001248 _____ () C:\Users\Ya-Hü\AppData\Roaming\ICLHS
2014-09-01 10:18 - 2014-09-01 10:18 - 00001248 _____ () C:\Users\Ya-Hü\AppData\Roaming\EVIBZ
2014-08-29 03:21 - 2009-07-14 06:45 - 00778352 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-27 00:38 - 2013-12-01 22:55 - 00000000 ____D () C:\Users\Ya-Hü\Desktop\camii
2014-08-26 23:31 - 2014-03-19 15:43 - 00000000 ____D () C:\Users\Ya-Hü\Desktop\Bachelorarbeit
2014-08-26 23:31 - 2013-02-03 21:37 - 00000000 ____D () C:\Users\Ya-Hü\Desktop\Diverse Schreiben bzw. Briefe
2014-08-26 23:31 - 2012-06-07 13:35 - 00000000 ____D () C:\Users\Ya-Hü\Desktop\Karsik
2014-08-25 06:53 - 2011-03-13 11:52 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-08-23 04:07 - 2014-08-28 16:01 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 03:45 - 2014-08-28 16:01 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-23 02:59 - 2014-08-28 16:01 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-21 21:50 - 2011-07-29 22:45 - 00142848 ___SH () C:\Users\Ya-Hü\Documents\Thumbs.db
2014-08-21 19:31 - 2014-08-21 19:31 - 00000000 ____D () C:\Users\Ya-Hü\Documents\Fax
2014-08-19 19:39 - 2013-01-02 00:28 - 00001141 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Update.lnk

Some content of TEMP:
====================
C:\Users\Ya-Hü\AppData\Local\Temp\AskSLib.dll
C:\Users\Ya-Hü\AppData\Local\Temp\BackupSetup.exe
C:\Users\Ya-Hü\AppData\Local\Temp\cm-u804d.dll
C:\Users\Ya-Hü\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpnvlw8j.dll
C:\Users\Ya-Hü\AppData\Local\Temp\DWPUpgradeInstaller.exe
C:\Users\Ya-Hü\AppData\Local\Temp\FileSystemView.dll
C:\Users\Ya-Hü\AppData\Local\Temp\Launcher.exe
C:\Users\Ya-Hü\AppData\Local\Temp\mufpxfvp.dll
C:\Users\Ya-Hü\AppData\Local\Temp\nsaE836.exe
C:\Users\Ya-Hü\AppData\Local\Temp\nsf135B.exe
C:\Users\Ya-Hü\AppData\Local\Temp\nsfD7DE.exe
C:\Users\Ya-Hü\AppData\Local\Temp\nsk5113.exe
C:\Users\Ya-Hü\AppData\Local\Temp\nsk87F.exe
C:\Users\Ya-Hü\AppData\Local\Temp\nsu8AEA.exe
C:\Users\Ya-Hü\AppData\Local\Temp\post1.exe
C:\Users\Ya-Hü\AppData\Local\Temp\post2.dll
C:\Users\Ya-Hü\AppData\Local\Temp\post2.exe
C:\Users\Ya-Hü\AppData\Local\Temp\setup_337.exe
C:\Users\Ya-Hü\AppData\Local\Temp\SHelp2.exe
C:\Users\Ya-Hü\AppData\Local\Temp\SpOrder.dll
C:\Users\Ya-Hü\AppData\Local\Temp\SPStub.exe
C:\Users\Ya-Hü\AppData\Local\Temp\stubhelper.dll
C:\Users\Ya-Hü\AppData\Local\Temp\System.Data.SQLite.dll
C:\Users\Ya-Hü\AppData\Local\Temp\System.Data.SQLite21907.dll
C:\Users\Ya-Hü\AppData\Local\Temp\vcredist_x64.exe
C:\Users\Ya-Hü\AppData\Local\Temp\wmdjug6e.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-09-16 16:31

==================== End Of Log ============================

schrauber · 19.09.2014, 08:21

Hast Du die Programme mit ATTENTION deinstalliert?

Combofix löschen und neu laden, Sophos beenden und Combofix nochmal laufen lassen.

Schahin · 19.09.2014, 10:01

Ich konnte 2 der Programme nicht deinstallieren ..

ASK Toolbar updater und snap.do.engine...

schrauber · 19.09.2014, 19:44

Ok COmbofix nochmal versuchen. Egal ob es klappt oder nicht, hiermit weiter:

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

Schahin · 22.09.2014, 12:55

mbam:

Malwarebytes Anti-Malware
Malwarebytes | Free Anti-Malware & Internet Security Software

Suchlauf Datum: 22.09.2014
Suchlauf-Zeit: 12:05:04
Logdatei: mbam.txt
Administrator: Ja

Version: 2.00.2.1012
Malware Datenbank: v2014.03.04.09
Rootkit Datenbank: v2014.02.20.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Self-protection: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Ya-HÃ¼

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 283168
Verstrichene Zeit: 44 Min, 38 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 22
PUP.Optional.QuickShare.A, HKLM\SOFTWARE\CLASSES\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}, In Quarantäne, [1633d52ab7c31f17365c7ef5e022748c],
PUP.Optional.QuickShare.A, HKLM\SOFTWARE\CLASSES\IESmartBar.BHO, In Quarantäne, [1633d52ab7c31f17365c7ef5e022748c],
PUP.Optional.QuickShare.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}, In Quarantäne, [1633d52ab7c31f17365c7ef5e022748c],
PUP.Optional.QuickShare.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}, In Quarantäne, [1633d52ab7c31f17365c7ef5e022748c],
PUP.Optional.QuickShare.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\IESmartBar.BHO, In Quarantäne, [1633d52ab7c31f17365c7ef5e022748c],
PUP.Optional.QuickShare.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}, In Quarantäne, [1633d52ab7c31f17365c7ef5e022748c],
PUP.Optional.VGrabber.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{D26631E0-DE8C-42FB-B12C-098665BDD65A}, In Quarantäne, [dc6dc33cbbbf5cdac291b6bf43bf7d83],
PUP.Optional.VGrabber.A, HKLM\SOFTWARE\CLASSES\Toolbar.CT3286379, In Quarantäne, [dc6dc33cbbbf5cdac291b6bf43bf7d83],
PUP.Optional.VGrabber.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Toolbar.CT3286379, In Quarantäne, [dc6dc33cbbbf5cdac291b6bf43bf7d83],
PUP.Optional.VGrabber.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{D26631E0-DE8C-42FB-B12C-098665BDD65A}, In Quarantäne, [dc6dc33cbbbf5cdac291b6bf43bf7d83],
PUP.Optional.VGrabber.A, HKU\S-1-5-21-2343719655-606922816-1584496895-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{8686b6b5-4734-4d4a-a246-5efbd9ebb200}, In Quarantäne, [0c3d4db2a7d3bb7b262cadc807fb11ef],
PUP.Optional.VGrabber.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{8686B6B5-4734-4D4A-A246-5EFBD9EBB200}, In Quarantäne, [0c3d4db2a7d3bb7b262cadc807fb11ef],
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, In Quarantäne, [292030cf49310b2bd9cd02b4fd06946c],
PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, In Quarantäne, [86c37f80abcf8bab16908036c0430ef2],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2343719655-606922816-1584496895-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Crossrider, In Quarantäne, [a7a2e31c730747ef78fedde27f842dd3],
PUP.Optional.PriceGong.A, HKU\S-1-5-21-2343719655-606922816-1584496895-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\PriceGong, In Quarantäne, [8bbe4db2db9f3501efb2d7b71ce659a7],
PUP.Optional.ValueApps.A, HKU\S-1-5-21-2343719655-606922816-1584496895-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\CONDUIT\ValueApps, In Quarantäne, [c18820df5a20171fe30d52420ff340c0],
PUP.Optional.InstallCore.A, HKU\S-1-5-21-2343719655-606922816-1584496895-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE\1I1T1Q1S, In Quarantäne, [5beeda25de9cb97d1761197b54ae867a],
PUP.Optional.InstallCore.A, HKU\S-1-5-21-2343719655-606922816-1584496895-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE, In Quarantäne, [391040bf17639f97eae4ebbf6a99a35d],
PUP.Optional.SmartSaver.A, HKU\S-1-5-21-2343719655-606922816-1584496895-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\smart-saverplus, In Quarantäne, [3f0a2fd0403a78be55dec6c825ddde22],
PUP.Optional.Qone8, HKU\S-1-5-21-2343719655-606922816-1584496895-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, In Quarantäne, [2227cf3088f21422d0d5fcba9172817f],
PUP.Optional.RocketTab.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\RocketTab, In Quarantäne, [6adfed123842270f4ad5e3a8c33f1ae6],

Registrierungswerte: 6
PUP.Optional.VGrabber.A, HKU\S-1-5-21-2343719655-606922816-1584496895-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS|{8686B6B5-4734-4D4A-A246-5EFBD9EBB200}, In Quarantäne, [0c3d4db2a7d3bb7b262cadc807fb11ef],
PUP.Optional.VGrabber.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS|{8686B6B5-4734-4D4A-A246-5EFBD9EBB200}, In Quarantäne, [0c3d4db2a7d3bb7b262cadc807fb11ef],
PUP.Optional.VGrabber.A, HKU\S-1-5-21-2343719655-606922816-1584496895-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS\{8686b6b5-4734-4d4a-a246-5efbd9ebb200}, In Quarantäne, [76d350af7604af8781d1cda825dda858],
PUP.Optional.VGrabber.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS\{8686b6b5-4734-4d4a-a246-5efbd9ebb200}, In Quarantäne, [3d0c36c97307d46222306d0861a16a96],
PUP.Optional.ConduitSearchProtect, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|SearchProtectAll, C:\Program Files (x86)\SearchProtect\bin\cltmng.exe, In Quarantäne, [0a3ffe01fb7f7bbb992b396ec043ba46]
PUP.Optional.InstallCore.A, HKU\S-1-5-21-2343719655-606922816-1584496895-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE|tb, 0H1N1M, In Quarantäne, [391040bf17639f97eae4ebbf6a99a35d]

Registrierungsdaten: 6
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Gut: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Schlecht: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Ersetzt,[82c749b648321323f15271be768ec13f]
PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Gut: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Schlecht: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Ersetzt,[98b14fb087f36ec8ee55b17e1aead729]
PUP.Optional.Snapdo, HKU\S-1-5-21-2343719655-606922816-1584496895-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=4a462bdd-4c3a-402c-8ce3-d37e0174272f&searchtype=ds&q={searchTerms}, Gut: (Google), Schlecht: (hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=4a462bdd-4c3a-402c-8ce3-d37e0174272f&searchtype=ds&q={searchTerms}),Ersetzt,[1138d728750525117f3db07eba4a9b65]
PUP.Optional.Snapdo, HKU\S-1-5-21-2343719655-606922816-1584496895-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Bar, hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=4a462bdd-4c3a-402c-8ce3-d37e0174272f&searchtype=ds&q={searchTerms}, Gut: (Google), Schlecht: (hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=4a462bdd-4c3a-402c-8ce3-d37e0174272f&searchtype=ds&q={searchTerms}),Ersetzt,[c584ac534d2d5fd76457c46afa0a936d]
PUP.Optional.Snapdo, HKU\S-1-5-21-2343719655-606922816-1584496895-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|Default_Search_URL, hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=4a462bdd-4c3a-402c-8ce3-d37e0174272f&searchtype=ds&q={searchTerms}, Gut: (Google), Schlecht: (hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=4a462bdd-4c3a-402c-8ce3-d37e0174272f&searchtype=ds&q={searchTerms}),Ersetzt,[1b2eee11f9815bdb1da11816db299868]
PUP.Optional.Snapdo, HKU\S-1-5-21-2343719655-606922816-1584496895-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|SearchAssistant, hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=4a462bdd-4c3a-402c-8ce3-d37e0174272f&searchtype=ds&q={searchTerms}, Gut: (Google), Schlecht: (hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=4a462bdd-4c3a-402c-8ce3-d37e0174272f&searchtype=ds&q={searchTerms}),Ersetzt,[ad9c05faf2883ef88639c26c986c7090]

Ordner: 22
Rogue.Multiple, C:\ProgramData\374311380, In Quarantäne, [3019aa559edcfa3cc11bacca6c96fe02],
PUP.Optional.OpenCandy, C:\Users\Ya-HÃ¼\AppData\Roaming\OpenCandy, In Quarantäne, [0b3e5da2fe7cd066612a15718a78ca36],
PUP.Optional.OpenCandy, C:\Users\Ya-HÃ¼\AppData\Roaming\OpenCandy\0CAFBC467D9B4043A447693162224D1A, In Quarantäne, [0b3e5da2fe7cd066612a15718a78ca36],
PUP.Optional.OpenCandy, C:\Users\Ya-HÃ¼\AppData\Roaming\OpenCandy\D20187A6DDE9446C84D17F58A548E301, In Quarantäne, [0b3e5da2fe7cd066612a15718a78ca36],
PUP.Optional.Conduit.A, C:\Users\Ya-HÃ¼\AppData\Local\Temp\CT3241949, In Quarantäne, [aa9f9669c1b948ee7490e7a08082847c],
PUP.Optional.Conduit.A, C:\Users\Ya-HÃ¼\AppData\Local\Temp\ct3286379, In Quarantäne, [ac9da05fdf9bd95d33d187008a785da3],
PUP.Optional.Conduit.A, C:\Users\Ya-HÃ¼\AppData\Local\Temp\ct3286379\xpi, In Quarantäne, [ac9da05fdf9bd95d33d187008a785da3],
PUP.Optional.Conduit.A, C:\Users\Ya-HÃ¼\AppData\Local\Temp\ct3286379\xpi\defaults, In Quarantäne, [ac9da05fdf9bd95d33d187008a785da3],
PUP.Optional.Conduit.A, C:\Users\Ya-HÃ¼\AppData\Local\Temp\ct3286379\xpi\defaults\preferences, In Quarantäne, [ac9da05fdf9bd95d33d187008a785da3],
PUP.Optional.Conduit.A, C:\Users\Ya-HÃ¼\AppData\Local\Temp\ct3288691, In Quarantäne, [ff4a7c83f387c57132d260278f737987],
PUP.Optional.Conduit.A, C:\Users\Ya-HÃ¼\AppData\Local\Temp\ct3297265, In Quarantäne, [2f1aa35cf783a98dd3318601738f827e],
PUP.Optional.Conduit.A, C:\Users\Ya-HÃ¼\AppData\Local\Temp\ct3297265\xpi, In Quarantäne, [2f1aa35cf783a98dd3318601738f827e],
PUP.Optional.Conduit.A, C:\Users\Ya-HÃ¼\AppData\Local\Temp\ct3297265\xpi\defaults, In Quarantäne, [2f1aa35cf783a98dd3318601738f827e],
PUP.Optional.Conduit.A, C:\Users\Ya-HÃ¼\AppData\Local\Temp\ct3297265\xpi\defaults\preferences, In Quarantäne, [2f1aa35cf783a98dd3318601738f827e],
PUP.Optional.Conduit.A, C:\Users\Ya-HÃ¼\AppData\Local\Temp\ct3297861, In Quarantäne, [ed5cf40b4436c76f06fe780f8d75a65a],
PUP.Optional.Conduit.A, C:\Users\Ya-HÃ¼\AppData\Local\Temp\ct2269050, In Quarantäne, [53f6817e7ffbed49758fb5d28f7313ed],
PUP.Optional.Conduit.A, C:\Users\Ya-HÃ¼\AppData\Local\Temp\ct2269050\xpi, In Quarantäne, [53f6817e7ffbed49758fb5d28f7313ed],
PUP.Optional.Conduit.A, C:\ProgramData\Conduit\IE, In Quarantäne, [cd7c8f70eb8f112590897f089270a060],
PUP.Optional.Conduit.A, C:\ProgramData\Conduit\IE\CT3297265, In Quarantäne, [cd7c8f70eb8f112590897f089270a060],
PUP.Optional.Conduit, C:\Users\Ya-HÃ¼\AppData\Local\TBHostSupport, In Quarantäne, [af9afe01057591a51deddcaca2601fe1],
PUP.Optional.RocketTab.A, C:\Program Files (x86)\RocketTab, In Quarantäne, [6adfed123842270f4ad5e3a8c33f1ae6],
PUP.Optional.RocketTab.A, C:\Program Files (x86)\RocketTab\Resources, In Quarantäne, [6adfed123842270f4ad5e3a8c33f1ae6],

Dateien: 71
PUP.Optional.Conduit.A, C:\Users\Ya-HÃ¼\AppData\Local\Temp\SPStub.exe, In Quarantäne, [fe4b3cc323575fd7c0bc075780817789],
PUP.Optional.Conduit.A, C:\Users\Ya-HÃ¼\AppData\Local\Temp\nsu8AEA.exe, In Quarantäne, [dc6dfb041f5bd066b18f3e224ab716ea],
PUP.Optional.Conduit.A, C:\Users\Ya-HÃ¼\AppData\Local\Temp\nsk5113.exe, In Quarantäne, [3d0c28d7a0da1d19c47cadb39e6317e9],
PUP.Optional.Conduit.A, C:\Users\Ya-HÃ¼\AppData\Local\Temp\nsk87F.exe, In Quarantäne, [2a1f6b94a5d5be78f34d7ee212ef7d83],
PUP.Optional.Conduit.A, C:\Users\Ya-HÃ¼\AppData\Local\Temp\nsaE836.exe, In Quarantäne, [56f3c9360377d16563dd82de47ba05fb],
PUP.Optional.Conduit.A, C:\Users\Ya-HÃ¼\AppData\Local\Temp\nsf135B.exe, In Quarantäne, [e1681ee180fa6ec8a69aed73c93815eb],
PUP.Optional.Conduit.A, C:\Users\Ya-HÃ¼\AppData\Local\Temp\nsfD7DE.exe, In Quarantäne, [b495a45bafcb2610a997d789a25ff20e],
PUP.Optional.SmartBar.A, C:\Users\Ya-HÃ¼\AppData\Local\Temp\c2499d23-c3fb-4a3e-8a6e-8e76cc23414f\LinkuryInstaller.msi, In Quarantäne, [0841d22d9edc5bdbe0dec1b4f20e30d0],
PUP.Optional.Conduit.A, C:\Users\Ya-HÃ¼\AppData\Local\Temp\ct3286379\ffLogic.exe, In Quarantäne, [67e2a15eb6c4ae88f7855905eb1652ae],
PUP.Optional.Conduit.A, C:\Users\Ya-HÃ¼\AppData\Local\Temp\ct3286379\ieLogic.exe, In Quarantäne, [c2871ee1186294a2a8d4c29c0001926e],
PUP.Optional.Conduit.A, C:\Users\Ya-HÃ¼\AppData\Local\Temp\ct3297265\chLogic.exe, In Quarantäne, [55f49e61d1a9ad893745a3bbf80954ac],
PUP.Optional.Conduit.A, C:\Users\Ya-HÃ¼\AppData\Local\Temp\ct3297265\ctbe.exe, In Quarantäne, [cd7cf30c245626102a3a71fb887801ff],
PUP.Optional.Conduit.A, C:\Users\Ya-HÃ¼\AppData\Local\Temp\ct3297265\ffLogic.exe, In Quarantäne, [2a1f0bf4e6948da9b2e9a1dd78889769],
PUP.Optional.Conduit.A, C:\Users\Ya-HÃ¼\AppData\Local\Temp\ct3297265\ieLogic.exe, In Quarantäne, [2a1f08f7d5a58da982fa213d09f837c9],
PUP.Optional.Conduit.A, C:\Users\Ya-HÃ¼\AppData\Local\Temp\ct3297265\spch.exe, In Quarantäne, [d079b8477cfe48ee0379fd61bc45946c],
PUP.Optional.Conduit.A, C:\Users\Ya-HÃ¼\AppData\Local\Temp\ct3297265\spff.exe, In Quarantäne, [e76211eed4a6dc5ad9a35905b44dfb05],
PUP.Optional.Conduit.A, C:\Users\Ya-HÃ¼\AppData\Local\Temp\ct3297265\statisticsStub.exe, In Quarantäne, [ac9dcd32067434029d6354f53cc501ff],
PUP.Optional.Conduit.A, C:\Users\Ya-HÃ¼\AppData\Local\Temp\ct3297265\stub.exe, In Quarantäne, [66e32ed19cdeab8b7e85e4970ef28977],
PUP.Optional.SpeedUpMyPC, C:\Users\Ya-HÃ¼\AppData\Local\Temp\is-3ATJ3.tmp\SpeedUpMyPC-standalone-setup.exe, In Quarantäne, [0a3fd32c7604f046edfa703049b811ef],
PUP.Optional.SmartBar, C:\Users\Ya-HÃ¼\AppData\Local\Temp\MSIE805.tmp-\Smartbar.Installer.CustomActions.dll, In Quarantäne, [5dec6a954535a78f906f3e3da35d5ba5],
PUP.Optional.Conduit.A, C:\Users\Ya-HÃ¼\AppData\Local\Temp\AU\SPUpdater.exe, In Quarantäne, [df6a3dc25c1eca6c50f073ed22df966a],
PUP.Optional.SpeedUpMyPC, C:\Users\Ya-HÃ¼\AppData\Local\Temp\693Btmp\speedupmypc.exe, In Quarantäne, [cd7ccf302753cc6ae9fea6fabd440000],
PUP.Optional.Softonic.A, C:\Users\Ya-HÃ¼\Downloads\SoftonicDownloader_fuer_fifa-07.exe, In Quarantäne, [b792e41b9fdb3402ca394022e8197888],
PUP.Optional.Softonic.A, C:\Users\Ya-HÃ¼\Downloads\SoftonicDownloader_fuer_fussball-manager-10.exe, In Quarantäne, [5deca758d4a61125a75c6bf7649da957],
PUP.Optional.PCPerformer.A, C:\Windows\System32\roboot64.exe, In Quarantäne, [d376ce31572356e062b47717ae54b749],
Rogue.Multiple, C:\ProgramData\374311380\BIT36EB.tmp, In Quarantäne, [3019aa559edcfa3cc11bacca6c96fe02],
PUP.Optional.OpenCandy, C:\Users\Ya-HÃ¼\AppData\Roaming\OpenCandy\0CAFBC467D9B4043A447693162224D1A\3708.ico, In Quarantäne, [0b3e5da2fe7cd066612a15718a78ca36],
PUP.Optional.OpenCandy, C:\Users\Ya-HÃ¼\AppData\Roaming\OpenCandy\0CAFBC467D9B4043A447693162224D1A\EBB77268-338F-4C6A-8590-AD88FED26F4A, In Quarantäne, [0b3e5da2fe7cd066612a15718a78ca36],
PUP.Optional.OpenCandy, C:\Users\Ya-HÃ¼\AppData\Roaming\OpenCandy\0CAFBC467D9B4043A447693162224D1A\OCBrowserHelper_1.0.3.85.dll, In Quarantäne, [0b3e5da2fe7cd066612a15718a78ca36],
PUP.Optional.OpenCandy, C:\Users\Ya-HÃ¼\AppData\Roaming\OpenCandy\0CAFBC467D9B4043A447693162224D1A\SnapDo.exe, In Quarantäne, [0b3e5da2fe7cd066612a15718a78ca36],
PUP.Optional.OpenCandy, C:\Users\Ya-HÃ¼\AppData\Roaming\OpenCandy\0CAFBC467D9B4043A447693162224D1A\SnapDo_ALL_p1v4.exe, In Quarantäne, [0b3e5da2fe7cd066612a15718a78ca36],
PUP.Optional.OpenCandy, C:\Users\Ya-HÃ¼\AppData\Roaming\OpenCandy\D20187A6DDE9446C84D17F58A548E301\TuneUpUtilities2013_2200218_de-DE.exe, In Quarantäne, [0b3e5da2fe7cd066612a15718a78ca36],
PUP.Optional.Conduit.A, C:\Users\Ya-HÃ¼\AppData\Local\Temp\CT3241949\CT3241949.txt, In Quarantäne, [aa9f9669c1b948ee7490e7a08082847c],
PUP.Optional.Conduit.A, C:\Users\Ya-HÃ¼\AppData\Local\Temp\CT3241949\dtime.csf, In Quarantäne, [aa9f9669c1b948ee7490e7a08082847c],
PUP.Optional.Conduit.A, C:\Users\Ya-HÃ¼\AppData\Local\Temp\CT3241949\initData.json, In Quarantäne, [aa9f9669c1b948ee7490e7a08082847c],
PUP.Optional.Conduit.A, C:\Users\Ya-HÃ¼\AppData\Local\Temp\CT3241949\manifest.json, In Quarantäne, [aa9f9669c1b948ee7490e7a08082847c],
PUP.Optional.Conduit.A, C:\Users\Ya-HÃ¼\AppData\Local\Temp\ct3286379\conduit.xml, In Quarantäne, [ac9da05fdf9bd95d33d187008a785da3],
PUP.Optional.Conduit.A, C:\Users\Ya-HÃ¼\AppData\Local\Temp\ct3286379\CT3286379.xpi, In Quarantäne, [ac9da05fdf9bd95d33d187008a785da3],
PUP.Optional.Conduit.A, C:\Users\Ya-HÃ¼\AppData\Local\Temp\ct3286379\version.txt, In Quarantäne, [ac9da05fdf9bd95d33d187008a785da3],
PUP.Optional.Conduit.A, C:\Users\Ya-HÃ¼\AppData\Local\Temp\ct3286379\xpi\install.rdf, In Quarantäne, [ac9da05fdf9bd95d33d187008a785da3],
PUP.Optional.Conduit.A, C:\Users\Ya-HÃ¼\AppData\Local\Temp\ct3286379\xpi\defaults\preferences\defaults.js, In Quarantäne, [ac9da05fdf9bd95d33d187008a785da3],
PUP.Optional.Conduit.A, C:\Users\Ya-HÃ¼\AppData\Local\Temp\ct3288691\chromeid.txt, In Quarantäne, [ff4a7c83f387c57132d260278f737987],
PUP.Optional.Conduit.A, C:\Users\Ya-HÃ¼\AppData\Local\Temp\ct3288691\setup.ini.txt, In Quarantäne, [ff4a7c83f387c57132d260278f737987],
PUP.Optional.Conduit.A, C:\Users\Ya-HÃ¼\AppData\Local\Temp\ct3297265\chromeid.txt, In Quarantäne, [2f1aa35cf783a98dd3318601738f827e],
PUP.Optional.Conduit.A, C:\Users\Ya-HÃ¼\AppData\Local\Temp\ct3297265\conduit.xml, In Quarantäne, [2f1aa35cf783a98dd3318601738f827e],
PUP.Optional.Conduit.A, C:\Users\Ya-HÃ¼\AppData\Local\Temp\ct3297265\CT3297265.txt, In Quarantäne, [2f1aa35cf783a98dd3318601738f827e],
PUP.Optional.Conduit.A, C:\Users\Ya-HÃ¼\AppData\Local\Temp\ct3297265\CT3297265.xpi, In Quarantäne, [2f1aa35cf783a98dd3318601738f827e],
PUP.Optional.Conduit.A, C:\Users\Ya-HÃ¼\AppData\Local\Temp\ct3297265\initdata.json, In Quarantäne, [2f1aa35cf783a98dd3318601738f827e],
PUP.Optional.Conduit.A, C:\Users\Ya-HÃ¼\AppData\Local\Temp\ct3297265\ism.exe, In Quarantäne, [2f1aa35cf783a98dd3318601738f827e],
PUP.Optional.Conduit.A, C:\Users\Ya-HÃ¼\AppData\Local\Temp\ct3297265\manifest.json, In Quarantäne, [2f1aa35cf783a98dd3318601738f827e],
PUP.Optional.Conduit.A, C:\Users\Ya-HÃ¼\AppData\Local\Temp\ct3297265\setup.ini.txt, In Quarantäne, [2f1aa35cf783a98dd3318601738f827e],
PUP.Optional.Conduit.A, C:\Users\Ya-HÃ¼\AppData\Local\Temp\ct3297265\version.txt, In Quarantäne, [2f1aa35cf783a98dd3318601738f827e],
PUP.Optional.Conduit.A, C:\Users\Ya-HÃ¼\AppData\Local\Temp\ct3297265\xpi\install.rdf, In Quarantäne, [2f1aa35cf783a98dd3318601738f827e],
PUP.Optional.Conduit.A, C:\Users\Ya-HÃ¼\AppData\Local\Temp\ct3297265\xpi\defaults\preferences\defaults.js, In Quarantäne, [2f1aa35cf783a98dd3318601738f827e],
PUP.Optional.Conduit.A, C:\Users\Ya-HÃ¼\AppData\Local\Temp\ct3297861\chromeid.txt, In Quarantäne, [ed5cf40b4436c76f06fe780f8d75a65a],
PUP.Optional.Conduit.A, C:\Users\Ya-HÃ¼\AppData\Local\Temp\ct3297861\setup.ini.txt, In Quarantäne, [ed5cf40b4436c76f06fe780f8d75a65a],
PUP.Optional.Conduit.A, C:\ProgramData\Conduit\IE\CT3297265\SetupIcon.ico, In Quarantäne, [cd7c8f70eb8f112590897f089270a060],
PUP.Optional.Conduit.A, C:\ProgramData\Conduit\IE\CT3297265\UninstallerUI.exe, In Quarantäne, [cd7c8f70eb8f112590897f089270a060],
PUP.Optional.Conduit, C:\Users\Ya-HÃ¼\AppData\Local\TBHostSupport\TBHostSupport_0.dll, In Quarantäne, [af9afe01057591a51deddcaca2601fe1],
PUP.Optional.RocketTab.A, C:\Program Files (x86)\RocketTab\Client.exe, In Quarantäne, [6adfed123842270f4ad5e3a8c33f1ae6],
PUP.Optional.RocketTab.A, C:\Program Files (x86)\RocketTab\config.dat, In Quarantäne, [6adfed123842270f4ad5e3a8c33f1ae6],
PUP.Optional.RocketTab.A, C:\Program Files (x86)\RocketTab\makecert.exe, In Quarantäne, [6adfed123842270f4ad5e3a8c33f1ae6],
PUP.Optional.RocketTab.A, C:\Program Files (x86)\RocketTab\TrustedRoot.cer, In Quarantäne, [6adfed123842270f4ad5e3a8c33f1ae6],
PUP.Optional.RocketTab.A, C:\Program Files (x86)\RocketTab\uninstall.exe, In Quarantäne, [6adfed123842270f4ad5e3a8c33f1ae6],
PUP.Optional.RocketTab.A, C:\Program Files (x86)\RocketTab\Resources\certutil.exe, In Quarantäne, [6adfed123842270f4ad5e3a8c33f1ae6],
PUP.Optional.RocketTab.A, C:\Program Files (x86)\RocketTab\Resources\libnspr4.dll, In Quarantäne, [6adfed123842270f4ad5e3a8c33f1ae6],
PUP.Optional.RocketTab.A, C:\Program Files (x86)\RocketTab\Resources\libplc4.dll, In Quarantäne, [6adfed123842270f4ad5e3a8c33f1ae6],
PUP.Optional.RocketTab.A, C:\Program Files (x86)\RocketTab\Resources\libplds4.dll, In Quarantäne, [6adfed123842270f4ad5e3a8c33f1ae6],
PUP.Optional.RocketTab.A, C:\Program Files (x86)\RocketTab\Resources\nss3.dll, In Quarantäne, [6adfed123842270f4ad5e3a8c33f1ae6],
PUP.Optional.RocketTab.A, C:\Program Files (x86)\RocketTab\Resources\smime3.dll, In Quarantäne, [6adfed123842270f4ad5e3a8c33f1ae6],
PUP.Optional.RocketTab.A, C:\Program Files (x86)\RocketTab\Resources\softokn3.dll, In Quarantäne, [6adfed123842270f4ad5e3a8c33f1ae6],

Physische Sektoren: 0
(No malicious items detected)

(end)

AdwCleaner Logfile:

Code:

ATTFilter

# AdwCleaner v3.310 - Bericht erstellt am 22/09/2014 um 13:11:02
# Aktualisiert 12/09/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Ya-Hü - YA-HÜ-VAIO
# Gestartet von : C:\Users\Ya-Hü\Desktop\AdwCleaner_3.310.exe
# Option : Löschen

***** [ Dienste ] *****

[#] Dienst Gelöscht : globalUpdate
[#] Dienst Gelöscht : globalUpdatem
[#] Dienst Gelöscht : ProtectMonitor
Dienst Gelöscht : Scores

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\Conduit
Ordner Gelöscht : C:\ProgramData\Partner
Ordner Gelöscht : C:\ProgramData\WindowsMangerProtect
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InetStat
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PepperZip
Ordner Gelöscht : C:\Program Files (x86)\ConduitEngine
Ordner Gelöscht : C:\Program Files (x86)\globalUpdate
Ordner Gelöscht : C:\Program Files (x86)\PCTRunner
Ordner Gelöscht : C:\Program Files (x86)\SupTab
Ordner Gelöscht : C:\Program Files (x86)\CinPlusHQ01-2.5cV15.09
Ordner Gelöscht : C:\Program Files (x86)\Common Files\DVDVideoSoft\TB
Ordner Gelöscht : C:\Program Files\ext
Ordner Gelöscht : C:\Users\YA-H~1\AppData\Local\Temp\AskSearch
Ordner Gelöscht : C:\Users\YA-H~1\AppData\Local\Temp\Conduit
Ordner Gelöscht : C:\Users\YA-H~1\AppData\Local\Temp\NativeMessaging
Ordner Gelöscht : C:\Users\Ya-Hü\AppData\Local\Conduit
Ordner Gelöscht : C:\Users\Ya-Hü\AppData\Local\globalUpdate
Ordner Gelöscht : C:\Users\Ya-Hü\AppData\Local\NativeMessaging
Ordner Gelöscht : C:\Users\Ya-Hü\AppData\Local\SearchProtect
Ordner Gelöscht : C:\Users\Ya-Hü\AppData\Local\WhiteListing
Ordner Gelöscht : C:\Users\Ya-Hü\AppData\Local\Genesis_09091859
Ordner Gelöscht : C:\Users\Ya-Hü\AppData\LocalLow\Conduit
Ordner Gelöscht : C:\Users\Ya-Hü\AppData\LocalLow\ConduitEngine
Ordner Gelöscht : C:\Users\Ya-Hü\AppData\LocalLow\DVDVideoSoftTB
Ordner Gelöscht : C:\Users\Ya-Hü\AppData\LocalLow\PriceGong
Ordner Gelöscht : C:\Users\Ya-Hü\AppData\Roaming\Activeris
Ordner Gelöscht : C:\Users\Ya-Hü\AppData\Roaming\ASP
Ordner Gelöscht : C:\Users\Ya-Hü\AppData\Roaming\dvdvideosoftiehelpers
Ordner Gelöscht : C:\Users\Ya-Hü\AppData\Roaming\InetStat
Ordner Gelöscht : C:\Users\Ya-Hü\AppData\Roaming\PennyBee
Ordner Gelöscht : C:\Users\Ya-Hü\AppData\Roaming\Systweak
Ordner Gelöscht : C:\Users\Ya-Hü\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\InetStat
Ordner Gelöscht : C:\Users\Ya-Hü\Documents\Optimizer Pro
Ordner Gelöscht : C:\Users\Ya-Hü\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma
Datei Gelöscht : C:\END
Datei Gelöscht : C:\monitor.exe
Datei Gelöscht : C:\monitorsvc.exe
Datei Gelöscht : C:\Windows\score.exe
Datei Gelöscht : C:\Windows\SysWOW64\conduitEngine.tmp
Datei Gelöscht : C:\Windows\SysWOW64\MyOSProtect.dll
Datei Gelöscht : C:\Windows\SysWOW64\MyOSProtect.ini
Datei Gelöscht : C:\Windows\System32\MyOSProtect64.dll
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\nsprotector.js
Datei Gelöscht : C:\Users\Ya-Hü\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv3.crx
Datei Gelöscht : C:\Users\Ya-Hü\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
Datei Gelöscht : C:\Users\Ya-Hü\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
Datei Gelöscht : C:\Users\Ya-Hü\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_inst.shoppingate.info_0.localstorage
Datei Gelöscht : C:\Users\Ya-Hü\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_inst.shoppingate.info_0.localstorage-journal
Datei Gelöscht : C:\Users\Ya-Hü\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.livelyrics00.live-lyrics.com_0.localstorage
Datei Gelöscht : C:\Users\Ya-Hü\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.livelyrics00.live-lyrics.com_0.localstorage-journal

***** [ Tasks ] *****

Task Gelöscht : ASP
Task Gelöscht : FoxTab
Task Gelöscht : globalUpdateUpdateTaskMachineCore
Task Gelöscht : globalUpdateUpdateTaskMachineUA
Task Gelöscht : LaunchSignup
Task Gelöscht : RocketTab Update Task
Task Gelöscht : RocketTab
Task Gelöscht : 98ed4270-7785-4165-abad-58c3f4f52fee-1
Task Gelöscht : 98ed4270-7785-4165-abad-58c3f4f52fee-11
Task Gelöscht : 98ed4270-7785-4165-abad-58c3f4f52fee-2
Task Gelöscht : 98ed4270-7785-4165-abad-58c3f4f52fee-3
Task Gelöscht : 98ed4270-7785-4165-abad-58c3f4f52fee-4
Task Gelöscht : 98ed4270-7785-4165-abad-58c3f4f52fee-5
Task Gelöscht : 98ed4270-7785-4165-abad-58c3f4f52fee-6
Task Gelöscht : 98ed4270-7785-4165-abad-58c3f4f52fee-7
Task Gelöscht : bf1a449c-8356-402e-9ecc-44015185bae6-1
Task Gelöscht : bf1a449c-8356-402e-9ecc-44015185bae6-11
Task Gelöscht : bf1a449c-8356-402e-9ecc-44015185bae6-3
Task Gelöscht : bf1a449c-8356-402e-9ecc-44015185bae6-4
Task Gelöscht : bf1a449c-8356-402e-9ecc-44015185bae6-5
Task Gelöscht : bf1a449c-8356-402e-9ecc-44015185bae6-6
Task Gelöscht : bf1a449c-8356-402e-9ecc-44015185bae6-7
Task Gelöscht : fa50a323-b173-42a7-ad68-a45d88bc41ec

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.bandobjectattribute
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.dockingpanel
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbarbandobject
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.smartbardisplaystate
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.smartbarmenuform
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\speedupmypc
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskToolbar uninstall_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskToolbar uninstall_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskToolbar_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskToolbar_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\DVDVideoSoftTBAutoUpdaterHelper_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\DVDVideoSoftTBAutoUpdaterHelper_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\DVDVideoSoftTBToolbarHelper_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\DVDVideoSoftTBToolbarHelper_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\optimizerpro_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\optimizerpro_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\optprostart_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\optprostart_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\smartbar_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\smartbar_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\speedupmypc_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\speedupmypc_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\systweakasp_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\systweakasp_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\vopackage_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\vopackage_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\wpm_v20_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\wpm_v20_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Schlüssel Gelöscht : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2269050
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2776682
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT3297265
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_fifa-07_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_fifa-07_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_fifa-09_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_fifa-09_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_fussball-manager-10_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_fussball-manager-10_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3CB073F3-BE3C-4E8F-942D-8A747B54486F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D3F69D07-0AEE-47AF-87D0-1A67D4F70C68}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A1CCCE0D-AE21-42A2-BE58-8E6109410995}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611411141}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622412241}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655415541}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666416641}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{EAB5257A-1FB3-474C-9B42-231F52622E72}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440644414441}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611411141}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3F69D07-0AEE-47AF-87D0-1A67D4F70C68}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3CB073F3-BE3C-4E8F-942D-8A747B54486F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B727F392-2A3F-493B-91FC-CF37FD4AB2C5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611411141}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622412241}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655415541}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666416641}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611411141}
Wert Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schlüssel Gelöscht : HKCU\Software\APN DTX
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\genesis
Schlüssel Gelöscht : HKCU\Software\GlobalUpdate
Schlüssel Gelöscht : HKCU\Software\IM
Schlüssel Gelöscht : HKCU\Software\ImInstaller
Schlüssel Gelöscht : HKCU\Software\InetStat
Schlüssel Gelöscht : HKCU\Software\InstalledBrowserExtensions
Schlüssel Gelöscht : HKCU\Software\Optimizer Pro
Schlüssel Gelöscht : HKCU\Software\PennyBee
Schlüssel Gelöscht : HKCU\Software\RocketTabInstalled
Schlüssel Gelöscht : HKCU\Software\SmartBar
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\SupHpUISoft
Schlüssel Gelöscht : HKCU\Software\systweak
Schlüssel Gelöscht : HKCU\Software\WebEnhance
Schlüssel Gelöscht : HKCU\Software\YahooPartnerToolbar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Toolbar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\BackgroundContainer
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\conduitEngine
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Toolbar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\CinPlusHQ01-2.5cV15.09
Schlüssel Gelöscht : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Schlüssel Gelöscht : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Schlüssel Gelöscht : HKLM\SOFTWARE\conduitEngine
Schlüssel Gelöscht : HKLM\SOFTWARE\GlobalUpdate
Schlüssel Gelöscht : HKLM\SOFTWARE\ImInstaller
Schlüssel Gelöscht : HKLM\SOFTWARE\InstalledBrowserExtensions
Schlüssel Gelöscht : HKLM\SOFTWARE\istartsurfSoftware
Schlüssel Gelöscht : HKLM\SOFTWARE\RocketTab
Schlüssel Gelöscht : HKLM\SOFTWARE\SupDp
Schlüssel Gelöscht : HKLM\SOFTWARE\supWindowsMangerProtect
Schlüssel Gelöscht : HKLM\SOFTWARE\systweak
Schlüssel Gelöscht : HKLM\SOFTWARE\Uniblue
Schlüssel Gelöscht : HKLM\SOFTWARE\CinPlusHQ01-2.5cV15.09
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\PennyBee
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\CinPlusHQ01-2.5cV15.09
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\DivX\Install\Setup\WizardLayout\ConduitToolbar
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467

***** [ Browser ] *****

-\\ Internet Explorer v0.0.0.0

Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]

-\\ Mozilla Firefox v4.0 (de)

-\\ Google Chrome v37.0.2062.103

[ Datei : C:\Users\Ya-Hü\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gelöscht [Search Provider] : hxxp://feed.snapdo.com/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=4a462bdd-4c3a-402c-8ce3-d37e0174272f&searchtype=ds&q={searchTerms}&installDate=01/01/1970
Gelöscht [Search Provider] : hxxp://feed.snapdo.com/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=4a462bdd-4c3a-402c-8ce3-d37e0174272f&searchtype=ds&q={searchTerms}&installDate=
Gelöscht [Search Provider] : hxxp://search.snapdo.com/?q={searchTerms}&category=Web&dpid=us&lan=de&p=1&st=ds&publisher=snapdoopencandy&country=us
Gelöscht [Search Provider] : hxxp://feed.snapdo.com/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=4a462bdd-4c3a-402c-8ce3-d37e0174272f&searchtype=ds&q={searchTerms}&installDate=
Gelöscht [Search Provider] : hxxp://www.istartsurf.com/web/?type=ds&ts=1410289207&from=tugs&uid=HitachiXHTS545050B9SA00_101011PBN475B70JY7BLX&q={searchTerms}

*************************

AdwCleaner[R0].txt - [30391 octets] - [22/09/2014 13:08:53]
AdwCleaner[S0].txt - [28209 octets] - [22/09/2014 13:11:02]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [28270 octets] ##########

--- --- ---

AdwCleaner Logfile:

Code:

ATTFilter

# AdwCleaner v3.310 - Bericht erstellt am 22/09/2014 um 13:11:02
# Aktualisiert 12/09/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Ya-Hü - YA-HÜ-VAIO
# Gestartet von : C:\Users\Ya-Hü\Desktop\AdwCleaner_3.310.exe
# Option : Löschen

***** [ Dienste ] *****

[#] Dienst Gelöscht : globalUpdate
[#] Dienst Gelöscht : globalUpdatem
[#] Dienst Gelöscht : ProtectMonitor
Dienst Gelöscht : Scores

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\Conduit
Ordner Gelöscht : C:\ProgramData\Partner
Ordner Gelöscht : C:\ProgramData\WindowsMangerProtect
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InetStat
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PepperZip
Ordner Gelöscht : C:\Program Files (x86)\ConduitEngine
Ordner Gelöscht : C:\Program Files (x86)\globalUpdate
Ordner Gelöscht : C:\Program Files (x86)\PCTRunner
Ordner Gelöscht : C:\Program Files (x86)\SupTab
Ordner Gelöscht : C:\Program Files (x86)\CinPlusHQ01-2.5cV15.09
Ordner Gelöscht : C:\Program Files (x86)\Common Files\DVDVideoSoft\TB
Ordner Gelöscht : C:\Program Files\ext
Ordner Gelöscht : C:\Users\YA-H~1\AppData\Local\Temp\AskSearch
Ordner Gelöscht : C:\Users\YA-H~1\AppData\Local\Temp\Conduit
Ordner Gelöscht : C:\Users\YA-H~1\AppData\Local\Temp\NativeMessaging
Ordner Gelöscht : C:\Users\Ya-Hü\AppData\Local\Conduit
Ordner Gelöscht : C:\Users\Ya-Hü\AppData\Local\globalUpdate
Ordner Gelöscht : C:\Users\Ya-Hü\AppData\Local\NativeMessaging
Ordner Gelöscht : C:\Users\Ya-Hü\AppData\Local\SearchProtect
Ordner Gelöscht : C:\Users\Ya-Hü\AppData\Local\WhiteListing
Ordner Gelöscht : C:\Users\Ya-Hü\AppData\Local\Genesis_09091859
Ordner Gelöscht : C:\Users\Ya-Hü\AppData\LocalLow\Conduit
Ordner Gelöscht : C:\Users\Ya-Hü\AppData\LocalLow\ConduitEngine
Ordner Gelöscht : C:\Users\Ya-Hü\AppData\LocalLow\DVDVideoSoftTB
Ordner Gelöscht : C:\Users\Ya-Hü\AppData\LocalLow\PriceGong
Ordner Gelöscht : C:\Users\Ya-Hü\AppData\Roaming\Activeris
Ordner Gelöscht : C:\Users\Ya-Hü\AppData\Roaming\ASP
Ordner Gelöscht : C:\Users\Ya-Hü\AppData\Roaming\dvdvideosoftiehelpers
Ordner Gelöscht : C:\Users\Ya-Hü\AppData\Roaming\InetStat
Ordner Gelöscht : C:\Users\Ya-Hü\AppData\Roaming\PennyBee
Ordner Gelöscht : C:\Users\Ya-Hü\AppData\Roaming\Systweak
Ordner Gelöscht : C:\Users\Ya-Hü\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\InetStat
Ordner Gelöscht : C:\Users\Ya-Hü\Documents\Optimizer Pro
Ordner Gelöscht : C:\Users\Ya-Hü\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma
Datei Gelöscht : C:\END
Datei Gelöscht : C:\monitor.exe
Datei Gelöscht : C:\monitorsvc.exe
Datei Gelöscht : C:\Windows\score.exe
Datei Gelöscht : C:\Windows\SysWOW64\conduitEngine.tmp
Datei Gelöscht : C:\Windows\SysWOW64\MyOSProtect.dll
Datei Gelöscht : C:\Windows\SysWOW64\MyOSProtect.ini
Datei Gelöscht : C:\Windows\System32\MyOSProtect64.dll
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\nsprotector.js
Datei Gelöscht : C:\Users\Ya-Hü\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv3.crx
Datei Gelöscht : C:\Users\Ya-Hü\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
Datei Gelöscht : C:\Users\Ya-Hü\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
Datei Gelöscht : C:\Users\Ya-Hü\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_inst.shoppingate.info_0.localstorage
Datei Gelöscht : C:\Users\Ya-Hü\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_inst.shoppingate.info_0.localstorage-journal
Datei Gelöscht : C:\Users\Ya-Hü\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.livelyrics00.live-lyrics.com_0.localstorage
Datei Gelöscht : C:\Users\Ya-Hü\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.livelyrics00.live-lyrics.com_0.localstorage-journal

***** [ Tasks ] *****

Task Gelöscht : ASP
Task Gelöscht : FoxTab
Task Gelöscht : globalUpdateUpdateTaskMachineCore
Task Gelöscht : globalUpdateUpdateTaskMachineUA
Task Gelöscht : LaunchSignup
Task Gelöscht : RocketTab Update Task
Task Gelöscht : RocketTab
Task Gelöscht : 98ed4270-7785-4165-abad-58c3f4f52fee-1
Task Gelöscht : 98ed4270-7785-4165-abad-58c3f4f52fee-11
Task Gelöscht : 98ed4270-7785-4165-abad-58c3f4f52fee-2
Task Gelöscht : 98ed4270-7785-4165-abad-58c3f4f52fee-3
Task Gelöscht : 98ed4270-7785-4165-abad-58c3f4f52fee-4
Task Gelöscht : 98ed4270-7785-4165-abad-58c3f4f52fee-5
Task Gelöscht : 98ed4270-7785-4165-abad-58c3f4f52fee-6
Task Gelöscht : 98ed4270-7785-4165-abad-58c3f4f52fee-7
Task Gelöscht : bf1a449c-8356-402e-9ecc-44015185bae6-1
Task Gelöscht : bf1a449c-8356-402e-9ecc-44015185bae6-11
Task Gelöscht : bf1a449c-8356-402e-9ecc-44015185bae6-3
Task Gelöscht : bf1a449c-8356-402e-9ecc-44015185bae6-4
Task Gelöscht : bf1a449c-8356-402e-9ecc-44015185bae6-5
Task Gelöscht : bf1a449c-8356-402e-9ecc-44015185bae6-6
Task Gelöscht : bf1a449c-8356-402e-9ecc-44015185bae6-7
Task Gelöscht : fa50a323-b173-42a7-ad68-a45d88bc41ec

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.bandobjectattribute
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.dockingpanel
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbarbandobject
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.smartbardisplaystate
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.smartbarmenuform
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\speedupmypc
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskToolbar uninstall_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskToolbar uninstall_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskToolbar_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskToolbar_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\DVDVideoSoftTBAutoUpdaterHelper_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\DVDVideoSoftTBAutoUpdaterHelper_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\DVDVideoSoftTBToolbarHelper_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\DVDVideoSoftTBToolbarHelper_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\optimizerpro_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\optimizerpro_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\optprostart_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\optprostart_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\smartbar_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\smartbar_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\speedupmypc_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\speedupmypc_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\systweakasp_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\systweakasp_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\vopackage_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\vopackage_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\wpm_v20_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\wpm_v20_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Schlüssel Gelöscht : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2269050
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2776682
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT3297265
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_fifa-07_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_fifa-07_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_fifa-09_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_fifa-09_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_fussball-manager-10_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_fussball-manager-10_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3CB073F3-BE3C-4E8F-942D-8A747B54486F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D3F69D07-0AEE-47AF-87D0-1A67D4F70C68}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A1CCCE0D-AE21-42A2-BE58-8E6109410995}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611411141}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622412241}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655415541}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666416641}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{EAB5257A-1FB3-474C-9B42-231F52622E72}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440644414441}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611411141}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3F69D07-0AEE-47AF-87D0-1A67D4F70C68}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3CB073F3-BE3C-4E8F-942D-8A747B54486F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B727F392-2A3F-493B-91FC-CF37FD4AB2C5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611411141}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622412241}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655415541}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666416641}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611411141}
Wert Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schlüssel Gelöscht : HKCU\Software\APN DTX
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\genesis
Schlüssel Gelöscht : HKCU\Software\GlobalUpdate
Schlüssel Gelöscht : HKCU\Software\IM
Schlüssel Gelöscht : HKCU\Software\ImInstaller
Schlüssel Gelöscht : HKCU\Software\InetStat
Schlüssel Gelöscht : HKCU\Software\InstalledBrowserExtensions
Schlüssel Gelöscht : HKCU\Software\Optimizer Pro
Schlüssel Gelöscht : HKCU\Software\PennyBee
Schlüssel Gelöscht : HKCU\Software\RocketTabInstalled
Schlüssel Gelöscht : HKCU\Software\SmartBar
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\SupHpUISoft
Schlüssel Gelöscht : HKCU\Software\systweak
Schlüssel Gelöscht : HKCU\Software\WebEnhance
Schlüssel Gelöscht : HKCU\Software\YahooPartnerToolbar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Toolbar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\BackgroundContainer
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\conduitEngine
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Toolbar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\CinPlusHQ01-2.5cV15.09
Schlüssel Gelöscht : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Schlüssel Gelöscht : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Schlüssel Gelöscht : HKLM\SOFTWARE\conduitEngine
Schlüssel Gelöscht : HKLM\SOFTWARE\GlobalUpdate
Schlüssel Gelöscht : HKLM\SOFTWARE\ImInstaller
Schlüssel Gelöscht : HKLM\SOFTWARE\InstalledBrowserExtensions
Schlüssel Gelöscht : HKLM\SOFTWARE\istartsurfSoftware
Schlüssel Gelöscht : HKLM\SOFTWARE\RocketTab
Schlüssel Gelöscht : HKLM\SOFTWARE\SupDp
Schlüssel Gelöscht : HKLM\SOFTWARE\supWindowsMangerProtect
Schlüssel Gelöscht : HKLM\SOFTWARE\systweak
Schlüssel Gelöscht : HKLM\SOFTWARE\Uniblue
Schlüssel Gelöscht : HKLM\SOFTWARE\CinPlusHQ01-2.5cV15.09
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\PennyBee
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\CinPlusHQ01-2.5cV15.09
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\DivX\Install\Setup\WizardLayout\ConduitToolbar
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467

***** [ Browser ] *****

-\\ Internet Explorer v0.0.0.0

Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]

-\\ Mozilla Firefox v4.0 (de)

-\\ Google Chrome v37.0.2062.103

[ Datei : C:\Users\Ya-Hü\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gelöscht [Search Provider] : hxxp://feed.snapdo.com/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=4a462bdd-4c3a-402c-8ce3-d37e0174272f&searchtype=ds&q={searchTerms}&installDate=01/01/1970
Gelöscht [Search Provider] : hxxp://feed.snapdo.com/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=4a462bdd-4c3a-402c-8ce3-d37e0174272f&searchtype=ds&q={searchTerms}&installDate=
Gelöscht [Search Provider] : hxxp://search.snapdo.com/?q={searchTerms}&category=Web&dpid=us&lan=de&p=1&st=ds&publisher=snapdoopencandy&country=us
Gelöscht [Search Provider] : hxxp://feed.snapdo.com/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=4a462bdd-4c3a-402c-8ce3-d37e0174272f&searchtype=ds&q={searchTerms}&installDate=
Gelöscht [Search Provider] : hxxp://www.istartsurf.com/web/?type=ds&ts=1410289207&from=tugs&uid=HitachiXHTS545050B9SA00_101011PBN475B70JY7BLX&q={searchTerms}

*************************

AdwCleaner[R0].txt - [30391 octets] - [22/09/2014 13:08:53]
AdwCleaner[S0].txt - [28209 octets] - [22/09/2014 13:11:02]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [28270 octets] ##########

--- --- ---JRT Logfile:

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.9 (09.20.2014:1)
OS: Windows 7 Home Premium x64
Ran by Ya-Hü on 22.09.2014 at 13:21:56,36
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\conduitutil_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\conduitutil_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\conduitutil_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\conduitutil_RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{81C5F3D0-96DD-41A1-9AB0-34D3393ECD63}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{880A4506-D686-4F9D-99E6-AF7031E4954A}



~~~ Files

Successfully deleted: [File] "C:\Users\Ya-Hü\appdata\local\google\chrome\user data\default\local storage\http_www.superfish.com_0.localstorage"
Successfully deleted: [File] "C:\Users\Ya-Hü\appdata\local\google\chrome\user data\default\local storage\http_www.superfish.com_0.localstorage-journal"



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"
Successfully deleted: [Folder] "C:\Users\Ya-Hü\AppData\Roaming\getrighttogo"



~~~ Chrome

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Google [Blacklisted Policy]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 22.09.2014 at 13:43:26,78
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

--- --- ---

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.9 (09.20.2014:1)
OS: Windows 7 Home Premium x64
Ran by Ya-Hü on 22.09.2014 at 13:21:56,36
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\conduitutil_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\conduitutil_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\conduitutil_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\conduitutil_RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{81C5F3D0-96DD-41A1-9AB0-34D3393ECD63}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{880A4506-D686-4F9D-99E6-AF7031E4954A}

~~~ Files

Successfully deleted: [File] "C:\Users\Ya-Hü\appdata\local\google\chrome\user data\default\local storage\http_www.superfish.com_0.localstorage"
Successfully deleted: [File] "C:\Users\Ya-Hü\appdata\local\google\chrome\user data\default\local storage\http_www.superfish.com_0.localstorage-journal"

~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"
Successfully deleted: [Folder] "C:\Users\Ya-Hü\AppData\Roaming\getrighttogo"

~~~ Chrome

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Google [Blacklisted Policy]

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 22.09.2014 at 13:43:26,78
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Schahin · 22.09.2014, 12:57

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-09-2014 (ATTENTION: ====> FRST version is 12 days old and could be outdated)
Ran by Ya-Hü (administrator) on YA-HÜ-VAIO on 22-09-2014 13:44:48
Running from C:\Users\Ya-Hü\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: Downloading Farbar Recovery Scan Tool 
Download link for 64-Bit Version: Downloading Farbar Recovery Scan Tool 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
() C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
() C:\Program Files\ShrewSoft\VPN Client\dtpd.exe
(Aladdin Knowledge Systems, Ltd.) C:\Program Files\Aladdin\eToken\PKIClient\x64\eTSrv.exe
() C:\Program Files\ShrewSoft\VPN Client\iked.exe
() C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
() C:\Program Files (x86)\OfferBoulevard\OfferBoulevard.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe
(Term Tutor) C:\Program Files (x86)\TermTutor\Service\ttsvc.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(Sony Corporation) C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Sony Corporation) C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
(Aladdin Knowledge Systems, Ltd.) C:\Program Files\Aladdin\eToken\PKIClient\x64\PKIMonitor.exe
(Sony Corporation) C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe
(Sony Corporation) C:\Program Files (x86)\Sony\Media Gallery\VRLPHelper.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Dropbox, Inc.) C:\Users\Ya-Hü\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\AutoUpdate\ALMon.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe
(ALPS) C:\Program Files\Apoint\Apvfb.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApntEx.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Personalization Manager\VpmIfPav.exe
(Sony of America Corporation) C:\Program Files\Sony\VAIO Care\listener.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCsystray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10775584 2010-06-21] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2040352 2010-06-21] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint\Apoint.exe [212480 2010-05-14] (Alps Electric Co., Ltd.)
HKLM\...\Run: [eTMonitor] => C:\Program Files\Aladdin\eToken\PKIClient\x64\PKIMonitor.exe [192000 2008-11-03] (Aladdin Knowledge Systems, Ltd.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-04] (Intel Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [600928 2010-06-01] (Sony Corporation)
HKLM-x32\...\Run: [SHTtray.exe] => C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe [99696 2010-06-20] (Sony Corporation)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [295512 2013-06-15] (RealNetworks, Inc.)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-12-23] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2013-11-15] ()
HKLM-x32\...\Run: [Sophos AutoUpdate Monitor] => C:\Program Files (x86)\Sophos\AutoUpdate\almon.exe [1617704 2014-05-21] (Sophos Limited)
HKLM-x32\...\Run: [OfferBoulevard] => C:\Program Files (x86)\OfferBoulevard\OfferBoulevardW.exe
HKU\S-1-5-21-2343719655-606922816-1584496895-1000\...\Run: [Elbserver] => C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe [81264 2010-06-22] (Sony Corporation)
HKU\S-1-5-21-2343719655-606922816-1584496895-1000\...\Run: [VRLPHelper] => C:\Program Files (x86)\Sony\Media Gallery\VRLPHelper.exe [183152 2010-06-22] (Sony Corporation)
HKU\S-1-5-21-2343719655-606922816-1584496895-1000\...\Run: [Facebook Update] => C:\Users\Ya-Hü\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-07-12] (Facebook Inc.)
HKU\S-1-5-21-2343719655-606922816-1584496895-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-11-07] (Google Inc.)
HKU\S-1-5-21-2343719655-606922816-1584496895-1000\...\MountPoints2: {a2bb5f40-7701-11e0-8347-18f46af09ee2} - D:\LaunchU3.exe -a
AppInit_DLLs: C:\PROGRA~2\Sophos\SOPHOS~1\SOPHOS~2.DLL => C:\Program Files (x86)\Sophos\Sophos Anti-Virus\sophos_detoured_x64.dll [217160 2014-05-21] (Sophos Limited)
AppInit_DLLs-x32: C:\PROGRA~2\Sophos\SOPHOS~1\SOPHOS~1.DLL => C:\Program Files (x86)\Sophos\Sophos Anti-Virus\sophos_detoured.dll [275352 2014-05-21] (Sophos Limited)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\Ya-Hü\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Ya-Hü\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Ya-Hü\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: http=127.0.0.1:50542;https=127.0.0.1:50542
URLSearchHook: HKLM-x32 - (No Name) - {51a86bb3-6602-4c85-92a5-130ee4864f13} - No File
URLSearchHook: HKLM-x32 - (No Name) - {6dad39c6-f4ac-4984-8e9b-f666269b9eb1} - No File
URLSearchHook: HKCU - (No Name) - {90eee664-34b1-422a-a782-779af65cdf6d} - No File
URLSearchHook: HKCU - (No Name) - {6dad39c6-f4ac-4984-8e9b-f666269b9eb1} - No File
SearchScopes: HKCU - {3BD798E4-1794-4D89-A407-2B4E9370A089} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-9/4?satitle={searchTerms}
SearchScopes: HKCU - {9ADADC8D-74CC-4107-8BFD-ED99FF1E596A} URL = Shopping.com Deutschland - der große Produkt- und Preisvergleich
SearchScopes: HKCU - {A37CD782-4560-4428-9464-96A78BBF90BF} URL = hxxp://services.zinio.com/search?s={searchTerms}&rf=sonyslices
BHO: TermTutor -> {6CB99040-7828-4C37-AC01-F15758F43E4D} -> C:\Program Files\TermTutor\IE\TermTutorClientIE.dll (Term Tutor)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: No Name -> {51a86bb3-6602-4c85-92a5-130ee4864f13} ->  No File
BHO-x32: TermTutor -> {6CB99040-7828-4C37-AC01-F15758F43E4D} -> C:\Program Files (x86)\TermTutor\IE\TermTutorClientIE.dll (Term Tutor)
BHO-x32: No Name -> {6dad39c6-f4ac-4984-8e9b-f666269b9eb1} ->  No File
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKCU - No Name - {51A86BB3-6602-4C85-92A5-130EE4864F13} -  No File
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog9 01 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)
Winsock: Catalog9 02 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)
Winsock: Catalog9 03 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)
Winsock: Catalog9 04 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)
Winsock: Catalog9 05 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)
Winsock: Catalog9 06 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)
Winsock: Catalog9 07 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)
Winsock: Catalog9 08 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)
Winsock: Catalog9 20 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)
Winsock: Catalog9-x64 01 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)
Winsock: Catalog9-x64 02 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)
Winsock: Catalog9-x64 03 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)
Winsock: Catalog9-x64 04 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)
Winsock: Catalog9-x64 05 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)
Winsock: Catalog9-x64 06 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)
Winsock: Catalog9-x64 07 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)
Winsock: Catalog9-x64 08 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)
Winsock: Catalog9-x64 20 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{7F946169-BE2F-4A43-9CE3-A47B900F6482}: [NameServer] 193.175.112.3,195.37.168.3

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=16.0.2.32 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.2 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.2 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.2 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.2.32 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @veetle.com/veetleCorePlugin,version=0.9.18 -> C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF Plugin-x32: @veetle.com/veetlePlayerPlugin,version=0.9.18 -> C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Ya-Hü\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @www.flatcast.com/FlatViewer 5.2 -> C:\Users\YA-H~1\AppData\Roaming\Mozilla\Plugins\NpFv530.dll (1 mal 1 Software GmbH)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NpFv522.dll (1 mal 1 Software GmbH)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NpFv530.dll (1 mal 1 Software GmbH)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll (RealPlayer)
FF Plugin ProgramFiles/Appdata: C:\Users\Ya-Hü\AppData\Roaming\mozilla\plugins\NpFv530.dll (1 mal 1 Software GmbH)
FF Extension: Term Tutor - C:\Program Files (x86)\Mozilla Firefox\extensions\termtutor@termtutor.com [2014-09-15]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2011-05-13]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} [2011-09-15]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} [2012-01-26]
FF HKLM-x32\...\Firefox\Extensions: [{6904342A-8307-11DF-A508-4AE2DFD72085}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa
FF HKLM-x32\...\Firefox\Extensions: [{FCE04E1F-9378-4f39-96F6-5689A9159E45}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-06-15]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM-x32\...\Firefox\Extensions: [termtutor@termtutor.com] - C:\Program Files (x86)\Mozilla Firefox\extensions\termtutor@termtutor.com
FF StartMenuInternet: FIREFOX.EXE - firefox.exe

Chrome: 
=======
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.270.7) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java(TM) Platform SE 6 U27) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Flatcast Viewer Plugin 5.2.2.454) - C:\Program Files (x86)\Mozilla Firefox\plugins\NpFv522.dll (1 mal 1 Software GmbH)
CHR Plugin: (Flatcast Viewer Plugin 5.3.0.784) - C:\Program Files (x86)\Mozilla Firefox\plugins\NpFv530.dll (1 mal 1 Software GmbH)
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\nprpjplug.dll No File
CHR Plugin: (RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll No File
CHR Plugin: (RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll No File
CHR Plugin: (RealJukebox NS Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\nprjplug.dll No File
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (DivX OVS Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Web Player) - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll No File
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Veetle TV Player) - C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc)
CHR Plugin: (Veetle TV Core) - C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)
CHR Plugin: (Windows Live? Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\Ya-H?\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Profile: C:\Users\Ya-Hü\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Ya-Hü\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-03]
CHR Extension: (YouTube) - C:\Users\Ya-Hü\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-16]
CHR Extension: (View GPU Info) - C:\Users\Ya-Hü\AppData\Local\Google\Chrome\User Data\Default\Extensions\bonfagbdfepfbhjgolfalmgldfbgjodi [2014-09-15]
CHR Extension: (Google Search) - C:\Users\Ya-Hü\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-16]
CHR Extension: (RealDownloader) - C:\Users\Ya-Hü\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2013-06-15]
CHR Extension: (Google Wallet) - C:\Users\Ya-Hü\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-01]
CHR Extension: (Gmail) - C:\Users\Ya-Hü\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-16]
CHR Extension: (CinPlusHQ01-2.5cV15.09) - C:\Users\Ya-Hü\AppData\Local\Google\Chrome\User Data\Default\Extensions\pldeppocfnbnopadlkalkhefdhglkijd [2014-09-16]
CHR Extension: (ss8) - C:\Users\Ya-Hü\AppData\Local\Google\Chrome\User Data\Default\Extensions\plofenifjagmdikfcobngnfmmnfmphin [2014-09-15]
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-04-16]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AAV UpdateService; C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 dtpd; C:\Program Files\ShrewSoft\VPN Client\dtpd.exe [56592 2010-10-08] ()
R2 eTSrv; C:\Program Files\Aladdin\eToken\PKIClient\x64\eTSrv.exe [8192 2008-11-03] (Aladdin Knowledge Systems, Ltd.) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 iked; C:\Program Files\ShrewSoft\VPN Client\iked.exe [957712 2010-10-08] ()
R2 ipsecd; C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe [697616 2010-10-08] ()
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 OfferBoulevard; C:\Program Files (x86)\OfferBoulevard\OfferBoulevard.exe [23040 2014-09-09] () [File not signed]
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-04-16] ()
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [259192 2011-01-29] (Sony Corporation)
R2 SAVAdminService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe [288552 2014-05-21] (Sophos Limited)
R2 SAVService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe [205096 2014-05-21] (Sophos Limited)
R2 Sophos AutoUpdate Service; C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe [341800 2014-05-21] (Sophos Limited)
R2 Sophos Web Control Service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe [355624 2014-05-21] (Sophos Limited)
R2 swi_service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe [3174696 2014-05-21] (Sophos Limited)
S2 swi_update_64; C:\ProgramData\Sophos\Web Intelligence\swi_update_64.exe [2065704 2014-05-21] (Sophos Limited)
R2 ttsvc; C:\Program Files (x86)\TermTutor\Service\ttsvc.exe [276048 2014-09-04] (Term Tutor)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2402080 2013-01-28] (TuneUp Software)
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [104960 2008-09-18] (ArcSoft, Inc.)
R2 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [851824 2010-06-17] (Sony Corporation)
R2 VSNService; C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [845312 2010-08-11] (Sony Corporation) [File not signed]
R3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1286784 2012-10-26] (Sony Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 AKSIFDH; C:\Windows\System32\DRIVERS\aksifdh.sys [62632 2008-07-30] (Aladdin Knowledge Systems, Ltd.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-09-22] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
R1 SAVOnAccess; C:\Windows\System32\DRIVERS\savonaccess.sys [158976 2014-05-21] (Sophos Limited)
S3 sdcfilter; C:\Windows\System32\DRIVERS\sdcfilter.sys [38144 2014-05-21] (Sophos Limited)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S4 SophosBootDriver; C:\Windows\System32\DRIVERS\SophosBootDriver.sys [27904 2014-05-21] (Sophos Limited)
R1 ttnfd; C:\Windows\System32\drivers\ttnfd.sys [58232 2014-09-04] (Term Tutor)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [11880 2012-09-19] (TuneUp Software)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-22 13:44 - 2014-09-22 13:45 - 00032490 _____ () C:\Users\Ya-Hü\Desktop\FRST.txt
2014-09-22 13:43 - 2014-09-22 13:43 - 00001931 _____ () C:\Users\Ya-Hü\Desktop\JRT.txt
2014-09-22 13:21 - 2014-09-22 13:21 - 00000000 ____D () C:\Windows\ERUNT
2014-09-22 13:20 - 2014-09-22 13:21 - 01027006 _____ (Thisisu) C:\Users\Ya-Hü\Desktop\JRT.exe
2014-09-22 13:15 - 2014-09-22 13:15 - 00028475 _____ () C:\Users\Ya-Hü\Desktop\AdwCleaner[S0].txt
2014-09-22 13:10 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-09-22 13:08 - 2014-09-22 13:11 - 00000000 ____D () C:\AdwCleaner
2014-09-22 13:07 - 2014-09-22 13:08 - 01373475 _____ () C:\Users\Ya-Hü\Desktop\AdwCleaner_3.310.exe
2014-09-22 13:06 - 2014-09-22 13:06 - 00021769 _____ () C:\Users\Ya-Hü\Desktop\mbam.txt
2014-09-22 12:04 - 2014-09-22 13:18 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-22 12:03 - 2014-09-22 12:03 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-09-22 12:03 - 2014-09-22 12:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-09-22 12:03 - 2014-09-22 12:03 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-22 12:03 - 2014-09-22 12:03 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-09-22 12:03 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-09-22 12:03 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-09-22 12:03 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-09-22 12:02 - 2014-09-22 12:02 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Ya-Hü\Desktop\mbam-setup-2.0.2.1012.exe
2014-09-18 14:55 - 2014-09-18 14:55 - 00000017 _____ () C:\Users\Ya-Hü\AppData\Local\resmon.resmoncfg
2014-09-18 10:06 - 2014-09-18 10:06 - 00000000 ____D () C:\Users\Ya-Hü\AppData\Local\ICSharpCode.net
2014-09-17 14:50 - 2014-09-22 12:54 - 00000000 ____D () C:\Program Files (x86)\OfferBoulevard
2014-09-17 14:50 - 2014-09-22 12:50 - 00000294 _____ () C:\Windows\Tasks\PennyBee.job
2014-09-17 14:50 - 2014-09-17 14:50 - 00003238 _____ () C:\Windows\System32\Tasks\PennyBee
2014-09-16 15:15 - 2014-09-16 15:15 - 00000000 ___SD () C:\ComboFix
2014-09-16 14:55 - 2014-09-16 14:55 - 01484664 _____ (CinemaHQ01Video Plus) C:\Users\Ya-Hü\AppData\Roaming\TCHMVBY.exe
2014-09-16 14:55 - 2014-09-16 14:55 - 00002448 _____ () C:\Windows\Tasks\98ed4270-7785-4165-abad-58c3f4f52fee-5_user.job
2014-09-16 14:55 - 2014-09-16 14:55 - 00001340 _____ () C:\Windows\Tasks\TCHMVBY.job
2014-09-16 14:54 - 2014-09-16 14:54 - 00000652 _____ () C:\Windows\Tasks\59acbb01-4eb7-481b-b3f6-a4eec89c18c5.job
2014-09-16 14:53 - 2014-09-16 14:53 - 01929080 _____ (CinemaHQ01Video Plus) C:\Users\Ya-Hü\AppData\Roaming\YJGWRXDI.exe
2014-09-16 14:53 - 2014-09-16 14:53 - 00001686 _____ () C:\Windows\Tasks\YJGWRXDI.job
2014-09-15 23:49 - 2014-09-19 12:31 - 00000000 ____D () C:\Users\Ya-Hü\Desktop\Berwerbungen
2014-09-15 21:51 - 2014-09-15 21:51 - 00000047 _____ () C:\Users\Ya-Hü\AppData\Roaming\WB.CFG
2014-09-15 21:18 - 2014-09-16 15:15 - 00000000 ____D () C:\Qoobox
2014-09-15 21:16 - 2014-09-15 21:16 - 00000000 ____D () C:\Windows\erdnt
2014-09-15 21:15 - 2014-09-15 21:15 - 05579386 ____R (Swearware) C:\Users\Ya-Hü\Desktop\ComboFix.exe
2014-09-15 20:51 - 2014-09-15 21:33 - 00000000 ____D () C:\Users\Ya-Hü\AppData\Local\Gameo
2014-09-15 20:51 - 2014-09-15 20:51 - 00000171 _____ () C:\Users\Ya-Hü\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Play Games Online.url
2014-09-15 20:51 - 2014-09-15 20:51 - 00000000 ___HD () C:\Users\Ya-Hü\AppData\Roaming\GoldenGate
2014-09-15 20:50 - 2014-09-15 20:50 - 00000000 ____D () C:\Program Files\TermTutor
2014-09-15 20:50 - 2014-09-15 20:50 - 00000000 ____D () C:\Program Files (x86)\TermTutor
2014-09-15 16:43 - 2014-09-15 16:43 - 00003266 _____ () C:\Windows\System32\Tasks\{1B816FFC-80F0-4780-A674-5B4756611473}
2014-09-15 16:13 - 2014-09-15 16:13 - 00001264 _____ () C:\Users\Ya-Hü\Desktop\Revo Uninstaller.lnk
2014-09-15 16:13 - 2014-09-15 16:13 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-09-13 01:17 - 2014-08-15 17:48 - 17868288 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-13 01:17 - 2014-08-15 17:36 - 10920960 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-13 01:17 - 2014-08-15 17:35 - 02339328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-13 01:17 - 2014-08-15 17:31 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-13 01:17 - 2014-08-15 17:31 - 01384960 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-13 01:17 - 2014-08-15 17:30 - 01494016 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-13 01:17 - 2014-08-15 17:30 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-09-13 01:17 - 2014-08-15 17:30 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-13 01:17 - 2014-08-15 17:29 - 02156032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-13 01:17 - 2014-08-15 17:29 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-13 01:17 - 2014-08-15 17:29 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-13 01:17 - 2014-08-15 17:29 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-13 01:17 - 2014-08-15 17:29 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-09-13 01:17 - 2014-08-15 17:29 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-13 01:17 - 2014-08-15 17:29 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-13 01:17 - 2014-08-15 17:29 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-13 01:17 - 2014-08-15 17:29 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-09-13 01:17 - 2014-08-15 17:28 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-13 01:17 - 2014-08-15 17:28 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-13 01:17 - 2014-08-15 17:28 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-09-13 01:17 - 2014-08-15 17:28 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-09-13 01:17 - 2014-08-15 16:51 - 12363264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-13 01:17 - 2014-08-15 16:42 - 09739776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-13 01:17 - 2014-08-15 16:42 - 01810432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-13 01:17 - 2014-08-15 16:37 - 01137664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-13 01:17 - 2014-08-15 16:37 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-13 01:17 - 2014-08-15 16:36 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-13 01:17 - 2014-08-15 16:35 - 01802240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-13 01:17 - 2014-08-15 16:35 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-09-13 01:17 - 2014-08-15 16:35 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-13 01:17 - 2014-08-15 16:35 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-13 01:17 - 2014-08-15 16:35 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-13 01:17 - 2014-08-15 16:35 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-09-13 01:17 - 2014-08-15 16:35 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-13 01:17 - 2014-08-15 16:35 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-13 01:17 - 2014-08-15 16:35 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-13 01:17 - 2014-08-15 16:35 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-09-13 01:17 - 2014-08-15 16:34 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-13 01:17 - 2014-08-15 16:34 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-09-13 01:17 - 2014-08-15 16:34 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-13 01:17 - 2014-08-15 16:34 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-09-13 01:17 - 2014-08-15 16:34 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-09-13 00:23 - 2014-08-01 13:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-13 00:23 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-09-13 00:22 - 2014-09-05 04:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-13 00:22 - 2014-09-05 04:05 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-13 00:22 - 2014-07-07 04:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-13 00:22 - 2014-07-07 04:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-13 00:22 - 2014-07-07 03:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-13 00:22 - 2014-07-07 03:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-09-13 00:22 - 2014-07-07 03:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-09-10 22:26 - 2014-09-22 13:44 - 00000000 ____D () C:\FRST
2014-09-10 22:26 - 2014-09-10 22:26 - 02105856 _____ (Farbar) C:\Users\Ya-Hü\Desktop\FRST64.exe
2014-09-10 22:14 - 2014-09-10 22:14 - 25092156 _____ () C:\Users\Ya-Hü\Desktop\mse46.zip
2014-09-10 22:09 - 2014-09-10 22:09 - 17903792 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-09-10 21:45 - 2014-09-10 21:45 - 00754752 _____ () C:\Windows\Minidump\091014-19484-01.dmp
2014-09-09 21:19 - 2014-09-18 13:43 - 00002066 _____ () C:\Users\Ya-Hü\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-09-09 21:18 - 2014-09-09 21:18 - 01536928 _____ (smart-saverplus) C:\Users\Ya-Hü\AppData\Roaming\UQH.exe
2014-09-09 21:18 - 2014-09-09 21:18 - 01484704 _____ (enter) C:\Users\Ya-Hü\AppData\Roaming\DYISTEC.exe
2014-09-09 21:18 - 2014-09-09 21:18 - 00002410 _____ () C:\Windows\Tasks\bf1a449c-8356-402e-9ecc-44015185bae6-5_user.job
2014-09-09 21:18 - 2014-09-09 21:18 - 00001340 _____ () C:\Windows\Tasks\DYISTEC.job
2014-09-09 21:18 - 2014-09-09 21:18 - 00001332 _____ () C:\Windows\Tasks\UQH.job
2014-09-09 21:17 - 2014-09-09 21:17 - 01984928 _____ (smart-saverplus) C:\Users\Ya-Hü\AppData\Roaming\ICLHS.exe
2014-09-09 21:17 - 2014-09-09 21:17 - 01927072 _____ (enter) C:\Users\Ya-Hü\AppData\Roaming\EVIBZ.exe
2014-09-09 21:17 - 2014-09-09 21:17 - 00001336 _____ () C:\Windows\Tasks\ICLHS.job
2014-09-09 21:17 - 2014-09-09 21:17 - 00001336 _____ () C:\Windows\Tasks\EVIBZ.job
2014-09-09 21:16 - 2014-09-22 12:59 - 00000000 ____D () C:\Program Files (x86)\ss8
2014-09-09 21:10 - 2014-09-09 21:10 - 00000000 ____D () C:\Users\Ya-Hü\AppData\Local\com
2014-09-09 21:02 - 2014-09-18 15:08 - 00000000 ___HD () C:\Users\Public\Temp
2014-09-09 20:59 - 2014-09-22 13:14 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-09-04 19:22 - 2014-09-04 19:22 - 00058232 _____ (Term Tutor) C:\Windows\system32\Drivers\ttnfd.sys
2014-09-02 21:55 - 2014-09-02 21:55 - 00487483 ____N () C:\monitor.exe
2014-09-02 20:16 - 2014-09-02 20:16 - 00634880 _____ () C:\DirectControl.exe
2014-09-02 13:03 - 2014-09-02 13:04 - 00000000 ____D () C:\Users\Ya-Hü\.tfo4
2014-09-02 13:03 - 2014-09-02 13:03 - 00000000 ____D () C:\Users\Ya-Hü\4.0
2014-09-01 19:07 - 2014-09-01 19:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Split And Merge Basic
2014-09-01 19:07 - 2014-09-01 19:07 - 00000000 ____D () C:\Program Files\plugins
2014-09-01 19:07 - 2014-09-01 19:07 - 00000000 ____D () C:\Program Files\lib
2014-09-01 19:07 - 2014-09-01 19:07 - 00000000 ____D () C:\Program Files\doc
2014-09-01 19:07 - 2014-09-01 19:07 - 00000000 ____D () C:\Program Files\bin
2014-09-01 10:18 - 2014-09-01 10:18 - 00002086 _____ () C:\Users\Ya-Hü\AppData\Roaming\UQH
2014-09-01 10:18 - 2014-09-01 10:18 - 00002086 _____ () C:\Users\Ya-Hü\AppData\Roaming\TCHMVBY
2014-09-01 10:18 - 2014-09-01 10:18 - 00002086 _____ () C:\Users\Ya-Hü\AppData\Roaming\DYISTEC
2014-09-01 10:18 - 2014-09-01 10:18 - 00001248 _____ () C:\Users\Ya-Hü\AppData\Roaming\YJGWRXDI
2014-09-01 10:18 - 2014-09-01 10:18 - 00001248 _____ () C:\Users\Ya-Hü\AppData\Roaming\ICLHS
2014-09-01 10:18 - 2014-09-01 10:18 - 00001248 _____ () C:\Users\Ya-Hü\AppData\Roaming\EVIBZ
2014-08-28 16:01 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-28 16:01 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-28 16:01 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-22 13:45 - 2014-09-22 13:44 - 00032490 _____ () C:\Users\Ya-Hü\Desktop\FRST.txt
2014-09-22 13:44 - 2014-09-10 22:26 - 00000000 ____D () C:\FRST
2014-09-22 13:43 - 2014-09-22 13:43 - 00001931 _____ () C:\Users\Ya-Hü\Desktop\JRT.txt
2014-09-22 13:25 - 2009-07-14 06:45 - 00018704 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-22 13:25 - 2009-07-14 06:45 - 00018704 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-22 13:21 - 2014-09-22 13:21 - 00000000 ____D () C:\Windows\ERUNT
2014-09-22 13:21 - 2014-09-22 13:20 - 01027006 _____ (Thisisu) C:\Users\Ya-Hü\Desktop\JRT.exe
2014-09-22 13:21 - 2011-01-04 22:27 - 00003938 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{2AFB6A0C-FBFD-44D8-A38B-EF01CE6CE147}
2014-09-22 13:18 - 2014-09-22 12:04 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-22 13:15 - 2014-09-22 13:15 - 00028475 _____ () C:\Users\Ya-Hü\Desktop\AdwCleaner[S0].txt
2014-09-22 13:15 - 2012-01-04 19:41 - 00000000 ___RD () C:\Users\Ya-Hü\Dropbox
2014-09-22 13:15 - 2012-01-04 19:39 - 00000000 ____D () C:\Users\Ya-Hü\AppData\Roaming\Dropbox
2014-09-22 13:14 - 2014-09-09 20:59 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-09-22 13:14 - 2010-11-07 23:28 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-22 13:14 - 2009-07-14 07:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-09-22 13:14 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-22 13:13 - 2010-10-11 22:06 - 00266248 _____ () C:\Windows\PFRO.log
2014-09-22 13:13 - 2009-07-14 06:51 - 00194798 _____ () C:\Windows\setupact.log
2014-09-22 13:12 - 2010-11-07 23:20 - 01624895 _____ () C:\Windows\WindowsUpdate.log
2014-09-22 13:11 - 2014-09-22 13:08 - 00000000 ____D () C:\AdwCleaner
2014-09-22 13:11 - 2011-03-26 10:52 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-22 13:09 - 2013-03-01 23:17 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-22 13:08 - 2014-09-22 13:07 - 01373475 _____ () C:\Users\Ya-Hü\Desktop\AdwCleaner_3.310.exe
2014-09-22 13:06 - 2014-09-22 13:06 - 00021769 _____ () C:\Users\Ya-Hü\Desktop\mbam.txt
2014-09-22 13:04 - 2010-11-07 23:28 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-22 12:59 - 2014-09-09 21:16 - 00000000 ____D () C:\Program Files (x86)\ss8
2014-09-22 12:55 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\LiveKernelReports
2014-09-22 12:54 - 2014-09-17 14:50 - 00000000 ____D () C:\Program Files (x86)\OfferBoulevard
2014-09-22 12:50 - 2014-09-17 14:50 - 00000294 _____ () C:\Windows\Tasks\PennyBee.job
2014-09-22 12:03 - 2014-09-22 12:03 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-09-22 12:03 - 2014-09-22 12:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-09-22 12:03 - 2014-09-22 12:03 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-22 12:03 - 2014-09-22 12:03 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-09-22 12:02 - 2014-09-22 12:02 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Ya-Hü\Desktop\mbam-setup-2.0.2.1012.exe
2014-09-22 11:58 - 2011-10-14 23:43 - 00001138 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2343719655-606922816-1584496895-1000UA.job
2014-09-21 16:46 - 2013-07-16 23:07 - 00000000 _____ () C:\Windows\system32\vireng.log
2014-09-19 12:31 - 2014-09-15 23:49 - 00000000 ____D () C:\Users\Ya-Hü\Desktop\Berwerbungen
2014-09-19 10:54 - 2013-01-02 16:19 - 01733120 ___SH () C:\Users\Ya-Hü\Desktop\Thumbs.db
2014-09-19 10:22 - 2012-01-04 19:39 - 00000000 ____D () C:\Users\Ya-Hü\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-09-18 15:08 - 2014-09-09 21:02 - 00000000 ___HD () C:\Users\Public\Temp
2014-09-18 15:03 - 2011-01-07 12:34 - 00000000 ____D () C:\Users\Ya-Hü\AppData\Roaming\SoftGrid Client
2014-09-18 14:55 - 2014-09-18 14:55 - 00000017 _____ () C:\Users\Ya-Hü\AppData\Local\resmon.resmoncfg
2014-09-18 14:11 - 2011-03-26 10:52 - 00000000 ____D () C:\Users\Ya-Hü\AppData\Roaming\Mozilla
2014-09-18 13:43 - 2014-09-09 21:19 - 00002066 _____ () C:\Users\Ya-Hü\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-09-18 10:06 - 2014-09-18 10:06 - 00000000 ____D () C:\Users\Ya-Hü\AppData\Local\ICSharpCode.net
2014-09-17 14:50 - 2014-09-17 14:50 - 00003238 _____ () C:\Windows\System32\Tasks\PennyBee
2014-09-16 23:58 - 2011-10-14 23:43 - 00001116 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2343719655-606922816-1584496895-1000Core.job
2014-09-16 16:47 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-09-16 15:15 - 2014-09-16 15:15 - 00000000 ___SD () C:\ComboFix
2014-09-16 15:15 - 2014-09-15 21:18 - 00000000 ____D () C:\Qoobox
2014-09-16 14:55 - 2014-09-16 14:55 - 01484664 _____ (CinemaHQ01Video Plus) C:\Users\Ya-Hü\AppData\Roaming\TCHMVBY.exe
2014-09-16 14:55 - 2014-09-16 14:55 - 00002448 _____ () C:\Windows\Tasks\98ed4270-7785-4165-abad-58c3f4f52fee-5_user.job
2014-09-16 14:55 - 2014-09-16 14:55 - 00001340 _____ () C:\Windows\Tasks\TCHMVBY.job
2014-09-16 14:54 - 2014-09-16 14:54 - 00000652 _____ () C:\Windows\Tasks\59acbb01-4eb7-481b-b3f6-a4eec89c18c5.job
2014-09-16 14:53 - 2014-09-16 14:53 - 01929080 _____ (CinemaHQ01Video Plus) C:\Users\Ya-Hü\AppData\Roaming\YJGWRXDI.exe
2014-09-16 14:53 - 2014-09-16 14:53 - 00001686 _____ () C:\Windows\Tasks\YJGWRXDI.job
2014-09-15 23:52 - 2013-10-14 00:22 - 00000000 ____D () C:\Users\Ya-Hü\Desktop\LAST Semester insa'ALLAH
2014-09-15 23:27 - 2010-11-07 23:28 - 00000000 ____D () C:\Program Files (x86)\Google
2014-09-15 21:51 - 2014-09-15 21:51 - 00000047 _____ () C:\Users\Ya-Hü\AppData\Roaming\WB.CFG
2014-09-15 21:33 - 2014-09-15 20:51 - 00000000 ____D () C:\Users\Ya-Hü\AppData\Local\Gameo
2014-09-15 21:16 - 2014-09-15 21:16 - 00000000 ____D () C:\Windows\erdnt
2014-09-15 21:15 - 2014-09-15 21:15 - 05579386 ____R (Swearware) C:\Users\Ya-Hü\Desktop\ComboFix.exe
2014-09-15 20:51 - 2014-09-15 20:51 - 00000171 _____ () C:\Users\Ya-Hü\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Play Games Online.url
2014-09-15 20:51 - 2014-09-15 20:51 - 00000000 ___HD () C:\Users\Ya-Hü\AppData\Roaming\GoldenGate
2014-09-15 20:50 - 2014-09-15 20:50 - 00000000 ____D () C:\Program Files\TermTutor
2014-09-15 20:50 - 2014-09-15 20:50 - 00000000 ____D () C:\Program Files (x86)\TermTutor
2014-09-15 16:43 - 2014-09-15 16:43 - 00003266 _____ () C:\Windows\System32\Tasks\{1B816FFC-80F0-4780-A674-5B4756611473}
2014-09-15 16:13 - 2014-09-15 16:13 - 00001264 _____ () C:\Users\Ya-Hü\Desktop\Revo Uninstaller.lnk
2014-09-15 16:13 - 2014-09-15 16:13 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-09-13 01:17 - 2011-04-12 20:24 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-13 01:15 - 2011-01-07 12:33 - 01596516 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-09-13 01:15 - 2010-11-08 08:15 - 00700134 _____ () C:\Windows\system32\perfh007.dat
2014-09-13 01:15 - 2010-11-08 08:15 - 00149984 _____ () C:\Windows\system32\perfc007.dat
2014-09-13 01:15 - 2009-07-14 07:13 - 01596516 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-13 01:14 - 2013-08-16 16:39 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-13 01:01 - 2011-02-27 01:08 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-13 01:00 - 2014-05-07 02:19 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-09-10 22:39 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-09-10 22:26 - 2014-09-10 22:26 - 02105856 _____ (Farbar) C:\Users\Ya-Hü\Desktop\FRST64.exe
2014-09-10 22:14 - 2014-09-10 22:14 - 25092156 _____ () C:\Users\Ya-Hü\Desktop\mse46.zip
2014-09-10 22:09 - 2014-09-10 22:09 - 17903792 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-09-10 22:09 - 2013-03-01 23:17 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-10 22:09 - 2013-03-01 23:17 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-10 22:09 - 2013-03-01 23:17 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-10 21:45 - 2014-09-10 21:45 - 00754752 _____ () C:\Windows\Minidump\091014-19484-01.dmp
2014-09-10 21:45 - 2011-06-07 13:13 - 530712586 _____ () C:\Windows\MEMORY.DMP
2014-09-10 21:45 - 2011-06-07 13:13 - 00000000 ____D () C:\Windows\Minidump
2014-09-09 21:18 - 2014-09-09 21:18 - 01536928 _____ (smart-saverplus) C:\Users\Ya-Hü\AppData\Roaming\UQH.exe
2014-09-09 21:18 - 2014-09-09 21:18 - 01484704 _____ (enter) C:\Users\Ya-Hü\AppData\Roaming\DYISTEC.exe
2014-09-09 21:18 - 2014-09-09 21:18 - 00002410 _____ () C:\Windows\Tasks\bf1a449c-8356-402e-9ecc-44015185bae6-5_user.job
2014-09-09 21:18 - 2014-09-09 21:18 - 00001340 _____ () C:\Windows\Tasks\DYISTEC.job
2014-09-09 21:18 - 2014-09-09 21:18 - 00001332 _____ () C:\Windows\Tasks\UQH.job
2014-09-09 21:17 - 2014-09-09 21:17 - 01984928 _____ (smart-saverplus) C:\Users\Ya-Hü\AppData\Roaming\ICLHS.exe
2014-09-09 21:17 - 2014-09-09 21:17 - 01927072 _____ (enter) C:\Users\Ya-Hü\AppData\Roaming\EVIBZ.exe
2014-09-09 21:17 - 2014-09-09 21:17 - 00001336 _____ () C:\Windows\Tasks\ICLHS.job
2014-09-09 21:17 - 2014-09-09 21:17 - 00001336 _____ () C:\Windows\Tasks\EVIBZ.job
2014-09-09 21:10 - 2014-09-09 21:10 - 00000000 ____D () C:\Users\Ya-Hü\AppData\Local\com
2014-09-09 20:59 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-09-09 20:59 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-09-05 04:10 - 2014-09-13 00:22 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-05 04:05 - 2014-09-13 00:22 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-04 19:22 - 2014-09-04 19:22 - 00058232 _____ (Term Tutor) C:\Windows\system32\Drivers\ttnfd.sys
2014-09-04 00:35 - 2013-04-15 14:15 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-09-03 16:21 - 2011-01-08 14:28 - 00000000 ____D () C:\ProgramData\Norton
2014-09-03 16:21 - 2010-11-07 23:33 - 00000000 ____D () C:\ProgramData\Symantec
2014-09-02 21:55 - 2014-09-02 21:55 - 00487483 ____N () C:\monitor.exe
2014-09-02 20:16 - 2014-09-02 20:16 - 00634880 _____ () C:\DirectControl.exe
2014-09-02 13:04 - 2014-09-02 13:03 - 00000000 ____D () C:\Users\Ya-Hü\.tfo4
2014-09-02 13:03 - 2014-09-02 13:03 - 00000000 ____D () C:\Users\Ya-Hü\4.0
2014-09-02 13:03 - 2011-01-04 22:22 - 00000000 ____D () C:\Users\Ya-Hü
2014-09-01 19:07 - 2014-09-01 19:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Split And Merge Basic
2014-09-01 19:07 - 2014-09-01 19:07 - 00000000 ____D () C:\Program Files\plugins
2014-09-01 19:07 - 2014-09-01 19:07 - 00000000 ____D () C:\Program Files\lib
2014-09-01 19:07 - 2014-09-01 19:07 - 00000000 ____D () C:\Program Files\doc
2014-09-01 19:07 - 2014-09-01 19:07 - 00000000 ____D () C:\Program Files\bin
2014-09-01 19:07 - 2014-06-25 09:52 - 00000653 _____ () C:\Program Files\pdfsam-config.xml
2014-09-01 10:18 - 2014-09-01 10:18 - 00002086 _____ () C:\Users\Ya-Hü\AppData\Roaming\UQH
2014-09-01 10:18 - 2014-09-01 10:18 - 00002086 _____ () C:\Users\Ya-Hü\AppData\Roaming\TCHMVBY
2014-09-01 10:18 - 2014-09-01 10:18 - 00002086 _____ () C:\Users\Ya-Hü\AppData\Roaming\DYISTEC
2014-09-01 10:18 - 2014-09-01 10:18 - 00001248 _____ () C:\Users\Ya-Hü\AppData\Roaming\YJGWRXDI
2014-09-01 10:18 - 2014-09-01 10:18 - 00001248 _____ () C:\Users\Ya-Hü\AppData\Roaming\ICLHS
2014-09-01 10:18 - 2014-09-01 10:18 - 00001248 _____ () C:\Users\Ya-Hü\AppData\Roaming\EVIBZ
2014-08-29 03:21 - 2009-07-14 06:45 - 00778352 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-27 00:38 - 2013-12-01 22:55 - 00000000 ____D () C:\Users\Ya-Hü\Desktop\camii
2014-08-26 23:31 - 2014-03-19 15:43 - 00000000 ____D () C:\Users\Ya-Hü\Desktop\Bachelorarbeit
2014-08-26 23:31 - 2013-02-03 21:37 - 00000000 ____D () C:\Users\Ya-Hü\Desktop\Diverse Schreiben bzw. Briefe
2014-08-26 23:31 - 2012-06-07 13:35 - 00000000 ____D () C:\Users\Ya-Hü\Desktop\Karsik
2014-08-25 06:53 - 2011-03-13 11:52 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-08-23 04:07 - 2014-08-28 16:01 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 03:45 - 2014-08-28 16:01 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-23 02:59 - 2014-08-28 16:01 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

Some content of TEMP:
====================
C:\Users\Ya-Hü\AppData\Local\Temp\AskSLib.dll
C:\Users\Ya-Hü\AppData\Local\Temp\BackupSetup.exe
C:\Users\Ya-Hü\AppData\Local\Temp\cm-u804d.dll
C:\Users\Ya-Hü\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp6a0st8.dll
C:\Users\Ya-Hü\AppData\Local\Temp\DWPUpgradeInstaller.exe
C:\Users\Ya-Hü\AppData\Local\Temp\FileSystemView.dll
C:\Users\Ya-Hü\AppData\Local\Temp\Launcher.exe
C:\Users\Ya-Hü\AppData\Local\Temp\mufpxfvp.dll
C:\Users\Ya-Hü\AppData\Local\Temp\post1.exe
C:\Users\Ya-Hü\AppData\Local\Temp\post2.dll
C:\Users\Ya-Hü\AppData\Local\Temp\post2.exe
C:\Users\Ya-Hü\AppData\Local\Temp\Quarantine.exe
C:\Users\Ya-Hü\AppData\Local\Temp\setup_337.exe
C:\Users\Ya-Hü\AppData\Local\Temp\SHelp2.exe
C:\Users\Ya-Hü\AppData\Local\Temp\SpOrder.dll
C:\Users\Ya-Hü\AppData\Local\Temp\stubhelper.dll
C:\Users\Ya-Hü\AppData\Local\Temp\System.Data.SQLite.dll
C:\Users\Ya-Hü\AppData\Local\Temp\System.Data.SQLite21907.dll
C:\Users\Ya-Hü\AppData\Local\Temp\vcredist_x64.exe
C:\Users\Ya-Hü\AppData\Local\Temp\wmdjug6e.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-16 16:31

==================== End Of Log ============================

--- --- ---

schrauber · 22.09.2014, 17:04

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?

Schahin · 22.09.2014, 23:08

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=9e6c77d3963e61488d7a7725980832b1
# engine=20247
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-09-22 06:39:41
# local_time=2014-09-22 08:39:41 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 23447 163041031 0 0
# compatibility_mode_1='Sophos Anti-Virus'
# compatibility_mode=8450 16777213 100 99 12597 108777382 0 0
# scanned=134813
# found=22
# cleaned=0
# scan_time=7597
sh=C5E60CCD154DB4E5978E33285DB016171C80ED79 ft=1 fh=58635ab0e5696ad2 vn="Win32/AdWare.Loadshop.A Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\monitorsvc.exe.vir"
sh=A4CE8B88791877CDA87FFED8168BE73A21BF3370 ft=1 fh=4db1911c9bd166d4 vn="Win32/Agent.WGA Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Windows\score.exe.vir"
sh=7E365F5F8841673A67DEB61EBCD4B689A488B677 ft=1 fh=ae054f85f50e59fb vn="Variante von Win64/Adware.Vitruvian.B Anwendung" ac=I fn="C:\Program Files\TermTutor\IE\TermTutorClientIE.dll"
sh=8242BD4EEE162B47CFB747901E137937FF409B7D ft=1 fh=7577f344c81db086 vn="Variante von Win32/AdWare.Vitruvian.D Anwendung" ac=I fn="C:\Program Files (x86)\TermTutor\IE\TermTutorClientIE.dll"
sh=F48E3296587DA40FDCE135488EC1CFDAB4F77CEB ft=1 fh=218b94011b24785c vn="Variante von Win32/AdWare.Vitruvian.D Anwendung" ac=I fn="C:\Program Files (x86)\TermTutor\Service\ttsvc.exe"
sh=F9DF8C6A129CBD5E05C85F2EA389AD988D6BEA8B ft=1 fh=3cfdff7458f4d340 vn="Variante von Win32/AdWare.AddLyrics.BR Anwendung" ac=I fn="C:\Users\Ya-Hü\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EZ4N91OS\3333-2080_SpeedChecker[1].exe"
sh=6BDA022CEE7A5D0FDBC8E201B123062FDAB8D0E2 ft=1 fh=e97dddb74254d8cd vn="Variante von Win32/AdWare.NaviPromo.AZ Anwendung" ac=I fn="C:\Users\Ya-Hü\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EZ4N91OS\GenesisInstaller[1].exe"
sh=479E03A3846A720787CF7F2CBC3A9CEA06AD752F ft=1 fh=7f8c6d23a3efd749 vn="Win32/Agent.WGA Trojaner" ac=I fn="C:\Users\Ya-Hü\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EZ4N91OS\setup[1].exe"
sh=807617DCC6A329C05689BD19BE00EC4203BDF1F8 ft=1 fh=6b92ca387144ec0c vn="Mehrere Bedrohungen" ac=I fn="C:\Users\Ya-Hü\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EZ4N91OS\setup_mbot_de[1].exe"
sh=9C3F6C2B06D08C5BB112BB0C37B6583EFE4550C8 ft=1 fh=8202483c449e4190 vn="Win32/AdWare.Loadshop.A Anwendung" ac=I fn="C:\Users\Ya-Hü\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EZ4N91OS\wp-dcollect-tgu.211[1].exe"
sh=6BDA022CEE7A5D0FDBC8E201B123062FDAB8D0E2 ft=1 fh=e97dddb74254d8cd vn="Variante von Win32/AdWare.NaviPromo.AZ Anwendung" ac=I fn="C:\Users\Ya-Hü\AppData\Local\Temp\693Etmp\genesisinstaller.exe"
sh=F9DF8C6A129CBD5E05C85F2EA389AD988D6BEA8B ft=1 fh=3cfdff7458f4d340 vn="Variante von Win32/AdWare.AddLyrics.BR Anwendung" ac=I fn="C:\Users\Ya-Hü\AppData\Local\Temp\693Ftmp\3333-2080_speedchecker.exe"
sh=807617DCC6A329C05689BD19BE00EC4203BDF1F8 ft=1 fh=6b92ca387144ec0c vn="Mehrere Bedrohungen" ac=I fn="C:\Users\Ya-Hü\AppData\Local\Temp\6950tmp\mybestofferstoday.exe"
sh=479E03A3846A720787CF7F2CBC3A9CEA06AD752F ft=1 fh=7f8c6d23a3efd749 vn="Win32/Agent.WGA Trojaner" ac=I fn="C:\Users\Ya-Hü\AppData\Local\Temp\6951tmp\setup.exe"
sh=9C3F6C2B06D08C5BB112BB0C37B6583EFE4550C8 ft=1 fh=8202483c449e4190 vn="Win32/AdWare.Loadshop.A Anwendung" ac=I fn="C:\Users\Ya-Hü\AppData\Local\Temp\6953tmp\wp-dcollect-tgu.211.exe"
sh=807617DCC6A329C05689BD19BE00EC4203BDF1F8 ft=1 fh=6b92ca387144ec0c vn="Mehrere Bedrohungen" ac=I fn="C:\Users\Ya-Hü\AppData\Local\Temp\6B2Dtmp\mybestofferstoday.exe"
sh=E5E4E3DF67EF76B47C8993AC1F35236577124934 ft=1 fh=b4ebd1af99768d94 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\Ya-Hü\AppData\Local\Temp\is45637729\2244190_stp\termtutor-setup-1.9.0.8.exe"
sh=022BDFD43F2C8F7CBB0740457C1FAA19A3804E61 ft=1 fh=fb48ccaad2eefd57 vn="Variante von Win32/TrojanDownloader.Whizelown.K Trojaner" ac=I fn="C:\Users\Ya-Hü\Downloads\WhiteSmokeWriterGeo9139_en (1).exe"
sh=022BDFD43F2C8F7CBB0740457C1FAA19A3804E61 ft=1 fh=fb48ccaad2eefd57 vn="Variante von Win32/TrojanDownloader.Whizelown.K Trojaner" ac=I fn="C:\Users\Ya-Hü\Downloads\WhiteSmokeWriterGeo9139_en (2).exe"
sh=022BDFD43F2C8F7CBB0740457C1FAA19A3804E61 ft=1 fh=fb48ccaad2eefd57 vn="Variante von Win32/TrojanDownloader.Whizelown.K Trojaner" ac=I fn="C:\Users\Ya-Hü\Downloads\WhiteSmokeWriterGeo9139_en (3).exe"
sh=022BDFD43F2C8F7CBB0740457C1FAA19A3804E61 ft=1 fh=fb48ccaad2eefd57 vn="Variante von Win32/TrojanDownloader.Whizelown.K Trojaner" ac=I fn="C:\Users\Ya-Hü\Downloads\WhiteSmokeWriterGeo9139_en (4).exe"
sh=022BDFD43F2C8F7CBB0740457C1FAA19A3804E61 ft=1 fh=fb48ccaad2eefd57 vn="Variante von Win32/TrojanDownloader.Whizelown.K Trojaner" ac=I fn="C:\Users\Ya-Hü\Downloads\WhiteSmokeWriterGeo9139_en.exe"
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=9e6c77d3963e61488d7a7725980832b1
# engine=20247
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-09-22 09:45:04
# local_time=2014-09-22 11:45:04 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 34570 163052154 0 0
# compatibility_mode_1='Sophos Anti-Virus'
# compatibility_mode=8450 16777213 100 99 12917 108788505 0 0
# scanned=252060
# found=159
# cleaned=0
# scan_time=11017
sh=C5E60CCD154DB4E5978E33285DB016171C80ED79 ft=1 fh=58635ab0e5696ad2 vn="Win32/AdWare.Loadshop.A Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\monitorsvc.exe.vir"
sh=54F568BEEEF5FAFB44361EF9740BB8B99BC791E1 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\CinPlusHQ01-2.5cV15.09\34d5b262-de52-4027-b42a-4fa3571d7f58.crx.vir"
sh=B01A27DA69379E7A3E75098D1E2673572E3C563C ft=1 fh=c8e0938ce5560143 vn="Variante von Win32/Toolbar.CrossRider.AS evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\CinPlusHQ01-2.5cV15.09\59acbb01-4eb7-481b-b3f6-a4eec89c18c5.exe.vir"
sh=36E152AB816973B3A7B571FF0EBB70DFE804F44F ft=1 fh=8bc12dc6c24a2404 vn="Variante von Win32/Toolbar.CrossRider.AQ evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\CinPlusHQ01-2.5cV15.09\98ed4270-7785-4165-abad-58c3f4f52fee-11.exe.vir"
sh=0C9E6E51A254A2BA944F4CB8F36B50B9F720126A ft=1 fh=fc64297ff92b00e1 vn="Variante von Win32/Toolbar.CrossRider.AR evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\CinPlusHQ01-2.5cV15.09\98ed4270-7785-4165-abad-58c3f4f52fee-2.exe.vir"
sh=36E152AB816973B3A7B571FF0EBB70DFE804F44F ft=1 fh=8bc12dc6c24a2404 vn="Variante von Win32/Toolbar.CrossRider.AQ evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\CinPlusHQ01-2.5cV15.09\98ed4270-7785-4165-abad-58c3f4f52fee-3.exe.vir"
sh=AF6972A96EBDFF21ACBA29CCC29424AB5A298CB0 ft=1 fh=d29e27007e522373 vn="Variante von Win32/Toolbar.CrossRider.AQ evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\CinPlusHQ01-2.5cV15.09\98ed4270-7785-4165-abad-58c3f4f52fee-4.exe.vir"
sh=1FFCDDDAD10A71CD80E301984E057DCE3DC82869 ft=1 fh=80881101bbc27895 vn="Variante von Win32/Toolbar.CrossRider.AR evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\CinPlusHQ01-2.5cV15.09\98ed4270-7785-4165-abad-58c3f4f52fee-5.exe.vir"
sh=A7ECE89AE5BF388432DF19220272BE4405FBCD9E ft=1 fh=0e1cebe1f7866a38 vn="Variante von Win32/Toolbar.CrossRider.AM evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\CinPlusHQ01-2.5cV15.09\98ed4270-7785-4165-abad-58c3f4f52fee-7.exe.vir"
sh=C9799082AA74AB6CAE655EA2432AA34D782D78EB ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\CinPlusHQ01-2.5cV15.09\98ed4270-7785-4165-abad-58c3f4f52fee.crx.vir"
sh=5B48C41FB2316C490E01AC97500B391EC0639016 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\CinPlusHQ01-2.5cV15.09\98ed4270-7785-4165-abad-58c3f4f52fee.xpi.vir"
sh=C9799082AA74AB6CAE655EA2432AA34D782D78EB ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\CinPlusHQ01-2.5cV15.09\a24121dc-c50d-4fe4-bf19-8a663c3e51da.crx.vir"
sh=E33BF05A13942438FC8A8F49F05D59D191E2E0C7 ft=1 fh=2959aa3ca7cd54cc vn="Variante von Win32/Toolbar.CrossRider.AL evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\CinPlusHQ01-2.5cV15.09\CinPlusHQ01-2.5cV15.09-bg.exe.vir"
sh=E05A638229036AC8BD319054EB29DB0B3D2E71A8 ft=1 fh=9d473d07b2628723 vn="Variante von Win32/Toolbar.CrossRider.AF evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\CinPlusHQ01-2.5cV15.09\CinPlusHQ01-2.5cV15.09-bho.dll.vir"
sh=C191D87FB152A19329C7EF1ADDB1F697E512C206 ft=1 fh=6e346c3124001cae vn="Variante von Win64/Toolbar.Crossrider.J evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\CinPlusHQ01-2.5cV15.09\CinPlusHQ01-2.5cV15.09-bho64.dll.vir"
sh=A7ECE89AE5BF388432DF19220272BE4405FBCD9E ft=1 fh=0e1cebe1f7866a38 vn="Variante von Win32/Toolbar.CrossRider.AM evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\CinPlusHQ01-2.5cV15.09\CinPlusHQ01-2.5cV15.09-codedownloader.exe.vir"
sh=ED0306DAF62B44720100B39FFEED16394D626FB0 ft=1 fh=bfd3aab6ff0f9199 vn="Variante von Win32/Toolbar.CrossRider.AG evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\CinPlusHQ01-2.5cV15.09\fa50a323-b173-42a7-ad68-a45d88bc41ec.exe.vir"
sh=8992F72873D09212597E582A16F8D9BC60E6A22A ft=1 fh=e21391a34e842ffc vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Common Files\DVDVideoSoft\TB\ConduitInstaller.exe.vir"
sh=359D977D432E4F90FE627B2717144AE873990AC4 ft=1 fh=63c7b0ee3e7f229d vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Common Files\DVDVideoSoft\TB\DVDVideoSoftTB.exe.vir"
sh=AF2A09062B79711D5D92F58251EE238DF2E5E9F9 ft=1 fh=ea86b3a42b031233 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\ConduitEngine\ConduitEngine.dll.vir"
sh=93510E07EBD463BE51052EC8114EC16C5423103E ft=0 fh=0000000000000000 vn="Win32/Conduit.SearchProtect.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Mozilla Firefox\nsprotector.js.vir"
sh=53F226B3D1D3828304E40C6C7A50667ADF23B42A ft=1 fh=e1ea10a5e9416a5c vn="Win32/Thinknice.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\DpInterface32.dll.vir"
sh=0CB68F399D491465198E3E86F1D2923A211614E7 ft=1 fh=021f675753f993f2 vn="Win64/Thinknice.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\DpInterface64.dll.vir"
sh=86EA851108D635D9ED47C01E86899845DFDA3EC7 ft=1 fh=90733a3b10b3e858 vn="Win32/Thinknice.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\HpUI.exe.vir"
sh=30E2FB1C671B2808D2E80518D793575965AF2416 ft=1 fh=d06e6f3f3f60e357 vn="Variante von Win32/Thinknice.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SearchProtect32.dll.vir"
sh=AC11914CC02E023E2EF06A80DEE1701419A5473A ft=1 fh=4cb2d0bd10147652 vn="Win64/Thinknice.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SearchProtect64.dll.vir"
sh=D037F58CF4B36F3B437FAA0D9500720445B27D65 ft=1 fh=b07c7921935b766c vn="Win32/Thinknice.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SupTab.dll.vir"
sh=4139F95644E13A650D4827C943BCC9F2F0F6AA93 ft=1 fh=3b96e1736604b8bc vn="Win32/Thinknice.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\uninstall.exe.vir"
sh=5FB95D21BE8CF2753FD8A42398ADD26E2B21409F ft=1 fh=0f2c5f177050d203 vn="Variante von Win32/Toolbar.Conduit.AJ evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Conduit\Multi\CT3297265\UninstallerUI.exe.vir"
sh=C367B1BB5B37F59519EBC43C567EA9EAAF9D68CA ft=0 fh=0000000000000000 vn="Win32/Toolbar.Conduit.AH evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\YA-H~1\AppData\Local\Temp\NativeMessaging\CT3297265.crx.vir"
sh=47684BC9F96872C4134DD46689D013BD8E51A14A ft=1 fh=47ffb6bc73749a57 vn="Win32/Toolbar.Conduit.AH evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\YA-H~1\AppData\Local\Temp\NativeMessaging\CT3297265\nativeMessaging\TBMessagingHost.exe.vir"
sh=AF2A09062B79711D5D92F58251EE238DF2E5E9F9 ft=1 fh=ea86b3a42b031233 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Ya-Hü\AppData\LocalLow\ConduitEngine\ConduitEngine.dll.vir"
sh=1E00782FEC3CA539AE30F866502633FF550356C6 ft=1 fh=46da0b21d76c5220 vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Ya-Hü\AppData\LocalLow\DVDVideoSoftTB\ldrtbDVDV.dll.vir"
sh=AF2A09062B79711D5D92F58251EE238DF2E5E9F9 ft=1 fh=ea86b3a42b031233 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Ya-Hü\AppData\LocalLow\DVDVideoSoftTB\tbDVD0.dll.vir"
sh=3E30150D840AC9A0C0A7969D2FFD45118BE827D6 ft=1 fh=afbdb7c39edb934a vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Ya-Hü\AppData\LocalLow\DVDVideoSoftTB\tbDVD1.dll.vir"
sh=7A5B168BB2B8C06B2A9134B656BBF195830D21C2 ft=1 fh=55d4f387d8566cf4 vn="Variante von Win32/PriceGong.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Ya-Hü\AppData\LocalLow\DVDVideoSoftTB\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.1.1\bin\PriceGongIE.dll.vir"
sh=A4CE8B88791877CDA87FFED8168BE73A21BF3370 ft=1 fh=4db1911c9bd166d4 vn="Win32/Agent.WGA Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Windows\score.exe.vir"
sh=7E365F5F8841673A67DEB61EBCD4B689A488B677 ft=1 fh=ae054f85f50e59fb vn="Variante von Win64/Adware.Vitruvian.B Anwendung" ac=I fn="C:\Program Files\TermTutor\IE\TermTutorClientIE.dll"
sh=5963292E1A864B7E273E281E18F9FE29358A584C ft=1 fh=79168b97a649e56e vn="Variante von MSIL/Toolbar.Linkury.H evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\OfferBoulevard\OfferBoulevard.exe"
sh=84284DD1DBB46F03512211E372E6466D4D089718 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\ss8\8eb1ce14-50d6-4e52-80c1-dd6bc33de32e.crx"
sh=C73557F13264F5005BBA2E4969DBE5ED8F76EE43 ft=1 fh=11450db33cb4f903 vn="Variante von Win32/Toolbar.CrossRider.AQ evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\ss8\bf1a449c-8356-402e-9ecc-44015185bae6-11.exe"
sh=C73557F13264F5005BBA2E4969DBE5ED8F76EE43 ft=1 fh=11450db33cb4f903 vn="Variante von Win32/Toolbar.CrossRider.AQ evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\ss8\bf1a449c-8356-402e-9ecc-44015185bae6-3.exe"
sh=FD05DBDF97B4FD241A07724DECC29DCE6EA01B4C ft=1 fh=8237b1f1b8649c57 vn="Variante von Win32/Toolbar.CrossRider.AQ evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\ss8\bf1a449c-8356-402e-9ecc-44015185bae6-4.exe"
sh=691BB0CAA93F5F5C34CCD6570437B5DF9A8AF619 ft=1 fh=a896af5e55adaa75 vn="Variante von Win32/Toolbar.CrossRider.AR evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\ss8\bf1a449c-8356-402e-9ecc-44015185bae6-5.exe"
sh=F5B0E0713C7E568946AB915419E754B4C0070320 ft=1 fh=f5b2e1abc369f053 vn="Variante von Win32/Toolbar.CrossRider.AM evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\ss8\bf1a449c-8356-402e-9ecc-44015185bae6-7.exe"
sh=D6555B59C732E9E0D46BFAFCA66592EEA8464B69 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\ss8\bf1a449c-8356-402e-9ecc-44015185bae6.crx"
sh=60F765AF3CA3E1A036E536C925DBBE7345628E91 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\ss8\bf1a449c-8356-402e-9ecc-44015185bae6.xpi"
sh=D6555B59C732E9E0D46BFAFCA66592EEA8464B69 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\ss8\bfc86444-19c2-471f-bb5d-6fd34eb2e3ad.crx"
sh=2192C5235711158F0F66A7841ADC3AF986C362EA ft=1 fh=7790faaecf272ee0 vn="Variante von Win32/Toolbar.CrossRider.AI evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\ss8\bfc86444-19c2-471f-bb5d-6fd34eb2e3ad.dll"
sh=8242BD4EEE162B47CFB747901E137937FF409B7D ft=1 fh=7577f344c81db086 vn="Variante von Win32/AdWare.Vitruvian.D Anwendung" ac=I fn="C:\Program Files (x86)\TermTutor\IE\TermTutorClientIE.dll"
sh=F48E3296587DA40FDCE135488EC1CFDAB4F77CEB ft=1 fh=218b94011b24785c vn="Variante von Win32/AdWare.Vitruvian.D Anwendung" ac=I fn="C:\Program Files (x86)\TermTutor\Service\ttsvc.exe"
sh=6BBC79D174DEA35228600E7C9AF0ABFBF91CF403 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ya-Hü\AppData\Local\Google\Chrome\User Data\Default\Extensions\pldeppocfnbnopadlkalkhefdhglkijd\1.26.35_0\extensionData\plugins\91.js"
sh=D71BEACB10A801F20EA952DFA7E2DBD9B33A8C2F ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ya-Hü\AppData\Local\Google\Chrome\User Data\Default\Extensions\plofenifjagmdikfcobngnfmmnfmphin\16675.7167.9842_0\extensionData\plugins\91.js"
sh=88F0020FC52EC4C7F80519D64F0C49D56210C499 ft=1 fh=df4b907de8b072e5 vn="Variante von Win32/Conduit.SearchProtect.P evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ya-Hü\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\01ANFQR3\APISupport[1].dll"
sh=07E205B6AD3CF96CF57DCFB30B5C6017C4352BA1 ft=1 fh=95976d786c3cfbd0 vn="Variante von Win32/Conduit.SearchProtect.N evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ya-Hü\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\01ANFQR3\DivX_Browser_Bar_DE[1].exe"
sh=168FB5D0C15D8B2DE61048A841D24CCBAEEFD98E ft=1 fh=aa31a7169cf92f95 vn="Variante von Win32/InstallCore.PO evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ya-Hü\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\01ANFQR3\Setup[1].exe"
sh=C1DE7CA5F39F0F2A3A33E6832563D37EE67F69DB ft=1 fh=8e379ea746883d92 vn="Win32/SpeedUpMyPC evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ya-Hü\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\01ANFQR3\SpeedUpMyPC-standalone-setup[1].exe"
sh=F89D0D35647789000A23E8BD1E557BEE519A6BAE ft=1 fh=4f81c51847428f3f vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ya-Hü\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\01ANFQR3\statisticsstub[1].exe"
sh=4A82A588430B85B3835C8D0A0A402D7AD35915F9 ft=1 fh=6a3b1b396e0ec641 vn="Variante von Win32/Conduit.SearchProtect.N evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ya-Hü\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1SHHLDAR\APISupport[1].dll"
sh=69AF8D82BD65216B649368B4F1A0CB2708D296E1 ft=1 fh=10fa131a8ddb2fc9 vn="Variante von Win32/Conduit.SearchProtect.P evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ya-Hü\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1SHHLDAR\APISupport[2].dll"
sh=3096A6D6D5007B947C86A7FE8E72EEB3C86E80B3 ft=1 fh=6df4c99aadb2d5ea vn="Variante von Win32/Conduit.SearchProtect.P evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ya-Hü\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1SHHLDAR\APISupport[3].dll"
sh=75A3C22230CDD2B86A48B6880A953787C3D69644 ft=1 fh=e2e33691572e3d20 vn="Variante von Win32/Conduit.SearchProtect.N evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ya-Hü\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1SHHLDAR\divx_browser_bar_de[1].exe"
sh=BD399578DDF3941D028F15E76930C4D1CE438507 ft=1 fh=dfe5e413a46cb93d vn="Variante von Win32/VOPackage.W evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ya-Hü\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1SHHLDAR\dl[1].htm"
sh=1426B95F2619E462F812F6807C88694DF9FBECE7 ft=1 fh=a10496de67a69999 vn="Win32/Toolbar.Conduit.S evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ya-Hü\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1SHHLDAR\mconduitinstaller[1].exe"
sh=314F703F0F190BF70F0386509C10998D4E2BD10B ft=1 fh=2f9f46df1834d950 vn="Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ya-Hü\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1SHHLDAR\TBUpdaterLogic[1].dll"
sh=F9DF8C6A129CBD5E05C85F2EA389AD988D6BEA8B ft=1 fh=3cfdff7458f4d340 vn="Variante von Win32/AdWare.AddLyrics.BR Anwendung" ac=I fn="C:\Users\Ya-Hü\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EZ4N91OS\3333-2080_SpeedChecker[1].exe"
sh=E0C40AC460D16773DA3546A23508774E7898D893 ft=1 fh=3e6b5ab950259002 vn="Variante von Win32/Conduit.SearchProtect.P evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ya-Hü\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EZ4N91OS\APISupport[1].dll"
sh=D68B6F04BDEAE5E8335F52C4A32E08D91A80505E ft=1 fh=adf7011657306ae6 vn="Variante von Win32/Conduit.SearchProtect.P evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ya-Hü\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EZ4N91OS\APISupport[2].dll"
sh=0E7E5F4C697E7E0A77575D8D62C4C6357CCD3B02 ft=1 fh=cb46e2c2bd0b7bca vn="Variante von Win32/Conduit.SearchProtect.P evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ya-Hü\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EZ4N91OS\APISupport[3].dll"
sh=3661EDB38BCB034EA00F78F9144D975333C786BA ft=1 fh=0c96e457c8798f6f vn="Variante von Win32/Conduit.SearchProtect.P evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ya-Hü\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EZ4N91OS\APISupport[4].dll"
sh=AF023CD20C85601E6874CB788BCAA49AE325A40D ft=1 fh=da3b4c00ec0bc47d vn="Win32/MyPCBackup.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ya-Hü\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EZ4N91OS\Cloud_Backup_Setup[1].exe"
sh=4C265AAF9AE88D06269ADD7034D63A115606DDFA ft=1 fh=3189627c07c08170 vn="Win32/Toolbar.Conduit.S evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ya-Hü\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EZ4N91OS\conduitinstaller[1].exe"
sh=70F50FD717327A6FDE4B9183F1DF0634D76C6597 ft=1 fh=d52d3c3b5be54481 vn="Variante von Win32/Conduit.SearchProtect.N evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ya-Hü\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EZ4N91OS\DivX_Browser_Bar_DE[1].exe"
sh=8F983A9242C9C393DBA6966974362A97818A2C91 ft=1 fh=270797b0b63ad147 vn="Win32/Systweak evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ya-Hü\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EZ4N91OS\FastAgainSetup[1].exe"
sh=6BDA022CEE7A5D0FDBC8E201B123062FDAB8D0E2 ft=1 fh=e97dddb74254d8cd vn="Variante von Win32/AdWare.NaviPromo.AZ Anwendung" ac=I fn="C:\Users\Ya-Hü\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EZ4N91OS\GenesisInstaller[1].exe"
sh=B737B3143B5BB939C7F8087D30B84D45A697EDFB ft=1 fh=b85870fb35754223 vn="Variante von Win32/ELEX.AX evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ya-Hü\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EZ4N91OS\lly_istartsurf[1].exe"
sh=479E03A3846A720787CF7F2CBC3A9CEA06AD752F ft=1 fh=7f8c6d23a3efd749 vn="Win32/Agent.WGA Trojaner" ac=I fn="C:\Users\Ya-Hü\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EZ4N91OS\setup[1].exe"
sh=0DD2E0D7527C504C482682265EF92AF6A2E1A845 ft=1 fh=1714457ec37c7a42 vn="Variante von Win32/InstallCore.PK evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ya-Hü\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EZ4N91OS\Setup[3].exe"
sh=06F36E454B22DAB270CD353014195F0461A31E9C ft=1 fh=2d868c9a5221bd40 vn="Variante von Win32/InstallCore.OZ evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ya-Hü\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EZ4N91OS\Setup[4].exe"
sh=807617DCC6A329C05689BD19BE00EC4203BDF1F8 ft=1 fh=6b92ca387144ec0c vn="Mehrere Bedrohungen" ac=I fn="C:\Users\Ya-Hü\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EZ4N91OS\setup_mbot_de[1].exe"
sh=7CCEF7B1C5795FFBF81F3D88DD5F53D25A28FE8E ft=1 fh=af203ea23d763fd0 vn="Win32/OutBrowse.AO evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ya-Hü\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EZ4N91OS\ShoppinHelper2_Setup2C2.03.9[1].exe"
sh=383D337A6DC721144F3B026A86365541CA8EDCDB ft=1 fh=c2a6e824279d9939 vn="Win32/SpeedUpMyPC.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ya-Hü\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EZ4N91OS\speedupmypc[1].exe"
sh=D3CBDD7C6ED2C9D81DA4FCF9AF57CDD5D3711ED3 ft=1 fh=86dbe26399c3d0fa vn="Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ya-Hü\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EZ4N91OS\TBUpdaterLogic[1].dll"
sh=9C3F6C2B06D08C5BB112BB0C37B6583EFE4550C8 ft=1 fh=8202483c449e4190 vn="Win32/AdWare.Loadshop.A Anwendung" ac=I fn="C:\Users\Ya-Hü\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EZ4N91OS\wp-dcollect-tgu.211[1].exe"
sh=0084D680F9DDE34CC4E41D4233DB9D8694DE5F88 ft=1 fh=db06912410ad131a vn="Variante von Win32/Conduit.SearchProtect.P evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ya-Hü\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\W94JF27L\APISupport[1].dll"
sh=4C647D60B445220E1F2300C979433DF7C0F119B4 ft=1 fh=dd908f5a44627dda vn="Variante von Win32/Conduit.SearchProtect.P evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ya-Hü\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\W94JF27L\APISupport[2].dll"
sh=91F440A8F2A0FFC91EDA87FE5410B93141B1C6B0 ft=1 fh=1ce5d7cf83504dfe vn="Win32/Toolbar.Conduit.AF evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ya-Hü\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\W94JF27L\checktbexist[1].exe"
sh=1FE3BB46E0954C1466A1D17004750CFA082C13A8 ft=1 fh=b69ff78d62363925 vn="Variante von Win32/VOPackage.V evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ya-Hü\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\W94JF27L\dl[1].htm"
sh=F0D1181592191D32BEC99002E728C9A76E407BBD ft=1 fh=c71c0011fd02b9de vn="Variante von Win32/Amonetize.BP evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ya-Hü\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\W94JF27L\Launcher[1].exe"
sh=D59EEB2C50E2DCD4124C39CE0E98ACF56E18E871 ft=1 fh=dcbd9fbbc37c7a42 vn="Variante von Win32/InstallCore.PK evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ya-Hü\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\W94JF27L\Setup[1].exe"
sh=D59EEB2C50E2DCD4124C39CE0E98ACF56E18E871 ft=1 fh=dcbd9fbbc37c7a42 vn="Variante von Win32/InstallCore.PK evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ya-Hü\AppData\Local\Temp\ICReinstall_nseD118.tmp"
sh=06F36E454B22DAB270CD353014195F0461A31E9C ft=1 fh=2d868c9a5221bd40 vn="Variante von Win32/InstallCore.OZ evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ya-Hü\AppData\Local\Temp\ICReinstall_nsn6A97.tmp"
sh=0DD2E0D7527C504C482682265EF92AF6A2E1A845 ft=1 fh=1714457ec37c7a42 vn="Variante von Win32/InstallCore.PK evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ya-Hü\AppData\Local\Temp\ICReinstall_nsnBA5B.tmp"
sh=397EA2C8E139073F29D8F4F33C533561A0E70947 ft=1 fh=6cd224074e2139cc vn="Variante von Win32/InstallCore.PK evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ya-Hü\AppData\Local\Temp\ICReinstall_nst6F5.tmp"
sh=E097D8CADCC24B2CF54C154977E0785F2F1B0812 ft=1 fh=ec701a58833046b0 vn="Variante von Win32/InstallCore.PK evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ya-Hü\AppData\Local\Temp\ICReinstall_nsxD1D1.tmp"
sh=FDE8D117A89FE2815C000AC72713F1C7AA56F762 ft=1 fh=c71c00119262f1ab vn="Variante von Win32/Amonetize.BP evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ya-Hü\AppData\Local\Temp\Launcher.exe"
sh=168FB5D0C15D8B2DE61048A841D24CCBAEEFD98E ft=1 fh=aa31a7169cf92f95 vn="Variante von Win32/InstallCore.PO evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ya-Hü\AppData\Local\Temp\nsd3303.tmp"
sh=D59EEB2C50E2DCD4124C39CE0E98ACF56E18E871 ft=1 fh=dcbd9fbbc37c7a42 vn="Variante von Win32/InstallCore.PK evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ya-Hü\AppData\Local\Temp\nseD118.tmp"
sh=06F36E454B22DAB270CD353014195F0461A31E9C ft=1 fh=2d868c9a5221bd40 vn="Variante von Win32/InstallCore.OZ evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ya-Hü\AppData\Local\Temp\nsn6A97.tmp"
sh=0DD2E0D7527C504C482682265EF92AF6A2E1A845 ft=1 fh=1714457ec37c7a42 vn="Variante von Win32/InstallCore.PK evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ya-Hü\AppData\Local\Temp\nsnBA5B.tmp"
sh=397EA2C8E139073F29D8F4F33C533561A0E70947 ft=1 fh=6cd224074e2139cc vn="Variante von Win32/InstallCore.PK evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ya-Hü\AppData\Local\Temp\nst6F5.tmp"
sh=E097D8CADCC24B2CF54C154977E0785F2F1B0812 ft=1 fh=ec701a58833046b0 vn="Variante von Win32/InstallCore.PK evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ya-Hü\AppData\Local\Temp\nsxD1D1.tmp"
sh=7E641C6EE3F2B72831B81AF126C293CC599E28DE ft=0 fh=0000000000000000 vn="Variante von Win32/Conduit.SearchProtect.N evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ya-Hü\AppData\Local\Temp\tmp-1p7.xpi"
sh=CCA9A5A17CD04A0530E9BDD45E16922CCF94BD04 ft=0 fh=0000000000000000 vn="Variante von Win32/Conduit.SearchProtect.N evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ya-Hü\AppData\Local\Temp\tmp-4uv.xpi"
sh=38E63EDB19C023B394524DFD5B4BF038F99EB4AB ft=0 fh=0000000000000000 vn="Variante von Win32/Conduit.SearchProtect.N evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ya-Hü\AppData\Local\Temp\tmp-ag8.xpi"
sh=AF023CD20C85601E6874CB788BCAA49AE325A40D ft=1 fh=da3b4c00ec0bc47d vn="Win32/MyPCBackup.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ya-Hü\AppData\Local\Temp\693Dtmp\cloud_backup_setup.exe"
sh=6BDA022CEE7A5D0FDBC8E201B123062FDAB8D0E2 ft=1 fh=e97dddb74254d8cd vn="Variante von Win32/AdWare.NaviPromo.AZ Anwendung" ac=I fn="C:\Users\Ya-Hü\AppData\Local\Temp\693Etmp\genesisinstaller.exe"
sh=F9DF8C6A129CBD5E05C85F2EA389AD988D6BEA8B ft=1 fh=3cfdff7458f4d340 vn="Variante von Win32/AdWare.AddLyrics.BR Anwendung" ac=I fn="C:\Users\Ya-Hü\AppData\Local\Temp\693Ftmp\3333-2080_speedchecker.exe"
sh=807617DCC6A329C05689BD19BE00EC4203BDF1F8 ft=1 fh=6b92ca387144ec0c vn="Mehrere Bedrohungen" ac=I fn="C:\Users\Ya-Hü\AppData\Local\Temp\6950tmp\mybestofferstoday.exe"
sh=479E03A3846A720787CF7F2CBC3A9CEA06AD752F ft=1 fh=7f8c6d23a3efd749 vn="Win32/Agent.WGA Trojaner" ac=I fn="C:\Users\Ya-Hü\AppData\Local\Temp\6951tmp\setup.exe"
sh=B737B3143B5BB939C7F8087D30B84D45A697EDFB ft=1 fh=b85870fb35754223 vn="Variante von Win32/ELEX.AX evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ya-Hü\AppData\Local\Temp\6952tmp\lly_istartsurf.exe"
sh=9C3F6C2B06D08C5BB112BB0C37B6583EFE4550C8 ft=1 fh=8202483c449e4190 vn="Win32/AdWare.Loadshop.A Anwendung" ac=I fn="C:\Users\Ya-Hü\AppData\Local\Temp\6953tmp\wp-dcollect-tgu.211.exe"
sh=7CCEF7B1C5795FFBF81F3D88DD5F53D25A28FE8E ft=1 fh=af203ea23d763fd0 vn="Win32/OutBrowse.AO evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ya-Hü\AppData\Local\Temp\6B0Ctmp\shoppinhelper2_setup2c2.03.9.exe"
sh=807617DCC6A329C05689BD19BE00EC4203BDF1F8 ft=1 fh=6b92ca387144ec0c vn="Mehrere Bedrohungen" ac=I fn="C:\Users\Ya-Hü\AppData\Local\Temp\6B2Dtmp\mybestofferstoday.exe"
sh=8F983A9242C9C393DBA6966974362A97818A2C91 ft=1 fh=270797b0b63ad147 vn="Win32/Systweak evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ya-Hü\AppData\Local\Temp\6B2Etmp\fastagainsetup.exe"
sh=B58D5AA8A12DDB74DDE97C9541B2242941BA4E3B ft=1 fh=77045453f77bcb91 vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ya-Hü\AppData\Local\Temp\is-29PLM.tmp\conduitinstaller.exe"
sh=E5E4E3DF67EF76B47C8993AC1F35236577124934 ft=1 fh=b4ebd1af99768d94 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\Ya-Hü\AppData\Local\Temp\is45637729\2244190_stp\termtutor-setup-1.9.0.8.exe"
sh=4FBD07F6A56404F26EEC26B1B414760EE528AAEA ft=1 fh=7dff93d89cc6e954 vn="Win32/Systweak.D evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ya-Hü\AppData\Local\Temp\is45637729\2244276_stp\rcpsetup_adppi15_adppi15.exe"
sh=53710D0AF5A0F57FA49F7183EA0395D3AC1D4791 ft=1 fh=d5332291d75852c0 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ya-Hü\AppData\Local\Temp\MSIE805.tmp-\Smartbar.Resources.LanguageSettings.resources.dll"
sh=8CA8CC2D446C02CCAC3D1657BF0D080F46866B51 ft=1 fh=f889b29708393969 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ya-Hü\AppData\Local\Temp\MSIE805.tmp-\spbl.dll"
sh=13B9810FD11E624F9CEE5216CF836A445B405CFE ft=1 fh=60c270ccc8601d7b vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ya-Hü\AppData\Local\Temp\MSIE805.tmp-\sppsm.dll"
sh=77AEDF95EB9FFAD2492371D3FF797F8C2EE6FE27 ft=1 fh=38554c7c33d0a2ec vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ya-Hü\AppData\Local\Temp\MSIE805.tmp-\spusm.dll"
sh=A11FFA5A1D425D910E4D8170EB6FA24797931534 ft=1 fh=d53347eea837f487 vn="Variante von MSIL/Toolbar.Linkury.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ya-Hü\AppData\Local\Temp\MSIE805.tmp-\srbs.dll"
sh=C93C16A5967BF17F37093DE74E933653BFC0516A ft=1 fh=ff85a67c4da32d32 vn="Variante von MSIL/Toolbar.Linkury.F evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ya-Hü\AppData\Local\Temp\MSIE805.tmp-\srbu.dll"
sh=F1BC88C55F21DF3F43C2CAD98C29960CD8D90967 ft=1 fh=5bb3ec1ddf4bbd95 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ya-Hü\AppData\Local\Temp\MSIE805.tmp-\srptc.dll"
sh=47684BC9F96872C4134DD46689D013BD8E51A14A ft=1 fh=47ffb6bc73749a57 vn="Win32/Toolbar.Conduit.AH evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ya-Hü\AppData\Local\Temp\TestIfExeExist\CT3297265\nativeMessaging\TBMessagingHost.exe"
sh=ADA73AFCA1A2B703B4ABF863EB2B1C6ABB03B689 ft=1 fh=59f56b65007ffc77 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ya-Hü\AppData\LocalLow\BrotherSoft_Extreme\tbBrot.dll"
sh=068A54F966DB6AC14BCA0E39E2A99E3F0027304D ft=1 fh=39f7a16b0423d981 vn="Win64/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ya-Hü\AppData\LocalLow\DivX_Browser_Bar_DE\hk64tbDivX.dll"
sh=CC6AF3A384A61C1C621BA5AB43583E82FF281530 ft=1 fh=bbbd034bf7d0bf76 vn="Win32/Toolbar.Conduit.X evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ya-Hü\AppData\LocalLow\DivX_Browser_Bar_DE\hktbDivX.dll"
sh=9B3B44428CC80CC43F085AE514E7E16F7963EACC ft=1 fh=4c03fc1250fa29f9 vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ya-Hü\AppData\LocalLow\DivX_Browser_Bar_DE\ldrtbDivX.dll"
sh=33457E2F2405727124C107D6DEAF24C94E992463 ft=1 fh=e719e166edfd7994 vn="Variante von Win32/Toolbar.Conduit.X evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ya-Hü\AppData\LocalLow\DivX_Browser_Bar_DE\tbDivX.dll"
sh=C2C7BD3BD6C75D5DBCCA298C785C208AB6C73CF0 ft=1 fh=154117e7567d41ef vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ya-Hü\AppData\LocalLow\Vgrabber_v1.4\ldrtbVgra.dll"
sh=5C684D51F07A183EEA13D66F5C7E9630C48D93B5 ft=1 fh=53be76e80c29ad73 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ya-Hü\AppData\LocalLow\Vgrabber_v1.4\tbVgra.dll"
sh=9ADED0FA6A9F07A5AEF780A67CA98F075DCE5337 ft=1 fh=c33dc6f6e7823d7c vn="Variante von Win32/Toolbar.CrossRider.AQ evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ya-Hü\AppData\Roaming\DYISTEC.exe"
sh=9A8C5AF29C87E833E8881CC22C6AA5DD4ACA1A72 ft=1 fh=b65994e10ea9c904 vn="Variante von Win32/Toolbar.CrossRider.AQ evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ya-Hü\AppData\Roaming\EVIBZ.exe"
sh=C73557F13264F5005BBA2E4969DBE5ED8F76EE43 ft=1 fh=11450db33cb4f903 vn="Variante von Win32/Toolbar.CrossRider.AQ evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ya-Hü\AppData\Roaming\ICLHS.exe"
sh=AF6972A96EBDFF21ACBA29CCC29424AB5A298CB0 ft=1 fh=d29e27007e522373 vn="Variante von Win32/Toolbar.CrossRider.AQ evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ya-Hü\AppData\Roaming\TCHMVBY.exe"
sh=FD05DBDF97B4FD241A07724DECC29DCE6EA01B4C ft=1 fh=8237b1f1b8649c57 vn="Variante von Win32/Toolbar.CrossRider.AQ evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ya-Hü\AppData\Roaming\UQH.exe"
sh=36E152AB816973B3A7B571FF0EBB70DFE804F44F ft=1 fh=8bc12dc6c24a2404 vn="Variante von Win32/Toolbar.CrossRider.AQ evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ya-Hü\AppData\Roaming\YJGWRXDI.exe"
sh=894D413CCB58223FF6C99C01ECF6524F886738F5 ft=1 fh=483ab3832d808c98 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ya-Hü\Documents\Downloads\Integrated_BrotherSoft_TB.exe"
sh=C69DF437CBFFA220DBD2669B2D2A391F33D203A5 ft=1 fh=fc565a03233d7ff6 vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ya-Hü\Downloads\FileConverter_1_3.exe"
sh=ABD9885EDFA7F2714E9A2A2512ECB294B8A75242 ft=1 fh=d46593929fb6ebf3 vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ya-Hü\Downloads\FreeStudio.exe"
sh=16D8F84DFFE7AF956EB573E9ECD61C5017BFA6FD ft=1 fh=79a67e80f2ca1abd vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ya-Hü\Downloads\FreeYouTubeDownload.exe"
sh=FC36E37C5AF2A351DCD003127821BE33E48D56CF ft=1 fh=cc013aa1066e7274 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ya-Hü\Downloads\FreeYouTubeToMp3Converter (1).exe"
sh=250AD920C538EBAC63102E368FB642EE33AD0593 ft=1 fh=8e020e8f8829bf65 vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ya-Hü\Downloads\FreeYouTubeToMP3Converter (3).exe"
sh=596D78A7F03D1DAEE86BCCE8DD7713AA60E8F9E4 ft=1 fh=8eaf1d336ac02ccc vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ya-Hü\Downloads\FreeYouTubeToMP3Converter (4).exe"
sh=0CE48DA603A5E7431002CE4ACA1F1546C5D6579E ft=1 fh=a7cab65addc4a365 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ya-Hü\Downloads\FreeYouTubeToMp3Converter.exe"
sh=F26D3750B7D83E87CFC309C372CBCD99AEF5EA60 ft=1 fh=052ab577016968f0 vn="Variante von Win32/ELEX.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ya-Hü\Downloads\HDfilm.exe"
sh=C90796F421F6CB926ECA073DC9DB0B06C2FB9131 ft=1 fh=12b645393edca65f vn="Variante von Win32/KeyDownload.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ya-Hü\Downloads\Otshot_installer72.exe"
sh=4AAFD836A0220F2DC418A82D5A31AFB611E42CDC ft=1 fh=8aabd74e4c89e11f vn="Win32/SoftonicDownloader.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ya-Hü\Downloads\SoftonicDownloader_fuer_fifa-09.exe"
sh=786F86D4F813FDBEA02166F003B691F1D45A1217 ft=1 fh=910d5f257fb40190 vn="Variante von Win32/Toolbar.Visicom.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ya-Hü\Downloads\SopCast-3.5.0 (1).exe"
sh=786F86D4F813FDBEA02166F003B691F1D45A1217 ft=1 fh=910d5f257fb40190 vn="Variante von Win32/Toolbar.Visicom.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ya-Hü\Downloads\SopCast-3.5.0.exe"
sh=022BDFD43F2C8F7CBB0740457C1FAA19A3804E61 ft=1 fh=fb48ccaad2eefd57 vn="Variante von Win32/TrojanDownloader.Whizelown.K Trojaner" ac=I fn="C:\Users\Ya-Hü\Downloads\WhiteSmokeWriterGeo9139_en (1).exe"
sh=022BDFD43F2C8F7CBB0740457C1FAA19A3804E61 ft=1 fh=fb48ccaad2eefd57 vn="Variante von Win32/TrojanDownloader.Whizelown.K Trojaner" ac=I fn="C:\Users\Ya-Hü\Downloads\WhiteSmokeWriterGeo9139_en (2).exe"
sh=022BDFD43F2C8F7CBB0740457C1FAA19A3804E61 ft=1 fh=fb48ccaad2eefd57 vn="Variante von Win32/TrojanDownloader.Whizelown.K Trojaner" ac=I fn="C:\Users\Ya-Hü\Downloads\WhiteSmokeWriterGeo9139_en (3).exe"
sh=022BDFD43F2C8F7CBB0740457C1FAA19A3804E61 ft=1 fh=fb48ccaad2eefd57 vn="Variante von Win32/TrojanDownloader.Whizelown.K Trojaner" ac=I fn="C:\Users\Ya-Hü\Downloads\WhiteSmokeWriterGeo9139_en (4).exe"
sh=022BDFD43F2C8F7CBB0740457C1FAA19A3804E61 ft=1 fh=fb48ccaad2eefd57 vn="Variante von Win32/TrojanDownloader.Whizelown.K Trojaner" ac=I fn="C:\Users\Ya-Hü\Downloads\WhiteSmokeWriterGeo9139_en.exe"
sh=A690543DBD7525E6DC2EAFFA612EDF9481AAA1FB ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EK7ZVTPG\91[1].js"
sh=A690543DBD7525E6DC2EAFFA612EDF9481AAA1FB ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EK7ZVTPG\91[1].js"

Results of screen317's Security Check version 0.99.87
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Sophos Anti-Virus
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
TuneUp Utilities 2013
TuneUp Utilities Language Pack (de-DE)
Java(TM) 6 Update 27
Java(TM) 6 Update 22
Java version out of Date!
Adobe Flash Player 10 Flash Player out of Date!
Adobe Flash Player 15.0.0.152
Adobe Reader XI
Google Chrome 36.0.1985.143
Google Chrome 37.0.2062.103
````````Process Check: objlist.exe by Laurent````````
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbam.exe
Sophos Sophos Anti-Virus SavService.exe
Sophos Sophos Anti-Virus SAVAdminService.exe
Sophos Sophos Anti-Virus Web Control swc_service.exe
Sophos Sophos Anti-Virus Web Intelligence swi_service.exe
Malwarebytes Anti-Malware mbamscheduler.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````

Und wie schauts aus...bin ich clean?.. §;o)

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-09-2014 (ATTENTION: ====> FRST version is 13 days old and could be outdated)
Ran by Ya-Hü (administrator) on YA-HÜ-VAIO on 23-09-2014 00:02:50
Running from C:\Users\Ya-Hü\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: Downloading Farbar Recovery Scan Tool 
Download link for 64-Bit Version: Downloading Farbar Recovery Scan Tool 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
() C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
() C:\Program Files\ShrewSoft\VPN Client\dtpd.exe
(Aladdin Knowledge Systems, Ltd.) C:\Program Files\Aladdin\eToken\PKIClient\x64\eTSrv.exe
() C:\Program Files\ShrewSoft\VPN Client\iked.exe
() C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
() C:\Program Files (x86)\OfferBoulevard\OfferBoulevard.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe
(Term Tutor) C:\Program Files (x86)\TermTutor\Service\ttsvc.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(Sony Corporation) C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(Sony Corporation) C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
(Aladdin Knowledge Systems, Ltd.) C:\Program Files\Aladdin\eToken\PKIClient\x64\PKIMonitor.exe
(Sony Corporation) C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe
(Sony Corporation) C:\Program Files (x86)\Sony\Media Gallery\VRLPHelper.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Dropbox, Inc.) C:\Users\Ya-Hü\AppData\Roaming\Dropbox\bin\Dropbox.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Sophos Limited) C:\Program Files (x86)\Sophos\AutoUpdate\ALMon.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
(ALPS) C:\Program Files\Apoint\Apvfb.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApntEx.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Personalization Manager\VpmIfPav.exe
(Sony of America Corporation) C:\Program Files\Sony\VAIO Care\listener.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\ielowutil.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10775584 2010-06-21] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2040352 2010-06-21] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint\Apoint.exe [212480 2010-05-14] (Alps Electric Co., Ltd.)
HKLM\...\Run: [eTMonitor] => C:\Program Files\Aladdin\eToken\PKIClient\x64\PKIMonitor.exe [192000 2008-11-03] (Aladdin Knowledge Systems, Ltd.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-04] (Intel Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [600928 2010-06-01] (Sony Corporation)
HKLM-x32\...\Run: [SHTtray.exe] => C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe [99696 2010-06-20] (Sony Corporation)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [295512 2013-06-15] (RealNetworks, Inc.)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-12-23] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2013-11-15] ()
HKLM-x32\...\Run: [Sophos AutoUpdate Monitor] => C:\Program Files (x86)\Sophos\AutoUpdate\almon.exe [1617704 2014-05-21] (Sophos Limited)
HKLM-x32\...\Run: [OfferBoulevard] => C:\Program Files (x86)\OfferBoulevard\OfferBoulevardW.exe
HKU\S-1-5-21-2343719655-606922816-1584496895-1000\...\Run: [Elbserver] => C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe [81264 2010-06-22] (Sony Corporation)
HKU\S-1-5-21-2343719655-606922816-1584496895-1000\...\Run: [VRLPHelper] => C:\Program Files (x86)\Sony\Media Gallery\VRLPHelper.exe [183152 2010-06-22] (Sony Corporation)
HKU\S-1-5-21-2343719655-606922816-1584496895-1000\...\Run: [Facebook Update] => C:\Users\Ya-Hü\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-07-12] (Facebook Inc.)
HKU\S-1-5-21-2343719655-606922816-1584496895-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-11-07] (Google Inc.)
HKU\S-1-5-21-2343719655-606922816-1584496895-1000\...\MountPoints2: {a2bb5f40-7701-11e0-8347-18f46af09ee2} - D:\LaunchU3.exe -a
AppInit_DLLs: C:\PROGRA~2\Sophos\SOPHOS~1\SOPHOS~2.DLL => C:\Program Files (x86)\Sophos\Sophos Anti-Virus\sophos_detoured_x64.dll [217160 2014-05-21] (Sophos Limited)
AppInit_DLLs-x32: C:\PROGRA~2\Sophos\SOPHOS~1\SOPHOS~1.DLL => C:\Program Files (x86)\Sophos\Sophos Anti-Virus\sophos_detoured.dll [275352 2014-05-21] (Sophos Limited)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\Ya-Hü\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Ya-Hü\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Ya-Hü\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: http=127.0.0.1:50542;https=127.0.0.1:50542
URLSearchHook: HKLM-x32 - (No Name) - {51a86bb3-6602-4c85-92a5-130ee4864f13} - No File
URLSearchHook: HKLM-x32 - (No Name) - {6dad39c6-f4ac-4984-8e9b-f666269b9eb1} - No File
URLSearchHook: HKCU - (No Name) - {90eee664-34b1-422a-a782-779af65cdf6d} - No File
URLSearchHook: HKCU - (No Name) - {6dad39c6-f4ac-4984-8e9b-f666269b9eb1} - No File
SearchScopes: HKCU - {3BD798E4-1794-4D89-A407-2B4E9370A089} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-9/4?satitle={searchTerms}
SearchScopes: HKCU - {9ADADC8D-74CC-4107-8BFD-ED99FF1E596A} URL = Shopping.com Deutschland - der große Produkt- und Preisvergleich
SearchScopes: HKCU - {A37CD782-4560-4428-9464-96A78BBF90BF} URL = hxxp://services.zinio.com/search?s={searchTerms}&rf=sonyslices
BHO: TermTutor -> {6CB99040-7828-4C37-AC01-F15758F43E4D} -> C:\Program Files\TermTutor\IE\TermTutorClientIE.dll (Term Tutor)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: No Name -> {51a86bb3-6602-4c85-92a5-130ee4864f13} ->  No File
BHO-x32: TermTutor -> {6CB99040-7828-4C37-AC01-F15758F43E4D} -> C:\Program Files (x86)\TermTutor\IE\TermTutorClientIE.dll (Term Tutor)
BHO-x32: No Name -> {6dad39c6-f4ac-4984-8e9b-f666269b9eb1} ->  No File
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKCU - No Name - {51A86BB3-6602-4C85-92A5-130EE4864F13} -  No File
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog9 01 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)
Winsock: Catalog9 02 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)
Winsock: Catalog9 03 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)
Winsock: Catalog9 04 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)
Winsock: Catalog9 05 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)
Winsock: Catalog9 06 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)
Winsock: Catalog9 07 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)
Winsock: Catalog9 08 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)
Winsock: Catalog9 20 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)
Winsock: Catalog9-x64 01 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)
Winsock: Catalog9-x64 02 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)
Winsock: Catalog9-x64 03 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)
Winsock: Catalog9-x64 04 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)
Winsock: Catalog9-x64 05 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)
Winsock: Catalog9-x64 06 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)
Winsock: Catalog9-x64 07 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)
Winsock: Catalog9-x64 08 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)
Winsock: Catalog9-x64 20 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{7F946169-BE2F-4A43-9CE3-A47B900F6482}: [NameServer] 193.175.112.3,195.37.168.3

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=16.0.2.32 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.2 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.2 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.2 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.2.32 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @veetle.com/veetleCorePlugin,version=0.9.18 -> C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF Plugin-x32: @veetle.com/veetlePlayerPlugin,version=0.9.18 -> C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Ya-Hü\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @www.flatcast.com/FlatViewer 5.2 -> C:\Users\YA-H~1\AppData\Roaming\Mozilla\Plugins\NpFv530.dll (1 mal 1 Software GmbH)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NpFv522.dll (1 mal 1 Software GmbH)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NpFv530.dll (1 mal 1 Software GmbH)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll (RealPlayer)
FF Plugin ProgramFiles/Appdata: C:\Users\Ya-Hü\AppData\Roaming\mozilla\plugins\NpFv530.dll (1 mal 1 Software GmbH)
FF Extension: Term Tutor - C:\Program Files (x86)\Mozilla Firefox\extensions\termtutor@termtutor.com [2014-09-15]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2011-05-13]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} [2011-09-15]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} [2012-01-26]
FF HKLM-x32\...\Firefox\Extensions: [{6904342A-8307-11DF-A508-4AE2DFD72085}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa
FF HKLM-x32\...\Firefox\Extensions: [{FCE04E1F-9378-4f39-96F6-5689A9159E45}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-06-15]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM-x32\...\Firefox\Extensions: [termtutor@termtutor.com] - C:\Program Files (x86)\Mozilla Firefox\extensions\termtutor@termtutor.com
FF StartMenuInternet: FIREFOX.EXE - firefox.exe

Chrome: 
=======
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.270.7) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java(TM) Platform SE 6 U27) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Flatcast Viewer Plugin 5.2.2.454) - C:\Program Files (x86)\Mozilla Firefox\plugins\NpFv522.dll (1 mal 1 Software GmbH)
CHR Plugin: (Flatcast Viewer Plugin 5.3.0.784) - C:\Program Files (x86)\Mozilla Firefox\plugins\NpFv530.dll (1 mal 1 Software GmbH)
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\nprpjplug.dll No File
CHR Plugin: (RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll No File
CHR Plugin: (RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll No File
CHR Plugin: (RealJukebox NS Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\nprjplug.dll No File
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (DivX OVS Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Web Player) - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll No File
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Veetle TV Player) - C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc)
CHR Plugin: (Veetle TV Core) - C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)
CHR Plugin: (Windows Live? Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\Ya-H?\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Profile: C:\Users\Ya-Hü\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Ya-Hü\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-03]
CHR Extension: (YouTube) - C:\Users\Ya-Hü\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-16]
CHR Extension: (View GPU Info) - C:\Users\Ya-Hü\AppData\Local\Google\Chrome\User Data\Default\Extensions\bonfagbdfepfbhjgolfalmgldfbgjodi [2014-09-15]
CHR Extension: (Google Search) - C:\Users\Ya-Hü\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-16]
CHR Extension: (RealDownloader) - C:\Users\Ya-Hü\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2013-06-15]
CHR Extension: (Google Wallet) - C:\Users\Ya-Hü\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-01]
CHR Extension: (Gmail) - C:\Users\Ya-Hü\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-16]
CHR Extension: (CinPlusHQ01-2.5cV15.09) - C:\Users\Ya-Hü\AppData\Local\Google\Chrome\User Data\Default\Extensions\pldeppocfnbnopadlkalkhefdhglkijd [2014-09-16]
CHR Extension: (ss8) - C:\Users\Ya-Hü\AppData\Local\Google\Chrome\User Data\Default\Extensions\plofenifjagmdikfcobngnfmmnfmphin [2014-09-15]
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-04-16]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AAV UpdateService; C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 dtpd; C:\Program Files\ShrewSoft\VPN Client\dtpd.exe [56592 2010-10-08] ()
R2 eTSrv; C:\Program Files\Aladdin\eToken\PKIClient\x64\eTSrv.exe [8192 2008-11-03] (Aladdin Knowledge Systems, Ltd.) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 iked; C:\Program Files\ShrewSoft\VPN Client\iked.exe [957712 2010-10-08] ()
R2 ipsecd; C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe [697616 2010-10-08] ()
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 OfferBoulevard; C:\Program Files (x86)\OfferBoulevard\OfferBoulevard.exe [23040 2014-09-09] () [File not signed]
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-04-16] ()
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [259192 2011-01-29] (Sony Corporation)
R2 SAVAdminService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe [288552 2014-05-21] (Sophos Limited)
R2 SAVService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe [205096 2014-05-21] (Sophos Limited)
R2 Sophos AutoUpdate Service; C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe [341800 2014-05-21] (Sophos Limited)
R2 Sophos Web Control Service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe [355624 2014-05-21] (Sophos Limited)
R2 swi_service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe [3174696 2014-05-21] (Sophos Limited)
S2 swi_update_64; C:\ProgramData\Sophos\Web Intelligence\swi_update_64.exe [2065704 2014-05-21] (Sophos Limited)
R2 ttsvc; C:\Program Files (x86)\TermTutor\Service\ttsvc.exe [276048 2014-09-04] (Term Tutor)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2402080 2013-01-28] (TuneUp Software)
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [104960 2008-09-18] (ArcSoft, Inc.)
R2 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [851824 2010-06-17] (Sony Corporation)
R2 VSNService; C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [845312 2010-08-11] (Sony Corporation) [File not signed]
R3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1286784 2012-10-26] (Sony Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 AKSIFDH; C:\Windows\System32\DRIVERS\aksifdh.sys [62632 2008-07-30] (Aladdin Knowledge Systems, Ltd.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-09-22] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
R1 SAVOnAccess; C:\Windows\System32\DRIVERS\savonaccess.sys [158976 2014-05-21] (Sophos Limited)
S3 sdcfilter; C:\Windows\System32\DRIVERS\sdcfilter.sys [38144 2014-05-21] (Sophos Limited)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S4 SophosBootDriver; C:\Windows\System32\DRIVERS\SophosBootDriver.sys [27904 2014-05-21] (Sophos Limited)
R1 ttnfd; C:\Windows\System32\drivers\ttnfd.sys [58232 2014-09-04] (Term Tutor)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [11880 2012-09-19] (TuneUp Software)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-22 23:51 - 2014-09-22 23:51 - 00854417 _____ () C:\Users\Ya-Hü\Desktop\SecurityCheck.exe
2014-09-22 18:29 - 2014-09-22 18:29 - 02347384 _____ (ESET) C:\Users\Ya-Hü\Desktop\esetsmartinstaller_deu.exe
2014-09-22 13:44 - 2014-09-23 00:03 - 00032576 _____ () C:\Users\Ya-Hü\Desktop\FRST.txt
2014-09-22 13:43 - 2014-09-22 13:43 - 00001931 _____ () C:\Users\Ya-Hü\Desktop\JRT.txt
2014-09-22 13:21 - 2014-09-22 13:21 - 00000000 ____D () C:\Windows\ERUNT
2014-09-22 13:20 - 2014-09-22 13:21 - 01027006 _____ (Thisisu) C:\Users\Ya-Hü\Desktop\JRT.exe
2014-09-22 13:15 - 2014-09-22 13:15 - 00028475 _____ () C:\Users\Ya-Hü\Desktop\AdwCleaner[S0].txt
2014-09-22 13:10 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-09-22 13:08 - 2014-09-22 13:11 - 00000000 ____D () C:\AdwCleaner
2014-09-22 13:07 - 2014-09-22 13:08 - 01373475 _____ () C:\Users\Ya-Hü\Desktop\AdwCleaner_3.310.exe
2014-09-22 13:06 - 2014-09-22 13:06 - 00021769 _____ () C:\Users\Ya-Hü\Desktop\mbam.txt
2014-09-22 12:04 - 2014-09-22 22:36 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-22 12:03 - 2014-09-22 12:03 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-09-22 12:03 - 2014-09-22 12:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-09-22 12:03 - 2014-09-22 12:03 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-22 12:03 - 2014-09-22 12:03 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-09-22 12:03 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-09-22 12:03 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-09-22 12:03 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-09-22 12:02 - 2014-09-22 12:02 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Ya-Hü\Desktop\mbam-setup-2.0.2.1012.exe
2014-09-18 14:55 - 2014-09-18 14:55 - 00000017 _____ () C:\Users\Ya-Hü\AppData\Local\resmon.resmoncfg
2014-09-18 10:06 - 2014-09-18 10:06 - 00000000 ____D () C:\Users\Ya-Hü\AppData\Local\ICSharpCode.net
2014-09-17 14:50 - 2014-09-22 23:50 - 00000294 _____ () C:\Windows\Tasks\PennyBee.job
2014-09-17 14:50 - 2014-09-22 14:01 - 00000000 ____D () C:\Program Files (x86)\OfferBoulevard
2014-09-17 14:50 - 2014-09-17 14:50 - 00003238 _____ () C:\Windows\System32\Tasks\PennyBee
2014-09-16 15:15 - 2014-09-16 15:15 - 00000000 ___SD () C:\ComboFix
2014-09-16 14:55 - 2014-09-16 14:55 - 01484664 _____ (CinemaHQ01Video Plus) C:\Users\Ya-Hü\AppData\Roaming\TCHMVBY.exe
2014-09-16 14:55 - 2014-09-16 14:55 - 00002448 _____ () C:\Windows\Tasks\98ed4270-7785-4165-abad-58c3f4f52fee-5_user.job
2014-09-16 14:55 - 2014-09-16 14:55 - 00001340 _____ () C:\Windows\Tasks\TCHMVBY.job
2014-09-16 14:54 - 2014-09-16 14:54 - 00000652 _____ () C:\Windows\Tasks\59acbb01-4eb7-481b-b3f6-a4eec89c18c5.job
2014-09-16 14:53 - 2014-09-16 14:53 - 01929080 _____ (CinemaHQ01Video Plus) C:\Users\Ya-Hü\AppData\Roaming\YJGWRXDI.exe
2014-09-16 14:53 - 2014-09-16 14:53 - 00001686 _____ () C:\Windows\Tasks\YJGWRXDI.job
2014-09-15 23:49 - 2014-09-22 14:50 - 00000000 ____D () C:\Users\Ya-Hü\Desktop\Berwerbungen
2014-09-15 21:51 - 2014-09-15 21:51 - 00000047 _____ () C:\Users\Ya-Hü\AppData\Roaming\WB.CFG
2014-09-15 21:18 - 2014-09-16 15:15 - 00000000 ____D () C:\Qoobox
2014-09-15 21:16 - 2014-09-15 21:16 - 00000000 ____D () C:\Windows\erdnt
2014-09-15 21:15 - 2014-09-15 21:15 - 05579386 ____R (Swearware) C:\Users\Ya-Hü\Desktop\ComboFix.exe
2014-09-15 20:51 - 2014-09-15 21:33 - 00000000 ____D () C:\Users\Ya-Hü\AppData\Local\Gameo
2014-09-15 20:51 - 2014-09-15 20:51 - 00000171 _____ () C:\Users\Ya-Hü\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Play Games Online.url
2014-09-15 20:51 - 2014-09-15 20:51 - 00000000 ___HD () C:\Users\Ya-Hü\AppData\Roaming\GoldenGate
2014-09-15 20:50 - 2014-09-15 20:50 - 00000000 ____D () C:\Program Files\TermTutor
2014-09-15 20:50 - 2014-09-15 20:50 - 00000000 ____D () C:\Program Files (x86)\TermTutor
2014-09-15 16:43 - 2014-09-15 16:43 - 00003266 _____ () C:\Windows\System32\Tasks\{1B816FFC-80F0-4780-A674-5B4756611473}
2014-09-15 16:13 - 2014-09-15 16:13 - 00001264 _____ () C:\Users\Ya-Hü\Desktop\Revo Uninstaller.lnk
2014-09-15 16:13 - 2014-09-15 16:13 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-09-13 01:17 - 2014-08-15 17:48 - 17868288 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-13 01:17 - 2014-08-15 17:36 - 10920960 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-13 01:17 - 2014-08-15 17:35 - 02339328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-13 01:17 - 2014-08-15 17:31 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-13 01:17 - 2014-08-15 17:31 - 01384960 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-13 01:17 - 2014-08-15 17:30 - 01494016 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-13 01:17 - 2014-08-15 17:30 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-09-13 01:17 - 2014-08-15 17:30 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-13 01:17 - 2014-08-15 17:29 - 02156032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-13 01:17 - 2014-08-15 17:29 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-13 01:17 - 2014-08-15 17:29 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-13 01:17 - 2014-08-15 17:29 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-13 01:17 - 2014-08-15 17:29 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-09-13 01:17 - 2014-08-15 17:29 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-13 01:17 - 2014-08-15 17:29 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-13 01:17 - 2014-08-15 17:29 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-13 01:17 - 2014-08-15 17:29 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-09-13 01:17 - 2014-08-15 17:28 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-13 01:17 - 2014-08-15 17:28 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-13 01:17 - 2014-08-15 17:28 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-09-13 01:17 - 2014-08-15 17:28 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-09-13 01:17 - 2014-08-15 16:51 - 12363264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-13 01:17 - 2014-08-15 16:42 - 09739776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-13 01:17 - 2014-08-15 16:42 - 01810432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-13 01:17 - 2014-08-15 16:37 - 01137664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-13 01:17 - 2014-08-15 16:37 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-13 01:17 - 2014-08-15 16:36 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-13 01:17 - 2014-08-15 16:35 - 01802240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-13 01:17 - 2014-08-15 16:35 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-09-13 01:17 - 2014-08-15 16:35 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-13 01:17 - 2014-08-15 16:35 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-13 01:17 - 2014-08-15 16:35 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-13 01:17 - 2014-08-15 16:35 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-09-13 01:17 - 2014-08-15 16:35 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-13 01:17 - 2014-08-15 16:35 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-13 01:17 - 2014-08-15 16:35 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-13 01:17 - 2014-08-15 16:35 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-09-13 01:17 - 2014-08-15 16:34 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-13 01:17 - 2014-08-15 16:34 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-09-13 01:17 - 2014-08-15 16:34 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-13 01:17 - 2014-08-15 16:34 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-09-13 01:17 - 2014-08-15 16:34 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-09-13 00:23 - 2014-08-01 13:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-13 00:23 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-09-13 00:22 - 2014-09-05 04:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-13 00:22 - 2014-09-05 04:05 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-13 00:22 - 2014-07-07 04:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-13 00:22 - 2014-07-07 04:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-13 00:22 - 2014-07-07 03:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-13 00:22 - 2014-07-07 03:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-09-13 00:22 - 2014-07-07 03:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-09-10 22:26 - 2014-09-23 00:03 - 00000000 ____D () C:\FRST
2014-09-10 22:26 - 2014-09-10 22:26 - 02105856 _____ (Farbar) C:\Users\Ya-Hü\Desktop\FRST64.exe
2014-09-10 22:14 - 2014-09-10 22:14 - 25092156 _____ () C:\Users\Ya-Hü\Desktop\mse46.zip
2014-09-10 22:09 - 2014-09-10 22:09 - 17903792 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-09-10 21:45 - 2014-09-10 21:45 - 00754752 _____ () C:\Windows\Minidump\091014-19484-01.dmp
2014-09-09 21:19 - 2014-09-18 13:43 - 00002066 _____ () C:\Users\Ya-Hü\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-09-09 21:18 - 2014-09-09 21:18 - 01536928 _____ (smart-saverplus) C:\Users\Ya-Hü\AppData\Roaming\UQH.exe
2014-09-09 21:18 - 2014-09-09 21:18 - 01484704 _____ (enter) C:\Users\Ya-Hü\AppData\Roaming\DYISTEC.exe
2014-09-09 21:18 - 2014-09-09 21:18 - 00002410 _____ () C:\Windows\Tasks\bf1a449c-8356-402e-9ecc-44015185bae6-5_user.job
2014-09-09 21:18 - 2014-09-09 21:18 - 00001340 _____ () C:\Windows\Tasks\DYISTEC.job
2014-09-09 21:18 - 2014-09-09 21:18 - 00001332 _____ () C:\Windows\Tasks\UQH.job
2014-09-09 21:17 - 2014-09-09 21:17 - 01984928 _____ (smart-saverplus) C:\Users\Ya-Hü\AppData\Roaming\ICLHS.exe
2014-09-09 21:17 - 2014-09-09 21:17 - 01927072 _____ (enter) C:\Users\Ya-Hü\AppData\Roaming\EVIBZ.exe
2014-09-09 21:17 - 2014-09-09 21:17 - 00001336 _____ () C:\Windows\Tasks\ICLHS.job
2014-09-09 21:17 - 2014-09-09 21:17 - 00001336 _____ () C:\Windows\Tasks\EVIBZ.job
2014-09-09 21:16 - 2014-09-22 14:11 - 00000000 ____D () C:\Program Files (x86)\ss8
2014-09-09 21:10 - 2014-09-09 21:10 - 00000000 ____D () C:\Users\Ya-Hü\AppData\Local\com
2014-09-09 21:02 - 2014-09-18 15:08 - 00000000 ___HD () C:\Users\Public\Temp
2014-09-09 20:59 - 2014-09-22 14:04 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-09-04 19:22 - 2014-09-04 19:22 - 00058232 _____ (Term Tutor) C:\Windows\system32\Drivers\ttnfd.sys
2014-09-02 20:16 - 2014-09-02 20:16 - 00634880 _____ () C:\DirectControl.exe
2014-09-02 13:03 - 2014-09-02 13:04 - 00000000 ____D () C:\Users\Ya-Hü\.tfo4
2014-09-02 13:03 - 2014-09-02 13:03 - 00000000 ____D () C:\Users\Ya-Hü\4.0
2014-09-01 19:07 - 2014-09-01 19:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Split And Merge Basic
2014-09-01 19:07 - 2014-09-01 19:07 - 00000000 ____D () C:\Program Files\plugins
2014-09-01 19:07 - 2014-09-01 19:07 - 00000000 ____D () C:\Program Files\lib
2014-09-01 19:07 - 2014-09-01 19:07 - 00000000 ____D () C:\Program Files\doc
2014-09-01 19:07 - 2014-09-01 19:07 - 00000000 ____D () C:\Program Files\bin
2014-09-01 10:18 - 2014-09-01 10:18 - 00002086 _____ () C:\Users\Ya-Hü\AppData\Roaming\UQH
2014-09-01 10:18 - 2014-09-01 10:18 - 00002086 _____ () C:\Users\Ya-Hü\AppData\Roaming\TCHMVBY
2014-09-01 10:18 - 2014-09-01 10:18 - 00002086 _____ () C:\Users\Ya-Hü\AppData\Roaming\DYISTEC
2014-09-01 10:18 - 2014-09-01 10:18 - 00001248 _____ () C:\Users\Ya-Hü\AppData\Roaming\YJGWRXDI
2014-09-01 10:18 - 2014-09-01 10:18 - 00001248 _____ () C:\Users\Ya-Hü\AppData\Roaming\ICLHS
2014-09-01 10:18 - 2014-09-01 10:18 - 00001248 _____ () C:\Users\Ya-Hü\AppData\Roaming\EVIBZ
2014-08-28 16:01 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-28 16:01 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-28 16:01 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-23 00:04 - 2010-11-07 23:28 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-23 00:03 - 2014-09-22 13:44 - 00032576 _____ () C:\Users\Ya-Hü\Desktop\FRST.txt
2014-09-23 00:03 - 2014-09-10 22:26 - 00000000 ____D () C:\FRST
2014-09-22 23:58 - 2011-10-14 23:43 - 00001138 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2343719655-606922816-1584496895-1000UA.job
2014-09-22 23:58 - 2011-10-14 23:43 - 00001116 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2343719655-606922816-1584496895-1000Core.job
2014-09-22 23:51 - 2014-09-22 23:51 - 00854417 _____ () C:\Users\Ya-Hü\Desktop\SecurityCheck.exe
2014-09-22 23:50 - 2014-09-17 14:50 - 00000294 _____ () C:\Windows\Tasks\PennyBee.job
2014-09-22 23:09 - 2013-03-01 23:17 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-22 22:36 - 2014-09-22 12:04 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-22 20:42 - 2009-07-14 06:45 - 00018704 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-22 20:42 - 2009-07-14 06:45 - 00018704 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-22 20:39 - 2013-07-16 23:07 - 00000000 _____ () C:\Windows\system32\vireng.log
2014-09-22 18:29 - 2014-09-22 18:29 - 02347384 _____ (ESET) C:\Users\Ya-Hü\Desktop\esetsmartinstaller_deu.exe
2014-09-22 18:09 - 2011-01-04 22:27 - 00003938 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{2AFB6A0C-FBFD-44D8-A38B-EF01CE6CE147}
2014-09-22 14:50 - 2014-09-15 23:49 - 00000000 ____D () C:\Users\Ya-Hü\Desktop\Berwerbungen
2014-09-22 14:11 - 2014-09-09 21:16 - 00000000 ____D () C:\Program Files (x86)\ss8
2014-09-22 14:05 - 2012-01-04 19:41 - 00000000 ___RD () C:\Users\Ya-Hü\Dropbox
2014-09-22 14:05 - 2012-01-04 19:39 - 00000000 ____D () C:\Users\Ya-Hü\AppData\Roaming\Dropbox
2014-09-22 14:04 - 2014-09-09 20:59 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-09-22 14:03 - 2010-11-07 23:28 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-22 14:03 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-22 14:03 - 2009-07-14 06:51 - 00194854 _____ () C:\Windows\setupact.log
2014-09-22 14:02 - 2010-11-07 23:20 - 01629115 _____ () C:\Windows\WindowsUpdate.log
2014-09-22 14:01 - 2014-09-17 14:50 - 00000000 ____D () C:\Program Files (x86)\OfferBoulevard
2014-09-22 13:43 - 2014-09-22 13:43 - 00001931 _____ () C:\Users\Ya-Hü\Desktop\JRT.txt
2014-09-22 13:21 - 2014-09-22 13:21 - 00000000 ____D () C:\Windows\ERUNT
2014-09-22 13:21 - 2014-09-22 13:20 - 01027006 _____ (Thisisu) C:\Users\Ya-Hü\Desktop\JRT.exe
2014-09-22 13:15 - 2014-09-22 13:15 - 00028475 _____ () C:\Users\Ya-Hü\Desktop\AdwCleaner[S0].txt
2014-09-22 13:14 - 2009-07-14 07:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-09-22 13:13 - 2010-10-11 22:06 - 00266248 _____ () C:\Windows\PFRO.log
2014-09-22 13:11 - 2014-09-22 13:08 - 00000000 ____D () C:\AdwCleaner
2014-09-22 13:11 - 2011-03-26 10:52 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-22 13:08 - 2014-09-22 13:07 - 01373475 _____ () C:\Users\Ya-Hü\Desktop\AdwCleaner_3.310.exe
2014-09-22 13:06 - 2014-09-22 13:06 - 00021769 _____ () C:\Users\Ya-Hü\Desktop\mbam.txt
2014-09-22 12:55 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\LiveKernelReports
2014-09-22 12:03 - 2014-09-22 12:03 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-09-22 12:03 - 2014-09-22 12:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-09-22 12:03 - 2014-09-22 12:03 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-22 12:03 - 2014-09-22 12:03 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-09-22 12:02 - 2014-09-22 12:02 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Ya-Hü\Desktop\mbam-setup-2.0.2.1012.exe
2014-09-19 10:54 - 2013-01-02 16:19 - 01733120 ___SH () C:\Users\Ya-Hü\Desktop\Thumbs.db
2014-09-19 10:22 - 2012-01-04 19:39 - 00000000 ____D () C:\Users\Ya-Hü\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-09-18 15:08 - 2014-09-09 21:02 - 00000000 ___HD () C:\Users\Public\Temp
2014-09-18 15:03 - 2011-01-07 12:34 - 00000000 ____D () C:\Users\Ya-Hü\AppData\Roaming\SoftGrid Client
2014-09-18 14:55 - 2014-09-18 14:55 - 00000017 _____ () C:\Users\Ya-Hü\AppData\Local\resmon.resmoncfg
2014-09-18 14:11 - 2011-03-26 10:52 - 00000000 ____D () C:\Users\Ya-Hü\AppData\Roaming\Mozilla
2014-09-18 13:43 - 2014-09-09 21:19 - 00002066 _____ () C:\Users\Ya-Hü\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-09-18 10:06 - 2014-09-18 10:06 - 00000000 ____D () C:\Users\Ya-Hü\AppData\Local\ICSharpCode.net
2014-09-17 14:50 - 2014-09-17 14:50 - 00003238 _____ () C:\Windows\System32\Tasks\PennyBee
2014-09-16 16:47 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-09-16 15:15 - 2014-09-16 15:15 - 00000000 ___SD () C:\ComboFix
2014-09-16 15:15 - 2014-09-15 21:18 - 00000000 ____D () C:\Qoobox
2014-09-16 14:55 - 2014-09-16 14:55 - 01484664 _____ (CinemaHQ01Video Plus) C:\Users\Ya-Hü\AppData\Roaming\TCHMVBY.exe
2014-09-16 14:55 - 2014-09-16 14:55 - 00002448 _____ () C:\Windows\Tasks\98ed4270-7785-4165-abad-58c3f4f52fee-5_user.job
2014-09-16 14:55 - 2014-09-16 14:55 - 00001340 _____ () C:\Windows\Tasks\TCHMVBY.job
2014-09-16 14:54 - 2014-09-16 14:54 - 00000652 _____ () C:\Windows\Tasks\59acbb01-4eb7-481b-b3f6-a4eec89c18c5.job
2014-09-16 14:53 - 2014-09-16 14:53 - 01929080 _____ (CinemaHQ01Video Plus) C:\Users\Ya-Hü\AppData\Roaming\YJGWRXDI.exe
2014-09-16 14:53 - 2014-09-16 14:53 - 00001686 _____ () C:\Windows\Tasks\YJGWRXDI.job
2014-09-15 23:52 - 2013-10-14 00:22 - 00000000 ____D () C:\Users\Ya-Hü\Desktop\LAST Semester insa'ALLAH
2014-09-15 23:27 - 2010-11-07 23:28 - 00000000 ____D () C:\Program Files (x86)\Google
2014-09-15 21:51 - 2014-09-15 21:51 - 00000047 _____ () C:\Users\Ya-Hü\AppData\Roaming\WB.CFG
2014-09-15 21:33 - 2014-09-15 20:51 - 00000000 ____D () C:\Users\Ya-Hü\AppData\Local\Gameo
2014-09-15 21:16 - 2014-09-15 21:16 - 00000000 ____D () C:\Windows\erdnt
2014-09-15 21:15 - 2014-09-15 21:15 - 05579386 ____R (Swearware) C:\Users\Ya-Hü\Desktop\ComboFix.exe
2014-09-15 20:51 - 2014-09-15 20:51 - 00000171 _____ () C:\Users\Ya-Hü\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Play Games Online.url
2014-09-15 20:51 - 2014-09-15 20:51 - 00000000 ___HD () C:\Users\Ya-Hü\AppData\Roaming\GoldenGate
2014-09-15 20:50 - 2014-09-15 20:50 - 00000000 ____D () C:\Program Files\TermTutor
2014-09-15 20:50 - 2014-09-15 20:50 - 00000000 ____D () C:\Program Files (x86)\TermTutor
2014-09-15 16:43 - 2014-09-15 16:43 - 00003266 _____ () C:\Windows\System32\Tasks\{1B816FFC-80F0-4780-A674-5B4756611473}
2014-09-15 16:13 - 2014-09-15 16:13 - 00001264 _____ () C:\Users\Ya-Hü\Desktop\Revo Uninstaller.lnk
2014-09-15 16:13 - 2014-09-15 16:13 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-09-13 01:17 - 2011-04-12 20:24 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-13 01:15 - 2011-01-07 12:33 - 01596516 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-09-13 01:15 - 2010-11-08 08:15 - 00700134 _____ () C:\Windows\system32\perfh007.dat
2014-09-13 01:15 - 2010-11-08 08:15 - 00149984 _____ () C:\Windows\system32\perfc007.dat
2014-09-13 01:15 - 2009-07-14 07:13 - 01596516 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-13 01:14 - 2013-08-16 16:39 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-13 01:01 - 2011-02-27 01:08 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-13 01:00 - 2014-05-07 02:19 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-09-10 22:39 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-09-10 22:26 - 2014-09-10 22:26 - 02105856 _____ (Farbar) C:\Users\Ya-Hü\Desktop\FRST64.exe
2014-09-10 22:14 - 2014-09-10 22:14 - 25092156 _____ () C:\Users\Ya-Hü\Desktop\mse46.zip
2014-09-10 22:09 - 2014-09-10 22:09 - 17903792 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-09-10 22:09 - 2013-03-01 23:17 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-10 22:09 - 2013-03-01 23:17 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-10 22:09 - 2013-03-01 23:17 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-10 21:45 - 2014-09-10 21:45 - 00754752 _____ () C:\Windows\Minidump\091014-19484-01.dmp
2014-09-10 21:45 - 2011-06-07 13:13 - 530712586 _____ () C:\Windows\MEMORY.DMP
2014-09-10 21:45 - 2011-06-07 13:13 - 00000000 ____D () C:\Windows\Minidump
2014-09-09 21:18 - 2014-09-09 21:18 - 01536928 _____ (smart-saverplus) C:\Users\Ya-Hü\AppData\Roaming\UQH.exe
2014-09-09 21:18 - 2014-09-09 21:18 - 01484704 _____ (enter) C:\Users\Ya-Hü\AppData\Roaming\DYISTEC.exe
2014-09-09 21:18 - 2014-09-09 21:18 - 00002410 _____ () C:\Windows\Tasks\bf1a449c-8356-402e-9ecc-44015185bae6-5_user.job
2014-09-09 21:18 - 2014-09-09 21:18 - 00001340 _____ () C:\Windows\Tasks\DYISTEC.job
2014-09-09 21:18 - 2014-09-09 21:18 - 00001332 _____ () C:\Windows\Tasks\UQH.job
2014-09-09 21:17 - 2014-09-09 21:17 - 01984928 _____ (smart-saverplus) C:\Users\Ya-Hü\AppData\Roaming\ICLHS.exe
2014-09-09 21:17 - 2014-09-09 21:17 - 01927072 _____ (enter) C:\Users\Ya-Hü\AppData\Roaming\EVIBZ.exe
2014-09-09 21:17 - 2014-09-09 21:17 - 00001336 _____ () C:\Windows\Tasks\ICLHS.job
2014-09-09 21:17 - 2014-09-09 21:17 - 00001336 _____ () C:\Windows\Tasks\EVIBZ.job
2014-09-09 21:10 - 2014-09-09 21:10 - 00000000 ____D () C:\Users\Ya-Hü\AppData\Local\com
2014-09-09 20:59 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-09-09 20:59 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-09-05 04:10 - 2014-09-13 00:22 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-05 04:05 - 2014-09-13 00:22 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-04 19:22 - 2014-09-04 19:22 - 00058232 _____ (Term Tutor) C:\Windows\system32\Drivers\ttnfd.sys
2014-09-04 00:35 - 2013-04-15 14:15 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-09-03 16:21 - 2011-01-08 14:28 - 00000000 ____D () C:\ProgramData\Norton
2014-09-03 16:21 - 2010-11-07 23:33 - 00000000 ____D () C:\ProgramData\Symantec
2014-09-02 20:16 - 2014-09-02 20:16 - 00634880 _____ () C:\DirectControl.exe
2014-09-02 13:04 - 2014-09-02 13:03 - 00000000 ____D () C:\Users\Ya-Hü\.tfo4
2014-09-02 13:03 - 2014-09-02 13:03 - 00000000 ____D () C:\Users\Ya-Hü\4.0
2014-09-02 13:03 - 2011-01-04 22:22 - 00000000 ____D () C:\Users\Ya-Hü
2014-09-01 19:07 - 2014-09-01 19:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Split And Merge Basic
2014-09-01 19:07 - 2014-09-01 19:07 - 00000000 ____D () C:\Program Files\plugins
2014-09-01 19:07 - 2014-09-01 19:07 - 00000000 ____D () C:\Program Files\lib
2014-09-01 19:07 - 2014-09-01 19:07 - 00000000 ____D () C:\Program Files\doc
2014-09-01 19:07 - 2014-09-01 19:07 - 00000000 ____D () C:\Program Files\bin
2014-09-01 19:07 - 2014-06-25 09:52 - 00000653 _____ () C:\Program Files\pdfsam-config.xml
2014-09-01 10:18 - 2014-09-01 10:18 - 00002086 _____ () C:\Users\Ya-Hü\AppData\Roaming\UQH
2014-09-01 10:18 - 2014-09-01 10:18 - 00002086 _____ () C:\Users\Ya-Hü\AppData\Roaming\TCHMVBY
2014-09-01 10:18 - 2014-09-01 10:18 - 00002086 _____ () C:\Users\Ya-Hü\AppData\Roaming\DYISTEC
2014-09-01 10:18 - 2014-09-01 10:18 - 00001248 _____ () C:\Users\Ya-Hü\AppData\Roaming\YJGWRXDI
2014-09-01 10:18 - 2014-09-01 10:18 - 00001248 _____ () C:\Users\Ya-Hü\AppData\Roaming\ICLHS
2014-09-01 10:18 - 2014-09-01 10:18 - 00001248 _____ () C:\Users\Ya-Hü\AppData\Roaming\EVIBZ
2014-08-29 03:21 - 2009-07-14 06:45 - 00778352 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-27 00:38 - 2013-12-01 22:55 - 00000000 ____D () C:\Users\Ya-Hü\Desktop\camii
2014-08-26 23:31 - 2014-03-19 15:43 - 00000000 ____D () C:\Users\Ya-Hü\Desktop\Bachelorarbeit
2014-08-26 23:31 - 2013-02-03 21:37 - 00000000 ____D () C:\Users\Ya-Hü\Desktop\Diverse Schreiben bzw. Briefe
2014-08-26 23:31 - 2012-06-07 13:35 - 00000000 ____D () C:\Users\Ya-Hü\Desktop\Karsik
2014-08-25 06:53 - 2011-03-13 11:52 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

Some content of TEMP:
====================
C:\Users\Ya-Hü\AppData\Local\Temp\AskSLib.dll
C:\Users\Ya-Hü\AppData\Local\Temp\BackupSetup.exe
C:\Users\Ya-Hü\AppData\Local\Temp\cm-u804d.dll
C:\Users\Ya-Hü\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpbxkzja.dll
C:\Users\Ya-Hü\AppData\Local\Temp\DWPUpgradeInstaller.exe
C:\Users\Ya-Hü\AppData\Local\Temp\FileSystemView.dll
C:\Users\Ya-Hü\AppData\Local\Temp\Launcher.exe
C:\Users\Ya-Hü\AppData\Local\Temp\mufpxfvp.dll
C:\Users\Ya-Hü\AppData\Local\Temp\post1.exe
C:\Users\Ya-Hü\AppData\Local\Temp\post2.dll
C:\Users\Ya-Hü\AppData\Local\Temp\post2.exe
C:\Users\Ya-Hü\AppData\Local\Temp\setup_337.exe
C:\Users\Ya-Hü\AppData\Local\Temp\SHelp2.exe
C:\Users\Ya-Hü\AppData\Local\Temp\SpOrder.dll
C:\Users\Ya-Hü\AppData\Local\Temp\stubhelper.dll
C:\Users\Ya-Hü\AppData\Local\Temp\System.Data.SQLite.dll
C:\Users\Ya-Hü\AppData\Local\Temp\System.Data.SQLite21907.dll
C:\Users\Ya-Hü\AppData\Local\Temp\vcredist_x64.exe
C:\Users\Ya-Hü\AppData\Local\Temp\wmdjug6e.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-16 16:31

==================== End Of Log ============================

--- --- ---

--- --- ---

schrauber · 23.09.2014, 20:45

Java und Adobe updaten.

Downloade Dir bitte TFC ( von Oldtimer ) und speichere die Datei auf dem Desktop.
Schließe nun alle offenen Programme und trenne Dich von dem Internet.
Doppelklick auf die TFC.exe und drücke auf Start.
Sollte TFC nicht alle Dateien löschen können wird es einen Neustart verlangen. Dies bitte zulassen.

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
ProxyServer: http=127.0.0.1:50542;https=127.0.0.1:50542

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Fertig

Die Reihenfolge ist hier entscheidend.

Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
- Windowstaste + R > Combofix /Uninstall (eingeben) > OK
- Alternative: Combofix.exe in uninstall.exe umbenennen und starten
- Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
Downloade Dir bitte auf jeden Fall DelFix auf deinen Desktop:
- Schließe alle offenen Programme.
- Starte die delfix.exe mit einem Doppelklick.
- Setze vor jede Funktion ein Häkchen.
- Klicke auf Start.
- Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
- Starte deinen Rechner abschließend neu.
Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.

Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun

Hier noch ein paar Tipps zur Absicherung deines Systems.

Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.

Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
Windows Updates
- Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
- Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
Gehe sicher das die automatischen Updates aktiviert sind.
Software Updates
Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.

Anti- Viren Software

Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.

Zusätzlicher Schutz

MalwareBytes Anti Malware
Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
Ein Tutorial zur Verwendung findest Du hier.
WinPatrol
Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.

Sicheres Browsen

SpywareBlaster
Eine kurze Einführung findest du Hier
MVPs hosts file
Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
WOT (Web of trust)
Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.

Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.

Opera
Mozilla Firefox.
- Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
- NoScript
  Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
- AdblockPlus
  Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
  Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )

Don'ts

Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe

Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.

Schahin · 23.09.2014, 22:40

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 23-09-2014
Ran by Ya-Hü at 2014-09-23 23:34:13 Run:1
Running from C:\Users\Ya-Hü\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
ProxyServer: http=127.0.0.1:50542;https=127.0.0.1:50542
*****************

C:\Windows\system32\GroupPolicy\Machine => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value deleted successfully.

The system needed a reboot.

==== End of Fixlog ====

17.09.2014, 05:51	#5
schrauber /// the machine /// TB-Ausbilder	menge pop ups und musik im hintergrund Frisches FRST log bitte. __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

19.09.2014, 08:21	#7
schrauber /// the machine /// TB-Ausbilder	menge pop ups und musik im hintergrund Hast Du die Programme mit ATTENTION deinstalliert? Combofix löschen und neu laden, Sophos beenden und Combofix nochmal laufen lassen. __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

menge pop ups und musik im hintergrund

Plagegeister aller Art und deren Bekämpfung: menge pop ups und musik im hintergrund